New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
@cfn-modules/lambda-function
Advanced tools
@cfn-modules/lambda-function - npm Package Compare versions
+24
-7
@@ -19,3 +19,2 @@ --- | ||
| # TODO integrate with event sources | ||
| # * Amazon S3 (via s3-bucket module) | ||
| # * Amazon DynamoDB (via standalone module using AWS::Lambda::EventSourceMapping) | ||
@@ -100,7 +99,12 @@ # * Amazon Kinesis Data Streams (via standalone module using AWS::Lambda::EventSourceMapping) | ||
| Default: '' | ||
| AllowApiGatewayAccess: | ||
| Description: 'Allow invoke access from API Gateways from the same AWS account and region?' | ||
| ApiGatewayAccess: | ||
| Description: 'Allow invoke access from API gateways from the same AWS account and region?' | ||
| Type: String | ||
| Default: true | ||
| AllowedValues: [true, false] | ||
| S3BucketAccess: | ||
| Description: 'Allow invoke access from S3 buckets from the same AWS account?' | ||
| Type: String | ||
| Default: true | ||
| AllowedValues: [true, false] | ||
| Conditions: | ||
@@ -116,3 +120,4 @@ HasAlertingModule: !Not [!Equals [!Ref AlertingModule, '']] | ||
| HasDependencyModules: !Or [!Condition HasDependencyModule1, !Condition HasDependencyModule2, !Condition HasDependencyModule3] | ||
| HasAllowApiGatewayAccess: !Equals [!Ref AllowApiGatewayAccess, true] | ||
| HasApiGatewayAccess: !Equals [!Ref ApiGatewayAccess, true] | ||
| HasS3BucketAccess: !Equals [!Ref S3BucketAccess, true] | ||
| Resources: | ||
@@ -238,3 +243,3 @@ Role: | ||
| PermissionApiGateway: | ||
| Condition: HasAllowApiGatewayAccess | ||
| Condition: HasApiGatewayAccess | ||
| Type: 'AWS::Lambda::Permission' | ||
@@ -247,2 +252,11 @@ Properties: | ||
| SourceArn: !Sub 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:*' | ||
| PermissionS3: | ||
| Condition: HasS3BucketAccess | ||
| Type: 'AWS::Lambda::Permission' | ||
| Properties: | ||
| Action: 'lambda:invokeFunction' | ||
| FunctionName: !GetAtt 'Function.Arn' | ||
| Principal: 's3.amazonaws.com' | ||
| SourceAccount: !Ref 'AWS::AccountId' | ||
| #SourceArn: !GetAtt 'Bucket.Arn' | ||
| Outputs: | ||
@@ -252,3 +266,3 @@ ModuleId: | ||
| ModuleVersion: | ||
| Value: '0.0.13' | ||
| Value: '0.0.14' | ||
| StackName: | ||
@@ -276,2 +290,5 @@ Value: !Ref 'AWS::StackName' | ||
| Name: !Sub '${AWS::StackName}-RoleArn' | ||
| RoleName: | ||
| Value: !Ref Role | ||
| Export: | ||
| Name: !Sub '${AWS::StackName}-RoleName' |
+1
-1
| { | ||
| "name": "@cfn-modules/lambda-function", | ||
| "version": "0.0.13", | ||
| "version": "0.0.14", | ||
| "description": "AWS Lambda function with automated IAM policy generation, encryption, log group and alerting", | ||
@@ -5,0 +5,0 @@ "author": "Michael Wittig <michael@widdix.de>", |
+11
-3
@@ -43,3 +43,4 @@ # cfn-modules: AWS Lambda function | ||
| DependencyModule3: '' # optional | ||
| AllowApiGatewayAccess: true # optional | ||
| ApiGatewayAccess: true # optional | ||
| S3BucketAccess: true # optional | ||
| TemplateURL: './node_modules/@cfn-modules/lambda-function/module.yml' | ||
@@ -167,4 +168,4 @@ ``` | ||
| <tr> | ||
| <td>AllowApiGatewayAccess</td> | ||
| <td>Allow invoke access from API Gateways from the same AWS account and region?</td> | ||
| <td>ApiGatewayAccess</td> | ||
| <td>Allow invoke access from API gateways from the same AWS account and region?</td> | ||
| <td>true</td> | ||
@@ -174,3 +175,10 @@ <td>no</td> | ||
| </tr> | ||
| <tr> | ||
| <td>S3BucketAccessy</td> | ||
| <td>Allow invoke access from S3 buckets from the same AWS account?</td> | ||
| <td>true</td> | ||
| <td>no></td> | ||
| <td>[true, false]</td> | ||
| </tr> | ||
| </tbody> | ||
| </table> |
No alert changes
Improved metrics
- Total package byte prevSize
17320
4.74%- Number of lines in readme file
182
4.6%No dependency changes