Created
August 25, 2021 13:12
-
-
Save joawan/825275f3b52d1bb2e0d0e3b967ebda96 to your computer and use it in GitHub Desktop.
AWS SAM for API Gateway to SQS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ApiGateway: | |
Type: AWS::Serverless::Api | |
Properties: | |
StageName: !Ref Stage | |
DefinitionBody: | |
swagger: "2.0" | |
info: | |
title: !Ref AWS::StackName | |
x-amazon-apigateway-request-validators: | |
body-only: | |
validateRequestBody: true | |
validateRequestParameters: false | |
params-only: | |
validateRequestBody: false | |
validateRequestParameters: true | |
x-amazon-apigateway-request-validator: body-only | |
securityDefinitions: | |
token-authorizer: | |
type: apiKey | |
name: Authorization | |
in: header | |
x-amazon-apigateway-authtype: oauth2 | |
x-amazon-apigateway-authorizer: | |
type: token | |
authorizerUri: !Join ["", [!Sub "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/", !GetAtt Authorizer.Arn, "/invocations" ]] | |
authorizerCredentials: !GetAtt ApiGatewayRole.Arn | |
identityValidationExpression: "Bearer [A-Za-z0-9_-]+.[A-Za-z0-9_-]+.[A-Za-z0-9_-]+" | |
authorizerResultTtlInSeconds: 300 | |
paths: | |
"/": | |
post: | |
consumes: | |
- "application/json" | |
produces: | |
- "application/json" | |
responses: | |
"200": | |
description: "200 response" | |
schema: | |
$ref: "#/definitions/Empty" | |
security: | |
- token-authorizer: [] | |
parameters: | |
- in: body | |
name: MailSendBody | |
required: true | |
schema: | |
$ref: "#/definitions/MailSendBody" | |
x-amazon-apigateway-request-validator: body-only | |
x-amazon-apigateway-integration: | |
credentials: !GetAtt ApiGatewayRole.Arn | |
uri: !Sub "arn:aws:apigateway:${AWS::Region}:sqs:path//" | |
responses: | |
default: | |
statusCode: "200" | |
requestParameters: | |
integration.request.header.Content-Type: "'application/x-www-form-urlencoded'" | |
requestTemplates: | |
application/json: !Sub "Action=SendMessage##\n&QueueUrl=$util.urlEncode('${ApiQueue}')##\n\ | |
&MessageBody=$util.urlEncode($input.body)##\n" | |
passthroughBehavior: "never" | |
httpMethod: "POST" | |
type: "aws" | |
definitions: | |
Empty: | |
type: object | |
title: Empty | |
MailSendBody: | |
title: MailSendBody | |
type: object | |
properties: | |
template: | |
type: string | |
locale: | |
type: string | |
userName: | |
type: string | |
userEmail: | |
type: string | |
required: | |
- template | |
- locale | |
- userName | |
- userEmail | |
ApiGatewayRole: | |
Type: AWS::IAM::Role | |
Properties: | |
Path: "/" | |
AssumeRolePolicyDocument: | |
Version: '2012-10-17' | |
Statement: | |
- Effect: Allow | |
Principal: | |
Service: | |
- apigateway.amazonaws.com | |
Action: sts:AssumeRole | |
ManagedPolicyArns: | |
- arn:aws:iam::aws:policy/service-role/AmazonAPIGatewayPushToCloudWatchLogs | |
Policies: | |
- PolicyName: ApiQueuePolicy | |
PolicyDocument: | |
Version: '2012-10-17' | |
Statement: | |
- Effect: Allow | |
Action: | |
- sqs:ReceiveMessage | |
- sqs:SendMessage | |
Resource: !GetAtt ApiQueue.Arn | |
- PolicyName: AuthorizerPolicy | |
PolicyDocument: | |
Version: '2012-10-17' | |
Statement: | |
- Effect: Allow | |
Action: | |
- lambda:InvokeFunction | |
Resource: !GetAtt Authorizer.Arn | |
ApiQueue: | |
Type: AWS::SQS::Queue | |
Properties: | |
QueueName: 'sam-pigeon-mail' | |
RedrivePolicy: | |
deadLetterTargetArn: !GetAtt ApiQueueDLQ.Arn | |
maxReceiveCount: 10 | |
ApiQueueDLQ: | |
Type: AWS::SQS::Queue | |
Properties: | |
QueueName: 'sam-pigeon-mail-dlq' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment