Skip to content

Instantly share code, notes, and snippets.

@ansara

ansara/serverless.yml

Last active June 2, 2021 19:07
Show Gist options
  • Save ansara/7b914229edeed4ffb076e012f15288e9 to your computer and use it in GitHub Desktop.
Save ansara/7b914229edeed4ffb076e012f15288e9 to your computer and use it in GitHub Desktop.
Download ZIP
Serverless AWS config with parameterized naming for staged deployment
Raw
serverless.yml
# Serverless Framework Version: 2.17.0
app: my-application
org: my-organization
service: my-service
useDotenv: true
plugins:
- serverless-python-requirements
- serverless-dotenv-plugin
- serverless-hooks-plugin
- serverless-plugin-optimize
- serverless-plugin-include-dependencies
- serverless-plugin-common-excludes
custom:
includeDependencies:
enableCaching: true
hooks:
after:deploy:finalize:
- curl --request POST --url ${env:REQUEST_URL}
pythonRequirements:
dockerizePip: non-linux
slim: true
usePoetry: false
provider:
name: aws
profile: ${env:AWS_PROFILE}
runtime: python3.8
stage: ${opt:stage, 'dev'}
memorySize: 128
region: us-east-2
endpointType: REGIONAL
versionFunctions: false
apiGateway:
shouldStartNameWithService: true
stackName: ${self:app}-stack
deploymentBucket:
name: ${self:app}.deployment-bucket-${self:provider.stage}
blockPublicAccess: true
iamRoleStatements:
- Effect: Allow
Action:
- s3:getObject
- s3:putObject
Resource:
- arn:aws:s3:::${self:app}/*
- arn:aws:s3:::${self:app}
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}/*
package:
excludeDevDependencies: false
individually: true
functions:
foo:
module: functions/foo
handler: handler.webhook
events:
- http:
path: ${self:service}/foo
method: POST
integration: lambda
request:
parameters:
headers:
Auth-Signature:
required: true
bar:
module: functions/bar
handler: handler.webhook
events:
- http:
path: ${self:service}/bar
method: POST
integration: lambda
resources:
Resources:
FooBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Delete
Properties:
BucketName: ${self:app}.foo-bucket-${self:provider.stage}
AccessControl: Private
FooBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: FooBucket
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
AWS: ${env:AWS_USER_ARN}
Action:
- s3:getObject
- s3:putObject
Resource:
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}
- arn:aws:s3:::${self:app}.foo-bucket-${self:provider.stage}/*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment