From 31356cd784bda999d68a9e10c26d77443015ad31 Mon Sep 17 00:00:00 2001
From: Erik Wiegel <erik@jwiegel.com>
Date: Thu, 6 Mar 2025 12:45:24 +0100
Subject: [PATCH] Update stepfunction.py

Explicitly only retrieve METADATA_ONLY

Not setting this value can result in errors if the agent does not have access to the KMS key or the kms:decrypt action, while the description is always discarded.

Instead, we can prevent these errors and remove the need to remove the description.

See: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/stepfunctions/client/describe_state_machine.html
---
 .../stackstate_checks/aws_topology/resources/stepfunction.py  | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/aws_topology/stackstate_checks/aws_topology/resources/stepfunction.py b/aws_topology/stackstate_checks/aws_topology/resources/stepfunction.py
index 4aad1b09a..d5a85665d 100644
--- a/aws_topology/stackstate_checks/aws_topology/resources/stepfunction.py
+++ b/aws_topology/stackstate_checks/aws_topology/resources/stepfunction.py
@@ -75,7 +75,7 @@ def collect_tags(self, arn):
 
     @set_required_access_v2("states:DescribeStateMachine")
     def collect_state_machine_description(self, arn):
-        return self.client.describe_state_machine(stateMachineArn=arn)
+        return self.client.describe_state_machine(stateMachineArn=arn, includedData='METADATA_ONLY')
 
     def collect_state_machine(self, summary):
         arn = summary.get("stateMachineArn")
@@ -149,8 +149,6 @@ def process_state_machine(self, data):
         # generate component
         state_machine = StepFunction(data.state_machine, strict=False)
         output = make_valid_data(data.state_machine)
-        if "definition" in output:
-            output.pop("definition")
         output["tags"] = data.tags
         output.update(
             with_dimensions(