Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
aws-lambda-helper
Advanced tools
Collection of helper methods for lambda
$ npm install aws-lambda-helper --save
var AwsHelper = require('aws-lambda-helper');
exports.handler = function(event, context) {
...
//Initialise the helper by passing in the context
AwsHelper.init(context);
...
}
var AwsHelper = require('aws-lambda-helper');
exports.handler = function(event, context){
// assume : context.invokedFunctionArn = invokedFunctionArn: 'arn:aws:lambda:eu-west-1:123456789:function:mylambda:prod'
//Initialise the helper by passing in the context
AwsHelper.init(context);
console.log(AwsHelper.env); //prints: prod
console.log(AwsHelper.region); //prints: eu-west-1
console.log(AwsHelper.account); //prints: 123456789
var params = {
FunctionName: 'MyAmazingLambda',
Payload: { 'hello': 'world' },
Qualifier: ''
};
AwsHelper.Lambda.invoke(params, function (err, data) {
AwsHelper.failOnError(err, event, context);
context.succeed(data);
});
}
This function will intercept the error if exists and then will call 'context.fail'. The purpose of this function is to avoid the need of checking for errors so that in callback you could just focus on the succesfull procedure.
It can be used as follows:
AwsHelper.Lambda.invoke(params, function (err, data) {
AwsHelper.failOnError(err, event, context);
context.succeed(data);
});
var AwsHelper = require('aws-lambda-helper');
exports.handler = function(event, context){
// assume : context.invokedFunctionArn = invokedFunctionArn: 'arn:aws:lambda:eu-west-1:123456789:function:mylambda:prod'
//Initialise the helper by passing in the context
AwsHelper.init(context, event);
var log = AwsHelper.Logger('example');
log.info(); // Returns a boolean: is the "info" level enabled?
// This is equivalent to `log.isInfoEnabled()` or
// `log.isEnabledFor(INFO)` in log4j.
log.info('hi'); // Log a simple string message (or number).
log.info('hi %s', bob, anotherVar); // Uses `util.format` for msg formatting.
log.info({foo: 'bar'}, 'hi');
// The first field can optionally be a "fields" object, which
// is merged into the log record.
log.info(err); // Special case to log an `Error` instance to the record.
// This adds an "err" field with exception details
// (including the stack) and sets "msg" to the exception
// message.
log.info(err, 'more on this: %s', more);
// ... or you can specify the "msg".
log.info({foo: 'bar', err: err}, 'some msg about this error');
// To pass in an Error *and* other fields, use the `err`
// field name for the Error instance.
}
var params = {
id: sessionId, // the id provided by the WebSocket Server
searchId: 12345, // the id of this particular search request
userId: 'UniqueFingerprint', // the super long string that uniquely identifies a client
items: [
// your list of one or more tiles or packages go here
]
};
AwsHelper.pushResultToClient(params, function (err, res) {
console.log(err, res); // do what ever you want after the result is pushed
});
You will require an Environment Variable for the WEBSOCKET_SERVER_URL
and AWS_S3_SEARCH_RESULT_BUCKET
(see below for complete list of required Environment Variables)
if you get stuck get the Environment Variables from CodeShip: https://codeship.com/projects/143221/configure_environment
FAQs
Collection of helper methods for lambda
We found that aws-lambda-helper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.