From e1cd7254fd335a977882fab2a6ce5d6ac1a31a48 Mon Sep 17 00:00:00 2001
From: Shay Nehmad <shay.nehmad@guardicore.com>
Date: Tue, 23 Apr 2019 18:45:03 +0300
Subject: [PATCH] Removed aws auth params from code

Since we're not using it anymore
---
 monkey/common/cloud/aws_service.py            | 24 +++++++------------
 .../cc/services/remote_run_aws.py             | 17 -------------
 2 files changed, 9 insertions(+), 32 deletions(-)

diff --git a/monkey/common/cloud/aws_service.py b/monkey/common/cloud/aws_service.py
index 93c3b609b..41bb202bc 100644
--- a/monkey/common/cloud/aws_service.py
+++ b/monkey/common/cloud/aws_service.py
@@ -29,18 +29,16 @@ def filter_instance_data_from_aws_response(response):
 
 class AwsService(object):
     """
-    Supplies various AWS services
+    A wrapper class around the boto3 client and session modules, which supplies various AWS services.
+
+    This class will assume:
+        1. That it's running on an EC2 instance
+        2. That the instance is associated with the correct IAM role. See
+        https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html#iam-role for details.
     """
 
-    access_key_id = None
-    secret_access_key = None
     region = None
 
-    @staticmethod
-    def set_auth_params(access_key_id, secret_access_key):
-        AwsService.access_key_id = access_key_id
-        AwsService.secret_access_key = secret_access_key
-
     @staticmethod
     def set_region(region):
         AwsService.region = region
@@ -49,15 +47,11 @@ class AwsService(object):
     def get_client(client_type, region=None):
         return boto3.client(
             client_type,
-            aws_access_key_id=AwsService.access_key_id,
-            aws_secret_access_key=AwsService.secret_access_key,
             region_name=region if region is not None else AwsService.region)
 
     @staticmethod
     def get_session():
-        return boto3.session.Session(
-            aws_access_key_id=AwsService.access_key_id,
-            aws_secret_access_key=AwsService.secret_access_key)
+        return boto3.session.Session()
 
     @staticmethod
     def get_regions():
@@ -83,12 +77,12 @@ class AwsService(object):
         :return: All visible instances from this instance
         """
         current_instance = AwsInstance()
-        local_ssm_client = boto3.client("ssm", region_name=current_instance.get_region())
+        local_ssm_client = boto3.client("ssm", current_instance.get_region())
         try:
             response = local_ssm_client.describe_instance_information()
 
             filtered_instances_data = filter_instance_data_from_aws_response(response)
             return filtered_instances_data
         except botocore.exceptions.ClientError as e:
-            logger.info("AWS client error while trying to get instances: " + e.message)
+            logger.warning("AWS client error while trying to get instances: " + e.message)
             raise e
diff --git a/monkey/monkey_island/cc/services/remote_run_aws.py b/monkey/monkey_island/cc/services/remote_run_aws.py
index 019db10d3..78df00721 100644
--- a/monkey/monkey_island/cc/services/remote_run_aws.py
+++ b/monkey/monkey_island/cc/services/remote_run_aws.py
@@ -45,23 +45,6 @@ class RemoteRunAwsService:
     def is_running_on_aws():
         return RemoteRunAwsService.aws_instance.is_aws_instance()
 
-    @staticmethod
-    def update_aws_auth_params():
-        """
-        Updates the AWS authentication parameters according to config
-        :return: True if new params allow successful authentication. False otherwise
-        """
-        AwsService.set_region(RemoteRunAwsService.aws_instance.region)
-
-        access_key_id = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_access_key_id'], False, True)
-        secret_access_key = ConfigService.get_config_value(['cnc', 'aws_config', 'aws_secret_access_key'], False, True)
-
-        if (access_key_id != AwsService.access_key_id) or (secret_access_key != AwsService.secret_access_key):
-            AwsService.set_auth_params(access_key_id, secret_access_key)
-            RemoteRunAwsService.is_auth = AwsService.test_client()
-
-        return RemoteRunAwsService.is_auth
-
     @staticmethod
     def update_aws_region_authless():
         """