Skip to content

Instantly share code, notes, and snippets.

@rwestergren
Created October 27, 2020 10:49
Show Gist options
  • Save rwestergren/7bf8c7f7ef5c10b93a6101c9fb8cd56b to your computer and use it in GitHub Desktop.
Save rwestergren/7bf8c7f7ef5c10b93a6101c9fb8cd56b to your computer and use it in GitHub Desktop.
Serverless Framework ALB Resource
resources:
Resources:
############
# ALB Resources
############
ALBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: "${self:service}-${self:provider.stage}-alb-sg"
VpcId: ${self:custom.${self:provider.stage}.alb.vpc}
ALBSecurityGroupIngress:
Type: AWS::EC2::SecurityGroupIngress
Properties:
GroupId: !GetAtt ALBSecurityGroup.GroupId
IpProtocol: tcp
FromPort: ${self:custom.${self:provider.stage}.alb.port}
ToPort: ${self:custom.${self:provider.stage}.alb.port}
CidrIp: ${self:custom.${self:provider.stage}.alb.ingress}
LambdaFunctionPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !GetAtt IncomingUnderscorewebhookLambdaFunction.Arn # Dynamic from function
Principal: elasticloadbalancing.amazonaws.com
ALBElasticLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Subnets: ${self:custom.${self:provider.stage}.alb.subnets}
Scheme: ${self:custom.${self:provider.stage}.alb.scheme}
SecurityGroups:
- !GetAtt ALBSecurityGroup.GroupId
DependsOn:
- ALBSecurityGroup
DNSRecord:
Type: AWS::Route53::RecordSet
Properties:
HostedZoneId: ${self:custom.${self:provider.stage}.alb.hostedZoneId}
Name: ${self:custom.${self:provider.stage}.alb.dnsName}
AliasTarget:
DNSName: !GetAtt ALBElasticLoadBalancer.DNSName
HostedZoneId: !GetAtt ALBElasticLoadBalancer.CanonicalHostedZoneID
Type: A
LoadBalancerListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
Certificates:
- CertificateArn: ${self:custom.${self:provider.stage}.alb.certArn}
DefaultActions:
- Type: fixed-response
FixedResponseConfig:
ContentType: "text/plain"
MessageBody: ""
StatusCode: "404"
LoadBalancerArn:
Ref: ALBElasticLoadBalancer
Port: ${self:custom.${self:provider.stage}.alb.port}
Protocol: ${self:custom.${self:provider.stage}.alb.protocol}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment