From 2d07668fd615012404050c2686b116eff8cd8558 Mon Sep 17 00:00:00 2001
From: aloftus23 <andylofti@gmail.com>
Date: Tue, 9 Jan 2024 11:50:06 -0500
Subject: [PATCH] Remove VPC Endpoints from serverless (Not needed with NAT
 gateway)

---
 frontend/env.yml        |  2 --
 frontend/serverless.yml | 14 --------------
 2 files changed, 16 deletions(-)

diff --git a/frontend/env.yml b/frontend/env.yml
index 5f7199d1e..46ef9d3a9 100644
--- a/frontend/env.yml
+++ b/frontend/env.yml
@@ -3,11 +3,9 @@ dev:
 
 staging:
   DOMAIN: 'staging-cd.crossfeed.cyber.dhs.gov'
-  VPC_ENDPOINT: ${ssm:/crossfeed/staging/BACKEND_VPC_ENDPOINT}
 
 prod:
   DOMAIN: 'crossfeed.cyber.dhs.gov'
-  VPC_ENDPOINT: ${ssm:/crossfeed/prod/BACKEND_VPC_ENDPOINT}
 
 dev-vpc:
   securityGroupIds:
diff --git a/frontend/serverless.yml b/frontend/serverless.yml
index 7fda593aa..30835c063 100644
--- a/frontend/serverless.yml
+++ b/frontend/serverless.yml
@@ -23,24 +23,10 @@ provider:
   stage: ${opt:stage, 'dev'}
   environment: ${file(env.yml):${self:provider.stage}, ''}
   vpc: ${file(env.yml):${self:provider.stage}-vpc, ''}
-  vpcEndpointIds:
-    - vpce-0f012d56c2afb9c1d
   apiGateway:
     binaryMediaTypes:
       - 'image/*'
       - 'font/*'
-    resourcePolicy: 
-      - Effect: Deny
-        Principal: "*"
-        Action: "execute-api:Invoke"
-        Resource: "execute-api:/${self:provider.stage}/*/*"
-        Condition:
-          StringNotEquals:
-            "aws:sourceVpce": "vpce-0f012d56c2afb9c1d"
-      - Effect: Allow
-        Principal: "*"
-        Action: "execute-api:Invoke"
-        Resource: "execute-api:/${self:provider.stage}/*/*"
   logs:
     restApi: true
   deploymentBucket: