Skip to content

Commit

Permalink
Merge pull request #235 from aws-solutions/release/v3.2.5
Browse files Browse the repository at this point in the history
Updated to version v3.2.5
  • Loading branch information
aijunpeng authored Apr 17, 2023
2 parents bee15d7 + c215853 commit 313a0c6
Show file tree
Hide file tree
Showing 7 changed files with 31 additions and 8 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [3.2.5] - 2023-04-18
### Patched
- Patch s3 logging bucket settings
- Updated the timeout for requests
## [3.2.4] - 2023-02-06
### Changed
- Upgraded pytest to mitigate CVE-2022-42969
Expand Down
17 changes: 16 additions & 1 deletion deployment/aws-waf-security-automations.template
Original file line number Diff line number Diff line change
Expand Up @@ -1289,7 +1289,6 @@ Resources:
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
Properties:
AccessControl: LogDeliveryWrite
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
Expand Down Expand Up @@ -1323,6 +1322,22 @@ Resources:
- !GetAtt AccessLoggingBucket.Arn
- !Join ["/", [!GetAtt AccessLoggingBucket.Arn, "*"]]
Sid: HttpsOnly
- Sid: S3ServerAccessLogsPolicy
Effect: Allow
Principal:
Service: logging.s3.amazonaws.com
Action:
- s3:PutObject
Resource:
- !GetAtt AccessLoggingBucket.Arn
- !Join ["/", [!GetAtt AccessLoggingBucket.Arn, "*"]]
Condition:
ArnLike:
aws:SourceArn:
- !If [HttpFloodProtectionLogParserActivated, !GetAtt WafLogBucket.Arn, !GetAtt AccessLoggingBucket.Arn]
- !Join ["", ["arn:aws:s3:::", !Ref AppAccessLogBucket]]
StringEquals:
aws:SourceAccount: !Ref 'AWS::AccountId'
Version: '2012-10-17'

LogParser:
Expand Down
5 changes: 3 additions & 2 deletions source/custom_resource/custom-resource.py
Original file line number Diff line number Diff line change
Expand Up @@ -125,7 +125,7 @@ def put_s3_bucket_access_logging(log, s3_client, bucket_name, access_logging_buc
BucketLoggingStatus={
'LoggingEnabled': {
'TargetBucket': access_logging_bucket_name,
'TargetPrefix': 'AppAccess_Logs'
'TargetPrefix': 'AppAccess_Logs/'
}
}
)
Expand Down Expand Up @@ -423,7 +423,8 @@ def send_response(log, event, context, responseStatus, responseData, resourceId,
try:
response = requests.put(responseUrl,
data=json_responseBody,
headers=headers)
headers=headers,
timeout=600)
log.debug("Status code: " + response.reason)

except Exception as error:
Expand Down
3 changes: 2 additions & 1 deletion source/helper/helper.py
Original file line number Diff line number Diff line change
Expand Up @@ -201,7 +201,8 @@ def send_response(log, event, context, responseStatus, responseData, resourceId,
try:
response = requests.put(responseUrl,
data=json_responseBody,
headers=headers)
headers=headers,
timeout=600)
log.debug("Status code: " + response.reason)

except Exception as error:
Expand Down
2 changes: 1 addition & 1 deletion source/lib/solution_metrics.py
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ def send_metrics(data,
}
json_data = dumps(metrics_data)
headers = {'content-type': 'application/json'}
response = requests.post(url, data=json_data, headers=headers)
response = requests.post(url, data=json_data, headers=headers, timeout=300)
return response
except Exception as e:
log.error("[solution_metrics:send_metrics] Failed to send solution metrics.")
Expand Down
5 changes: 3 additions & 2 deletions source/reputation_lists_parser/reputation-lists.py
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ def find_ips(line, prefix=""):
def read_url_list(log, current_list, url, prefix=""):
try:
log.info("[read_url_list]reading url " + url)
file = requests.get(url)
file = requests.get(url, timeout=600)
new_ip_count = 0
line_count = 0
current_ip_count = len(current_list)
Expand Down Expand Up @@ -149,7 +149,8 @@ def send_response(log, event, context, responseStatus, responseData, resourceId,
try:
response = requests.put(responseUrl,
data=json_responseBody,
headers=headers)
headers=headers,
timeout=600)
log.debug("Status code: " + response.reason)

except Exception as error:
Expand Down
3 changes: 2 additions & 1 deletion source/timer/timer.py
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,8 @@ def send_response(log, event, context, responseStatus, responseData, resourceId,
try:
response = requests.put(responseUrl,
data=json_responseBody,
headers=headers)
headers=headers,
timeout=600)
log.debug("Status code: " + response.reason)

except Exception as error:
Expand Down

0 comments on commit 313a0c6

Please sign in to comment.