Disable s3credentials endpoint for Cumulus Distributions

[krisstanton]

• [x] Do the "rapid disable" endpoint option ASAP. "The Cumulus distribution API /s3credentials endpoint documentation is here. The /s3credentials endpoint will redirect to EDL for authentication and upon successful authentication return the S3 credentials."

• [x] Code changes to Update Cumulus Distribution API for all future deployments

Reference URL: https://nasa.github.io/cumulus-distribution-api/#temporary-s3-credentials

[krisstanton]

Changed this for future deployments (see code commit)

The Change on live server went like this: Doing the Rapid disable

To rapidly disable the dispensing of S3 credentials, in the deployment's DistributionApiEndpoints lambda, set the DISABLE_S3_CREDENTIALS environment variable to true. This can be done via the AWS console or AWS CLI. If this variable is set, the S3 credentials endpoint will not dispense credentials and will instead return a message stating that the endpoint has been disabled.

AWS 5982 (NGAP PROD account). (The one that needed to be changed) --> us-west-2 --> Lambda --> DistributionApiEndpoints --> Configuration Tab (In the middle) --> Environment Variables (Below the tabs, on the left pane, in the middle of the left pane) --> Edit --> "Add environment variable" --> Added 'DISABLE_S3_CREDENTIALS' 'true' --> Clicked Save

For reference: The end point that would give credentials back after authenticating would be: https://data.csda.earthdata.nasa.gov/s3credentials

[krisstanton]

Update: It turns out that the parameter deploy_s3_credentials_endpoint is only defined in the legacy module called distribution. We are not using that module, so there is actually no infrastructure deployed to support the s3_credentials endpoint. This means that effectively, this endpoint will never function to serve credentials. No code changes needed.