Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@anttiviljami/serverless-stack-output
Advanced tools
Serverless plugin to process AWS CloudFormation Stack Output
A serverless plugin to store output from your AWS CloudFormation Stack in JSON/YAML/TOML files, or to pass the output to a JavaScript function for further processing.
$ > yarn add serverless-stack-output
$ > npm install serverless-stack-output
plugins:
- serverless-stack-output
custom:
output:
handler: scripts/output.handler # Same syntax as you already know
file: .build/stack.toml # toml, yaml, yml, and json format is available
Based on the configuration above the plugin will search for a file scripts/output.js
with the following content:
function handler (data, serverless, options) {
console.log('Received Stack Output', data)
}
module.exports = { handler }
Just name your file with a .json
, .toml
, .yaml
, or .yml
extension, and the plugin will take care of formatting your output. Please make sure the location where you want to save the file exists!
Feel free to use the code, it's released using the MIT license.
You are more than welcome to contribute to this project! 😘 🙆
To make sure you have a pleasant experience, please read the code of conduct. It outlines core values and believes and will make working together a happier experience.
The plugins works fine with serverless functions, as well as when using custom CloudFormation resources. The following example configuration will deploy an AWS Lambda function, API Gateway, SQS Queue, IAM User with AccessKey and SecretKey, and a static value:
service: sls-stack-output-example
plugins:
- serverless-stack-output
package:
exclude:
- node_modules/**
custom:
output:
handler: scripts/output.handler
file: .build/stack.toml
provider:
name: aws
runtime: nodejs6.10
functions:
example:
handler: functions/example.handle
events:
- http:
path: example
method: get
cors: true
resources:
Resources:
ExampleQueue:
Type: AWS::SQS::Queue
Properties:
QueueName: example-queue
ExampleUser:
Type: "AWS::IAM::User"
Properties:
UserName: example-user
Policies:
- PolicyName: ExampleUserSQSPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: "Allow"
Action:
- sqs:SendMessage
Resource:
- {"Fn::Join": [":", ["arn:aws:sqs:*", {"Ref": "AWS::AccountId"}, "example-queue"]]}
ExampleUserKey:
Type: AWS::IAM::AccessKey
Properties:
UserName:
Ref: ExampleUser
Outputs:
ExampleUserKey:
Value:
Ref: ExampleUserKey
ExampleUserSecret:
Value: {"Fn::GetAtt": ["ExampleUserKey", "SecretAccessKey"]}
ExampleStaticValue:
Value: example-static-value
ExampleUserSecret = "YourUserSecretKey"
ExampleUserKey = "YourUserAccessKey"
ExampleLambdaFunctionQualifiedArn = "arn:aws:lambda:us-east-1:AccountID:function:sls-stack-output-example-dev-example:9"
ExampleStaticValue = "example-static-value"
ServiceEndpoint = "https://APIGatewayID.execute-api.us-east-1.amazonaws.com/dev"
ServerlessDeploymentBucketName = "sls-stack-output-example-serverlessdeploymentbuck-BucketID"
ExampleUserSecret: YourUserSecretKey
ExampleUserKey: YourUserAccessKey
ExampleLambdaFunctionQualifiedArn: 'arn:aws:lambda:us-east-1:AccountID:function:sls-stack-output-example-dev-example:9'
ExampleStaticValue: example-static-value
ServiceEndpoint: 'https://APIGatewayID.execute-api.us-east-1.amazonaws.com/dev'
ServerlessDeploymentBucketName: sls-stack-output-example-serverlessdeploymentbuck-BucketID
{
"ExampleUserSecret": "YourUserSecretKey",
"ExampleUserKey": "YourUserAccessKey",
"ExampleLambdaFunctionQualifiedArn": "arn:aws:lambda:us-east-1:AccountID:function:sls-stack-output-example-dev-example:9",
"ExampleStaticValue": "example-static-value",
"ServiceEndpoint": "https://APIGatewayID.execute-api.us-east-1.amazonaws.com/dev",
"ServerlessDeploymentBucketName": "sls-stack-output-example-serverlessdeploymentbuck-BucketID"
}
FAQs
Serverless plugin to process AWS CloudFormation Stack Output
We found that @anttiviljami/serverless-stack-output demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.