Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
serverless-localstack
Advanced tools
Serverless Plugin to support running against Atlassian Labs Localstack.
This plugin allows any requests to AWS to be redirected to a running Localstack instance.
WARNING: This plugin is very much WIP
Pre-requisites:
The easiest way to get started is to install via npm.
npm install -g serverless
npm install --save-dev serverless-localstack
If you'd like to install serverless-localstack via source:
git clone https://github.com/temyers/serverless-localstack
cd serverless-localstack
npm link
Use npm link
to reference the plugin
cd project-path/
npm link serverless-localstack
There are two ways to configure the plugin, via a JSON file or via serverless.yml. There are two supported methods for configuring the endpoints, globally via the "host" property, or individually. These properties may be mixed, allowing for global override support while also override specific endpoints.
A "host" or individual endpoints must be configured or this plugin will be deactivated.
service: myService
plugins:
- serverless-localstack
custom:
localstack:
host: http://localhost
endpoints:
S3: http://localhost:4572
DynamoDB: http://localhost:4570
CloudFormation: http://localhost:4581
Elasticsearch: http://localhost:4571
ES: http://localhost:4578
SNS: http://localhost:4575
SQS: http://localhost:4576
Lambda: http://localhost:4574
Kinesis: http://localhost:4568
service: myService
plugins:
- serverless-localstack
custom:
localstack:
endpointFile: path/to/file.json
serverless deploy --stage local
would deploy to localstack.serverless deploy --stage production
would deploy to aws.service: myService
plugins:
- serverless-localstack
custom:
localstack:
stages:
- local
- dev
endpointFile: path/to/file.json
For full documentation, see https://bitbucket.org/atlassian/localstack
The easiest way to get started with Localstack is to install it via Python's pip.
pip install localstack
Clone the repository
git clone git@bitbucket.org:atlassian/localstack.git
There are multiple ways to run Localstack.
If Localstack is installed via pip
localstack start --docker
If Localstack is installed via source
make docker-run
If Localstack is installed via pip
localstack start
If Localstack is installed via source
make infra
Setting up a development environment is easy using Serverless' plugin framework.
git clone https://github.com/temyers/serverless-localstack
cd /path/to/serverless-localstack
npm link
cd myproject
npm link serverless-localstack
An optional debug flag is supported via serverless.yml that will enable additional debug logs.
custom:
localstack:
debug: true
yarn install
yarn version
npm login
npm publish
git push --tags
FAQs
Connect Serverless to LocalStack!
The npm package serverless-localstack receives a total of 40,561 weekly downloads. As such, serverless-localstack popularity was classified as popular.
We found that serverless-localstack demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.