-
Notifications
You must be signed in to change notification settings - Fork 0
/
serverless.yml
158 lines (143 loc) · 4.01 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
service:
name: branch-api
app: branch
org: nicholaspretorius
package:
individually: true
custom:
webpack:
webpackConfig: ./webpack.config.js
includeModules: true
profiles:
dev: franchisely
# prod: prod
# dynamodb:
# stages:
# - ${self:provider.stage}
# start:
# port: 8002
# inMemory: true
# migrate: true
plugins:
- serverless-webpack
- serverless-offline
- serverless-iam-roles-per-function
- serverless-dotenv-plugin
- serverless-plugin-tracing
provider:
name: aws
runtime: nodejs12.x
stage: ${opt:stage, 'dev'}
region: ${opt:region, 'eu-west-1'}
profile: ${self:custom.profiles.${self:provider.stage}}
apiGateway:
minimumCompressionSize: 1024 # Enable gzip compression for responses > 1 KB
environment:
AWS_NODEJS_CONNECTION_REUSE_ENABLED: 1
ENTITIES_TABLE: ncp-branches-entities-${self:provider.stage}
ENTITIES_UPLOADS_S3_BUCKET: ncp-branches-entities-uploads-bucket-${self:provider.stage}
SIGNED_URL_EXPIRATION: 300 # seconds = 5 mins
STRIPE_SECRET_KEY: ${env:STRIPE_SECRET_KEY}
tracing:
lambda: true
apiGateway: true
iamRoleStatements:
- Effect: "Allow"
Action:
- "xray:PutTraceSegments"
- "xray:PutTelemetryRecords"
Resource:
- "*"
functions:
ping:
handler: src/lambda/http/ping.main
events:
- http:
method: get
path: ping
getList:
handler: src/lambda/http/entities/getList.main
events:
- http:
method: get
path: entities
cors: true
authorizer: aws_iam
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:GetItem
- dynamodb:Query
Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.ENTITIES_TABLE}
get:
handler: src/lambda/http/entities/get.main
events:
- http:
method: get
path: entities/{entityId}
cors: true
authorizer: aws_iam
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:GetItem
Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.ENTITIES_TABLE}
entityCreate:
handler: src/lambda/http/entities/create.main
events:
- http:
method: post
path: entities
cors: true
authorizer: aws_iam
request:
schema:
application/json: ${file(src/models/requests/create.json)}
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:PutItem
Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.ENTITIES_TABLE}
delete:
handler: src/lambda/http/entities/delete.main
events:
- http:
method: delete
path: entities/{entityId}
cors: true
authorizer: aws_iam
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:DeleteItem
Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.ENTITIES_TABLE}
update:
handler: src/lambda/http/entities/update.main
events:
- http:
method: put
path: entities/{entityId}
cors: true
authorizer: aws_iam
request:
schema:
application/json: ${file(src/models/requests/update.json)}
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:UpdateItem
Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.ENTITIES_TABLE}
billing:
handler: src/lambda/http/billing.main
events:
- http:
method: post
path: billing
cors: true
authorizer: aws_iam
resources:
- ${file(resources/api-gateway-errors.yml)}
- ${file(resources/entities-dynamodb-table.yml)}
- ${file(resources/entities-uploads-s3-bucket.yml)}
- ${file(resources/cognito-user-pool.yml)}
- ${file(resources/cognito-identity-pool.yml)}