-
Notifications
You must be signed in to change notification settings - Fork 0
/
buildspec.yml
executable file
·33 lines (30 loc) · 1.18 KB
/
buildspec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
version: 0.2
phases:
install:
commands:
# Install all dependencies (including dependencies for running tests)
- npm install
- pip install --upgrade awscli
pre_build:
commands:
## Not required
build:
commands:
- echo Build started on `date`
- npm install -g https://artifactory.app.protego.io/cloudguard-serverless-plugin.tgz
# Set your AWS region variable
- export AWS_REGION=ap-southeast-1
# Configure the CloudGuard Workload Proact security on the SAM template
- echo Enabling Proact
- cloudguard proact -m template.yml
# Set the S3 bucket name variable
- export S3_BUCKET=YOUR-BUCKET-NAME
# Use AWS SAM to package the application by using AWS CloudFormation
- echo Enabling FSP
- aws cloudformation package --template template.yml --s3-bucket $S3_BUCKET --output-template template-export.yml
# Add the Function Runtime Protection (Or Function Self Protection) to your function. You need to replace cloudformation stack arn with the one you've deployed!
- cloudguard fsp -c arn:aws:cloudformation:YOUR-CFT-STACK-ARN
artifacts:
type: zip
files:
- template-export.yml