WhiteSource serverless integration enables you to scan and monitor deployed Lambda functions. Once a scan is initiated, WhiteSource automatically identifies all the open source components and dependencies. It then checks it against the definitive database of open source repositories, for security vulnerabilities and licenses. Once detected, you can apply automatic policies, define workflows and collaborate the information within your team.
Serverless Lambda integrates with the Unified agent. To get started with the Unified Agent, click here.
To scan your Lambda functions, simply use the following parameters:
Parameter | Type | Description | Required | Default |
---|---|---|---|---|
serverless.provider | String | Name of the provider for serverless integration | yes | aws-lambda |
serverless.scanFunctions | Boolean | Enables/Disables the scan functions | yes | false |
serverless.functionNames | String | The function names that you would like to scan. | yes | empty list |
serverless.region | String | The region where your functions are deployed | yes | |
serverless.maxFunctions | Integer | Maximum functions for scanning | yes | 10 |
The results are displayed on the WhiteSource GUI: