all
guides & tutorials
user stories
operations & observability
engineering culture
news

Serverless Framework Enterprise 0.10.0 - Deployment Profiles

written by  
  Maciej Skierkowski

With today’s Serverless Framework Enterprise release we are adding support for Deployment Profiles, enabling serverless development teams to move fast and scale while enforcing operational and security best practices.

One of the greatest challenges of a scaling engineering team is educating new team members about organizational security and operational practices. This is especially challenging when those team members are also new to serverless. For example, when they deploy a service you want to make sure they deploy to the right regions and use the AWS Account designated for that stage. Or maybe you want to make sure that they do not deploy to production on Fridays.

Engineering Managers and Operators, with Serverless Framework Enterprise Deployment Profiles, can designate AWS Accounts for each of the stages in their applications, and enforce security and operational policies using Serverless Safeguards.

AWS Accounts for each stage

AWS Credentials Access Role helps you secure your service deployments by enabling Serverless Framework Enterprise to issue temporary AWS Access Keys to deploy your services to AWS. The AWS Access Keys are generated by Serverless Enterprise on every command and the credentials expire after one hour.

The AWS Credentials Access Roles are defined in the Deployment Profiles enabling your team to automatically use the right AWS Account for each stage.

Safeguard Policies for each stage

Safeguards enable managers and operations teams to configure policies that must be complied with, like “restricted-deploy-times,” “required-stack-tags,” or “no-overly-generous-iam-role-statements,” in order for a Serverless Framework deployment to succeed. It comes with 15 safeguard policies available out of the box, with 9 pre-configure for you. If those policies aren’t enough, you can implement your own too.

Safeguards are configured in the Deployment Profiles enabling your team to comply with the requirements unique to each stage.

Safely deploy

By simply using Serverless Framework Enterprise, when you run serverless deploy, a short-lived AWS credentials will be generated and the Safeguard Policies will evaluated for that service before any resources are provisioned. With Deployment Profiles you can now automatically use the right AWS accounts and safeguard policies for each stage.

About Maciej Skierkowski

Maciej Skierkowski is the Director of Product, Enterprise at Serverless, Inc.

 - 06.08.18

Deploy a Serverless Frontend with the Serverless Finch Plugin

Learn how to deploy a static website to AWS with the Serverless Finch Plugin.

written by Fernando Medina Corey

user-stories - 30.03.17

How the US Department of Defense is Streamlining Open Source Contributions with Serverless Code

Learn how the Defense Digital Service at the Pentagon used Serverless to automate the Developer Certificate of Origin process for contributors.

written by Tom Bereknyei

Join 16,000 other developers and keep up to speed on the latest serverless news and releases.