Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@flashcoffee/serverless-layers
Advanced tools
@flashcoffee/serverless-layers
[](http://www.serverless.com) [](https://github.com/agutoli/serverless-layers/issues) [
- It attaches automatically layers to the provider and for each function
- it will skip functions with no other layers as they will use the layer(s) we added to the provider
- It creates a new layer's version when
dependenciesis updated - If
dependenciesis not changed, it does not publish a new layer - It reduces drastically lambda size
- It reduces deployment time.
- You can share same layers (libraries) among all lambda functions
Options
Common requirements
- AWS only (sorry)
- Serverless >= 1.34.0 (layers support)
Install
npm install -D serverless-layers
or
serverless plugin install --name serverless-layers
Add the plugin to your serverless.yml file:
Single layer config
Example:
plugins:
- serverless-layers
custom:
serverless-layers:
functions: # optional
- my_func2
dependenciesPath: ./package.json
functions:
my_func1:
handler: handler.hello
my_func2:
handler: handler.hello
Multiple layers config
Example:
plugins:
- serverless-layers
custom:
serverless-layers:
# applies for all lambdas
- common:
dependenciesPath: ./my-folder/package.json
# apply for foo only
- foo:
functions:
- foo
dependenciesPath: my-folder/package-foo.json
- staticArn:
functions:
- foo
- bar
arn: arn:aws:lambda:us-east-1:<your_account>:layer:node-v13-11-0:5
functions:
foo:
handler: handler.hello
bar:
handler: handler.hello
| Option | Type | Default | Description |
|---|---|---|---|
| compileDir | string | .serverless | Compilation directory |
| layersDeploymentBucket | string | You can specify a bucket to upload lambda layers. Required if deploymentBucket is not defined. | |
| customInstallationCommand | string | It specify a custom command to install deps ex. MY_ENV=1 npm --proxy http://myproxy.com i -P | |
| customHash | string | Can specify custom string, that once changed will force a new build of the layer | |
| retainVersions | int | null | Number of layer versions to keep, the rest versions will be removed after deployments |
NodeJS
Requirements
- Node >= v6.10.3
- NPM >= 3.10.10
- A valid package.json file
Options
| Option | Type | Default | Description |
|---|---|---|---|
| packageManager | string | npm | Possible values: npm, yarn |
| packagePath | string | package.json | (DEPRECATED): Available for <= 1.5.0, for versions >= 2.x please use compatibleRuntimes |
| dependenciesPath | string | package.json | Note: >= 2.x versions. You can specify custom path for your package.json |
| compatibleRuntimes | array | ['nodejs'] | Possible values: nodejs, nodejs10.x, nodejs12.x |
Ruby
Requirements
- Ruby >= 2.5
- A valid Gemfile file
Options
| Option | Type | Default | Description |
|---|---|---|---|
| packageManager | string | bundle | Possible values: bundle |
| dependenciesPath | string | Gemfile | Note: Available for >= 2.x versions. You can specify custom path for your requirements.txt |
| compatibleRuntimes | array | ['ruby'] | Possible values: ruby2.5, ruby2.7 |
Python
Requirements
- Python >= 2.7
- A valid requirements.txt file
Options
| Option | Type | Default | Description |
|---|---|---|---|
| packageManager | string | pip | Possible values: pip |
| dependenciesPath | string | requirements.txt | Note: Available for >= 2.x versions. You can specify custom path for your requirements.txt |
| compatibleRuntimes | array | ['python'] | Possible values: python2.7, python3.6, python3.7 and python3.8 |
Default Serverless Setup
This plugin will setup follow options automatically if not specified at serverless.yml.
| Option | Type | Default |
|---|---|---|
| package.individually | bool | false |
| package.exclude | array | ['node_modules/**'] |
| package.excludeDevDependencies | bool | false |
Mininal Policy permissions for CI/CD IAM users
serverless-layers-policy.json
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:PutObject",
"s3:GetObject"
],
"Resource": "arn:aws:s3:::examplebucket"
},
{
"Effect":"Allow",
"Action":[
"cloudformation:DescribeStacks"
],
"Resource": "*"
},
{
"Effect":"Allow",
"Action":[
"lambda:PublishLayerVersion"
],
"Resource": "*"
}
]
}
License
MIT
Contributors
Yes, thank you! This plugin is community-driven, most of its features are from different authors. Please update the docs and tests and add your name to the package.json file. We try to follow Airbnb's JavaScript Style Guide.
Made with contributors-img.
FAQs
[](http://www.serverless.com) [](https://github.com/agutoli/serverless-layers/issues) [
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025