A Serverless plugin to create a whitelist for IP addresses, CIDR for a serverless application, using resource policies. Support privateStages, publicStages and publicPaths.
user
tho-asterist
Create a whitelist for IP addresses, CIDR for a serverless application, using serverless resource policies.
This plugin requires serverless 1.12 or higher.
IP addresses, CIDR are whitelisted by stages and publicPaths
.
privateStages
: Private to whitelisted CIDR and IP addresses. In the example below, staging
and production
stages are privateStages
, so only those CIDR and IP addresses can access staging
and production
.publicStages
: No whitelisting necessary. These stages are public to all CIDR and IP addresses.publicPaths
: No whitelisting necessary regardless stages.npm install --save serverless-whitelisting
In your serverless.yml
file, add the serverless-whitelisting
to plugins
, for example:
plugins:
- serverless-whitelisting
Within the provider
block, add a stage
variable:
provider:
stage: ${opt:stage, 'dev'}
Within a custom
block, add:
custom:
serverless-whitelisting:
stage: ${self:provider.stage}
privateStages:
- staging
- production
publicStages:
- test
netblocks:
- 212.204.161.60/24
- 68.159.185.46
publicPaths:
- oauth
- oauth-test
The
netblocks
object will contain the list of whitelisted IPs.
# serverless.yml
service: my-service-name
plugins:
- serverless-whitelisting
provider:
stage: ${opt:stage, 'test'}
custom:
serverless-whitelisting:
stage: ${self:provider.stage}
privateStages:
- staging
- production
publicStages:
- test
netblocks:
- 212.204.161.60/24
- 68.159.185.46
publicPaths:
- oauth
- oauth-test
Latest commit b2f54ec on Sep 24, 2017