Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@gammarers/aws-rds-database-running-schedule-stack
Advanced tools
This AWS CDK Construct Stack controls the starting and stopping of RDS DB instances and clusters based on specified tags, ensuring they only run during working hours. It uses EventBridge Scheduler to trigger a StepFunctions State Machine at the start and end of the working hours(default 07:50(UTC) - 21:10(UTC)), which then starts or stops the databases depending on the mode.
This construct creating resource list.
npm install @gammarers/aws-rds-database-running-schedule-stack
yarn add @gammarers/aws-rds-database-running-schedule-stack
pnpm add @gammarers/aws-rds-database-running-schedule-stack
bun add @gammarers/aws-rds-database-running-schedule-stack
pip install gammarers.aws-rds-database-running-schedule-stack
dotnet add package Gammarers.CDK.AWS.RdsDatabaseRunningScheduleStack
import { RdsDatabaseRunningScheduler, DatabaseType } from '@gammarer/aws-rds-database-running-schedule-stack';
new RDSDatabaseRunningScheduleStack(app, 'RDSDatabaseRunningScheduleStack', {
targetResource: {
tagKey: 'WorkHoursRunning', // already tagging to rds instance or cluster
tagValues: ['YES'], // already tagging to rds instance or cluster
},
enableScheduling: true,
startSchedule: {
timezone: 'Asia/Tokyo',
minute: '55',
hour: '8',
week: 'MON-FRI',
},
stopSchedule: {
timezone: 'Asia/Tokyo',
minute: '5',
hour: '19',
week: 'MON-FRI',
},
});
This project is licensed under the Apache-2.0 License.
FAQs
AWS RDS Database Running Scheduler
The npm package @gammarers/aws-rds-database-running-schedule-stack receives a total of 605 weekly downloads. As such, @gammarers/aws-rds-database-running-schedule-stack popularity was classified as not popular.
We found that @gammarers/aws-rds-database-running-schedule-stack demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.