Fix repo name and update comment

guardian · Apr 27, 2023 · 3ed2e94 · 3ed2e94
1 parent c2977e2
commit 3ed2e94
Showing 1 changed file with 7 additions and 5 deletions.
diff --git a/src/patterns/ec2-app/base.ts b/src/patterns/ec2-app/base.ts
@@ -474,13 +474,13 @@ export class GuEc2App extends Construct {
         NAMED_SSM_PARAMETER_PATHS.DeployToolsAccountId.path
       );
 
-      // See https://github.com/guardian/cognito-gatekeeper for the source code
-      // here.
-      // ARN format is: arn:aws:lambda:aws-region:acct-id:function:helloworld.
+      // See https://github.com/guardian/cognito-auth-lambdas for the source
+      // code here. ARN format is:
+      // arn:aws:lambda:aws-region:acct-id:function:helloworld.
       const gatekeeperFunctionArn = `arn:aws:lambda:eu-west-1:${deployToolsAccountId.stringValue}:function:deploy-PROD-gatekeeper-lambda`;
 
       // Note, handler and filename must match here:
-      // https://github.com/guardian/cognito-gatekeeper.
+      // https://github.com/guardian/cognito-auth-lambdas.
       const authLambda = new GuLambdaFunction(scope, "auth-lambda", {
         app: app,
         memorySize: 128,
@@ -548,7 +548,9 @@ export class GuEc2App extends Construct {
 
         // Note: id and access validity token validity cannot be less than one
         // hour (this is the cognito cookie duration). To quickly invalidate
-        // credentials, disable the user in Cognito.
+        // credentials, disable the user in Cognito. It might be that we want to
+        // parameterise these going forward, but that would require Infosec
+        // discussion.
         idTokenValidity: Duration.hours(1),
         accessTokenValidity: Duration.hours(1),
         refreshTokenValidity: Duration.days(7),