Make commands (and provider-specific options) requiring confirmation before execution.
This Serverless Framework plugin allows you to define commands (as well as provider-specific options) that will require confirmation before being executed.
You can find a list of all serverless infrastructure providers (as well as their associated documentation) here.
One of the intentions of this plugin is to make it more difficult to accidentally deploy or remove a serverless application when it should not. Although it provides another layer of protection, it does not replace deployment and security policies for your applications. Please do not forget to set up and protect your deployments appropriately (especially your production environment).
1.0.0or more recent
6.4.0or more recent
Install the plugin by running:
npm install serverless-confirm-command --save-dev
Alternatively, if you are using Yarn:
yarn add serverless-confirm-command --dev
Then add the plugin to your
serverless.yml file plugin section:
plugins: - serverless-confirm-command
You must configure the plugin in the custom section of your
serverless.yml file, in a dedicated
All options (provider-agnostic or not) can be used at the same time.
List the commands you want to confirm in a sub-section of the same name.
custom: confirm: commands: - 'deploy' - 'remove'
For instance, the configuration above will require both the
remove commands to be confirmed.
Please refer to the CLI reference of each provider for a complete list of available commands.
Additionally, it is important to note that each command possessing its own section in the documentation is considered a separate command.
For instance, if you are using AWS as your cloud provider,
deploy function are considered to be two different commands.
In you are using AWS as your cloud provider, you can set up any stage and/or command/stage pair to require confirmation.
custom: confirm: aws: stages: - 'release' commandsForStages: # Must be listed as 'command:stage' - 'remove:prod'
For instance, the configuration above will require the following cases to be confirmed:
removecommand used in combination with the
You can list as many stages and command/stage pairs as you want (as long as the command is supported by the plugin).
Once you have configured the plugin, you can continue to use the Serverless Framework exactly as you were before. The commands (and potentially the other options) you have configured will now need to be confirmed.
To confirm a command (or any option), you must provide the CLI option
--confirm when using Serverless.
Let us assume you want to configure the
remove command to require confirmation to prevent accidental deletion of your application.
Configuration of the plugin:
custom: confirm: commands: - 'remove'
Using the command
serverless remove will produce an error:
Serverless Confirm Command Error --------------------------------------- Command not confirmed. Use [--confirm] or change the configuration of the plugin.
Using the command
serverless remove --confirm will succeed!
Distributed under the MIT license.