diff --git a/backend/env.yml b/backend/env.yml index 269fce6c7..da3362d88 100644 --- a/backend/env.yml +++ b/backend/env.yml @@ -92,7 +92,7 @@ prod: REACT_APP_RANDOM_PASSWORD: ${ssm:/crossfeed/prod/REACT_APP_RANDOM_PASSWORD} MATOMO_URL: http://matomo.crossfeed.local EXPORT_BUCKET_NAME: cisa-crossfeed-prod-exports - PE_API_URL: ${ssm:/crossfeed/staging/PE_API_URL} + PE_API_URL: ${ssm:/crossfeed/prod/PE_API_URL} REPORTS_BUCKET_NAME: cisa-crossfeed-prod-reports CLOUDWATCH_BUCKET_NAME: cisa-crossfeed-prod-cloudwatch STAGE: prod diff --git a/backend/src/api/app.ts b/backend/src/api/app.ts index 0bbd3242f..16f13526b 100644 --- a/backend/src/api/app.ts +++ b/backend/src/api/app.ts @@ -61,7 +61,7 @@ app.use(express.json({ strict: false })); app.use( cors({ - origin: [/crossfeed\.cyber\.dhs\.gov$/, /localhost$/], + origin: '*', methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'] }) ); diff --git a/backend/src/api/organizations.ts b/backend/src/api/organizations.ts index a5eeb742c..cbae68f2e 100644 --- a/backend/src/api/organizations.ts +++ b/backend/src/api/organizations.ts @@ -367,13 +367,18 @@ export const create = wrapHandler(async (event) => { * - Organizations */ export const list = wrapHandler(async (event) => { + console.log('list function called with event: ', event); + if (!isGlobalViewAdmin(event) && getOrgMemberships(event).length === 0) { return { + //TODO: Should we return a 403? statusCode: 200, body: JSON.stringify([]) }; } await connectToDatabase(); + console.log('Database connected'); + let where: any = { parent: null }; if (!isGlobalViewAdmin(event)) { where = { id: In(getOrgMemberships(event)), parent: null }; @@ -384,6 +389,8 @@ export const list = wrapHandler(async (event) => { order: { name: 'ASC' } }); + console.log('Organization.find result: ', result); + return { statusCode: 200, body: JSON.stringify(result) diff --git a/backend/src/tasks/vuln-sync.ts b/backend/src/tasks/vuln-sync.ts index 5ca81579d..f7f6ded3a 100644 --- a/backend/src/tasks/vuln-sync.ts +++ b/backend/src/tasks/vuln-sync.ts @@ -189,35 +189,38 @@ export const handler = async (commandOptions: CommandOptions) => { } let serviceId; - try { - // Save discovered services to the Service table - [serviceId] = await saveServicesToDb([ - plainToClass(Service, { - domain: { id: domainId }, - discoveredBy: { id: commandOptions.scanId }, - port: vuln.port, - lastSeen: new Date(vuln.last_seen), - banner: - vuln.banner == null ? null : sanitizeStringField(vuln.banner), - serviceSource: vuln.source, - shodanResults: - vuln.source === 'shodan' - ? { - product: vuln.product, - version: vuln.version, - cpe: vuln.cpe - } - : {} - }) - ]); - console.log('Saved services.'); - } catch (e) { - console.error( - 'Could not save services. Continuing to next vulnerability.' - ); - console.error(e); - continue; + if (vuln.port != null) { + try { + // Save discovered services to the Service table + [serviceId] = await saveServicesToDb([ + plainToClass(Service, { + domain: { id: domainId }, + discoveredBy: { id: commandOptions.scanId }, + port: vuln.port, + lastSeen: new Date(vuln.last_seen), + banner: + vuln.banner == null ? null : sanitizeStringField(vuln.banner), + serviceSource: vuln.source, + shodanResults: + vuln.source === 'shodan' + ? { + product: vuln.product, + version: vuln.version, + cpe: vuln.cpe + } + : {} + }) + ]); + console.log('Saved services.'); + } catch (e) { + console.error( + 'Could not save services. Continuing to next