Hey everyone! I’m excited to announce some more great platform updates to StdLib. We’ve added access control list (ACL) support, allowing you to restrict access to your deployed functions, and have also updated the default Node engine to Node 8.8.0.

If you’re not familiar with StdLib, we’re a function as a service (FaaS) library that allows users to rapidly create, discover, and consume APIs as web functions. We’re the fastest way for developers to turn their code into a live, infinitely-scalable, production-ready endpoint. This tutorial on our Github page will walk you through the process of signing up and creating your first service. You can also check out our most recent product, StdLib Sourcecode, which makes creating a wide variety of production-ready projects dead simple.

ACL Support

We’re happy to announce today that StdLib now supports ACLs! Function definitions support a new @acl field that you can use to whitelist or blacklist users by username. The default for StdLib functions (when an ACL isn’t specified) is “allow all” and the equivalent of @acl * .

If you want to deny access to specific users, you can add @acl * to your function definition, then include users by username with user__username <username> deny .

For example, if you wanted to deny access to two specific users, let’s say with usernames haliax and cinder, you could do so with a definition that looks like this:

Function with an ACL that acts as a blacklist

The ACL for this function would allow any user to call the function except for those who pass in a token belonging to the users haliax or cinder. The “*” (asterisk) immediately following the @acl field signifies that all other users should be allowed to access the function.

On the other hand, if you would like to deny access to everyone except for specific users, you would declare @acl with no asterisk following, then specify individual users as user__username <username> allow .

For example, if you wanted your function to allow access to only users with the usernames kvothe and denna, your function definition might look something like this:

Function with an ACL that acts as a whitelist

The ACL will deny access to everyone who calls the function without one of either kvothe or denna’s library tokens. You can read more about StdLib library tokens here.

Note that the order of fields in the comments is important.

For full documentation on ACLs, check out our docs page.

Node 8.8.0 Support

StdLib now ships with Node 8.8.0 as the default engine for functions. To use the previous engine version, you should manually set "engine": "nodejs-8.6.0" in the "stdlib" field of your package.json . You can check out the release notes for Node 8.8.0 here.

That’s it!

We’ve got more exciting features and announcements coming up in the next few weeks, so stay tuned by following us on Twitter @StdLibHQ. You can also join our Slack channel by going to our homepage and requesting an invite under the “Community” tab. Feel free to reach out anytime!