Serverless Plugin: Harden S3 Buckets
What is it?
This is a plugin for the Serverless framework that automatically adds some hardening features to S3 buckets in your stack. This removes copy and paste overhead and reduces the opportunity for developers to forget crucial security settings for a bucket.
How do I use it?
There are two steps:
Install the Plugin as a Development Dependency
npm install --save-dev --save-exact @silvermine/serverless-plugin-harden-s3-buckets
Telling Serverless to Use the Plugin
Simply add this plugin to the list of plugins in your
plugins: - '@silvermine/serverless-plugin-harden-s3-buckets'
What Will the Plugin Do?
At this time, all it does is add the following block to every one of the S3 buckets in your stack:
PublicAccessBlockConfiguration: BlockPublicAcls: true BlockPublicPolicy: true IgnorePublicAcls: true RestrictPublicBuckets: true
What if I Want Some of Those Settings
This plugin will only add the ones that are missing, so go ahead and define them in your bucket's resource properties as you normally would.
How do I contribute?
We genuinely appreciate external contributions. See our extensive documentation on how to contribute.
This software is released under the MIT license. See the license file for more details.