Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit Lambda Permissions to created event source #2023

Closed
flomotlik opened this issue Sep 5, 2016 · 0 comments
Closed

Limit Lambda Permissions to created event source #2023

flomotlik opened this issue Sep 5, 2016 · 0 comments
Assignees
@eahefnawy
Labels
enhancement
Milestone
1.2

Comments

@flomotlik
Copy link
Contributor

This is a Feature Proposal

Description

When we create a LambdaPermission for sources to call a function (e.g. for S3 or SNS) we are not specific about which resource can call the function, but configure any resource of a specific service to be able to call the function (e.g. every S3 bucket or every SNS topic can call a LambdaFunction). This has to be limited so we only let specific resources call the lambda function by default.

This will not change behaviour in any way for the user, just tighten security.

Similar or dependent issues:

Additional Data

  • _Serverless Framework Version you're using_: latest master
  • _Operating System_:
  • _Stack Trace_:
  • _Provider Error messages_:
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eahefnawy eahefnawy

Labels
enhancement
Projects
None yet
Milestone
1.2
Development

No branches or pull requests
3 participants
@flomotlik @pmuens @eahefnawy