Using CodePipeline to automate serverless applications deployment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const express = require('express') | |
| const app = express() | |
| const port = 3000 | |
| const awsServerlessExpress = require('aws-serverless-express') | |
| const server = awsServerlessExpress.createServer(app) | |
| app.get('/', (request, response) => { | |
| response.send('Hello Medium universe!'); | |
| }); | |
| app.listen(port, (err) => { | |
| if (err) { | |
| return console.log(err) | |
| } | |
| console.log('Server is listening on ${port}.') | |
| }); | |
| exports.handler = (event, context) => { awsServerlessExpress.proxy(server, event, context) }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: 0.2 | |
| phases: | |
| install: | |
| runtime-versions: | |
| nodejs: 10 | |
| commands: | |
| - echo Installing NPM dependencies... | |
| - npm install | |
| post_build: | |
| commands: | |
| - echo Build completed on `date` | |
| artifacts: | |
| files: | |
| - '**/*' | |
| discard-paths: no | |
| name: app-$(date +%Y-%m-%d) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Statement": [ | |
| { | |
| "Action": [ | |
| "apigateway:*", | |
| "codedeploy:*", | |
| "lambda:*", | |
| "cloudformation:CreateChangeSet", | |
| "iam:GetRole", | |
| "iam:CreateRole", | |
| "iam:DeleteRole", | |
| "iam:PutRolePolicy", | |
| "iam:AttachRolePolicy", | |
| "iam:DeleteRolePolicy", | |
| "iam:DetachRolePolicy", | |
| "iam:PassRole", | |
| "s3:GetObjectVersion", | |
| "s3:GetBucketVersioning" | |
| ], | |
| "Resource": "*", | |
| "Effect": "Allow" | |
| } | |
| ], | |
| "Version": "2012-10-17" | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: The backend serverless deployment | |
| Parameters: | |
| ProjectName: | |
| Default: medium-demo | |
| Type: String | |
| BuildBucketName: | |
| Type: String | |
| BuildObjectKey: | |
| Type: String | |
| Resources: | |
| # Api Gateway - responsible for exposing the lambda function as RESTful API to the Internet | |
| ApiGatewayApi: | |
| Type: AWS::Serverless::Api | |
| Properties: | |
| StageName: live | |
| DefinitionBody: | |
| swagger: 2.0 | |
| info: | |
| title: !Ref ProjectName | |
| schemes: | |
| - https | |
| paths: | |
| /: | |
| x-amazon-apigateway-any-method: | |
| produces: | |
| - application/json | |
| responses: | |
| '200': | |
| description: 200 response | |
| schema: | |
| $ref: "#/definitions/Empty" | |
| x-amazon-apigateway-integration: | |
| responses: | |
| default: | |
| statusCode: 200 | |
| uri: | |
| Fn::Sub: "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdafunction.Arn}/invocations" | |
| passthroughBehavior: when_no_match | |
| httpMethod: POST | |
| type: aws_proxy | |
| options: | |
| consumes: | |
| - application/json | |
| produces: | |
| - application/json | |
| responses: | |
| '200': | |
| description: 200 response | |
| schema: | |
| $ref: "#/definitions/Empty" | |
| headers: | |
| Access-Control-Allow-Origin: | |
| type: string | |
| Access-Control-Allow-Methods: | |
| type: string | |
| Access-Control-Allow-Headers: | |
| type: string | |
| x-amazon-apigateway-integration: | |
| contentHandling: CONVERT_TO_TEXT | |
| responses: | |
| default: | |
| statusCode: 200 | |
| responseParameters: | |
| method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'" | |
| method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'" | |
| method.response.header.Access-Control-Allow-Origin: "'*'" | |
| passthroughBehavior: when_no_match | |
| requestTemplates: | |
| application/json: "{\"statusCode\": 200}" | |
| type: mock | |
| /{proxy+}: | |
| x-amazon-apigateway-any-method: | |
| produces: | |
| - application/json | |
| parameters: | |
| - name: proxy | |
| in: path | |
| required: true | |
| type: string | |
| responses: {} | |
| x-amazon-apigateway-integration: | |
| uri: | |
| Fn::Sub: "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdafunction.Arn}/invocations" | |
| httpMethod: POST | |
| type: aws_proxy | |
