This repository has been archived by the owner on Aug 31, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathserverless-api.yml
128 lines (122 loc) · 3.69 KB
/
serverless-api.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
service: listing
frameworkVersion: '>=1.28.0 <2.0.0'
provider:
name: aws
runtime: go1.x
stage: ${opt:stage, 'dev'}
region: ${opt:region, 'us-east-1'}
logRetentionInDays: ${self:custom.logRetentionInDays.${self:provider.stage}, 7}
logs:
restApi: ${self:custom.apiGatewayLogs.${self:provider.stage}}
memorySize: 128
usagePlan:
throttle:
burstLimit: 10
rateLimit: 2
plugins:
- serverless-iam-roles-per-function
- serverless-domain-manager
package:
individually: true
exclude:
- ./**
functions:
# "main" entry point into this application responsible for
# collecting subscribers, storing them in the table and sending
# confirmation emails to them
handler:
handler: bin/listing
package:
include:
- ./bin/listing
events:
- http:
path: subscribe
method: POST
cors: true
- http:
path: unsubscribe
method: GET
cors: true
- http:
path: confirm
method: GET
cors: true
iamRoleStatements:
- Effect: Allow
Action:
- "dynamodb:DescribeTable"
- "dynamodb:Query"
- "dynamodb:Scan"
- "dynamodb:GetItem"
- "dynamodb:PutItem"
- "dynamodb:UpdateItem"
- "dynamodb:DeleteItem"
- "dynamodb:BatchWriteItem"
Resource:
- { 'Fn::ImportValue': '${self:provider.stage}-ListingSubscriptionsTableArn' }
- Effect: Allow
Action:
- "ses:SendEmail"
- "ses:SendRawEmail"
Resource: "arn:aws:ses:${self:provider.region}:*:identity/*"
- Effect: Allow
Action:
- "dynamodb:DescribeTable"
- "dynamodb:Query"
- "dynamodb:Scan"
- "dynamodb:GetItem"
Resource:
- { 'Fn::ImportValue': '${self:provider.stage}-ListingNotificationsTableArn' }
environment:
CONFIRM_URL: ${self:custom.secrets.confirmUrl}
EMAIL_FROM: ${self:custom.secrets.emailFrom}
TOKEN_SECRET: ${self:custom.secrets.tokenSecret}
SUBSCRIBE_REDIRECT_URL: ${self:custom.secrets.subscribeRedirectUrl}
CONFIRM_REDIRECT_URL: ${self:custom.secrets.confirmRedirectUrl}
UNSUBSCRIBE_REDIRECT_URL: ${self:custom.secrets.unsubscribeRedirectUrl}
SUBSCRIBERS_TABLE: ${self:custom.subscribersTableName}
NOTIFICATIONS_TABLE: ${self:custom.snsTableName}
SUPPORTED_NEWSLETTERS: ${self:custom.secrets.supportedNewsletters}
# lambda used to handle bounce and complaint notifications from SES
sesnotify:
handler: bin/sesnotify
package:
include:
- ./bin/sesnotify
events:
- sns:
topicName: ${self:custom.snsTopicName}
arn: { 'Fn::ImportValue': '${self:provider.stage}-ListingNotificationsTopicArn' }
environment:
NOTIFICATIONS_TABLE: ${self:custom.snsTableName}
iamRoleStatements:
- Effect: Allow
Action:
- "dynamodb:DescribeTable"
- "dynamodb:PutItem"
Resource:
- { 'Fn::ImportValue': '${self:provider.stage}-ListingNotificationsTableArn' }
custom:
secrets: ${file(secrets.json)}
subscribersTableName: ${self:provider.stage}-listing-subscribers
snsTableName: ${self:provider.stage}-listing-sesnotify
snsTopicName: ${self:provider.stage}-listing-ses-notifications
apiGatewayLogs:
dev: true
prod: true
stages:
- local
- dev
domains:
prod: ${self:custom.secrets.prodDomain}
dev: ${self:custom.secrets.devDomain}
customDomain:
basePath: ''
domainName: ${self:custom.domains.${self:provider.stage}}
stage: ${self:provider.stage}
createRoute53Record: false
endpointType: edge
logRetentionInDays:
prod: 14
dev: 7