There are a number of security solutions that require automated, repeatable tasks. These tasks are traditionally launched with server-based automation, such as a cron script on a dedicated server or a Jenkins instance. However, the creation of such infrastructure increases the attack surface in your environment, and requires server operations (e.g. patching, server maintenance).
Serverless Security Automation provides a feature-rich serverless framework for security automation. It is based on the Serverless AWS Python Scheduled Cron Example with extensions for error handling, secret management, and dependencies.
npm install -g serverless
serverless deploy
Note: if you are using IAM Roles with MFA, you may need to export your AWS environment variables using the assume-role package
For example,
brew install remind101/formulae/assume-roleon Mac
Then launch with
assume-role YOUR_ROLE && serverless deploywhere YOUR_ROLE is defined in your /.aws/config file
Error Handling uses the Serverless Plugin AWS Alerts plugin.
npm i serverless-plugin-aws-alerts
Including Python requirements uses the AWS Python Requirements plugin. This also requires Docker to be installed.
sls plugin install -n serverless-python-requirements
Secrets are stored using the AWS Parameter Store