Skip to content

Changes to docs for 20.04 lambda layered deploy. #93

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
iansk merged 1 commit into from
Jul 1, 2020
Merged

Changes to docs for 20.04 lambda layered deploy. #93

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added admin_guide/install/install_defender/images/lambda_env_varialbles.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added admin_guide/install/install_defender/images/lambda_handler.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file removed .../install/install_defender/images/serverless_layer_function_designer_layers3.png
View file
Open in desktop
Binary file not shown.
42 changes: 9 additions & 33 deletions admin_guide/install/install_defender/install_serverless_defender_layer.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ To secure an AWS Lambda function with the Serverless Defender layer:

. Define a serverless CNAF policy.

. Add the layer to your function, wrap your handler, and set an environment variable.
. Add the layer to your function, update the handler, and set an environment variable.
After completing this integration, Serverless Defender runs when your function is invoked.


Expand Down Expand Up @@ -185,39 +185,12 @@ When you return to the function designer, you'll see that your function now uses
+
image::serverless_layer_function_designer_layers2.png[width=250]

. Import the Serverless Defender layer into your function by adding the appropriate line to your code depending on your runtime.
+
* If your runtime is *Python*, wrap your function's handler as follows:

import twistlock
@twistlock.serverless.handler
def handler(event, context):
.
.
.
+
* If your runtime is *Node.js*, and your handler is asynchronous, wrap your function as follows:

// Async handler
var twistlock = require('twistlock');
exports.handler = async (event, context) => {
.
.
.
};
+
* If your runtime is *Node.js*, and your handler is synchronous, wrap your function as follows:
. Update the handler for your function to be _twistlock.handler_.

// Non-async handler
var twistlock = require('twistlock');
exports.handler = (event, context, callback) => {
.
.
.
};
exports.handler = twistlock.handler(exports.handler);
image::lambda_handler.png[width=700]

. Set the TW_POLICY environment variable, which specifies how your function connects to Compute Console to retrieve policy and send audits.

. Set the _TW_POLICY_ and _ORIGINAL_HANDLER_ environment variable, which specifies how your function connects to Compute Console to retrieve policy and send audits.

.. In Compute Console, go to *Manage > Defenders > Deploy > Single Defender*.

Expand All @@ -233,8 +206,11 @@ image::serverless_layer_function_designer_layers2.png[width=250]

.. For *Value*, paste the rule you copied from Compute Console.

.. For _ORIGINAL_HANDLER_, this is the original value of handelr for your function before your modification.

. Click *Save* to preserve all your changes.
+
image::serverless_layer_function_designer_layers3.png[width=250]
image::lambda_env_variables.png[width=700]