Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Option to skip call GetRole #1007

Open
Open
@izhangzhihao

Description

We are using FC2, with CI pipeline running at Aliyun.

This is our deploy command:

npm config set registry https://registry.npmmirror.com
npm install -g @serverless-devs/s
s config add --AccessKeyID $FC_AK --AccessKeySecret $FC_SK -a fc
s build --use-local -t s.$ENV.yaml
s deploy --use-local -y -t s.$ENV.yaml

During our security monitoring, we found that every time the CI is triggered, it calls GetRole. However, because our AKSK permissions are relatively low, we don't have the necessary access. Although the deployment is working fine, just consistently triggers security alerts.

Image

Please provide an option to skip call GetRole.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

      Relationships

      None yet

      Development

      No branches or pull requests

      Issue actions

        AltStyle によって変換されたページ (->オリジナル) /