-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathstack.yaml
122 lines (108 loc) · 3.49 KB
/
stack.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
AWSTemplateFormatVersion: "2010-09-09"
Description: "CiCd Sample App API Gateway and Lambda function"
Parameters:
infrastructureStackName:
Description: "Name of infrastructure stack"
Type: "String"
Default: "gulli-master-infrastructure1"
branchName:
Type: "String"
Default: "master"
Resources:
apiGatewayMyipResource:
Type: "AWS::ApiGateway::Resource"
Properties:
RestApiId:
Fn::ImportValue: !Sub "${infrastructureStackName}-LambdaApiGateway"
ParentId:
Fn::ImportValue: !Sub "${infrastructureStackName}-LambdaApiGatewayRootResourceId"
PathPart: !Sub ${branchName}-myip
apiGatewayMyipMethod:
Type: "AWS::ApiGateway::Method"
Properties:
AuthorizationType: "NONE"
HttpMethod: "POST"
Integration:
IntegrationHttpMethod: "POST"
Type: "AWS_PROXY"
Uri: !Sub
- "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${lambdaArn}/invocations"
- lambdaArn: !GetAtt "lambdaFunction.Arn"
ResourceId: !Ref "apiGatewayMyipResource"
RestApiId:
Fn::ImportValue: !Sub "${infrastructureStackName}-LambdaApiGateway"
apiGatewayDeployment:
Type: "AWS::ApiGateway::Deployment"
DependsOn:
- "apiGatewayMyipMethod"
Properties:
RestApiId:
Fn::ImportValue:
!Sub "${infrastructureStackName}-LambdaApiGateway"
StageName: "api"
lambdaFunction:
Type: "AWS::Lambda::Function"
Properties:
Code:
S3Bucket: !Sub "${infrastructureStackName}-lambdadeployment"
S3Key: !Sub "${branchName}/myip.zip"
Description: "MyIpFunction"
FunctionName: !Sub "${branchName}-myip"
Handler: "handler.myip"
MemorySize: 128
Role: !GetAtt "lambdaIAMRole.Arn"
Runtime: "nodejs10.x"
Timeout: 10
lambdaApiGatewayInvoke:
Type: "AWS::Lambda::Permission"
Properties:
Action: "lambda:InvokeFunction"
FunctionName: !GetAtt "lambdaFunction.Arn"
Principal: "apigateway.amazonaws.com"
SourceArn:
Fn::Sub:
- "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${ApiGatewayId}/*"
- ApiGatewayId:
Fn::ImportValue:
!Sub "${infrastructureStackName}-LambdaApiGateway"
lambdaIAMRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "sts:AssumeRole"
Effect: "Allow"
Principal:
Service:
- "lambda.amazonaws.com"
Policies:
- PolicyDocument:
Version: "2012-10-17"
Statement:
- Action:
- "logs:CreateLogGroup"
- "logs:CreateLogStream"
- "logs:PutLogEvents"
Effect: "Allow"
Resource:
- !Sub "arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/myip:*"
PolicyName: "lambda"
lambdaLogGroup:
Type: "AWS::Logs::LogGroup"
Properties:
LogGroupName: !Sub "/aws/lambda/${branchName}/myip"
RetentionInDays: 90
Outputs:
apiGatewayInvokeURL:
Value:
Fn::Sub:
- "https://${ApiGatewayId}.execute-api.${AWS::Region}.amazonaws.com/api/${branchName}-myip"
- ApiGatewayId:
Fn::ImportValue:
!Sub "${infrastructureStackName}-LambdaApiGateway"
lambdaArn:
Value: !GetAtt "lambdaFunction.Arn"
lambdaS3ZipFile:
Value: !Sub "${branchName}/myip.zip"