vulnerability.' + ); + console.error(e); + continue; + } } + try { const vulns: Vulnerability[] = []; vulns.push( @@ -229,11 +232,12 @@ export const handler = async (commandOptions: CommandOptions) => { cwe: vuln.cwe, description: vuln.description, cvss: vuln.cvss, + severity: vuln.severity, state: vuln.state, structuredData: vuln.structuredData, source: vuln.source, needsPopulation: vuln.needsPopulation, - service: { id: serviceId } + service: vuln.port == null ? null : { id: serviceId } }) ); await saveVulnerabilitiesToDb(vulns, false); diff --git a/frontend/scripts/constants.js b/frontend/scripts/constants.js index cf7dfc669..3520ae39e 100644 --- a/frontend/scripts/constants.js +++ b/frontend/scripts/constants.js @@ -1,3 +1,3 @@ //CORS Options -export const ALLOW_ORIGIN = [/crossfeed\.cyber\.dhs\.gov$/, /localhost$/]; +export const ALLOW_ORIGIN = '*'; export const ALLOW_METHODS = ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']; diff --git a/frontend/src/App.tsx b/frontend/src/App.tsx index 31dc5de6b..818a0f3d4 100644 --- a/frontend/src/App.tsx +++ b/frontend/src/App.tsx @@ -130,7 +130,7 @@ const App: React.FC = () => ( exact path="/inventory" component={SearchPage} - permissions={['globalView']} + permissions={['standard', 'globalView']} /> ( path="/inventory/vulnerabilities" exact component={Vulnerabilities} - permissions={['globalView']} + permissions={['standard', 'globalView']} /> ( )} - permissions={['globalView']} + permissions={['standard', 'globalView']} /> ( path="/scans" exact component={Scans} - permissions={['globalView']} + permissions={['standard', 'globalView']} /> ( { Documentation @@ -39,6 +40,7 @@ export const CrossfeedFooter: React.FC = (props) => { CISA Homepage diff --git a/frontend/src/components/Header.tsx b/frontend/src/components/Header.tsx index faa85538f..200e8dc1c 100644 --- a/frontend/src/components/Header.tsx +++ b/frontend/src/components/Header.tsx @@ -222,7 +222,7 @@ const HeaderNoCtx: React.FC = (props) => { const fetchOrganizations = useCallback(async () => { try { - const rows = await apiGet('/organizations/'); + const rows = await apiGet('/v2/organizations/'); let tags: (OrganizationTag | Organization)[] = []; if (userLevel === GLOBAL_ADMIN) { tags = await apiGet('/organizations/tags'); @@ -294,12 +294,12 @@ const HeaderNoCtx: React.FC = (props) => { users: GLOBAL_ADMIN, exact: true }, - { - title: 'My Organizations', - path: '/organizations', - users: STANDARD_USER, - exact: true - }, + // { + // title: 'My Organizations', + // path: '/organizations', + // users: STANDARD_USER, + // exact: true + // }, { title: 'Manage Users', path: '/users', @@ -335,12 +335,12 @@ const HeaderNoCtx: React.FC = (props) => { users: GLOBAL_ADMIN, exact: true }, - { - title: 'My Organizations', - path: '/organizations', - users: STANDARD_USER, - exact: true - }, + // { + // title: 'My Organizations', + // path: '/organizations', + // users: STANDARD_USER, + // exact: true + // }, { title: 'Manage Users', path: '/users', diff --git a/frontend/src/components/OrganizationList/OrganizationList.tsx b/frontend/src/components/OrganizationList/OrganizationList.tsx index ccfa88c35..f958bfcfb 100644 --- a/frontend/src/components/OrganizationList/OrganizationList.tsx +++ b/frontend/src/components/OrganizationList/OrganizationList.tsx @@ -1,7 +1,7 @@ import React, { useState, useCallback } from 'react'; import EditNoteOutlinedIcon from '@mui/icons-material/EditNoteOutlined'; import { Organization } from 'types'; -import { Box, Button, IconButton, Grid } from '@mui/material'; +import { Alert, Box, Button, IconButton, Grid } from '@mui/material'; import { DataGrid, GridColDef, GridRenderCellParams } from '@mui/x-data-grid'; import { useHistory } from 'react-router-dom'; import { Add } from '@mui/icons-material'; @@ -16,13 +16,14 @@ export const OrganizationList: React.FC<{ const [organizations, setOrganizations] = useState([]); const [dialogOpen, setDialogOpen] = useState(false); const history = useHistory(); + const getOrgsURL = `/v2/organizations/`; const orgCols: GridColDef[] = [ { field: 'name', headerName: 'Organization', minWidth: 100, flex: 2 }, - { field: 'userCount', headerName: 'Members', minWidth: 100, flex: 1 }, + // { field: 'userCount', headerName: 'Members', minWidth: 100, flex: 1 }, { field: 'state', headerName: 'State', minWidth: 100, flex: 1 }, { field: 'regionId', headerName: 'Region', minWidth: 100, flex: 1 }, - { field: 'tagNames', headerName: 'Tags', minWidth: 100, flex: 1 }, + // { field: 'tagNames', headerName: 'Tags', minWidth: 100, flex: 1 }, { field: 'view', headerName: 'View/Edit', @@ -61,16 +62,16 @@ export const OrganizationList: React.FC<{ const fetchOrganizations = useCallback(async () => { try { - const rows = await apiGet('/organizations/'); - rows.forEach((obj) => { - obj.userCount = obj.userRoles.length; - obj.tagNames = obj.tags.map((tag) => tag.name); - }); + const rows = await apiGet(getOrgsURL); + // rows.forEach((obj) => { + // // obj.userCount = obj.userRoles.length; + // obj.tagNames = obj.tags.map((tag) => tag.name); + // }); setOrganizations(rows); } catch (e) { console.error(e); } - }, [apiGet]); + }, [apiGet, getOrgsURL]); React.useEffect(() => { if (!parent) fetchOrganizations(); @@ -91,21 +92,25 @@ export const OrganizationList: React.FC<{ ); return ( - <> + - + {organizations?.length === 0 ? ( + No organizations found. + ) : ( + + )} - + ); }; diff --git a/frontend/src/components/WarningBanner/Warning.tsx b/frontend/src/components/WarningBanner/Warning.tsx index 9e8300e0e..2dfd56e4a 100644 --- a/frontend/src/components/WarningBanner/Warning.tsx +++ b/frontend/src/components/WarningBanner/Warning.tsx @@ -33,15 +33,15 @@ export const CrossfeedWarning: React.FC = (props) => { Crossfeed is hosted by Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Division (CSD) Vulnerability Management (VM) Attack - Attack Attack Surface Management (ASM) Automation is computer - systems systems may systems may be monitored for all unlawful - unlawful purposes, including to ensure their use is authorized, - for management of the system, to protection against security - procedures, survivability, and operational operational operational - operational security. All information, information, including - information, placed or sent this system may be monitored. - Monitoring includes actives attacks by authorized US Government - entities to test or verify the security of this system. + Surface Management (ASM) Automation is computer systems systems + may systems may be monitored for all unlawful unlawful purposes, + including to ensure their use is authorized, for management of the + system, to protection against security procedures, survivability, + and operational operational operational operational security. All + information, information, including information, placed or sent + this system may be monitored. Monitoring includes actives attacks + by authorized US Government entities to test or verify the + security of this system.

Use of the computer system, authorized or unauthorized, diff --git a/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap b/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap index ffe11f021..bf1530f20 100644 --- a/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap +++ b/frontend/src/components/__tests__/__snapshots__/layout.spec.tsx.snap @@ -56,6 +56,7 @@ exports[`Layout component matches snapshot 1`] = ` Documentation @@ -68,6 +69,7 @@ exports[`Layout component matches snapshot 1`] = ` CISA Homepage diff --git a/frontend/src/components/__tests__/header.spec.tsx b/frontend/src/components/__tests__/header.spec.tsx index 54100ff59..c5c30ff4f 100644 --- a/frontend/src/components/__tests__/header.spec.tsx +++ b/frontend/src/components/__tests__/header.spec.tsx @@ -33,7 +33,7 @@ describe('Header component', () => { [ 'Vulnerabilities', 'Risk Summary', - 'My Organizations', + // 'My Organizations', 'Manage Organizations', 'Scans', 'Manage Users', @@ -53,7 +53,7 @@ describe('Header component', () => { [ 'Overview', 'Inventory', - 'My Organizations', + // 'My Organizations', 'My Account', 'My Settings', 'Logout' @@ -75,7 +75,7 @@ describe('Header component', () => { [ 'Overview', 'Inventory', - 'My Organizations', + // 'My Organizations', 'My Account', 'My Settings', 'Logout' @@ -106,8 +106,8 @@ describe('Header component', () => { ].forEach((expected) => { expect(getByText(expected)).toBeInTheDocument(); }); - ['My Organizations'].forEach((notExpected) => { - expect(queryByText(notExpected)).not.toBeInTheDocument(); - }); + // ['My Organizations'].forEach((notExpected) => { + // expect(queryByText(notExpected)).not.toBeInTheDocument(); + // }); }); }); diff --git a/frontend/src/pages/Organizations/Organizations.tsx b/frontend/src/pages/Organizations/Organizations.tsx index 68d4b086a..650d12631 100644 --- a/frontend/src/pages/Organizations/Organizations.tsx +++ b/frontend/src/pages/Organizations/Organizations.tsx @@ -37,7 +37,7 @@ export const Organizations: React.FC = () => { const fetchOrganizations = useCallback(async () => { try { - const rows = await apiGet('/organizations/'); + const rows = await apiGet('/v2/organizations/'); setOrganizations(rows); } catch (e) { console.error(e); @@ -118,6 +118,7 @@ export const Organizations: React.FC = () => { )} +
); }; diff --git a/frontend/src/pages/Risk/Risk.tsx b/frontend/src/pages/Risk/Risk.tsx index e501c72ba..5667ad12d 100644 --- a/frontend/src/pages/Risk/Risk.tsx +++ b/frontend/src/pages/Risk/Risk.tsx @@ -5,7 +5,8 @@ import TopVulnerablePorts from './TopVulnerablePorts'; import TopVulnerableDomains from './TopVulnerableDomains'; import VulnerabilityPieChart from './VulnerabilityPieChart'; import * as RiskStyles from './style'; -import { delay, getSeverityColor, offsets, severities } from './utils'; +// import { delay, getSeverityColor, offsets, severities } from './utils'; +import { getSeverityColor, offsets, severities } from './utils'; import { useAuthContext } from 'context'; import { Paper } from '@mui/material'; import { geoCentroid } from 'd3-geo'; @@ -19,9 +20,9 @@ import { } from 'react-simple-maps'; import { scaleLinear } from 'd3-scale'; import { Vulnerability } from 'types'; -import { jsPDF } from 'jspdf'; -import html2canvas from 'html2canvas'; -import { Button as USWDSButton } from '@trussworks/react-uswds'; +// import { jsPDF } from 'jspdf'; +// import html2canvas from 'html2canvas'; +// import { Button as USWDSButton } from '@trussworks/react-uswds'; export interface Point { id: string; @@ -69,7 +70,7 @@ const Risk: React.FC = (props) => { useAuthContext(); const [stats, setStats] = useState(undefined); - const [isLoading, setIsLoading] = useState(false); + // const [isLoading, setIsLoading] = useState(false); const RiskRoot = RiskStyles.RiskRoot; const { cardRoot, content, contentWrapper, header, panel } = RiskStyles.classesRisk; @@ -219,48 +220,48 @@ const Risk: React.FC = (props) => { } // TODO: Move generatePDF to a separate component - const generatePDF = async () => { - const dateTimeNow = new Date(); // UTC Date Time - const localDate = new Date(dateTimeNow); // Local Date Time - setIsLoading(true); - await delay(650); - const input = document.getElementById('wrapper')!; - input.style.width = '1400px'; - await delay(1); - await html2canvas(input, { - scrollX: 0, - scrollY: 0, - ignoreElements: function (element) { - return 'mapWrapper' === element.id; - } - }).then((canvas) => { - const imgData = canvas.toDataURL('image/png'); - const imgWidth = 190; - const imgHeight = (canvas.height * imgWidth) / canvas.width; - const pdf = new jsPDF('p', 'mm'); - pdf.setFontSize(18); - pdf.text('Crossfeed Report', 12, 10); - pdf.setFontSize(10); - pdf.text(dateTimeNow.toISOString(), 12, 17); - pdf.addImage(imgData, 'PNG', 10, 20, imgWidth, imgHeight); // charts - pdf.line(3, 290, 207, 290); - pdf.setFontSize(8); - pdf.text('Prepared by ' + user?.fullName + ', ' + localDate, 3, 293); // print the name of the person who printed the report as well as a human friendly date/time - pdf.save('Crossfeed_Report_' + dateTimeNow.toISOString() + '.pdf'); // sets the filename and adds the date and time - }); - input.style.removeProperty('width'); - setIsLoading(false); - }; + // const generatePDF = async () => { + // const dateTimeNow = new Date(); // UTC Date Time + // const localDate = new Date(dateTimeNow); // Local Date Time + // setIsLoading(true); + // await delay(650); + // const input = document.getElementById('wrapper')!; + // input.style.width = '1400px'; + // await delay(1); + // await html2canvas(input, { + // scrollX: 0, + // scrollY: 0, + // ignoreElements: function (element) { + // return 'mapWrapper' === element.id; + // } + // }).then((canvas) => { + // const imgData = canvas.toDataURL('image/png'); + // const imgWidth = 190; + // const imgHeight = (canvas.height * imgWidth) / canvas.width; + // const pdf = new jsPDF('p', 'mm'); + // pdf.setFontSize(18); + // pdf.text('Crossfeed Report', 12, 10); + // pdf.setFontSize(10); + // pdf.text(dateTimeNow.toISOString(), 12, 17); + // pdf.addImage(imgData, 'PNG', 10, 20, imgWidth, imgHeight); // charts + // pdf.line(3, 290, 207, 290); + // pdf.setFontSize(8); + // pdf.text('Prepared by ' + user?.fullName + ', ' + localDate, 3, 293); // print the name of the person who printed the report as well as a human friendly date/time + // pdf.save('Crossfeed_Report_' + dateTimeNow.toISOString() + '.pdf'); // sets the filename and adds the date and time + // }); + // input.style.removeProperty('width'); + // setIsLoading(false); + // }; return ( - {isLoading && ( + {/* {isLoading && (
- )} -

+ )} */} + {/*

{ > Generate Report -

+

*/}
{stats && (
diff --git a/frontend/src/pages/Settings/Settings.tsx b/frontend/src/pages/Settings/Settings.tsx index 59584b305..fe915cd9e 100644 --- a/frontend/src/pages/Settings/Settings.tsx +++ b/frontend/src/pages/Settings/Settings.tsx @@ -86,19 +86,8 @@ const Settings: React.FC = () => { } ]; - return ( -
-

My Account

-

Name: {user && user.fullName}

-

Email: {user && user.email}

-

- Member of:{' '} - {user && - (user.roles || []) - .filter((role) => role.approved) - .map((role) => role.organization.name) - .join(', ')} -

+ const apiKeysJsx = ( + <>

API Keys:

{ + + ); + + return ( +

+

My Account

+

Name: {user && user.fullName}

+

Email: {user && user.email}

+

+ Member of:{' '} + {user && + (user.roles || []) + .filter((role) => role.approved) + .map((role) => role.organization.name) + .join(', ')} +

+ {user?.userType !== 'standard' && apiKeysJsx} {user?.userType === 'globalAdmin' && ( <>
diff --git a/infrastructure/elastic.tf b/infrastructure/elastic.tf index 9cbf6f2ba..4f51938a4 100644 --- a/infrastructure/elastic.tf +++ b/infrastructure/elastic.tf @@ -28,38 +28,4 @@ resource "aws_instance" "elk_stack" { } } -data "aws_iam_policy_document" "elk_policy" { - statement { - effect = "Allow" - actions = ["cloudwatch:GetMetricData", - "cloudwatch:ListMetrics", - "ec2:DescribeInstances", - "ec2:DescribeRegions", - "logs:DescribeLogGroups", - "logs:FilterLogEvents", - "rds:DescribeDBInstances", - "rds:ListTagsForResource", - "sns:ListTopics", - "sqs:ChangeMessageVisibility", - "sqs:DeleteMessage", - "sqs:ListQueues", - "sqs:ReceiveMessage", - "sts:AssumeRole", - "sts:GetCallerIdentity", - "tag:GetResources"] - resources = ["*"] - } -} - -# Define IAM user -resource "aws_iam_user" "elk_integration_user" { - name = "ELKIntegrationUser" -} - -# Attach policy to the IAM user -resource "aws_iam_user_policy" "lb_ro" { - name = "test" - user = aws_iam_user.elk_integration_user.name - policy = data.aws_iam_policy_document.elk_policy.json -} diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index 865d71924..15a43db08 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -59,6 +59,8 @@ ssm_dnstwist_queue_url = "/crossfeed/prod/DNSTWIST_QUEUE_URL" ssm_hibp_queue_url = "/crossfeed/prod/HIBP_QUEUE_URL" ssm_intelx_queue_url = "/crossfeed/prod/INTELX_QUEUE_URL" ssm_cybersixgill_queue_url = "/crossfeed/prod/CYBERSIXGILL_QUEUE_URL" +ssm_pe_api_key = "/crossfeed/prod/PE_API_KEY" +ssm_cf_api_key = "/crossfeed/prod/CF_API_KEY" db_group_name = "crossfeed-prod-db-group" worker_ecs_repository_name = "crossfeed-prod-worker" worker_ecs_cluster_name = "crossfeed-prod-worker" diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index 7eee126d9..8a78c4049 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -60,6 +60,8 @@ ssm_dnstwist_queue_url = "/crossfeed/staging/DNSTWIST_QUEUE_URL" ssm_hibp_queue_url = "/crossfeed/staging/HIBP_QUEUE_URL" ssm_intelx_queue_url = "/crossfeed/staging/INTELX_QUEUE_URL" ssm_cybersixgill_queue_url = "/crossfeed/staging/CYBERSIXGILL_QUEUE_URL" +ssm_pe_api_key = "/crossfeed/staging/PE_API_KEY" +ssm_cf_api_key = "/crossfeed/staging/CF_API_KEY" db_group_name = "crossfeed-staging-db-group" worker_ecs_repository_name = "crossfeed-staging-worker" worker_ecs_cluster_name = "crossfeed-staging-worker" diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf index ec46c379c..f47c3e7c9 100644 --- a/infrastructure/vars.tf +++ b/infrastructure/vars.tf @@ -334,6 +334,18 @@ variable "ssm_lg_api_key" { default = "/crossfeed/staging/LG_API_KEY" } +variable "ssm_pe_api_key" { + description = "ssm_pe_api_key" + type = string + default = "/crossfeed/staging/PE_API_KEY" +} + +variable "ssm_cf_api_key" { + description = "ssm_cf_api_key" + type = string + default = "/crossfeed/staging/CF_API_KEY" +} + variable "ssm_lg_workspace_name" { description = "ssm_lg_workspace_name" type = string diff --git a/infrastructure/worker.tf b/infrastructure/worker.tf index e77c4f376..223588544 100644 --- a/infrastructure/worker.tf +++ b/infrastructure/worker.tf @@ -94,7 +94,9 @@ resource "aws_iam_role_policy" "worker_task_execution_role_policy" { "${data.aws_ssm_parameter.hibp_queue_url.arn}", "${data.aws_ssm_parameter.intelx_queue_url.arn}", "${data.aws_ssm_parameter.cybersixgill_queue_url.arn}", - "${aws_ssm_parameter.es_endpoint.arn}" + "${aws_ssm_parameter.es_endpoint.arn}", + "${data.aws_ssm_parameter.pe_api_key.arn}", + "${data.aws_ssm_parameter.cf_api_key.arn}" ] } ] @@ -304,6 +306,14 @@ resource "aws_ecs_task_definition" "worker" { { "name": "ELASTICSEARCH_ENDPOINT", "valueFrom": "${aws_ssm_parameter.es_endpoint.arn}" + }, + { + "name": "PE_API_KEY", + "valueFrom": "${data.aws_ssm_parameter.pe_api_key.arn}" + }, + { + "name": "CF_API_KEY", + "valueFrom": "${data.aws_ssm_parameter.cf_api_key.arn}" } ] } @@ -375,6 +385,10 @@ data "aws_ssm_parameter" "intelx_queue_url" { name = var.ssm_intelx_queue_url } data "aws_ssm_parameter" "cybersixgill_queue_url" { name = var.ssm_cybersixgill_queue_url } +data "aws_ssm_parameter" "pe_api_key" { name = var.ssm_pe_api_key } + +data "aws_ssm_parameter" "cf_api_key" { name = var.ssm_cf_api_key } + resource "aws_s3_bucket" "export_bucket" { bucket = var.export_bucket_name tags = {