-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathlambda.yaml
177 lines (173 loc) · 5.73 KB
/
lambda.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::Serverless-2016-10-31'
Description: 'Creates the AWS resources required to run the application.'
Parameters:
StageName:
Description: 'The stage name used in the API Gateway'
Type: String
Default: 'api'
ImageUri:
Description: 'The path to the docker image to use.'
Type: String
Default: ''
MemorySize:
Description: 'The amount of memory to give to the lambda function.'
Type: Number
Default: 4096
ApiTimeout:
Description: 'The timeout for realtime API requests. This is limited by the API Gateway integration timeouts.'
Type: Number
Default: 29
ConcurrentExecutions:
Description: 'The number of concurrent executions allowed for the response handler.'
Type: Number
Default: 1
Resources:
DefaultRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Sid: ''
Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: 'sts:AssumeRole'
Policies:
- PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource: 'arn:aws:logs:*:*:*'
- Effect: Allow
Action:
- 'ec2:CreateNetworkInterface'
- 'ec2:DescribeNetworkInterfaces'
- 'ec2:DetachNetworkInterface'
- 'ec2:DeleteNetworkInterface'
Resource: '*'
PolicyName: DefaultRolePolicy
ApiHandler:
Type: 'AWS::Serverless::Function'
Properties:
PackageType: Image
ImageUri: !Ref ImageUri
MemorySize: !Ref MemorySize
Timeout: !Ref ApiTimeout
ReservedConcurrentExecutions: !Ref ConcurrentExecutions
Role: !GetAtt
- DefaultRole
- Arn
RestApi:
Type: 'AWS::Serverless::Api'
Properties:
StageName: !Ref StageName
DefinitionBody:
swagger: '2.0'
info:
version: '1.0'
title: RestApi
schemes:
- https
paths:
'/{proxy+}':
x-amazon-apigateway-any-method:
consumes:
- application/json
produces:
- application/json
parameters:
- name: "proxy"
in: "path"
required: true
type: "string"
responses:
'200':
description: 200 response
schema:
$ref: '#/definitions/Empty'
x-amazon-apigateway-integration:
responses:
default:
statusCode: '200'
uri: !Sub >-
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${ApiHandler.Arn}/invocations
requestParameters:
integration.request.header.Accept-Encoding: "'identity'"
integration.request.path.proxy: "method.request.path.proxy"
passthroughBehavior: when_no_match
httpMethod: 'ANY'
type: aws_proxy
summary: Please refer to the specification below.
description: ''
options:
consumes:
- application/json
produces:
- application/json
responses:
'200':
description: 200 response
schema:
$ref: '#/definitions/Empty'
headers:
Access-Control-Allow-Methods:
type: string
Access-Control-Allow-Origin:
type: string
Access-Control-Allow-Headers:
type: string
x-amazon-apigateway-integration:
responses:
default:
statusCode: '200'
responseParameters:
method.response.header.Access-Control-Allow-Methods: '''POST,GET,PUT,OPTIONS'''
method.response.header.Access-Control-Allow-Origin: '''*'''
method.response.header.Access-Control-Allow-Headers: >-
'Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key'
requestTemplates:
application/json: '{"statusCode": 200}'
passthroughBehavior: when_no_match
type: mock
definitions:
Empty:
type: object
title: Empty Schema
ApiHandlerInvokePermission:
Type: 'AWS::Lambda::Permission'
Properties:
FunctionName: !Ref ApiHandler
Action: 'lambda:InvokeFunction'
Principal: apigateway.amazonaws.com
SourceArn: !Sub
- 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${RestAPIId}/*'
- RestAPIId: !Ref RestApi
Outputs:
StackName:
Description: 'Stack name.'
Value: !Sub '${AWS::StackName}'
ApiId:
Value: !Ref RestApi
Export:
Name: !Sub '${AWS::StackName}-ApiId'
ApiHandlerName:
Value: !Ref ApiHandler
Export:
Name: !Sub '${AWS::StackName}-ApiHandlerName'
ApiHandlerArn:
Value: !GetAtt
- ApiHandler
- Arn
Export:
Name: !Sub '${AWS::StackName}-ApiHandlerArn'
ApiEndpointUrl:
Description: 'The endpoint that clients to use to access the API.'
Value: !Sub 'https://${RestApi}.execute-api.${AWS::Region}.amazonaws.com/${StageName}'
Export:
Name: !Sub '${AWS::StackName}-ApiEndpointUrl'