Require Policies

These methods exist on the policy.require object as seen in the following example:

(policy) => {
  policy.require.disableDefaults();
  policy.require.allowRequire(`${__dirname}/node_modules/**/*.js`);
}

These policies affect the requiring of .js and .json files. Any third party modules will also be subject to these policies.

By default, all .js and .json files in ./node_modules (and its subdirectories) are allowed to be required. This includes any files that are npm installed in your project. Because of this, require policies usually don't need to be explicitly specified.

policy.require.disableDefaults()

Disables the default policy (which is described above). If this is used, policies need to be explicitly added for any files that are to be required. This is useful in situations where you don't use third party modules.

Note that require policies only apply to require() itself; code can still be loaded in other ways: for example, eval() can be used to execute code from files that are read using the fs module (which is governed by its own policies). Regardless of the method that code is loaded, the newly loaded code's behavior will be subject to all of your policies.

Intrinsic for Lambda

By default, all .js and .json files in /var/task and /var/runtime (and their subdirectories) are allowed to be required. This includes any files that are npm installed in your project.

policy.require.allowRequire(pathPattern)

Allows the requiring of files matching the pathPattern glob pattern. Patterns must be specified with respect to absolute paths.

This policy is required if you see the following violation in your logs:

[INTRINSIC] RequirePolicyViolation: POLICY_VIOLATION sb: "fallback"
  | /path/to/module.js not in `require` whitelist