darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-03 01:41:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

Switch to using FIPS-enabled endpoints

Browse Source 
This changeset switches AWS service touchpoints to use their FIPS-enabled counterparts.  Note that S3 has some specific configuration associated with it.

This changeset also updates our allow ACLs to cover the FIPS-enabled endpoints.  We should investigate removing the non-FIPS endpoints as a part of this.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This commit is contained in:
Carlo Costino
2023-08-10 18:02:45 -04:00
parent d8dcde4403
commit d4848a67b5
8 changed files with 58 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/clients/cloudwatch/aws_cloudwatch.py
View File

@@ -4,7 +4,7 @@ import time
from boto3 import client
from app.clients import Client
from app.clients import AWS_CLIENT_CONFIG, Client
from app.cloudfoundry_config import cloud_config
@@ -18,7 +18,8 @@ class AwsCloudwatchClient(Client):
"logs",
region_name=cloud_config.sns_region,
aws_access_key_id=cloud_config.sns_access_key,
aws_secret_access_key=cloud_config.sns_secret_key
aws_secret_access_key=cloud_config.sns_secret_key,
config=AWS_CLIENT_CONFIG
)
super(Client, self).__init__(*args, **kwargs)
self.current_app = current_app