Skip to content

Commit c342a79

Browse files
florentinlflorentinl
committed
appsec: fixes for API Security
1 parent 7184daf commit c342a79

16 files changed

+54
-13
lines changed

datadog_lambda/__init__.py

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,6 @@
88
"DD_APPSEC_ENABLED", "false"
99
)
1010

11-
if os.environ.get("DD_API_SECURITY_ENABLED") is None:
12-
os.environ["DD_API_SECURITY_ENABLED"] = "False"
1311

1412
initialize_cold_start_tracing()
1513

datadog_lambda/trigger.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -288,7 +288,7 @@ def extract_http_tags(event):
288288
"""
289289
Extracts HTTP facet tags from the triggering event
290290
"""
291-
http_tags = {}
291+
http_tags = {"span.kind": "server"}
292292

293293
# Safely get request_context and ensure it's a dictionary
294294
request_context = event.get("requestContext")

tests/integration/serverless.yml

Lines changed: 1 addition & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -15,11 +15,6 @@ provider:
1515
DD_COLD_START_TRACING: false
1616
DD_SERVICE: ${self:service}
1717
timeout: 15
18-
deploymentBucket:
19-
name: integration-tests-serververless-deployment-bucket
20-
iam:
21-
# IAM permissions require that all functions are deployed with this role
22-
role: "arn:aws:iam::425362996713:role/serverless-integration-test-lambda-role"
2318
layers:
2419
- { Ref: PythonLambdaLayer }
2520
- { Ref: PythonRequirementsLambdaLayer }
@@ -31,7 +26,7 @@ custom:
3126
pythonRequirements:
3227
pythonBin: python3
3328
pipCmdExtraArgs:
34-
- --no-deps # install just requests
29+
- --no-deps # install just requests
3530
layer:
3631
compatibleRuntimes:
3732
- ${env:SERVERLESS_RUNTIME}

tests/integration/snapshots/logs/async-metrics_python310.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/async-metrics_python311.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/async-metrics_python312.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/async-metrics_python313.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/async-metrics_python38.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/async-metrics_python39.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
104104
"span.name": "aws.lambda",
105105
"function_trigger.event_source": "api-gateway",
106106
"function_trigger.event_source_arn": "XXXX",
107+
"span.kind": "server",
107108
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
108109
"http.url_details.path": "/Prod/",
109110
"http.method": "GET",
@@ -642,6 +643,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
642643
"span.name": "aws.lambda",
643644
"function_trigger.event_source": "api-gateway",
644645
"function_trigger.event_source_arn": "XXXX$default",
646+
"span.kind": "server",
645647
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
646648
"http.url_details.path": "/httpapi/get",
647649
"http.method": "GET",
@@ -1479,6 +1481,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
14791481
"span.name": "aws.lambda",
14801482
"function_trigger.event_source": "api-gateway",
14811483
"function_trigger.event_source_arn": "XXXX",
1484+
"span.kind": "server",
14821485
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
14831486
"http.status_code": "200"
14841487
},

tests/integration/snapshots/logs/sync-metrics_python310.log

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
8484
"span.name": "aws.lambda",
8585
"function_trigger.event_source": "api-gateway",
8686
"function_trigger.event_source_arn": "XXXX",
87+
"span.kind": "server",
8788
"http.url": "https://XXXX.execute-api.us-east-2.amazonaws.com",
8889
"http.url_details.path": "/Prod/",
8990
"http.method": "GET",
@@ -679,6 +680,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
679680
"span.name": "aws.lambda",
680681
"function_trigger.event_source": "api-gateway",
681682
"function_trigger.event_source_arn": "XXXX$default",
683+
"span.kind": "server",
682684
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
683685
"http.url_details.path": "/httpapi/get",
684686
"http.method": "GET",
@@ -1611,6 +1613,7 @@ HTTP GET https://www.datadoghq.com/ Headers: ["Accept-Encoding:gzip, deflate","A
16111613
"span.name": "aws.lambda",
16121614
"function_trigger.event_source": "api-gateway",
16131615
"function_trigger.event_source_arn": "XXXX",
1616+
"span.kind": "server",
16141617
"http.url": "https://XXXX.execute-api.eu-west-1.amazonaws.com",
16151618
"http.status_code": "200"
16161619
},

0 commit comments

Comments
 (0)