Serverless
Serverless Framework
policies
Set policies and enforce them before any developer deploys.
Sign up for free
Available now inServerless Framework Pro.
Serverless Framework Dashboard

Enforce industry standard policies

Serverless Framework comes pre-loaded with configurable policies out of the box. Use these policies to enforce security requirements (e.g. ensure no wildcard IAM roles are created), operational best practices (e.g. ensure a dead letter queues is attached to each function), and organizational conventions (e.g. required tags, or function naming conventions).

Use these out of the box policies to help enforce NIST, CIS, NSA and ISO 27001 requirements.

Create custom policies for your organization

If the pre-loaded policies are not sufficient, you can implement your own. Custom policies are easy to write using Javascript and can enforce rules on any runtime supported by the Serverless Framework, including Node, Python, Go, etc. Use the custom policies to inspect the generated serverless framework configuration and the AWS resources.

Zero-code, yet highly customizable

Enforce policies without touching any code. In the dashboard you can add and configure policies across your organization without needing to change your service configuration or code. Policies are highly customizable, so you can apply policies to different environments, configuring them uniquely for each environment, and configure their enforcement level.

See full architecture diagrams with time-to-market estimates for use cases.

Product

Open Source

Pro

Components

Plugins

CI/CD

Metrics

Alerts

Troubleshooting

Policies

Dashboard

Integrations

Docs

Services

Training

Support

Pricing

Learn

Free Courses

What?

Why?

Use cases

Examples

Case studies

Comparisons

Community

Community Courses

Blog

GitHub

Forum

Slack

Meetups

Partners

Company

About us

Join us

Contact

Terms of service

Privacy Policy

hello@serverless.com - Copyright © 2020 Serverless, Inc. All rights reserved.