Skip to content

Instantly share code, notes, and snippets.

@velotiotech
Created January 12, 2022 09:29
Show Gist options
  • Save velotiotech/fb60ba275bd79500a1e9acf3b1ce733f to your computer and use it in GitHub Desktop.
Save velotiotech/fb60ba275bd79500a1e9acf3b1ce733f to your computer and use it in GitHub Desktop.
service: ssh-qrauth-server
frameworkVersion: '2 || 3'
useDotenv: true
provider:
name: aws
runtime: nodejs12.x
lambdaHashingVersion: 20201221
deploymentBucket:
name: ${env:DEPLOYMENT_BUCKET_NAME}
httpApi:
authorizers:
cognitoJWTAuth:
identitySource: $request.header.Authorization
issuerUrl: ${env:COGNITO_ISSUER}
audience:
- ${env:COGNITO_AUDIENCE}
region: ap-south-1
iam:
role:
statements:
- Effect: "Allow"
Action:
- "dynamodb:Query"
- "dynamodb:PutItem"
- "dynamodb:GetItem"
Resource:
- ${env:DYNAMO_DB_ARN}
- Effect: "Allow"
Action:
- "execute-api:Invoke"
- "execute-api:ManageConnections"
Resource:
- ${env:API_GATEWAY_WEBSOCKET_API_ARN}/*
environment:
REGION: ${env:REGION}
COGNITO_ISSUER: ${env:COGNITO_ISSUER}
DYNAMODB_TABLE: ${env:DYNAMODB_TABLE}
COGNITO_AUDIENCE: ${env:COGNITO_AUDIENCE}
POOLID: ${env:POOLID}
COGNITOIDP: ${env:COGNITOIDP}
WEBSOCKET_ENDPOINT: ${env:WEBSOCKET_ENDPOINT}
package:
patterns:
- '!node_modules/**'
- handler.js
- '!package.json'
- '!package-lock.json'
- '!.env'
- '!test.http'
plugins:
- serverless-deployment-bucket
- serverless-dotenv-plugin
layers:
qrauthLibs:
path: layer
compatibleRuntimes:
- nodejs12.x
functions:
sshauthqrcode:
handler: handler.authqrcode
memorySize: 256
timeout: 30
layers:
- {Ref: QrauthLibsLambdaLayer}
events:
- httpApi:
path: /v1/app/sshqrauth/qrauth
method: post
authorizer:
name: cognitoJWTAuth
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment