-
Notifications
You must be signed in to change notification settings - Fork 1
/
serverless.yml
50 lines (44 loc) · 1018 Bytes
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
service: IAMCanary
frameworkVersion: '2'
plugins:
- serverless-plugin-aws-alerts
package:
individually: true
exclude:
- ./**
provider:
name: aws
runtime: python3.8
lambdaHashingVersion: 20201221
stage: dev
region: ap-southeast-2
iam:
role:
statements:
- Effect: Allow
Action:
- iam:SimulatePrincipalPolicy
Resource: '*'
functions:
CheckPrincipalsActions:
description: Check actions assigned to an IAM users, roles, or groups
handler: handler.lambda_handler
package:
include:
- handler.py
memorySize: 128
timeout: 10
events:
- schedule: rate(1 minute)
environment:
principals_actions_json: '{}' # Change this to match your test case(s)
custom:
alerts:
topics:
alarm:
topic: ${self:service}-alerts-alarm
notifications:
- protocol: email
endpoint: name@domain.com # Change this to your email address
alarms:
- functionErrors