{"id":13612822,"url":"https://github.com/sls-mentor/sls-mentor","last_synced_at":"2025-04-13T12:32:51.462Z","repository":{"id":37081368,"uuid":"494462513","full_name":"sls-mentor/sls-mentor","owner":"sls-mentor","description":"Analyze your AWS serverless app in one command! 30+ best practices to improve costs💰 security🛡 stability🧘‍♀️ speed🚀 and sustainability🌱","archived":false,"fork":false,"pushed_at":"2024-11-28T08:19:45.000Z","size":9648,"stargazers_count":196,"open_issues_count":5,"forks_count":8,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-01T15:54:47.504Z","etag":null,"topics":["analysis","audit","aws","best-practices","compliance","cost-optimization","dynamodb","lambda","learn","s3","security","serverless","sns","sqs"],"latest_commit_sha":null,"homepage":"https://www.sls-mentor.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sls-mentor.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-05-20T12:51:13.000Z","updated_at":"2025-03-19T01:46:35.000Z","dependencies_parsed_at":"2023-09-23T18:27:01.866Z","dependency_job_id":"75d97e8f-6cb1-4e9b-93bb-9f7ab4f0538a","html_url":"https://github.com/sls-mentor/sls-mentor","commit_stats":{"total_commits":458,"total_committers":27,"mean_commits":"16.962962962962962","dds":0.6222707423580787,"last_synced_commit":"db00ebf9b6ca0f10bc4db61663c500bdee832d73"},"previous_names":["kumo-by-theodo/guardian"],"tags_count":70,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sls-mentor%2Fsls-mentor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sls-mentor%2Fsls-mentor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sls-mentor%2Fsls-mentor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sls-mentor%2Fsls-mentor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sls-mentor","download_url":"https://codeload.github.com/sls-mentor/sls-mentor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248714726,"owners_count":21149954,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analysis","audit","aws","best-practices","compliance","cost-optimization","dynamodb","lambda","learn","s3","security","serverless","sns","sqs"],"created_at":"2024-08-01T20:00:34.998Z","updated_at":"2025-04-13T12:32:46.450Z","avatar_url":"https://github.com/sls-mentor.png","language":"TypeScript","funding_links":[],"categories":["Awesome AWS security tools"],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003ch1\u003e\n    \u003cbr/\u003e\n    \u003cbr/\u003e\n    \u003cimg src=\"packages/documentation/static/img/sls-mentor.svg\" width=\"60px\" alt=\"sls-mentor-logo\" /\u003e\n    \u003cbr /\u003e\n    \u003cimg src=\"packages/documentation/static/img/title.png\" width=\"600px\" alt=\"sls-mentor\" /\u003e\n    \u003cbr /\u003e\n  \u003c/h1\u003e\n  \u003cbr /\u003e\n  \u003csup\u003e\n    \u003cp\u003eWe are open to contributions, check our \u003ca href=\"https://github.com/sls-mentor/sls-mentor/issues?q=is%3Aopen+is%3Aissue+label%3A%22good+first+issue%22\"\u003egood first issues\u003c/a\u003e!\u003c/p\u003e\n    \u003ca href=\"https://www.npmjs.com/package/sls-mentor\"\u003e\n       \u003cimg src=\"https://img.shields.io/npm/v/sls-mentor.svg\" alt=\"npm package\" /\u003e\n    \u003c/a\u003e\n    \u003ca href=\"https://www.npmjs.com/package/sls-mentor\"\u003e\n      \u003cimg src=\"https://img.shields.io/npm/dm/sls-mentor.svg\" alt=\"npm downloads\" /\u003e\n    \u003c/a\u003e\n  \u003c/sup\u003e\n  \u003ch2\u003e🚨 [NEW]sls-mentor 3.0 is in alpha! 