Last active
June 2, 2021 19:07
-
-
Save ansara/7b914229edeed4ffb076e012f15288e9 to your computer and use it in GitHub Desktop.
Serverless AWS config with parameterized naming for staged deployment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Serverless Framework Version: 2.17.0 | |
app: my-application | |
org: my-organization | |
service: my-service | |
useDotenv: true | |
plugins: | |
- serverless-python-requirements | |
- serverless-dotenv-plugin | |
- serverless-hooks-plugin | |
- serverless-plugin-optimize | |
- serverless-plugin-include-dependencies | |
- serverless-plugin-common-excludes | |
custom: | |
includeDependencies: | |
enableCaching: true | |
hooks: | |
after:deploy:finalize: | |
- curl --request POST --url ${env:REQUEST_URL} | |
pythonRequirements: | |
dockerizePip: non-linux | |
slim: true | |
usePoetry: false | |
provider: | |
name: aws | |
profile: ${env:AWS_PROFILE} | |
runtime: python3.8 | |
stage: ${opt:stage, 'dev'} | |
memorySize: 128 | |
region: us-east-2 | |
endpointType: REGIONAL | |
versionFunctions: false | |
apiGateway: | |
shouldStartNameWithService: true | |
stackName: ${self:app}-stack | |
deploymentBucket: | |
name: ${self:app}.deployment-bucket-${self:provider.stage} | |
blockPublicAccess: true | |
iamRoleStatements: | |
- Effect: Allow | |
Action: | |
- s3:getObject | |
- s3:putObject | |
Resource: | |
- arn:aws:s3:::${self:app}/* | |
- arn:aws:s3:::${self:app} | |
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage} | |
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}/* | |
package: | |
excludeDevDependencies: false | |
individually: true | |
functions: | |
foo: | |
module: functions/foo | |
handler: handler.webhook | |
events: | |
- http: | |
path: ${self:service}/foo | |
method: POST | |
integration: lambda | |
request: | |
parameters: | |
headers: | |
Auth-Signature: | |
required: true | |
bar: | |
module: functions/bar | |
handler: handler.webhook | |
events: | |
- http: | |
path: ${self:service}/bar | |
method: POST | |
integration: lambda | |
resources: | |
Resources: | |
FooBucket: | |
Type: AWS::S3::Bucket | |
DeletionPolicy: Delete | |
Properties: | |
BucketName: ${self:app}.foo-bucket-${self:provider.stage} | |
AccessControl: Private | |
FooBucketPolicy: | |
Type: AWS::S3::BucketPolicy | |
Properties: | |
Bucket: | |
Ref: FooBucket | |
PolicyDocument: | |
Version: '2012-10-17' | |
Statement: | |
- Effect: Allow | |
Principal: | |
AWS: ${env:AWS_USER_ARN} | |
Action: | |
- s3:getObject | |
- s3:putObject | |
Resource: | |
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage} | |
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}/* |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment