serverless-kms-alias 2.0.3 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/.devcontainer/devcontainer.json +16 -0
  2. package/CHANGELOG.md +9 -0
  3. package/README.md +25 -2
  4. package/dist/index.js +16 -2
  5. package/dist/types/KmsAliasSettings.js +3 -0
  6. package/dist/types/ServerlessOptions.js +3 -0
  7. package/dist/types/index.js +3 -1
  8. package/package.json +18 -18
  9. package/src/index.ts +16 -2
  10. package/src/types/KmsAliasSettings.ts +3 -0
  11. package/src/types/ServerlessInstance.ts +13 -0
  12. package/src/types/ServerlessOptions.ts +3 -0
  13. package/src/types/index.ts +2 -0
package/.devcontainer/devcontainer.json ADDED
@@ -0,0 +1,16 @@
1
+ {
2
+ "name": "serverless-kms-alias",
3
+ "features": {
4
+ "ghcr.io/devcontainers/features/node:1": {
5
+ "version": "lts"
6
+ }
7
+ },
8
+ "customizations": {
9
+ "vscode": {
10
+ "extensions": [
11
+ "EditorConfig.EditorConfig"
12
+ ]
13
+ }
14
+ },
15
+ "postCreateCommand": "npm install"
16
+ }
package/CHANGELOG.md CHANGED
@@ -1,5 +1,14 @@
1
1
  # Change Log
2
2
 
3
+ ## 2.1.0 - 2023-02-08
4
+
5
+ - Add configuration to enable for explicit stages. Fix #3
6
+ - Update npms
7
+
8
+ ## 2.0.4 - 2022-12-06
9
+
10
+ - Update npms
11
+
3
12
  ## 2.0.3 - 2022-10-11
4
13
 
5
14
  - Update npms
package/README.md CHANGED
@@ -18,7 +18,7 @@ service: foo
18
18
  provider:
19
19
  name: aws
20
20
  kmsKeyArn: '${kms:alias/aws/lambda}'
21
- runtime: nodejs14.x
21
+ runtime: nodejs16.x
22
22
 
23
23
  plugins:
24
24
  - serverless-kms-alias
@@ -34,7 +34,7 @@ functions:
34
34
  service: foo
35
35
  provider:
36
36
  name: aws
37
- runtime: nodejs14.x
37
+ runtime: nodejs16.x
38
38
 
39
39
  plugins:
40
40
  - serverless-kms-alias
@@ -44,3 +44,26 @@ functions:
44
44
  handler: foo.handler
45
45
  kmsKeyArn: '${kms:arn:aws:kms:${aws:region}:${aws:accountId}:alias/aws/lambda}'
46
46
  ```
47
+
48
+ ### Example - Enable for specific stages
49
+
50
+ ```yaml
51
+ service: foo
52
+ provider:
53
+ name: aws
54
+ runtime: nodejs16.x
55
+
56
+ plugins:
57
+ - serverless-kms-alias
58
+
59
+ custom:
60
+ kmsAlias:
61
+ stages:
62
+ # list of stages for which the plugin should be enabled
63
+ - production
64
+
65
+ functions:
66
+ foo:
67
+ handler: foo.handler
68
+ kmsKeyArn: '${kms:arn:aws:kms:${aws:region}:${aws:accountId}:alias/aws/lambda}'
69
+ ```
package/dist/index.js CHANGED
@@ -1,13 +1,27 @@
1
1
  "use strict";
2
2
  const client_kms_1 = require("@aws-sdk/client-kms");
3
3
  class KmsAliasPlugin {
4
- constructor(serverless) {
4
+ constructor(serverless, options) {
5
5
  this.configurationVariablesSources = {
6
6
  kms: {
7
7
  async resolve({ address }) {
8
8
  if (!/^(alias\/[a-zA-Z]|arn:aws:kms:[\w-]*:[\d]*:alias)/i.test(address)) {
9
9
  throw new Error(`Expected variable in the form of 'kms:alias/foo'`);
10
10
  }
11
+ if (serverless.service?.custom?.kmsAlias?.stages?.length) {
12
+ const stage = options?.stage || serverless.config?.stage || serverless.service?.provider?.stage;
13
+ if (stage) {
14
+ if (!serverless.service.custom.kmsAlias.stages.includes(stage)) {
15
+ serverless.cli.log(`Info: KMS Alias plugin not enabled for stage`);
16
+ return {
17
+ value: address,
18
+ };
19
+ }
20
+ }
21
+ else {
22
+ serverless.cli.log(`Warn: Unable to determine stage for KMS alias`);
23
+ }
24
+ }
11
25
  serverless.cli.log(`Info: Fetching KMS key for alias: ${address}`);
12
26
  const client = new client_kms_1.KMSClient({
13
27
  ...serverless.providers.aws.getCredentials(),
@@ -34,4 +48,4 @@ class KmsAliasPlugin {
34
48
  }
35
49
  }
36
50
  module.exports = KmsAliasPlugin;
37
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLG9EQUFvRTtBQWtCcEUsTUFBTSxjQUFjO0lBR2xCLFlBQW1CLFVBQThCO1FBQy9DLElBQUksQ0FBQyw2QkFBNkIsR0FBRztZQUNuQyxHQUFHLEVBQUU7Z0JBQ0gsS0FBSyxDQUFDLE9BQU8sQ0FBQyxFQUFFLE9BQU8sRUFBaUI7b0JBQ3RDLElBQUksQ0FBQyxvREFBb0QsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEVBQUU7d0JBQ3ZFLE1BQU0sSUFBSSxLQUFLLENBQUMsa0RBQWtELENBQUMsQ0FBQztxQkFDckU7b0JBRUQsVUFBVSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMscUNBQXFDLE9BQU8sRUFBRSxDQUFDLENBQUM7b0JBRW5FLE1BQU0sTUFBTSxHQUFHLElBQUksc0JBQVMsQ0FBQzt3QkFDM0IsR0FBRyxVQUFVLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxjQUFjLEVBQUU7d0JBQzVDLE1BQU0sRUFBRSxVQUFVLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxTQUFTLEVBQUU7cUJBQzdDLENBQUMsQ0FBQztvQkFDSCxNQUFNLE9BQU8sR0FBRyxJQUFJLCtCQUFrQixDQUFDO3dCQUNyQyxLQUFLLEVBQUUsT0FBTztxQkFDZixDQUFDLENBQUM7b0JBQ0gsTUFBTSxRQUFRLEdBQUcsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO29CQUU1QyxNQUFNLFdBQVcsR0FBRyxRQUFRLENBQUMsV0FBVyxDQUFDO29CQUV6QyxJQUFJLENBQUMsV0FBVyxFQUFFO3dCQUNoQixNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxPQUFPLEVBQUUsQ0FBQyxDQUFDO3FCQUN6RTtvQkFFRCxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsRUFBRTt3QkFDcEIsTUFBTSxJQUFJLEtBQUssQ0FBQywwQ0FBMEMsT0FBTyxFQUFFLENBQUMsQ0FBQztxQkFDdEU7b0JBRUQsVUFBVSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsa0NBQWtDLE9BQU8sTUFBTSxXQUFXLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztvQkFFckYsT0FBTzt3QkFDTCxLQUFLLEVBQUUsV0FBVyxDQUFDLEdBQUc7cUJBQ3ZCLENBQUM7Z0JBQ0osQ0FBQzthQUNGO1NBQ0YsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQUVELGlCQUFTLGNBQWMsQ0FBQyJ9
51
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLG9EQUFvRTtBQWtCcEUsTUFBTSxjQUFjO0lBR2xCLFlBQW1CLFVBQThCLEVBQUUsT0FBMEI7UUFDM0UsSUFBSSxDQUFDLDZCQUE2QixHQUFHO1lBQ25DLEdBQUcsRUFBRTtnQkFDSCxLQUFLLENBQUMsT0FBTyxDQUFDLEVBQUUsT0FBTyxFQUFpQjtvQkFDdEMsSUFBSSxDQUFDLG9EQUFvRCxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsRUFBRTt3QkFDdkUsTUFBTSxJQUFJLEtBQUssQ0FBQyxrREFBa0QsQ0FBQyxDQUFDO3FCQUNyRTtvQkFFRCxJQUFJLFVBQVUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxFQUFFLFFBQVEsRUFBRSxNQUFNLEVBQUUsTUFBTSxFQUFFO3dCQUN4RCxNQUFNLEtBQUssR0FBRyxPQUFPLEVBQUUsS0FBSyxJQUFJLFVBQVUsQ0FBQyxNQUFNLEVBQUUsS0FBSyxJQUFJLFVBQVUsQ0FBQyxPQUFPLEVBQUUsUUFBUSxFQUFFLEtBQUssQ0FBQzt3QkFDaEcsSUFBSSxLQUFLLEVBQUU7NEJBQ1QsSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxFQUFFO2dDQUM5RCxVQUFVLENBQUMsR0FBRyxDQUFDLEdBQUcsQ0FBQyw4Q0FBOEMsQ0FBQyxDQUFDO2dDQUNuRSxPQUFPO29DQUNMLEtBQUssRUFBRSxPQUFPO2lDQUNmLENBQUM7NkJBQ0g7eUJBQ0Y7NkJBQU07NEJBQ0wsVUFBVSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsK0NBQStDLENBQUMsQ0FBQzt5QkFDckU7cUJBQ0Y7b0JBRUQsVUFBVSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMscUNBQXFDLE9BQU8sRUFBRSxDQUFDLENBQUM7b0JBRW5FLE1BQU0sTUFBTSxHQUFHLElBQUksc0JBQVMsQ0FBQzt3QkFDM0IsR0FBRyxVQUFVLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxjQUFjLEVBQUU7d0JBQzVDLE1BQU0sRUFBRSxVQUFVLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxTQUFTLEVBQUU7cUJBQzdDLENBQUMsQ0FBQztvQkFDSCxNQUFNLE9BQU8sR0FBRyxJQUFJLCtCQUFrQixDQUFDO3dCQUNyQyxLQUFLLEVBQUUsT0FBTztxQkFDZixDQUFDLENBQUM7b0JBQ0gsTUFBTSxRQUFRLEdBQUcsTUFBTSxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO29CQUU1QyxNQUFNLFdBQVcsR0FBRyxRQUFRLENBQUMsV0FBVyxDQUFDO29CQUV6QyxJQUFJLENBQUMsV0FBVyxFQUFFO3dCQUNoQixNQUFNLElBQUksS0FBSyxDQUFDLDZDQUE2QyxPQUFPLEVBQUUsQ0FBQyxDQUFDO3FCQUN6RTtvQkFFRCxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsRUFBRTt3QkFDcEIsTUFBTSxJQUFJLEtBQUssQ0FBQywwQ0FBMEMsT0FBTyxFQUFFLENBQUMsQ0FBQztxQkFDdEU7b0JBRUQsVUFBVSxDQUFDLEdBQUcsQ0FBQyxHQUFHLENBQUMsa0NBQWtDLE9BQU8sTUFBTSxXQUFXLENBQUMsR0FBRyxFQUFFLENBQUMsQ0FBQztvQkFFckYsT0FBTzt3QkFDTCxLQUFLLEVBQUUsV0FBVyxDQUFDLEdBQUc7cUJBQ3ZCLENBQUM7Z0JBQ0osQ0FBQzthQUNGO1NBQ0YsQ0FBQztJQUNKLENBQUM7Q0FDRjtBQUVELGlCQUFTLGNBQWMsQ0FBQyJ9
package/dist/types/KmsAliasSettings.js ADDED
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiS21zQWxpYXNTZXR0aW5ncy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy90eXBlcy9LbXNBbGlhc1NldHRpbmdzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiIifQ==
package/dist/types/ServerlessOptions.js ADDED
@@ -0,0 +1,3 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2VydmVybGVzc09wdGlvbnMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdHlwZXMvU2VydmVybGVzc09wdGlvbnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IiJ9
package/dist/types/index.js CHANGED
@@ -14,5 +14,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
14
14
  for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
15
15
  };
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
+ __exportStar(require("./KmsAliasSettings"), exports);
17
18
  __exportStar(require("./ServerlessInstance"), exports);
18
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdHlwZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHVEQUFxQyJ9
19
+ __exportStar(require("./ServerlessOptions"), exports);
20
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvdHlwZXMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLHFEQUFtQztBQUNuQyx1REFBcUM7QUFDckMsc0RBQW9DIn0=
package/package.json CHANGED
@@ -1,34 +1,34 @@
1
1
  {
2
2
  "name": "serverless-kms-alias",
3
- "version": "2.0.3",
3
+ "version": "2.1.0",
4
4
  "engines": {
5
5
  "node": ">= 14"
6
6
  },
7
7
  "dependencies": {
8
- "@aws-sdk/client-kms": "^3.186.0"
8
+ "@aws-sdk/client-kms": "^3.266.1"
9
9
  },
10
10
  "devDependencies": {
11
- "@types/lodash": "4.14.186",
12
- "@types/serverless": "3.12.8",
13
- "@typescript-eslint/eslint-plugin": "5.40.0",
14
- "@typescript-eslint/parser": "5.40.0",
15
- "eslint": "8.25.0",
11
+ "@types/lodash": "4.14.191",
12
+ "@types/serverless": "3.12.10",
13
+ "@typescript-eslint/eslint-plugin": "5.51.0",
14
+ "@typescript-eslint/parser": "5.51.0",
15
+ "eslint": "8.33.0",
16
16
  "eslint-config-airbnb-base": "15.0.0",
17
17
  "eslint-config-airbnb-typescript": "17.0.0",
18
- "eslint-config-prettier": "8.5.0",
19
- "eslint-plugin-import": "2.26.0",
20
- "eslint-plugin-jsdoc": "39.3.6",
18
+ "eslint-config-prettier": "8.6.0",
19
+ "eslint-plugin-import": "2.27.5",
20
+ "eslint-plugin-jsdoc": "39.8.0",
21
21
  "eslint-plugin-prettier": "4.2.1",
22
- "eslint-plugin-promise": "6.0.1",
23
- "eslint-plugin-security": "1.5.0",
24
- "husky": "8.0.1",
25
- "lint-staged": "13.0.3",
26
- "markdownlint-cli": "0.32.2",
22
+ "eslint-plugin-promise": "6.1.1",
23
+ "eslint-plugin-security": "1.7.1",
24
+ "husky": "8.0.3",
25
+ "lint-staged": "13.1.1",
26
+ "markdownlint-cli": "0.33.0",
27
27
  "npm-run-all": "4.1.5",
28
28
  "pinst": "3.0.0",
29
- "prettier": "2.7.1",
30
- "prettier-plugin-packagejson": "2.3.0",
31
- "typescript": "4.8.4"
29
+ "prettier": "2.8.4",
30
+ "prettier-plugin-packagejson": "2.4.2",
31
+ "typescript": "4.9.5"
32
32
  },
33
33
  "main": "dist/index.js",
34
34
  "license": "MIT",
package/src/index.ts CHANGED
@@ -1,6 +1,6 @@
1
1
  import { DescribeKeyCommand, KMSClient } from '@aws-sdk/client-kms';
2
2
 
3
- import type { ServerlessInstance } from './types';
3
+ import type { ServerlessInstance, ServerlessOptions } from './types';
4
4
 
5
5
  interface ResolveParams {
6
6
  address: string;
@@ -19,7 +19,7 @@ interface ServerlessVariableSource {
19
19
  class KmsAliasPlugin {
20
20
  public configurationVariablesSources: Record<string, ServerlessVariableSource>;
21
21
 
22
- public constructor(serverless: ServerlessInstance) {
22
+ public constructor(serverless: ServerlessInstance, options: ServerlessOptions) {
23
23
  this.configurationVariablesSources = {
24
24
  kms: {
25
25
  async resolve({ address }: ResolveParams): Promise<ResolveResult> {
@@ -27,6 +27,20 @@ class KmsAliasPlugin {
27
27
  throw new Error(`Expected variable in the form of 'kms:alias/foo'`);
28
28
  }
29
29
 
30
+ if (serverless.service?.custom?.kmsAlias?.stages?.length) {
31
+ const stage = options?.stage || serverless.config?.stage || serverless.service?.provider?.stage;
32
+ if (stage) {
33
+ if (!serverless.service.custom.kmsAlias.stages.includes(stage)) {
34
+ serverless.cli.log(`Info: KMS Alias plugin not enabled for stage`);
35
+ return {
36
+ value: address,
37
+ };
38
+ }
39
+ } else {
40
+ serverless.cli.log(`Warn: Unable to determine stage for KMS alias`);
41
+ }
42
+ }
43
+
30
44
  serverless.cli.log(`Info: Fetching KMS key for alias: ${address}`);
31
45
 
32
46
  const client = new KMSClient({
package/src/types/KmsAliasSettings.ts ADDED
@@ -0,0 +1,3 @@
1
+ export interface KmsAliasSettings {
2
+ stages?: string[];
3
+ }
package/src/types/ServerlessInstance.ts CHANGED
@@ -1,12 +1,25 @@
1
1
  import type { AwsAuthInputConfig } from '@aws-sdk/middleware-signing/dist-types/configurations';
2
2
 
3
+ import type { KmsAliasSettings } from './KmsAliasSettings';
4
+
3
5
  export interface ServerlessInstance {
6
+ config?: {
7
+ stage?: string;
8
+ };
4
9
  providers: {
5
10
  aws: {
6
11
  getCredentials(): AwsAuthInputConfig['credentials'];
7
12
  getRegion(): string;
8
13
  };
9
14
  };
15
+ service: {
16
+ provider: {
17
+ stage?: string;
18
+ };
19
+ custom: {
20
+ kmsAlias?: KmsAliasSettings;
21
+ };
22
+ };
10
23
  cli: {
11
24
  log(str: string, entity?: string): void;
12
25
  };
package/src/types/ServerlessOptions.ts ADDED
@@ -0,0 +1,3 @@
1
+ export interface ServerlessOptions {
2
+ stage?: string;
3
+ }
package/src/types/index.ts CHANGED
@@ -1 +1,3 @@
1
+ export * from './KmsAliasSettings';
1
2
  export * from './ServerlessInstance';
3
+ export * from './ServerlessOptions';