-
Notifications
You must be signed in to change notification settings - Fork 7
/
serverless.yml
152 lines (145 loc) · 4.34 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
service: shorty
plugins:
- serverless-python-requirements
- serverless-wsgi
- serverless-dynamodb-local
- serverless-finch
custom:
tableName: urls-table-${self:provider.stage}
wsgi:
app: app.app
packRequirements: false
pythonRequirements:
dockerizePip: non-linux
dynamodb:
start:
migrate: true
stages:
- dev
client:
bucketName: shorty-frontend-${self:provider.stage}
distributionFolder: dist
alias: shorty.skghosh.me
acmArn: arn:aws:acm:us-east-1:680499645329:certificate/6fbcfddc-3351-47fc-9ebe-f3d88abc444f
provider:
name: aws
runtime: python3.8
stage: ${opt:stage, 'dev'}
region: ${opt:region, 'ap-south-1'}
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
Resource:
Fn::GetAtt:
- UrlsDynamoDBTable
- Arn
environment:
URLS_TABLE: ${self:custom.tableName}
functions:
app:
handler: wsgi_handler.handler
events:
- http: ANY /
- http: ANY {proxy+}
memorySize: 256
resources:
Resources:
UrlsDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
- AttributeName: slug
AttributeType: S
KeySchema:
- AttributeName: slug
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 1
WriteCapacityUnits: 1
TableName: ${self:custom.tableName}
CloudfrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Aliases:
- ${self:custom.alias}
Origins:
- DomainName: ${self:custom.client.bucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: StaticS3Origin
CustomOriginConfig:
OriginProtocolPolicy: http-only
- DomainName:
Fn::Join:
- ''
- - Ref: ApiGatewayRestApi
- '.execute-api.'
- Ref: AWS::Region
- '.amazonaws.com'
Id: APIOrigin
CustomOriginConfig:
OriginProtocolPolicy: https-only
OriginPath:
Fn::Join:
- ''
- - '/'
- ${self:provider.stage}
Enabled: true
DefaultCacheBehavior:
TargetOriginId: StaticS3Origin
ForwardedValues:
QueryString: false
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
CacheBehaviors:
- PathPattern: /swagger*
TargetOriginId: StaticS3Origin
ForwardedValues:
QueryString: false
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
- PathPattern: /static*
TargetOriginId: StaticS3Origin
ForwardedValues:
QueryString: false
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
- PathPattern: /api/?*
TargetOriginId: APIOrigin
ForwardedValues:
QueryString: true
Headers: [Accept, Referer, Authorization, Content-Type]
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
AllowedMethods: [DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT]
MinTTL: '0'
DefaultTTL: '0'
- PathPattern: /?*
TargetOriginId: APIOrigin
ForwardedValues:
QueryString: true
Headers: [Accept, Referer, Authorization, Content-Type]
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
AllowedMethods: [DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT]
MinTTL: '0'
DefaultTTL: '0'
ViewerCertificate:
AcmCertificateArn: ${self:custom.acmArn}
SslSupportMethod: sni-only
MinimumProtocolVersion: TLSv1.2_2018
PriceClass: PriceClass_100
package:
exclude:
- node_modules/**
- venv/**
- .idea/**
- __pycache__/**
- .dynamodb/**