Serverless Resource Policy

homepage icon https://github.com/HubSpotWebTeam/serverless-resource-policy
Follow @HubSpotWebTeam

Tracked

NPM Downloads Last Month
48
Issues
0
Stars
4
Forks
0
Watchers
4
Watch Star Fork Issue Download License NPM Build Status Coverage Status Contributors

Repo README Contents:

Serverless Resource Policy

Creates a whitelist for IP or CIDR addresses accessing a serverless application, using serverless resource policies. This enables you to allow requests only from the IP or CIDR addresses you specify.

Private and Public Stages

CIDR and IP addresses are whitelisted by stages.

How to Use

  1. Install in your serverless application: npm install --save serverless-resource-policy
  2. In your serverless.yml file, add the serverless-resource-plugin, for example: ``` plugins:
    • serverless-resource-policy ```
  3. Within the provider block, add a stage variable:
    provider:
      stage: ${opt:stage, 'dev'}
    
  4. Within a custom block, add:
    custom:
      serverless-resource-policy:
        stage: ${self:provider.stage}
        privateStages:
          - dev
          - staging
        publicStages:
          - production
        netblocks:
          - 123.45.67.890/30
          - 987.65.432.109
    

The netblocks object will contain the list of whitelisted IPs.

Full Example

# serverless.yml

service: my-service-name

plugins:
  - serverless-resource-policy

provider:
  stage: ${opt:stage, 'dev'}

custom:
  serverless-resource-policy:
    stage: ${self:provider.stage}
    privateStages:
      - dev
      - staging
    publicStages:
      - production
    netblocks:
      - 123.45.67.890/30
      - 987.65.432.109

Contributing

Currently maintained by the lovely folks on HubSpot’s Web Team, but we need your help. Please feel free to submit pull requests to add new functionality.