-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserverless.yml
89 lines (80 loc) · 2.25 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
service: auth-service
provider:
name: aws
runtime: nodejs10.x
# These environment variables are made available to our functions
# under process.env.
environment:
tableName: ${self:custom.tableName}
SCHEMA_VERSION: 67
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:DescribeTable
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
# Restrict our IAM role permissions to
# the specific table for the stage
Resource:
- arn:aws:dynamodb:*:*:table/${self:custom.tableName}
- arn:aws:dynamodb:*:*:table/${self:custom.tableName}/index/*
plugins:
- serverless-offline
- serverless-plugin-warmup
- serverless-dynamodb-local
- serverless-pseudo-parameters
- serverless-ignore
custom:
dynamodb:
start:
port: 8000
inMemory: true
migrate: true
migration:
dir: offline/migrations
# Our stage is based on what is passed in when running serverless
# commands. Or fallback to what we have set in the provider section.
stage: ${opt:stage, self:provider.stage}
# Set the table name here so we can use it while testing locally
tableName: users-${self:custom.stage}
functions:
importBackup:
handler: src/api/users.importBackup
events:
- http:
path: backup/import
method: post
integration: lambda
authorizer:
arn: arn:aws:cognito-idp:us-east-1:547936294553:userpool/us-east-1_iGdb8rWlM
cors:
origins:
- '*'
headers:
- Content-Type
- Authorization
exportBackup:
handler: src/api/users.exportBackup
events:
- http:
path: backup/export
method: get
integration: lambda
authorizer:
arn: arn:aws:cognito-idp:us-east-1:547936294553:userpool/us-east-1_iGdb8rWlM
cors:
origins:
- '*'
headers:
- Content-Type
- Authorization
resources:
# DynamoDB
- ${file(resources/dynamo-table.yml)}
# Cognito
- ${file(resources/cognito-user-pool.yml)}
- ${file(resources/cognito-identity-pool.yml)}