services/serverless.yaml
service: 'website-honestly-${env:ENVIRONMENT_NAME}'
custom:
bucket_name: '${env:BUCKET_NAME}'
package:
artifact: ../dist/services.zip
provider:
name: aws
stage: dev
region: eu-west-1
runtime: nodejs12.x
iamRoleStatements:
- Effect: 'Allow'
Action:
- 's3:ListBucket'
- 's3:PutObject'
- 'iam:DeleteRolePolicy'
Resource:
- 'arn:aws:s3:::${self:custom.bucket_name}'
- 'arn:aws:s3:::${self:custom.bucket_name}/*'
functions:
publish:
handler: index.publish
timeout: 60
memorySize: 2048
events:
- http:
path: publish
method: post
cors: true
# Invoke publish function every hour, on the hour, to keep content fresh
- schedule: cron(0 * * * ? *)
resources:
Resources:
SiteContentBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: '${self:custom.bucket_name}'
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: 404/index.html
SiteContentBucketPolicy:
Type: 'AWS::S3::BucketPolicy'
DependsOn: 'SiteContentBucket'
Properties:
Bucket: '${self:custom.bucket_name}'
PolicyDocument:
Statement:
- Effect: Allow
Principal: '*'
Action:
- 's3:GetObject'
Resource:
- 'arn:aws:s3:::${self:custom.bucket_name}/*'
ErrorSNSTopic:
Type: AWS::SNS::Topic
Properties:
Subscription:
- Endpoint: '${env:LAMBDA_ERROR_REPORT_EMAIL}'
Protocol: email