serverless-iam-roles-per-function - npm Package Compare versions

Comparing version 0.1.8 to 0.1.9

CHANGELOG.md

		@@ -5,2 +5,17 @@ # Change Log

		<a name="0.1.9"></a>
		## [0.1.9](https://github.com/functionalone/serverless-iam-roles-per-function/compare/v0.1.8...v0.1.9) (2018-05-26)


		### Bug Fixes

		* support per function role with an empty iamRoleStatements clause (issue [#9](https://github.com/functionalone/serverless-iam-roles-per-function/issues/9)) ([5a3aadf](https://github.com/functionalone/serverless-iam-roles-per-function/commit/5a3aadf))


		### Features

		* code coverage reporting ([51367c8](https://github.com/functionalone/serverless-iam-roles-per-function/commit/51367c8))



		<a name="0.1.8"></a>
		@@ -7,0 +22,0 @@ ## [0.1.8](https://github.com/functionalone/serverless-iam-roles-per-function/compare/v0.1.7...v0.1.8) (2018-05-17)

dist/lib/index.js

		@@ -21,2 +21,5 @@ "use strict";
		validateStatements(statements) {
		if (lodash_1.default.isEmpty(statements)) {
		return;
		}
		const awsPackagePluginName = "AwsPackage";
		@@ -134,3 +137,3 @@ if (!this.awsPackagePlugin) {
		const functionObject = this.serverless.service.getFunction(functionName);
		if (lodash_1.default.isEmpty(functionObject.iamRoleStatements)) {
		if (functionObject.iamRoleStatements === undefined) {
		return;
		@@ -187,4 +190,6 @@ }
		//add iamRoleStatements
		for (const s of functionObject.iamRoleStatements) {
		policyStatements.push(s);
		if (lodash_1.default.isArray(functionObject.iamRoleStatements)) {
		for (const s of functionObject.iamRoleStatements) {
		policyStatements.push(s);
		}
		}
		@@ -191,0 +196,0 @@ functionIamRole.Properties.RoleName = functionObject.iamRoleStatementsName \|\| this.getFunctionRoleName(functionName);

package.json

		{
		"name": "serverless-iam-roles-per-function",
		"private": false,
		"version": "0.1.8",
		"version": "0.1.9",
		"engines": {
		@@ -12,4 +12,5 @@ "node": ">=6.10.0"
		"clean": "rimraf dist",
		"test": "mocha ./dist/test/*/.test.js",
		"pretest": "npm run compile",
		"test-bare": "npm run compile && mocha ./dist/test/*/.test.js",
		"test": "nyc mocha --require ts-node/register --require source-map-support/register ./src/test/*/.test.ts",
		"coverage": "nyc report --reporter=text-lcov \| coveralls",
		"compile": "tsc",
		@@ -47,6 +48,10 @@ "watch": "tsc -w",
		"chai": "^4.1.2",
		"coveralls": "^3.0.1",
		"mocha": "^5.1.1",
		"nyc": "^11.8.0",
		"rimraf": "^2.6.2",
		"serverless": "^1.27.2",
		"source-map-support": "^0.5.6",
		"standard-version": "^4.3.0",
		"ts-node": "^6.0.3",
		"tslint": "^5.10.0",
		@@ -60,3 +65,20 @@ "typescript": "^2.8.3"
		"*.md"
		]
		],
		"nyc": {
		"extension": [
		".ts",
		".tsx"
		],
		"include": [
		"src/lib/**"
		],
		"exclude": [
		"*/.d.ts"
		],
		"reporter": [
		"html",
		"text"
		],
		"all": true
		}
		}

README.md

		@@ -49,4 +49,19 @@ # Serverless IAM Roles Per Function Plugin

		The plugin will create a dedicated role for each function that has an `iamRoleStatements` definition. It will include the permissions for create and write to CloudWatch logs and if VPC is defined: `AWSLambdaVPCAccessExecutionRole` will be included (as is done when using `iamRoleStatements` at the provider level).
		The plugin will create a dedicated role for each function that has an `iamRoleStatements` definition. It will include the permissions for create and write to CloudWatch logs, stream events and if VPC is defined: `AWSLambdaVPCAccessExecutionRole` will be included (as is done when using `iamRoleStatements` at the provider level).

		if `iamRoleStatements` are not defined at the function level default behavior is maintained and the function will receive the global iam role. It is possible to define an empty `iamRoleStatements` for a function and then the function will receive a dedicated role with only the permissions needed for CloudWatch and (if needed) stream events and VPC. Example of defining a function with empty `iamRoleStatements` and configured VPC. The function will receive a custom role with CloudWatch logs permissions and the policy `AWSLambdaVPCAccessExecutionRole`:

		```yaml
		functions:
		func1:
		handler: handler.get
		iamRoleStatements: []
		vpc:
		securityGroupIds:
		- sg-xxxxxx
		subnetIds:
		- subnet-xxxx
		- subnet-xxxxx
		```

		By default, function level `iamRoleStatements` override the provider level definition. It is also possible to inherit the provider level definition by specifying the option `iamRoleStatementsInherit: true`:
		@@ -53,0 +68,0 @@

src/lib/index.ts

		@@ -32,2 +32,5 @@ import _ from 'lodash';
		validateStatements(statements: any): void {
		if(_.isEmpty(statements)) {
		return;
		}
		const awsPackagePluginName = "AwsPackage";
		@@ -149,3 +152,3 @@ if(!this.awsPackagePlugin) {
		const functionObject = this.serverless.service.getFunction(functionName);
		if(_.isEmpty(functionObject.iamRoleStatements)) {
		if(functionObject.iamRoleStatements === undefined) {
		return;
		@@ -202,4 +205,6 @@ }
		//add iamRoleStatements
		for (const s of functionObject.iamRoleStatements) {
		policyStatements.push(s);
		if(_.isArray(functionObject.iamRoleStatements)) {
		for (const s of functionObject.iamRoleStatements) {
		policyStatements.push(s);
		}
		}
		@@ -206,0 +211,0 @@ functionIamRole.Properties.RoleName = functionObject.iamRoleStatementsName \|\| this.getFunctionRoleName(functionName);

dist/lib/index.js.map

Sorry, the diff of this file is not supported yet

serverless-iam-roles-per-function - npm Package Compare versions

Improved metrics

Worsened metrics