Skip to content

purpleteam-labs/purpleteam-lambda

Repository files navigation


purpleteam logo

purpleteam lambda functions


lambda functions of PurpleTeam - Currently in alpha

documentation GitHub release (latest SemVer including pre-releases)



If you are setting up the lambda functions, you will be targeting the local environment.

Clone or fork this repository.

cd to the repository root directory and run:

npm install

Now carry out the same npm install command from each of the following directories:

  • local/app-emissary-provisioner/
  • local/s2-deprovisioner/
  • local/selenium-standalone-provisioner/

Install aws cli

If you are running on a Linux based system with apt, you can install awscli via the standard repository. This may be a little old, but it may be OK, and of course it's very quick and easy.

Or with a handful of commands you can install the latest, details here.

Install aws-sam-cli

The install details for Linux can be found here.

There is two install options, the older one which uses Homebrew and the newer one (which we recommend) which uses a shell script.

You will need to install brew first. Once you have done that which brew will show you were it is installed.
Contrary to the install instructions, it was installed to: /home/linuxbrew/.linuxbrew/Homebrew/bin/brew
For us we use zsh, so adding homebrew to our path was just adding the following line to our ~/.zshrc file:

export PATH=/home/linuxbrew/.linuxbrew/Homebrew/bin/brew:$PATH

Then just reload with the following command:

source ~/.zshrc

Your terminal should know where brew now is. Carry on with the aws-sam-cli install.
For us we had to run the install twice

brew tap aws/tap
brew install aws-sam-cli

Just follow the directions.

Configuring aws cli

In order to validate SAM templates, you'll need an AWS user with CLI access and policy AWSQuickSightListIAM added to the group of the CLI user, then, usually the easiest way to do this is to run aws configure which will create two files (~/.aws/credentials & ~/.aws/config) if they don't already exist. The aws_access_key_id & aws_secret_access_key will be created in the credentials file if they don't exist, and the output & region will be created in the config file if they don't exist. If you don't set the region you'll end up with errors
Next it's a good idea to make sure these files are chmod 600 (by default mine was). I then chmod 700 on ~/.aws/, just like the ~/.ssh/ directory is.


Once you have worked through the above steps, head back to the local setup documentation to continue setting up the other PurpleTeam components.