stag-sandbox-lambda v0.3.3
Stagirite Sandboxer as an AWS Lambda Service with REST API
A Lambda and Amazon API Gateway wrapper around the Esprima based 'Sandboxer' in the Stagirite core.
The key module is require'd by private npm: @andynuss/stag0jsmunge
Usage
Install project:npm install
Deploy to AWS Lambda with updated code:npm run-script deploy
Get AWS Lambda info:npm run-script info
Note: to deploy to AWS, you must have credentials. Also, be sure to set default region to "us-west-2".
Note: npm run-script deploy will tag and push to remote repo.
Client API
Currently, the API supports one method: a POST of a JavaScript "script", which will respond with the sandbox'ed result.
The API endpoint can be found at:
https://kdldbofr5a.execute-api.us-west-2.amazonaws.com/dev/sandbox-lambda
Request Body should be of type JSON(application/json), in the form:
{
"script": "var a = b[c]"
}Response Body returns the sandbox'ed "result" in stringify'd JSON:
{
"result": "\"//var a=b[c];\nvar a=$$_s.Get($$_w,b,c,1);\n\""
}Note: The AWS API Gateway endpoint is currently "open", meaning that the access to the API doesn't require an auth token. This does not mean that the Lambda function code is visible/accessible on the public Internet; the AWS API Gateway hides and secures everything behind itself.
AWS Console
AWS API Gateway console:
https://us-west-2.console.aws.amazon.com/apigateway/home?region=us-west-2#/restapis/kdldbofr5a/resources/6kw15ioppi
The Sandboxer Lambda function itself, including monitoring and logging:
https://us-west-2.console.aws.amazon.com/lambda/home?region=us-west-2#/functions/sandbox-lambda
Notes and lessons learned:
- The
'export'ed function in this file MUST be calledhandleror Lambda will barf.
TODO
- API key management
- Add a second endpoint called "test".
8 years ago