Merge pull request #127 from OWASP/update-1411

Updated latest deps in balancer (1.5B), worngsecrets and desktop (1.5.11) and fixed deprecated TF usage

Author: commjoen

aws/main.tf

@@ -73,7 +73,7 @@ module "eks" {
 
   cluster_endpoint_private_access = true
 
-  cluster_endpoint_public_access_cidrs = compact(concat(["${data.http.ip.body}/32"], var.extra_allowed_ip_ranges))
+  cluster_endpoint_public_access_cidrs = compact(concat(["${data.http.ip.response_body}/32"], var.extra_allowed_ip_ranges))
 
   enable_irsa = true
 

aws/s3-user.tf

@@ -49,7 +49,7 @@ data "aws_iam_policy_document" "state_user_policy" {
 resource "aws_secretsmanager_secret" "state_user_access_keys" {
   name                    = "s3-state-user"
   description             = "The access keys for S3 access"
-  recovery_window_in_days = 7
+  recovery_window_in_days = 0
 }
 
 resource "aws_secretsmanager_secret_version" "state_user_access_keys" {

helm/wrongsecrets-ctf-party/values.yaml

@@ -35,7 +35,7 @@ balancer:
     # -- Set this to a fixed random alpa-numeric string (recommended length 24 chars). If not set this get randomly generated with every helm upgrade, each rotation invalidates all active cookies / sessions requirering users to login again.
     cookieParserSecret: null
   repository: jeroenwillemsen/wrongsecrets-balancer
-  tag: 1.5aws
+  tag: 1.5Baws
   # -- Number of replicas of the wrongsecrets-balancer deployment
   replicas: 1
   service: