New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@cfn-modules/lambda-function
Advanced tools
@cfn-modules/lambda-function - npm Package Compare versions
+39
-20
@@ -18,2 +18,21 @@ --- | ||
| # cfn-modules:implements(ExposeArn, ExposeName, LambdaDependency) | ||
| # TODO integrate with event sources | ||
| # * Amazon S3 (via s3-bucket module) | ||
| # * Amazon DynamoDB (via standalone module using AWS::Lambda::EventSourceMapping) | ||
| # * Amazon Kinesis Data Streams (via standalone module using AWS::Lambda::EventSourceMapping) | ||
| # * Amazon Simple Notification Service (via standalone module using AWS::SNS::Subscription) | ||
| # * Amazon Simple Email Service (via TODO) | ||
| # * Amazon Cognito (via TODO) | ||
| # * AWS CloudFormation (via TODO) | ||
| # * Amazon CloudWatch Logs (via TODO) | ||
| # * Amazon CloudWatch Events (via standalone module using AWS::Events::Rule) | ||
| # * AWS CodeCommit (via TODO) | ||
| # * Scheduled Events (via standalone module using AWS::Events::Rule) | ||
| # * AWS Config (via TODO) | ||
| # * Amazon Alexa (via TODO) | ||
| # * Amazon Lex (via TODO) | ||
| # * Amazon API Gateway (via AWS::Serverless::Api DefinitionBody, not a module) | ||
| # * AWS IoT Button (via TODO) | ||
| # * Amazon CloudFront (via TODO) | ||
| # * Amazon Kinesis Data Firehose (via TODO) | ||
| Parameters: | ||
@@ -69,11 +88,11 @@ AlertingModule: | ||
| AllowedValues: [1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653] | ||
| ModuleDependency1: | ||
| DependencyModule1: | ||
| Description: 'Optional stack name of module implementing LambdaDependency to generate IAM Policy' | ||
| Type: String | ||
| Default: '' | ||
| ModuleDependency2: | ||
| DependencyModule2: | ||
| Description: 'Optional stack name of module implementing LambdaDependency to generate IAM Policy' | ||
| Type: String | ||
| Default: '' | ||
| ModuleDependency3: | ||
| DependencyModule3: | ||
| Description: 'Optional stack name of module implementing LambdaDependency to generate IAM Policy' | ||
@@ -93,6 +112,6 @@ Type: String | ||
| HasVpcModule: !Not [!Equals [!Ref VpcModule, '']] | ||
| HasModuleDependency1: !Not [!Equals [!Ref ModuleDependency1, '']] | ||
| HasModuleDependency2: !Not [!Equals [!Ref ModuleDependency2, '']] | ||
| HasModuleDependency3: !Not [!Equals [!Ref ModuleDependency3, '']] | ||
| HasModuleDependencies: !Or [!Condition HasModuleDependency1, !Condition HasModuleDependency2, !Condition HasModuleDependency3] | ||
| HasDependencyModule1: !Not [!Equals [!Ref DependencyModule1, '']] | ||
| HasDependencyModule2: !Not [!Equals [!Ref DependencyModule2, '']] | ||
| HasDependencyModule3: !Not [!Equals [!Ref DependencyModule3, '']] | ||
| HasDependencyModules: !Or [!Condition HasDependencyModule1, !Condition HasDependencyModule2, !Condition HasDependencyModule3] | ||
| HasAllowApiGatewayAccess: !Equals [!Ref AllowApiGatewayAccess, true] | ||
@@ -123,18 +142,18 @@ Resources: | ||
| - !If | ||
| - HasModuleDependency1 | ||
| - HasDependencyModule1 | ||
| - Effect: Allow | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency1}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency1}-IamResources'}] | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule1}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule1}-IamResources'}] | ||
| - !Ref 'AWS::NoValue' | ||
| - !If | ||
| - HasModuleDependency2 | ||
| - HasDependencyModule2 | ||
| - Effect: Allow | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency2}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency2}-IamResources'}] | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule2}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule2}-IamResources'}] | ||
| - !Ref 'AWS::NoValue' | ||
| - !If | ||
| - HasModuleDependency3 | ||
| - HasDependencyModule3 | ||
| - Effect: Allow | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency3}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${ModuleDependency3}-IamResources'}] | ||
| Action: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule3}-IamActions'}] | ||
| Resource: !Split [',', {'Fn::ImportValue': !Sub '${DependencyModule3}-IamResources'}] | ||
| - !Ref 'AWS::NoValue' | ||
@@ -163,5 +182,5 @@ - !Ref 'AWS::NoValue' | ||
| Variables: # TODO how to handle this? Seems to be impossible... | ||
| DEPENDENCY1_ARN: !If [HasModuleDependency1, {'Fn::ImportValue': !Sub '${ModuleDependency1}-Arn'}, ''] | ||
| DEPENDENCY2_ARN: !If [HasModuleDependency2, {'Fn::ImportValue': !Sub '${ModuleDependency2}-Arn'}, ''] | ||
| DEPENDENCY3_ARN: !If [HasModuleDependency3, {'Fn::ImportValue': !Sub '${ModuleDependency3}-Arn'}, ''] | ||
| DEPENDENCY1_ARN: !If [HasDependencyModule1, {'Fn::ImportValue': !Sub '${DependencyModule1}-Arn'}, ''] | ||
| DEPENDENCY2_ARN: !If [HasDependencyModule2, {'Fn::ImportValue': !Sub '${DependencyModule2}-Arn'}, ''] | ||
| DEPENDENCY3_ARN: !If [HasDependencyModule3, {'Fn::ImportValue': !Sub '${DependencyModule3}-Arn'}, ''] | ||
| FunctionName: !Ref 'AWS::StackName' | ||
@@ -233,3 +252,3 @@ Handler: !Ref Handler | ||
| ModuleVersion: | ||
| Value: '0.0.11' | ||
| Value: '0.0.12' | ||
| StackName: | ||
@@ -236,0 +255,0 @@ Value: !Ref 'AWS::StackName' |
+1
-1
| { | ||
| "name": "@cfn-modules/lambda-function", | ||
| "version": "0.0.11", | ||
| "version": "0.0.12", | ||
| "description": "AWS Lambda function with automated IAM policy generation, encryption, log group and alerting", | ||
@@ -5,0 +5,0 @@ "author": "Michael Wittig <michael@widdix.de>", |
+7
-7
@@ -17,3 +17,3 @@ # cfn-modules: AWS Lambda function | ||
| > If you pass in a module dependency (e.g. `ModuleDependency1`), the environment variable `DEPENDENCY1_ARN` inside the Lambda function will contain the ARN of the dependency. | ||
| > If you pass in a module dependency (e.g. `DependencyModule1`), the environment variable `DEPENDENCY1_ARN` inside the Lambda function will contain the ARN of the dependency. | ||
@@ -41,5 +41,5 @@ ``` | ||
| LogGroupRetentionInDays: 14 # optional | ||
| ModuleDependency1: !GetAtt 'Queue.Outputs.StackName' # optional | ||
| ModuleDependency2: !GetAtt 'Table.Outputs.StackName' # optional | ||
| ModuleDependency3: '' # optional | ||
| DependencyModule1: !GetAtt 'Queue.Outputs.StackName' # optional | ||
| DependencyModule2: !GetAtt 'Table.Outputs.StackName' # optional | ||
| DependencyModule3: '' # optional | ||
| AllowApiGatewayAccess: true # optional | ||
@@ -147,3 +147,3 @@ TemplateURL: './node_modules/@cfn-modules/lambda-function/module.yml' | ||
| <tr> | ||
| <td>ModuleDependency1</td> | ||
| <td>DependencyModule1</td> | ||
| <td>Stack name of module implementing LambdaDependency to generate IAM Policy</td> | ||
@@ -155,3 +155,3 @@ <td></td> | ||
| <tr> | ||
| <td>ModuleDependency2</td> | ||
| <td>DependencyModule2</td> | ||
| <td>Stack name of module implementing LambdaDependency to generate IAM Policy</td> | ||
@@ -163,3 +163,3 @@ <td></td> | ||
| <tr> | ||
| <td>ModuleDependency3</td> | ||
| <td>DependencyModule3</td> | ||
| <td>Stack name of module implementing LambdaDependency to generate IAM Policy</td> | ||
@@ -166,0 +166,0 @@ <td></td> |
No alert changes
Improved metrics
- Total package byte prevSize
16537
5.94%No dependency changes