From efc8178ed98ab261b2e540ddbfaca291f946e4a7 Mon Sep 17 00:00:00 2001
From: Mahad Janjua <134644284+majanjua-amzn@users.noreply.github.com>
Date: Wed, 18 Dec 2024 15:31:01 -0800
Subject: [PATCH] [Lambda] Extract input from workflow as environment variable
 (#137)

Quick fix in reference to an input injection security issue detected
automatically.

This will need to be cherry picked/PRed to other branches as well,
namely the release branches

By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice.
---
 .github/workflows/release-lambda.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/release-lambda.yml b/.github/workflows/release-lambda.yml
index 411545d..73c5acb 100644
--- a/.github/workflows/release-lambda.yml
+++ b/.github/workflows/release-lambda.yml
@@ -9,6 +9,7 @@ on:
         default: 'us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1, af-south-1, ap-east-1, ap-south-2, ap-southeast-3, ap-southeast-4, eu-central-2, eu-south-1, eu-south-2, il-central-1, me-central-1, me-south-1'
 
 env:
+  AWS_REGIONS: ${{ github.event.inputs.aws_region }}
   COMMERCIAL_REGIONS: us-east-1, us-east-2, us-west-1, us-west-2, ap-south-1, ap-northeast-3, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-northeast-1, ca-central-1, eu-central-1, eu-west-1, eu-west-2, eu-west-3, eu-north-1, sa-east-1
   LAYER_NAME: AWSOpenTelemetryDistroJs
 
@@ -25,7 +26,7 @@ jobs:
       - name: Set up regions matrix
         id: set-matrix
         run: |
-          IFS=',' read -ra REGIONS <<< "${{ github.event.inputs.aws_region }}"
+          IFS=',' read -ra REGIONS <<< "${{ env.AWS_REGIONS }}"
           MATRIX="["
           for region in "${REGIONS[@]}"; do
             trimmed_region=$(echo "$region" | xargs)