serverless-vpc-discovery
Advanced tools
The vpc discovery plugin takes the given vpc name, subnet tag key/value, and security group tag key/value or names in the serverless file to setup the vpc configuration for the lambda.
Basically we use this config:
vpcDiscovery:
vpcName: '<vpc_name>'
subnets:
- tagKey: <tag_name>
tagValues:
- '<tag_vale>'
securityGroups:
- tagKey: <tag_name>
tagValues:
- '<tag_value>'
To generate this config:
vpc:
subnetIds:
- subnet-123456789
...
securityGroupIds:
- sg-123456789
...
For each lambda function.
Note: The core serverless
provider.vpcsettings will be used, if they are set, instead ofvpcDiscovery. You can use also mix settings. For example you may setprovider.vpc.subnetIdswhile usingvpcDiscoveryto set thesecurityGroupIds. Take a look at official documentation.
Amplify builds innovative and compelling digital educational products that empower teachers and students across the country. We have a long history as the leading innovator in K-12 education - and have been described as the best tech company in education and the best education company in tech. While others try to shrink the learning experience into the technology, we use technology to expand what is possible in real classrooms with real students and teachers.
Learn more at https://www.amplify.com
Make sure you have the following installed before starting:
Also allow the lambda to have the following IAM permissions:
Run:
# From npm (recommended)
npm install serverless-vpc-discovery
# From github
npm install https://github.com/amplify-education/serverless-vpc-discovery.git
Then make the following edits to your serverless.yaml file:
plugins:
- serverless-vpc-discovery
# Optional: Either set `custom.vpcDiscovery` or `functions.<function name>.vpcDiscovery`
custom:
vpcDiscovery:
vpcName: '<vpc_name>'
# optional if `securityGroups` option is specified
# list of tag key and values
subnets:
- tagKey: <tag_name>
# an array of values
tagValues:
- '<tag_value>'
# optional if `subnets` option is specified
# list of tag key and value or names
securityGroups:
- tagKey: <tag_name>
# an array of values
tagValues:
- '<tag_value>'
# optional if `tagKey` and `tagValues` are specified
# an array of values
- names:
- '<security_group_name>'
# Optional: Either set `custom.vpcDiscovery` or `functions.<function name>.vpcDiscovery`
functions:
example:
handler: handler.example
# inherit `custom.vpcDiscovery` config in case `custom.vpcDiscovery` is specified
example2:
handler: handler.example
# skip vpc configuration for the current function
vpcDiscovery: false
example3:
handler: handler.example
# inherit `custom.vpcDiscovery` config in case `custom.vpcDiscovery` is specified and override security group names
vpcDiscovery:
vpcName: '<vpc_name>'
securityGroups:
- tagKey: <tag_name>
# an array of values
tagValues:
- '<tag_value>'
example4:
handler: handler.example
# override or set basic subnets and security groups items
vpcDiscovery:
vpcName: '<vpc_name>'
# optional if `custom.vpcDiscovery.securityGroups` option is specified
subnets:
- tagKey: <tag_name>
# an array of values
tagValues:
- '<tag_value>'
# optional if `custom.vpcDiscovery.subnets` option is specified
securityGroups:
# optional if `names` option is specified
- tagKey: <tag_name>
# an array of values
tagValues:
- '<tag_value>'
# optional if `tagKey` and `tagValues` are specified
# an array of values
- names:
- '<security_group_name>'
To run the test:
npm test
All tests should pass.
To run integration tests, set an environment variable TEST_VPC_NAME to the VPC you will be testing for. Then,
export AWS_PROFILE=your_profile
export TEST_VPC_NAME=vpc_name
npx npm run build
npx npm run integration-test
If there is an error build and install the node_module inside the serverless-vpc-discovery folder:
npm build
npm install .
When deploying run:
serverless deploy
And that should be it! Good Luck!
The vpc, subnets, and security groups are found by filtering based on a specified tag name.
Vpc and subnets are found under the tag name tag:Name.
Security groups are found by the name of the group under group-name.
The vpc is found first as it is used to find the subnets and security groups. Once all of the subnets and security groups are found the serverless service provider creates a vpc object and stores the subnets and security groups.
If you have any security issue to report, contact project maintainers privately. You can reach us at github@amplify.com
We welcome pull requests! For your pull request to be accepted smoothly, we suggest that you:
FAQs
Serverless Plugin to modify VPC values
We found that serverless-vpc-discovery demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.