-
Notifications
You must be signed in to change notification settings - Fork 5
/
serverless.yml
79 lines (70 loc) · 2.28 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
service: awesome-g0v-projects
frameworkVersion: '>=1.0.0 <2.0.0'
provider:
name: aws
runtime: nodejs16.x
stage: ${opt:stage, 'dev'}
region: ${opt:region, 'us-east-1'}
profile: ${opt:profile}
product: awesome-g0v-projects
environment:
SECRET_NAME: ${self:provider.product}/${self:provider.stage}/secret
S3_BUCKET_DATA: ${self:provider.product}-${self:provider.stage}-data
S3_BUCKET_WEB: ${self:provider.product}-${self:provider.stage}-website
CSV_URL_ORGS: https://raw.githubusercontent.com/chunyenHuang/awesome-g0v-projects/master/data/organizations.csv
CSV_URL: https://raw.githubusercontent.com/chunyenHuang/awesome-g0v-projects/master/data
package:
individually: true
plugins:
- serverless-webpack
- serverless-s3-sync
- serverless-iam-roles-per-function
- serverless-pseudo-parameters
functions:
process:
handler: functions/process/index.handler
timeout: 300
events:
- schedule:
rate: rate(12 hours)
iamRoleStatementsName: ${self:provider.product}-process
iamRoleStatements:
- Effect: Allow
Action: s3:*
Resource: arn:aws:s3:::${self:provider.environment.S3_BUCKET_DATA}/*
- Effect: Allow
Action: secretsmanager:*
Resource: arn:aws:secretsmanager:${self:provider.region}:#{AWS::AccountId}:secret:${self:provider.environment.SECRET_NAME}-*
resources:
Resources:
DataBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:provider.environment.S3_BUCKET_DATA}
AccessControl: PublicRead
CorsConfiguration:
CorsRules:
- AllowedHeaders: ['*']
AllowedMethods: [GET]
AllowedOrigins: ['*']
WebBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:provider.environment.S3_BUCKET_WEB}
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: index.html
custom:
s3Sync:
- bucketName: ${self:provider.environment.S3_BUCKET_WEB}
localDir: web/build
acl: public-read
defaultContentType: text/html
params:
- index.html:
CacheControl: 'no-cache'
- "*.js":
CacheControl: 'public, max-age=31536000'
webpack:
includeModules: true