🚨\u003c/h2\u003e\n  \u003cp\u003eVisualize you AWS serverless application like never before\u003c/p\u003e\n  \u003cimg src=\"packages/documentation/static/img/3.0.0.gif\" style=\"width: 100%\" /\u003e\n  \u003cpre\u003enpx \u003ca href=\"https://www.npmjs.com/package/sls-mentor\"\u003esls-mentor@alpha\u003c/a\u003e -p \u0026lt;AWS_CLI_PROFILE\u0026gt;\u003c/pre\u003e\n  \u003cp\u003eWeekly pre-releases, we need your feedback and feature requests!\u003c/p\u003e\n  \u003ch2\u003e⬇️ Back to sls-mentor v2 ⬇️\u003c/h2\u003e\n  \u003cp\u003e\n    \u003cq\u003eJust because you don't see something, doesn't mean it doesn't exist\u003c/q\u003e\n  \u003c/p\u003e\n   \u003cp align=\"right\"\u003e Anonymous on Tumblr - 2012 \u003c/p\u003e\n   \u003cbr/\u003e\n  \u003cp\u003e\n    \u003ca href=\"https://www.sls-mentor.dev\"\u003e\u003cb\u003esls-mentor\u003c/b\u003e\u003c/a\u003e is a tool that analyzes the configuration of your AWS resources against best practice rules. \u003cbr /\u003e\u003ca href=\"https://www.sls-mentor.dev\"\u003e\u003cb\u003esls-mentor\u003c/b\u003e\u003c/a\u003e solves problems before they occur, and optimizes your app’s performances and costs.\n  \u003c/p\u003e\n  \u003cp\u003eCheck our \u003ca href=\"https://www.sls-mentor.dev\"\u003ewebsite\u003c/a\u003e for more information! \u003c/p\u003e\n\u003c/div\u003e\n\u003cbr /\u003e\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch2\u003eOne minute quick start 🚀\u003c/h2\u003e\n  \u003cbr /\u003e\n  \u003cpre\u003enpx \u003ca href=\"https://www.npmjs.com/package/sls-mentor\"\u003esls-mentor\u003c/a\u003e\u003c/pre\u003e\n    \u003cimg src=\"packages/documentation/static/img/guardian-run.gif\" style=\"width: 80%\" /\u003e\n  \u003cbr /\u003e\n  \u003cbr /\u003e\n\u003c/div\u003e\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch2\u003eInstall sls-mentor on your project and customize your experience 🔎\u003c/h2\u003e\n  \u003cbr /\u003e\n  \u003cpre\u003eyarn add -D \u003ca href=\"https://www.npmjs.com/package/sls-mentor\"\u003esls-mentor\u003c/a\u003e\u003c/pre\u003e\n\n  \u003cp\u003eSelect the cloudformation stacks you want to check using -c option\u003c/p\u003e\n  \u003cpre\u003eyarn sls-mentor -c {YOUR_AWS_STACK_NAME_1} {YOUR_AWS_STACK_NAME_2}\u003c/pre\u003e\n\n  \u003cp\u003eFilter the checked resources by tags using the -t option\u003c/p\u003e\n  \u003cpre\u003eyarn sls-mentor -t Key={TAG_KEY},Value={TAG_VALUE}\u003c/pre\u003e\n\n  \u003cp\u003eSpecify an AWS profile or an AWS region using -p and -r options\u003c/p\u003e\n  \u003cpre\u003eyarn sls-mentor -p {YOUR_AWS_PROFILE} -c {YOUR_AWS_STACK_NAME} -r {YOUR_AWS_REGION}\u003c/pre\u003e\n\n  \u003cp\u003e\u003ca href=\"./docs/running-locally.md\"\u003e📚 More information about local runs of sls-mentor\u003c/a\u003e\u003c/p\u003e\n  \u003cbr /\u003e\n\u003c/div\u003e\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch2\u003eRun sls-mentor as a periodic check on your CI 📟\u003c/h2\u003e\n  \u003cbr /\u003e\n  \u003cp\u003eThe command you want to run in your pipeline is:\u003c/p\u003e\n  \u003cpre\u003eyarn sls-mentor -p {YOUR_AWS_PROFILE} -c {YOUR_AWS_STACK_NAME} -r {YOUR_AWS_REGION} -l {YOUR_DESIRED_LEVEL}\u003c/pre\u003e\n\n  \u003cp\u003e\u003ci\u003eGithub actions, Circle CI, Gitlab CI configuration snippets coming soon 🚀\u003c/i\u003e\u003c/p\u003e\n  \u003cbr/\u003e\n  \u003cp\u003e⚠️ To make sure it properly works when executed by a pipeline runner:\u003cbr/\u003e\n\n- Ensure that the CI/CD runner has an AWS profile configured, with ReadOnlyAccess privileges.\u003cbr/\u003e\n- If the region is not configured for that profile, make sure to specify it using the -r flag in the command.\u003cbr/\u003e\u003c/p\u003e\n  \u003cp\u003e\u003ca href=\"./docs/running-in-ci.md\"\u003e📚 More information about CI runs of sls-mentor\u003c/a\u003e\u003c/p\u003e\n\u003c/div\u003e\n\u003cbr /\u003e\n\u003cbr /\u003e\n\u003ch2 align=\"center\"\u003eRules featured by sls-mentor 📏\u003c/h2\u003e\n\u003cbr /\u003e\n\n- AWS Lambda:\n  - [`Lambda: Use ARM64 architecture`](./packages/documentation/docs/rules/useArm.md): checks that you're using ARM64 architectures for your Lambda functions.\n  - [`Lambda: No shared IAM roles`](./packages/documentation/docs/rules/noSharedIamRoles.md): checks that each one of your Lambda functions has its own IAM role.\n  - [`Lambda: Limited amount of versions`](./packages/documentation/docs/rules/limitedAmountOfVersions.md): checks that you do not store all previous deployment versions for your Lambda functions.\n  - [`Lambda: Specify failure destination to async functions`](./packages/documentation/docs/rules/asyncSpecifyFailureDestination.md): checks that each one of your async Lambda functions has a failure destination.\n  - [`Lambda: No identical code`](./packages/documentation/docs/rules/noIdenticalCode.md): checks that each one of your Lambda functions has different code.\n  - [`Lambda: Light bundle`](./packages/documentation/docs/rules/lightBundle.md): checks that each one of your Lambda functions' bundles is reasonably small.\n  - [`Lambda: Under maximum memory`](./packages/documentation/docs/rules/underMaxMemory.md): checks that each one of your Lambda functions' memory size is reasonably small.\n  - [`Lambda: No maximum timeout`](./packages/documentation/docs/rules/noMaxTimeout.md): checks that your Lambda functions' timeout is not set at the maximum available.\n  - [`Lambda: No provisioned concurrency`](./packages/documentation/docs/rules/noProvisionedConcurrency.md): checks that no Lambda function has provisioned concurrency.\n    concurrency.\n  - [`Lambda: No deprecated runtime`](./packages/documentation//docs/rules/noDeprecatedRuntime.md): checks that your Lambda functions do not run on deprecated runtime.\n- AWS S3:\n  - [`S3: Use intelligent tiering`](./packages/documentation/docs/rules/useIntelligentTiering.md): checks that each one of S3 buckets has intelligent tiering enabled.\n  - [`S3: Use HTTPS requests only`](./packages/documentation/docs/rules/s3OnlyAllowHTTPS.md): checks that users access buckets objects using SSL.\n- AWS SQS:\n  - [`SQS: Specify a DLQ on queues`](./packages/documentation/docs/rules/specifyDlqOnSqs.md): checks that SQS queues have a dead-letter-queue specified in case of failure\n- AWS Cognito:\n  - [`Cognito: Sign-in case insensitivity`](./packages/documentation/docs/rules/cognitoSignInCaseInsensitivity.md): checks that your Cognito user pool is insensitive to user name case.\n- AWS CloudWatch:\n  - [`CloudWatch Log Groups: Defined logs retention duration`](./packages/documentation/docs/rules/definedLogsRetentionDuration.md): checks that each of your Log Groups has a defined log retention duration.\n- AWS EventBridge:\n  - [`EventBridge: Specified dead letter queue`](./packages/documentation/docs/rules/specifyDlqOnEventBridgeRule.md): checks that each Event Bridge Rule target has a dead letter queue.\n- AWS CloudFront:\n  - [`CloudFront: Enable security headers`](./packages/documentation/docs/rules/cloudFrontSecurityHeaders.md): checks that each CloudFront distributions have basic security headers enabled.\n  - [`CloudFront: SSL certificate associated`](./packages/documentation/docs/rules/cloudFrontSSLCertificate.md): checks that each CloudFront distributions have a SSL certificate associated (IAM or ACM).\n- AWS RDS:\n  - [`RDS: Enable instance autoscaling`](./packages/documentation/docs/rules/autoscaleRdsInstanceEnabled.md): checks that RDS instances have autoscaling enabled.\n- AWS Backup:\n  - [`Backup: Defined Backup Retention Period or Transition to Cold Storage`](./packages/documentation/docs/rules/definedBackupRetentionPeriodOrTransitionToColdStorage.md): checks that each rule of any Backup Plan has a defined retention period or transition to cold storage date.\n- AWS API Gateway V2:\n  - [`API Gateway: Use authorized routes`](./packages/documentation/docs/rules/noUnauthorizedApiGatewaysV2Routes.md): checks that each API Gateway route has an authorizer configured.\n\n\u003cp\u003eCheck out our articles, to find out more:\u003c/p\u003e\n\n- \u003ca href='https://dev.to/slsbytheodo/guardian-100-available-now-your-free-open-source-audit-tool-for-aws-architectures-54cd'\u003e\u003cb\u003esls-mentor 1.0.0 available now! Your Free Open Source audit tool for AWS architectures!\u003c/b\u003e\u003c/a\u003e by \u003ca href='https://twitter.com/eloiatheodo'\u003eÉloi\u003c/a\u003e\n- \u003ca href='https://dev.to/slsbytheodo/that-one-aws-lambda-hidden-configuration-that-will-make-you-a-hero-guardian-is-watching-over-you-5gi7'\u003e\u003cb\u003eThat one AWS Lambda hidden configuration that will make you a Hero - sls-mentor is watching over you\u003c/b\u003e\u003c/a\u003e by \u003ca href='https://twitter.com/Gozinebgo'\u003eZineb\u003c/a\u003e\n- \u003ca href='https://dev.to/slsbytheodo/aws-lambda-versions-time-to-clean-up-guardian-is-watching-over-you-jkd'\u003e\u003cb\u003eAWS Lambda Versions : Time to clean up! - sls-mentor is watching over you\u003c/b\u003e\u003c/a\u003e by \u003ca href='https://twitter.com/PierreChollet22'\u003ePierre\u003c/a\u003e\n- \u003ca href='https://dev.to/slsbytheodo/aws-lambda-101-shave-that-bundle-down-48c7'\u003e\u003cb\u003eAWS Lambda 101: Shave That Bundle Down\u003c/b\u003e\u003c/a\u003e by \u003ca href='https://twitter.com/eloiatheodo'\u003eÉloi\u003c/a\u003e\n\n\u003cbr /\u003e\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch2\u003eAbout sls-mentor 📰\u003c/h2\u003e\n  \u003cbr /\u003e\n  \u003cp\u003e\n  sls-mentor is a \u003ca href='https://www.theodo.fr/startup-studio-m33'\u003eTheodo Group\u003c/a\u003e project made for AWS Serverless developers by AWS Serverless developers. Original idea appeared at \u003ca href='https://www.aleios.com/'\u003eAleios\u003c/a\u003e. sls-mentor was migrated to Typescript and enriched by \u003ca href='https://www.theodo.fr'\u003eTheodo\u003c/a\u003e.\n  \u003c/p\u003e\n\u003c/div\u003e\n\u003cbr /\u003e\n\u003cbr /\u003e\n\u003cdiv align=\"center\"\u003e\n  \u003ch2\u003eContributors ❤️\u003c/h2\u003e\n  \u003cbr /\u003e\n  \u003ca href=\"https://github.com/sls-mentor/sls-mentor/graphs/contributors\"\u003e\n    \u003cimg src=\"https://contrib.rocks/image?repo=sls-mentor/sls-mentor\" /\u003e\n  \u003c/a\u003e\n  \u003ca href=\"https://github.com/aleios-cloud/sls-dev-tools/graphs/contributors\"\u003e\n    \u003cimg src=\"https://contrib.rocks/image?repo=aleios-cloud/sls-dev-tools\" style=\"width: calc(9/12*100%)\"/\u003e\n  \u003c/a\u003e\n  \u003cbr/\u003e\n  \u003cbr/\u003e\n  \u003ch4\u003eYour contributions are very welcome, feel free to add new rules to sls-mentor !\u003c/h4\u003e\n  \u003cbr /\u003e\n  \u003ch4\u003eBuilt using \u003ca href=\"https://www.swarmion.dev\"\u003eSwarmion\u003c/a\u003e - Check them out they are great!\u003c/h4\u003e\n\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsls-mentor%2Fsls-mentor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsls-mentor%2Fsls-mentor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsls-mentor%2Fsls-mentor/lists"}