-
Notifications
You must be signed in to change notification settings - Fork 0
/
serverless.yml
152 lines (138 loc) · 3.73 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
service: blog-api
useDotenv: true
frameworkVersion: "2"
provider:
name: aws
runtime: nodejs12.x
lambdaHashingVersion: 20201221
stage: ${opt:stage, 'dev'}
region: us-east-1
environment:
TABLE_NAME: ${self:custom.TableName}
BUCKET_NAME: ${self:custom.BucketName}
plugins:
- serverless-webpack
- serverless-iam-roles-per-function
functions:
getArticles:
handler: src/lambdas/getArticles/handler.getAllArticles
events:
- http:
method: get
path: /articles
cors: true
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:Scan
Resource: !GetAtt DynamoDBTable.Arn
getArticle:
handler: src/lambdas/getArticle/handler.getArticle
events:
- http:
method: get
path: /articles/{id}
cors: true
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:GetItem
Resource: !GetAtt DynamoDBTable.Arn
putArticle:
handler: src/lambdas/putArticle/handler.putArticle
events:
- http:
path: /articles/create
method: post
cors: true
request:
schemas:
application/json: ${file(src/lambdas/putArticle/schema.json)}
authorizer:
type: token
name: auth
identitySource: method.request.header.Authorization
resultTtlInSeconds: 0
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:PutItem
Resource: !GetAtt DynamoDBTable.Arn
updateArticle:
handler: src/lambdas/updateArticle/handler.updateArticle
events:
- http:
method: put
path: /articles/{id}
cors: true
request:
parameters:
paths:
id: true
schemas:
application/json: ${file(src/lambdas/updateArticle/schema.json)}
authorizer:
type: token
name: auth
identitySource: method.request.header.Authorization
resultTtlInSeconds: 0
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:UpdateItem
Resource: !GetAtt DynamoDBTable.Arn
getPresignUrl:
handler: src/lambdas/getPresignUrl/handler.getPresignUrl
events:
- http:
path: /getPresignUrl
method: get
cors: true
iamRoleStatements:
- Effect: Allow
Action:
- s3:*
Resource: !Join ["/", [!GetAtt ImageBucket.Arn, "*"]]
auth:
handler: src/lambdas/auth/handler.auth
environment:
LOGIN: ${env:LOGIN}
PASSWORD: ${env:PASSWORD}
custom:
TableName: ${self:service}-${self:provider.stage}-table
AdminsTableName: ${self:service}-${self:provider.stage}-admins-table
BucketName: ${self:service}-${self:provider.stage}-image-bucket
webpack:
webpackConfig: webpack.config.js
includeModules: true
packager: yarn
resources:
Resources:
ImageBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.BucketName}
AccessControl: PublicReadWrite
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy: false
IgnorePublicAcls: false
RestrictPublicBuckets: false
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- POST
AllowedOrigins:
- "*"
DynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: ${self:custom.TableName}
BillingMode: PAY_PER_REQUEST
AttributeDefinitions:
- AttributeName: id
AttributeType: S
KeySchema:
- AttributeName: id
KeyType: HASH