From 21fad58078bd6f018ed70a6a236606870e81420e Mon Sep 17 00:00:00 2001
From: Noam Strauss <noamstrauss@gmail.com>
Date: Sun, 6 Oct 2024 11:35:57 +0300
Subject: [PATCH] fix: Require TLS certificate validation in Lambda's

- Changed `cert_reqs` to `CERT_REQUIRED` in http requests for lambda functions
---
 modules/single/modules/lambda/functions/create_cspm_key.py      | 2 +-
 modules/single/modules/lambda/functions/generate_external_id.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/single/modules/lambda/functions/create_cspm_key.py b/modules/single/modules/lambda/functions/create_cspm_key.py
index bc75f30..8ea2d11 100644
--- a/modules/single/modules/lambda/functions/create_cspm_key.py
+++ b/modules/single/modules/lambda/functions/create_cspm_key.py
@@ -38,7 +38,7 @@ def get_signature(aqua_secret, tstmp, path, method, body):
     return sig
 
 def http_request(url, headers, method, body=None):
-    http = urllib3.PoolManager(cert_reqs='CERT_NONE')
+    http = urllib3.PoolManager(cert_reqs='CERT_REQUIRED')
 
     try:
         response = http.request(method, url, body=body, headers=headers)
diff --git a/modules/single/modules/lambda/functions/generate_external_id.py b/modules/single/modules/lambda/functions/generate_external_id.py
index 4f8f01b..c1f2aa3 100644
--- a/modules/single/modules/lambda/functions/generate_external_id.py
+++ b/modules/single/modules/lambda/functions/generate_external_id.py
@@ -33,7 +33,7 @@ def http_request(url, headers, method, body=None):
     if body is None:
         body = {}
 
-    http = urllib3.PoolManager(cert_reqs='CERT_NONE')
+    http = urllib3.PoolManager(cert_reqs='CERT_REQUIRED')
 
     try:
         response = http.request(method, url, body=body, headers=headers)