offen/website
2
0
Fork 0
mirror of https://github.com/offen/website.git synced 2024-11-22 17:10:29 +01:00
Code Issues Projects Releases Wiki Activity

properly scope secrets access

Browse Source
This commit is contained in:
Frederik Ring 2019-07-19 22:00:55 +02:00
parent c02576c794
commit a0200aa643
2 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
accounts/serverless.yml
View File

@ -15,7 +15,7 @@ provider:
- Effect: 'Allow' - Effect: 'Allow'
Action: Action:
- secretsmanager:GetSecretValue - secretsmanager:GetSecretValue
Resource: '*' Resource: arn:aws:secretsmanager:eu-central-1:#{AWS::AccountId}:secret:${self:custom.stage}/*
package: package:
individually: true individually: true
@ -26,6 +26,7 @@ plugins:
- serverless-domain-manager - serverless-domain-manager
- serverless-python-requirements - serverless-python-requirements
- serverless-wsgi - serverless-wsgi
- serverless-pseudo-parameters
custom: custom:
stage: ${opt:stage, self:provider.stage} stage: ${opt:stage, self:provider.stage}

4
package.json
View File

@ -17,9 +17,9 @@
"serverless-apigw-binary": "^0.4.4", "serverless-apigw-binary": "^0.4.4",
"serverless-domain-manager": "^2.6.13", "serverless-domain-manager": "^2.6.13",
"serverless-finch": "^2.4.2", "serverless-finch": "^2.4.2",
"serverless-pseudo-parameters": "^2.4.0",
"serverless-python-requirements": "^4.3.0", "serverless-python-requirements": "^4.3.0",
"serverless-wsgi": "^1.7.2" "serverless-wsgi": "^1.7.2"
}, },
"devDependencies": { "devDependencies": {}
}
} }