darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2026-02-02 09:26:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

Switch to using FIPS-enabled endpoints

Browse Source 
This changeset switches AWS service touchpoints to use their FIPS-enabled counterparts.  Note that S3 has some specific configuration associated with it.

This changeset also updates our allow ACLs to cover the FIPS-enabled endpoints.  We should investigate removing the non-FIPS endpoints as a part of this.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>
This commit is contained in:
Carlo Costino
2023-08-10 18:02:45 -04:00
parent d8dcde4403
commit d4848a67b5
8 changed files with 58 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/clients/email/aws_ses.py
View File

@@ -4,7 +4,11 @@ import botocore
from boto3 import client
from flask import current_app
from app.clients import STATISTICS_DELIVERED, STATISTICS_FAILURE
from app.clients import (
AWS_CLIENT_CONFIG,
STATISTICS_DELIVERED,
STATISTICS_FAILURE,
)
from app.clients.email import (
EmailClient,
EmailClientException,
@@ -62,7 +66,8 @@ class AwsSesClient(EmailClient):
'ses',
region_name=cloud_config.ses_region,
aws_access_key_id=cloud_config.ses_access_key,
aws_secret_access_key=cloud_config.ses_secret_key
aws_secret_access_key=cloud_config.ses_secret_key,
config=AWS_CLIENT_CONFIG
)
super(AwsSesClient, self).__init__(*args, **kwargs)