Skip to main content
Skip table of contents

AWS Lambda Integration

Overview

Mend serverless integration enables you to scan and monitor deployed Lambda functions. Once a scan is initiated, Mend automatically identifies all the open source components and dependencies. It then checks it against the definitive database of open source repositories, for security vulnerabilities and licenses. Once detected, you can apply automatic policies, define workflows and collaborate the information within your team.

Prerequisites

  • AWS CLI is installed and configured. You’ll need both a valid Secret Access Key and a valid Access Key ID.
    You can find and create Access Key IDs for an IAM user from the IAM console. The Secret Access Key can also be obtained by downloading the security credentials.
    Alternatively, you can use the AWS CLI to generate an Access Key ID for a user as well as download the rest of their security credentials.

  • Lambda functions are deployed in AWS.

  • The default output format of AWS CLI is JSON.

Scan Lambda Functions

Serverless Lambda integrates with the Unified agent. To get started with the Unified Agent, click here.

To scan your Lambda functions, simply use the following parameters:

Parameter

Type

Description

Required

Default

serverless.provider

String

Name of the provider for serverless integration

yes

aws-lambda

serverless.scanFunctions

Boolean

Enables/Disables the scan functions

yes

false

serverless.functionNames

String

The function names that you would like to scan. 

yes

empty list

serverless.region

String

The region where your functions are deployed

yes


serverless.maxFunctions

Integer

Maximum functions for scanning

yes

10

The results are displayed on the Mend GUI:


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.