Create a whitelist for IP addresses, CIDR for a serverless application, using serverless resource policies.
This plugin requires serverless 3.18 or higher.
IP addresses, CIDR are whitelisted by stages and publicPaths
.
privateStages
: Private to whitelisted CIDR and IP addresses. In the example below,staging
andproduction
stages areprivateStages
, so only those CIDR and IP addresses can accessstaging
andproduction
.publicStages
: No whitelisting necessary. These stages are public to all CIDR and IP addresses.publicPaths
: No whitelisting necessary regardless stages.
- Install in your serverless application:
npm install --save serverless-whitelisting
- In your
serverless.yml
file, add theserverless-whitelisting
toplugins
, for example:plugins: - serverless-whitelisting
- Within the
provider
block, add astage
variable:provider: stage: ${opt:stage, 'dev'}
- Within a
custom
block, add:custom: serverless-whitelisting: stage: ${self:provider.stage} privateStages: - staging - production publicStages: - test netblocks: - 212.204.161.60/24 - 68.159.185.46 publicPaths: - oauth - oauth-test
The
netblocks
object will contain the list of whitelisted IPs.
# serverless.yml
service: my-service-name
plugins:
- serverless-whitelisting
provider:
stage: ${opt:stage, 'test'}
custom:
serverless-whitelisting:
stage: ${self:provider.stage}
privateStages:
- staging
- production
publicStages:
- test
netblocks:
- 212.204.161.60/24
- 68.159.185.46
publicPaths:
- oauth
- oauth-test