forked from mikaelvesavuori/better-apis-workshop
-
Notifications
You must be signed in to change notification settings - Fork 0
/
serverless.yml
131 lines (125 loc) · 3.65 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
service: better-apis-demo
provider:
name: aws
runtime: nodejs18.x
stage: ${opt:stage, 'shared'}
region: eu-north-1
memorySize: 1024
timeout: 10
logRetentionInDays: 7
versionFunctions: true
deploymentBucket:
blockPublicAccess: true
maxPreviousDeploymentArtifacts: 5
serverSideEncryption: AES256
stackTags:
Usage: ${self:service}
tags:
Usage: ${self:service}
apiGateway:
minimumCompressionSize: 1024
tracing:
apiGateway: true
lambda: true
iamRoleStatements:
- Effect: Allow
Action:
- xray:PutTelemetryRecords
- xray:PutTraceSegments
- codedeploy:*
Resource:
- "*"
useDotenv: false
environment:
TOGGLES_URL: "https://www.mockachino.com/650dde1b-d1b5-48/toggles" # TODO: EDIT THIS TO YOUR ENDPOINT
#LIBHONEY_DATASET: better-apis-workshop
#LIBHONEY_API_KEY: some-random-key-123
plugins:
- serverless-webpack
- serverless-offline
- serverless-plugin-aws-alerts
- serverless-plugin-canary-deployments
package:
individually: true
patterns:
- node_modules/aws-sdk/**
- node_modules/aws-lambda/**
custom:
alerts:
dashboards: true
webpack:
webpackConfig: 'webpack.config.js'
includeModules: true
packager: 'npm'
excludeFiles: src/**/*.test.js
functions:
Authorizer:
handler: src/FeatureToggles/controllers/AuthController.handler
description: ${self:service} authorizer
FakeUser:
handler: src/FakeUser/controllers/FakeUserController.handler
description: Fake user
events:
- http:
method: GET
path: /fakeUser
authorizer:
name: Authorizer
resultTtlInSeconds: 30 # See: https://forum.serverless.com/t/api-gateway-custom-authorizer-caching-problems/4695
identitySource: method.request.header.Authorization
type: request
alarms:
- name: CanaryCheck
namespace: 'AWS/Lambda'
metric: Errors
threshold: 3
statistic: Sum
period: 60
evaluationPeriods: 1
comparisonOperator: GreaterThanOrEqualToThreshold
deploymentSettings:
type: AllAtOnce #Canary10Percent5Minutes
alias: Live
alarms:
- FakeUserCanaryCheckAlarm
FeatureToggles:
handler: src/FeatureToggles/controllers/FeatureTogglesController.handler
description: Feature toggles
events:
- http:
method: POST
path: /featureToggles
request:
schema:
application/json: ${file(api/FeatureToggles.validator.json)}
resources:
Resources:
GatewayResponseDefault4XX:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseType: DEFAULT_4XX
RestApiId:
Ref: 'ApiGatewayRestApi'
AuthFailureExpiredGatewayResponse:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseType: EXPIRED_TOKEN
RestApiId:
Ref: 'ApiGatewayRestApi'
StatusCode: '401'
AuthFailureUnauthorizedGatewayResponse:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseType: UNAUTHORIZED
RestApiId:
Ref: 'ApiGatewayRestApi'
StatusCode: '401'