-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.yaml
91 lines (91 loc) · 3.22 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS::Serverless-2016-10-31
Mappings:
EnvMap:
DBHost:
test: gptea-test-instance-1.cdkmn8yg5hzw.ap-northeast-2.rds.amazonaws.com
prod: gptea-instance-1.cdkmn8yg5hzw.ap-northeast-2.rds.amazonaws.com
DBSecretARN:
test: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:rds!cluster-a8dda95e-d938-49d8-9047-6a7a0309606a-EsXrpO
prod: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:rds!cluster-3ac6b2b9-422c-4271-b239-de44854b439b-iDvc1n
HMACSecretARN:
test: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:gptea/test/hmac-Xfs7m3
prod: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:gptea/prod/hmac-LNZlwj
FunctionMap:
SG:
test: sg-0e25fdf0f98b96de3
prod: sg-0628eccf44915c5fe
SubnetA:
test: subnet-0488dd94a906b5fdd
prod: subnet-03cf3dc17841e83db
Domain:
test: api.gptea-test.keenranger.dev
prod: api.gptea.keenranger.dev
HostedZone:
test: gptea-test.keenranger.dev.
prod: gptea.keenranger.dev.
Cert:
test: arn:aws:acm:ap-northeast-2:596852339475:certificate/57b760f7-c34e-400f-927b-2a77182419da
prod: arn:aws:acm:ap-northeast-2:596852339475:certificate/55691e5a-20e4-4e96-9c1e-dbf4c395ff61
Parameters:
Env:
Default: test
Type: String
AllowedValues:
- test
- prod
Description: Environment in which application will be deployed
Globals:
Function:
VpcConfig:
SecurityGroupIds:
- !FindInMap [FunctionMap, SG, !Ref Env]
SubnetIds:
- !FindInMap [FunctionMap, SubnetA, !Ref Env]
Environment:
Variables:
ENV: !Ref Env
ACCESS_TOKEN_TTL: 2h
REFRESH_TOKEN_TTL: 168h
REGION: !Ref "AWS::Region"
DB_HOST: !FindInMap [EnvMap, DBHost, !Ref Env]
DB_PORT: 5432
DB_SECRET_ARN: !FindInMap [EnvMap, DBSecretARN, !Ref Env]
HMAC_SECRET_ARN: !FindInMap [EnvMap, HMACSecretARN, !Ref Env]
OPENAI_API_SECRET_ARN: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:gptea/openai-z3cOzL
Resources:
GPTeaAPI:
Type: AWS::Serverless::Api
Properties:
StageName: !Ref Env
Domain:
CertificateArn: !FindInMap [FunctionMap, Cert, !Ref Env]
DomainName: !FindInMap [FunctionMap, Domain, !Ref Env]
Route53:
HostedZoneName: !FindInMap [FunctionMap, HostedZone, !Ref Env]
GPTeaFunction:
Type: AWS::Serverless::Function
Properties:
Timeout: 10
Policies:
- AWSSecretsManagerGetSecretValuePolicy:
SecretArn: !FindInMap [EnvMap, DBSecretARN, !Ref Env]
- AWSSecretsManagerGetSecretValuePolicy:
SecretArn: !FindInMap [EnvMap, HMACSecretARN, !Ref Env]
- AWSSecretsManagerGetSecretValuePolicy:
SecretArn: arn:aws:secretsmanager:ap-northeast-2:596852339475:secret:gptea/openai-z3cOzL
- AWSLambdaVPCAccessExecutionRole
Events:
ProxyAPIEvent:
Type: Api
Properties:
RestApiId: !Ref GPTeaAPI
Path: /{proxy+}
Method: any
Runtime: provided.al2
CodeUri: .
Architectures:
- arm64
Handler: main
Metadata:
BuildMethod: makefile