sst icon indicating copy to clipboard operation
sst copied to clipboard

Published 20 hours ago verified publisher icon sst

Add authentication for debug stack WebSocket API

Open fwang opened this issue 3 years ago • 2 comments
trafficstars

Need to figure out which authentication method should be used.

Requests

  • Lawrence https://serverless-stack.slack.com/archives/C01HQQVC8TH/p1643279859216000

fwang avatar Feb 23 '22 03:02 fwang

Hi @fwang, is there any more information regarding this issue? I cannot access the Slack link

fezproof avatar Aug 24 '22 03:08 fezproof

Also, does this mean the web socket connection to SST in debug mode completely unprotected? If so this entire framework is a non starter for a lot of teams and should probably be documented. Happy to be corrected if I misunderstand though :)

fezproof avatar Aug 24 '22 03:08 fezproof

Hey @fezproof, we are moving away from debug stack in SST v2. In v2, SST will use the websocket server that already exist in your AWS IoT service instead. And that is protected by IAM permissions.

We will share a release candidate for v2 later this month.

fwang avatar Dec 15 '22 15:12 fwang

Awesome to hear, I saw the launch and what you guys are doing is pretty sweet!

fezproof avatar Dec 16 '22 05:12 fezproof

debug stack is gone in v2

thdxr avatar Dec 19 '22 16:12 thdxr