Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
backstage-aws-cloudformation-plugin
Advanced tools
Backstage plugin for using AWS CloudFormation as source location
Backstage plugin which pulls entities from AWS CloudFormation stacks metadata.
# ~/.aws/credentials
[myProfile]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Learn more in AWS documentation here.
Make sure to put the notation to correct path: Metadata.Backstage.Entities
.
AWSTemplateFormatVersion: 2010-09-09
Resources:
MyLambdaFunction:
Type: 'AWS::Lambda::Function'
Properties:
FunctionName: my-lambda
Metadata:
Backstage:
Entities:
- apiVersion: backstage.io/v1alpha1
kind: Component
metadata:
name: petstore
namespace: external-systems
description: Petstore
spec:
type: service
lifecycle: experimental
owner: 'group:pet-managers'
providesApis:
- petstore
- internal/streetlights
- hello-world
- apiVersion: backstage.io/v1alpha1
kind: API
metadata:
name: petstore
description: The Petstore API
spec:
type: openapi
lifecycle: production
owner: petstore@example.com
definition:
$text: 'https://petstore.swagger.io/v2/swagger.json'
# From your Backstage root directory
$ cd packages/backend
$ yarn add backstage-aws-cloudformation-plugin
CloudFormationRegionProcessor
and CloudFormationStackProcessor
processors your catalog builder// In packages/backend/src/plugins/catalog.ts
+import {
+ CloudFormationRegionProcessor,
+ CloudFormationStackProcessor,
+} from 'backstage-aws-cloudformation-plugin';
export default async function createPlugin(
env: PluginEnvironment,
): Promise<Router> {
const builder = await CatalogBuilder.create(env);
+ builder.addProcessor(new CloudFormationStackProcessor(env.config));
+ builder.addProcessor(new CloudFormationRegionProcessor(env.config));
const {
entitiesCatalog,
locationsCatalog,
locationService,
processingEngine,
locationAnalyzer,
} = await builder.build();
# In app-config.yaml
integrations:
aws:
profile: purple-technology
# In app-config.yaml
catalog:
locations:
# Pull single stack from the profile "myProfile"
- type: aws:cloudformation:stack
target: myProfile@arn:aws:cloudformation:ap-southeast-1:123456789000:stack/some-stack/123-345-12-1235-123123
# Pull single stack from the default profile
- type: aws:cloudformation:stack
target: arn:aws:cloudformation:eu-central-1:123456789000:stack/other-stack/532-123-59-593-19481
# Pull whole region from the "myProfile" profile
- type: aws:cloudformation:region
target: myProfile@ap-southeast-1
# Pull whole region from the default profile
- type: aws:cloudformation:region
target: eu-central-1
aws:cloudformation:stack
Accepts as a target
ARN of the CloudFormation stack and optionally also name of the profile separated by @
.
[profileName@]stack_arn
aws:cloudformation:region
Accepts as a target
ID of the AWS region and optionally also name of the profile separated by @
.
[profileName@]region-name-1
Since it's not possible to use intrinsic functions (Ref
, Fn::GetAtt
, etc.) inside Metadata
, we've solved it via custom variables syntax.
When the entities are loaded from the Metadata
, any variables inside are processed and replaced with appropriate values - if found.
You can escape the variable expression via \
.
For example this variable won't get replaced:
\${Outputs.SomeVariable}
Type | Example Input | Example Output | Description |
---|---|---|---|
Region | description: "Service in ${Region} region" | description: "Service in eu-central-1 region" | Provides region of the stack. |
AccountId | title: AWS Account ID is ${AccountId} | title: AWS Account ID is 123456789000 | Provides ID of the AWS account. |
StackId | title: Stack ARN is ${StackId} | title: Stack ARN is arn:aws:cloudformation:ap-southeast-1:123456789000:stack/some-stack/123-345-12-1235-123123 | Provides stack ID (ARN). |
StackName | title: Stack Name is ${StackName} | title: Stack Name is some-stack | Provides stack name. |
Outputs | name: "lambda-${Outputs.GetClientsLambdaName}" | name: "lambda-get-clients-prod" | Provides Output value from the stack. |
FAQs
Backstage plugin for using AWS CloudFormation as source location
We found that backstage-aws-cloudformation-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.