nodejs/api/serverless.example.yml
service: syonet-api
provider:
name: aws
runtime: nodejs14.x
memorySize: 128
region: us-east-1
profile: default
stage: ${opt:stage, 'development'}
logRetentionInDays: 7
vpc:
securityGroupIds:
- sg-xxxxxxxxx
subnetIds:
- subnet-xxxxxxxx
iamRoleStatements:
- Effect: "Allow"
Action:
- "ec2:CreateNetworkInterface"
- "ec2:DescribeNetworkInterfaces"
- "ec2:DeleteNetworkInterface"
Resource:
- "*"
- Effect: "Allow"
Action:
- "secretsmanager:GetSecretValue"
- "secretsmanager:PutResourcePolicy"
- "secretsmanager:PutSecretValue"
- "secretsmanager:DeleteSecret"
- "secretsmanager:DescribeSecret"
- "secretsmanager:TagResource"
Resource: "arn:aws:secretsmanager:us-east-1:xxxxxxxxxxxxxxx:secret:xxxxxxxxxxxxxx"
- Effect: "Allow"
Action:
- "dbqms:CreateFavoriteQuery"
- "dbqms:DescribeFavoriteQueries"
- "dbqms:UpdateFavoriteQuery"
- "dbqms:DeleteFavoriteQueries"
- "dbqms:GetQueryString"
- "dbqms:CreateQueryHistory"
- "dbqms:DescribeQueryHistory"
- "dbqms:UpdateQueryHistory"
- "dbqms:DeleteQueryHistory"
- "rds-data:ExecuteSql"
- "rds-data:ExecuteStatement"
- "rds-data:BatchExecuteStatement"
- "rds-data:BeginTransaction"
- "rds-data:CommitTransaction"
- "rds-data:RollbackTransaction"
- "secretsmanager:CreateSecret"
- "secretsmanager:ListSecrets"
- "secretsmanager:GetRandomPassword"
- "tag:GetResources"
Resource: "arn:aws:rds:us-east-1:XXXXXXXXXXXX:cluster:XXXXXXXXXXXX"
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource:
- "*"
functions:
express:
handler: src/lambda.expressHandler
timeout: 900
events:
- http: ANY /
- http: "ANY {proxy+}"
apollo:
handler: src/lambda.apolloHandler
timeout: 900
events:
- http:
path: graphql
method: post
cors: true
- http:
path: graphql
method: get
cors: true
plugins:
- serverless-offline
- serverless-domain-manager
- serverless-webpack
- serverless-dotenv-plugin
custom:
customDomain:
domainName: api.syonet.work
certificateName: "*.syonet.work"
hostsZoneId: XXXXXXXXXXXXXXXXXXXXX
certificateArn: arn:aws:acm:us-east-1:XXXXXXXXXXX:certificate/xxxxxx-xxxxxx-xxxxxx
createRoute53Record: true
stage: ${self:provider.stage}
endpointType: edge
basePath: ""
dotenv:
path: ../../.env.${self:provider.stage}
webpack:
webpackConfig: "webpack.serverless.config.js"
includeModules:
packagePath: package.json
forceInclude:
- typeorm-aurora-data-api-driver
serverless-offline:
useChildProcesses: true
allowCache: true