This repository has been archived by the owner on May 1, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 15
/
template.yml
119 lines (118 loc) · 3.69 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
AWSTemplateFormatVersion: 2010-09-09
Transform:
- AWS::Serverless-2016-10-31
Description: Sets up an service for vending fact information.
Parameters:
FactType:
Type: String
Description: Name of the type of facts you will vend from the service.
Default: cat
Stage:
Type: String
Description: The name for a project pipeline stage, such as Staging or Prod, for which resources are provisioned and deployed.
Default: staging
Resources:
#Compute resources
APIGatewayServiceLambda:
Type: AWS::Serverless::Function
Properties:
FunctionName: !Sub 'Fact-Vendor-Lambda-${Stage}'
Handler: factVendorLambda.get
CodeUri: s3://fact-service-build-info/fact-service.zip
Runtime: nodejs10.x
Role:
Fn::GetAtt:
- LambdaExecutionRole
- Arn
#API
FactServiceAPIGateway:
Type: AWS::ApiGateway::RestApi
Properties:
Description: API for the serverless fact service.
Name: !Sub '${FactType}-fact-api-${Stage}'
APIGatewayResourcesFact:
Type: AWS::ApiGateway::Resource
Properties:
ParentId: !GetAtt
- FactServiceAPIGateway
- RootResourceId
PathPart: fact
RestApiId: !Ref "FactServiceAPIGateway"
APIGatewayMethod:
Type: "AWS::ApiGateway::Method"
DependsOn:
- APIGatewayResourcesFact
Properties:
AuthorizationType: "NONE"
HttpMethod: "GET"
OperationName: getFact
Integration:
IntegrationHttpMethod: "POST"
Type: "AWS_PROXY"
Uri: !Sub
- "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdaArn}/invocations"
- lambdaArn: !GetAtt "APIGatewayServiceLambda.Arn"
ResourceId: !Ref "APIGatewayResourcesFact"
RestApiId: !Ref "FactServiceAPIGateway"
APIGatewayStage:
Type: AWS::ApiGateway::Stage
Properties:
Description: !Sub "${Stage} Stage"
RestApiId: !Ref FactServiceAPIGateway
DeploymentId: !Ref APIGatewayDeployment
Variables:
Stack: !Sub "${Stage}"
MethodSettings:
- ResourcePath: /fact
HttpMethod: GET
APIGatewayDeployment:
Type: "AWS::ApiGateway::Deployment"
DependsOn:
- "APIGatewayMethod"
- "APIGatewayResourcesFact"
Properties:
RestApiId: !Ref "FactServiceAPIGateway"
StageName: !Sub "${Stage}"
#Storage/DB
#Logs
lambdaLogGroup:
Type: "AWS::Logs::LogGroup"
DependsOn: APIGatewayServiceLambda
Properties:
LogGroupName: !Sub "/aws/lambda/${APIGatewayServiceLambda}"
RetentionInDays: 90
#Roles
LambdaExecutionRole:
Description: Creating service role in IAM for AWS Lambda
Type: AWS::IAM::Role
Properties:
RoleName: !Sub '${FactType}-service-lambda-role-${Stage}'
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: [lambda.amazonaws.com]
Action:
- sts:AssumeRole
Policies:
- PolicyDocument:
Statement:
- Action: ['cloudwatch:*', 'logs:*', 's3:GetObject', 'lambda:*']
Effect: Allow
Resource: '*'
Version: '2012-10-17'
PolicyName: lambdaExecutionPolicy
#Permissions
lambdaApiGatewayInvoke:
Type: "AWS::Lambda::Permission"
DependsOn:
- APIGatewayServiceLambda
- FactServiceAPIGateway
Properties:
Action: "lambda:InvokeFunction"
FunctionName: !GetAtt "APIGatewayServiceLambda.Arn"
Principal: "apigateway.amazonaws.com"
SourceArn: !Sub "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${FactServiceAPIGateway}/*/GET/*"
Outputs:
apiGatewayInvokeURL:
Value: !Sub "https://${FactServiceAPIGateway}.execute-api.${AWS::Region}.amazonaws.com/${Stage}"