Fixing mypy typing

aws_lambda_powertools/utilities/data_masking/base.py

@@ -23,7 +23,7 @@ class DataMasking:
     Please DON'T USE THIS utility in production environments.
     Keep in mind that when we transition to General Availability (GA), there might be breaking changes introduced.
 
-    The DataMasking class orchestrates masking, encrypting, and decrypting
+    The DataMasking class orchestrates erasing, encrypting, and decrypting
     for the base provider.
 
     Example:
@@ -56,36 +56,15 @@ def __init__(
         self.json_deserializer = self.provider.json_deserializer
         self.raise_on_missing_field = raise_on_missing_field
 
-    @overload
-    def encrypt(
-        self,
-        data: dict,
-        fields: None = None,
-        provider_options: dict | None = None,
-        **encryption_context: str,
-    ) -> dict:
-        ...
-
-    @overload
     def encrypt(
         self,
-        data: Mapping | Sequence | Number,
-        fields: None = None,
+        data: dict | Mapping | Sequence | Number,
         provider_options: dict | None = None,
         **encryption_context: str,
     ) -> str:
-        ...
-
-    def encrypt(
-        self,
-        data: Mapping | Sequence | Number,
-        fields: list[str] | None = None,
-        provider_options: dict | None = None,
-        **encryption_context: str,
-    ) -> str | Mapping:
         return self._apply_action(
             data=data,
-            fields=fields,
+            fields=None,
             action=self.provider.encrypt,
             provider_options=provider_options or {},
             **encryption_context,
@@ -94,13 +73,12 @@ def encrypt(
     def decrypt(
         self,
         data,
-        fields: list[str] | None = None,
         provider_options: dict | None = None,
         **encryption_context: str,
     ) -> Any:
         return self._apply_action(
             data=data,
-            fields=fields,
+            fields=None,
             action=self.provider.decrypt,
             provider_options=provider_options or {},
             **encryption_context,
@@ -289,7 +267,7 @@ def _call_action(
         - **encryption_context: Additional keyword arguments collected into a dictionary.
 
         Returns:
-        - None: The method does not return any value, as it updates the fields in-place.
+        - fields[field_name]: Returns the processed field value
         """
         fields[field_name] = action(field_value, provider_options=provider_options, **encryption_context)
         return fields[field_name]

examples/data_masking/src/changing_default_algorithm.py

@@ -18,16 +18,15 @@
 
 
 @logger.inject_lambda_context
-def lambda_handler(event: dict, context: LambdaContext) -> dict:
+def lambda_handler(event: dict, context: LambdaContext) -> str:
     data: dict = event.get("body", {})
 
-    logger.info("Encrypting fields email, address.street, and company_address with a different algorithm")
+    logger.info("Encrypting whole object with a different algorithm")
 
     provider_options = {"algorithm": Algorithm.AES_256_GCM_HKDF_SHA512_COMMIT_KEY}
 
     decrypted = data_masker.encrypt(
         data,
-        fields=["email", "address.street", "company_address"],
         provider_options=provider_options,
     )
 

examples/data_masking/src/data_masking_function_example.py

@@ -21,6 +21,6 @@ def lambda_handler(event: dict, context: LambdaContext) -> dict:
     data = event["body"]
 
     data_masker = DataMasking(provider=AWSEncryptionSDKProvider(keys=[KMS_KEY_ARN]))
-    encrypted = data_masker.encrypt(data, fields=["address.street", "job_history.company.company_name"])
-    decrypted = data_masker.decrypt(encrypted, fields=["address.street", "job_history.company.company_name"])
+    encrypted = data_masker.encrypt(data)
+    decrypted = data_masker.decrypt(encrypted)
     return {"Decrypted_json": decrypted}

examples/data_masking/src/getting_started_decrypt_data.py

@@ -19,8 +19,8 @@
 def lambda_handler(event: dict, context: LambdaContext) -> dict:
     data: dict = event.get("body", {})
 
-    logger.info("Decrypting fields email, address.street, and company_address")
+    logger.info("Decrypting whole object")
 
-    decrypted = data_masker.decrypt(data, fields=["email", "address.street", "company_address"])  # (3)!
+    decrypted = data_masker.decrypt(data)  # (3)!
 
     return decrypted

examples/data_masking/src/getting_started_decryption_context.py

@@ -19,11 +19,10 @@
 def lambda_handler(event: dict, context: LambdaContext) -> dict:
     data = event.get("body", {})
 
-    logger.info("Decrypting email field")
+    logger.info("Decrypting whole object")
 
     decrypted: dict = data_masker.decrypt(
         data,
-        fields=["email"],
         data_classification="confidential",  # (1)!
         data_type="customer-data",
         tenant_id="a06bf973-0734-4b53-9072-39d7ac5b2cba",

examples/data_masking/src/getting_started_encrypt_data.py

@@ -18,11 +18,11 @@
 
 
 @logger.inject_lambda_context
-def lambda_handler(event: dict, context: LambdaContext) -> dict:
+def lambda_handler(event: dict, context: LambdaContext) -> str:
     data: dict = event.get("body", {})
 
-    logger.info("Encrypting fields email, address.street, and company_address")
+    logger.info("Encrypting the whole object")
 
-    encrypted = data_masker.encrypt(data, fields=["email", "address.street", "company_address"])  # (2)!
+    encrypted = data_masker.encrypt(data)  # (2)!
 
     return encrypted

examples/data_masking/src/getting_started_encryption_context.py

@@ -16,14 +16,13 @@
 
 
 @logger.inject_lambda_context
-def lambda_handler(event: dict, context: LambdaContext) -> dict:
+def lambda_handler(event: dict, context: LambdaContext) -> str:
     data = event.get("body", {})
 
-    logger.info("Encrypting email field")
+    logger.info("Encrypting whole object")
 
-    encrypted: dict = data_masker.encrypt(
+    encrypted: str = data_masker.encrypt(
         data,
-        fields=["email"],
         data_classification="confidential",  # (1)!
         data_type="customer-data",
         tenant_id="a06bf973-0734-4b53-9072-39d7ac5b2cba",