| options: | |
| consumes: | |
| - application/json | |
| produces: | |
| - application/json | |
| responses: | |
| '200': | |
| description: 200 response | |
| schema: | |
| $ref: "#/definitions/Empty" | |
| headers: | |
| Access-Control-Allow-Origin: | |
| type: string | |
| Access-Control-Allow-Methods: | |
| type: string | |
| Access-Control-Allow-Headers: | |
| type: string | |
| x-amazon-apigateway-integration: | |
| contentHandling: CONVERT_TO_TEXT | |
| responses: | |
| default: | |
| statusCode: 200 | |
| responseParameters: | |
| method.response.header.Access-Control-Allow-Methods: "'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT'" | |
| method.response.header.Access-Control-Allow-Headers: "'Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token'" | |
| method.response.header.Access-Control-Allow-Origin: "'*'" | |
| passthroughBehavior: when_no_match | |
| requestTemplates: | |
| application/json: "{\"statusCode\": 200}" | |
| type: mock | |
| x-amazon-apigateway-binary-media-types: | |
| - "*/*" | |
| # Lambda function - responsible for invoking your application server | |
| lambdafunction: | |
| Type: AWS::Serverless::Function | |
| Properties: | |
| AutoPublishAlias: live | |
| Role: !GetAtt lambdarole.Arn | |
| CodeUri: | |
| Bucket: | |
| Ref: BuildBucketName | |
| Key: | |
| Ref: BuildObjectKey | |
| DeploymentPreference: | |
| Role: !GetAtt DeployRole.Arn | |
| Type: AllAtOnce | |
| FunctionName: 'lambda-function' | |
| Timeout: 30 | |
| Handler: app.handler | |
| Runtime: nodejs8.10 | |
| lambdarole: | |
| Type: AWS::IAM::Role | |
| Properties: | |
| AssumeRolePolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: | |
| - Effect: Allow | |
| Principal: | |
| Service: | |
| - lambda.amazonaws.com | |
| Action: | |
| - sts:AssumeRole | |
| ManagedPolicyArns: | |
| - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" | |
| Policies: | |
| - PolicyName: BasicLambda | |
| PolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: # Any permission you need inside the Lambda show be here | |
| - Effect: Allow | |
| Action: | |
| - ec2:DescribeNetworkInterfaces | |
| - ec2:CreateNetworkInterface | |
| - ec2:DeleteNetworkInterface | |
| Resource: "*" | |
| LambdaApiGatewayExecutionPermission: | |
| Type: AWS::Lambda::Permission | |
| Properties: | |
| Action: lambda:InvokeFunction | |
| FunctionName: !GetAtt lambdafunction.Arn | |
| Principal: apigateway.amazonaws.com | |
| SourceArn: !Join | |
| - '' | |
| - - 'arn:aws:execute-api:' | |
| - !Ref AWS::Region | |
| - ":" | |
| - !Ref AWS::AccountId | |
| - ":" | |
| - !Ref ApiGatewayApi | |
| - "/*/*" | |
| DeployRole: | |
| Type: AWS::IAM::Role | |
| Properties: | |
| RoleName: !Sub "${ProjectName}-DeployRole" | |
| AssumeRolePolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: | |
| - Effect: Allow | |
| Principal: | |
| Service: | |
| - lambda.amazonaws.com | |
| - codedeploy.amazonaws.com | |
| Action: | |
| - sts:AssumeRole | |
| ManagedPolicyArns: | |
| - "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda" | |
| Policies: | |
| - PolicyName: IAM | |
| PolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: | |
| - Effect: Allow | |
| Action: | |
| - iam:GetRole | |
| Resource: "*" | |
| - PolicyName: Lambda | |
| PolicyDocument: | |
| Version: "2012-10-17" | |
| Statement: | |
| - Effect: Allow | |
| Action: | |
| - lambda:CreateFunction | |
| - lambda:UpdateEventSourceMapping | |
| - lambda:ListFunctions | |
| - lambda:GetEventSourceMapping | |
| - lambda:ListEventSourceMappings | |
| - lambda:GetAccountSettings | |
| - lambda:CreateEventSourceMapping | |
| - lambda:DeleteEventSourceMapping | |
| Resource: "*" | |
| Outputs: | |
| ApiUrl: | |
| Description: Invoke API URL. | |
| Value: !Join | |
| - '' | |
| - - https:// | |
| - !Ref ApiGatewayApi | |
| - ".execute-api." | |
| - !Ref AWS::Region | |
| - ".amazonaws.com/live/" | |
| Transform: AWS::Serverless-2016-10-31 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment