Skip to content


Repository files navigation


Service map is a set of micro serverless services that marry

  • Services
  • Their risk levels
  • Indicators about the security posture of the service
  • Various control metrics

into an ongoing risk score for each service based on what we know about it.


The goal is to use as little servers, containers, etc as possible and rely on serverless tech such as lambda and dynamodb to focus on the business logic rather than the infra.


First setup creds in credstash for the functions to use: The cron function needs oauth creds as per the gspread docs:

Store these in credstash as a json blob:

credstash  --profile devadmin put serviceapi.gdrive @yourfilename.json app=serviceapi

where devadmin is the name of your aws profile in ~/.aws/config specifying where you will be deploying.

Then deploy:

pipenv shell
sls deploy



Get credstash creds for oidc auth:

credstash --profile devadmin get serviceapi.oidc_client_secret app=serviceapi
credstash --profile devadmin get serviceapi.oidc_client_id app=serviceapi

Set env variables:

export API_URL=""
export CLIENT_ID = value from above
export CLIENT_SECRET =  value from above

and run pytest


No releases published


No packages published