cloud-note/serverless.yml at main · ipj31/cloud-note · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
org: ipj31
app: cloud-note
service: cloud-note

frameworkVersion: '3'

provider:
  name: aws
  runtime: python3.9
  stage: v1
  region: us-west-1
  httpApi:
    cors: true
    authorizers:
      jwtAuth:
        identitySource: $request.header.Authorization
        # todo break out the cognito creation into another serverless file and make this referance the output
        issuerUrl: https://cognito-idp.${self:provider.region}.amazonaws.com/ #cognito id here
        audience:
          - 3b7j4ldaj1b8n52ge2u6uqrenp
  iam:
    role:
      statements:
        - Effect: Allow
          Action:
            - dynamodb:*
          Resource: "*"

package:
  individually: true
  patterns:
    - "!cloud-note-ui/**"
    - "!.serverless/**"
    - "!lambdas/**"

functions:
  create-note:
    name: create-note
    handler: lambdas/create.handler
    package:
      patterns:
        - "lambdas/create.py"
    events:
      - httpApi:
          method: POST
          path: /${sls:stage}/note/{noteId}
          authorizer:
            name: jwtAuth
  read-notes:
    name: read-notes
    handler: lambdas/read.handler
    package:
      patterns:
        - "lambdas/read.py"
    events:
      - httpApi:
          method: GET
          path: /${sls:stage}/note
          authorizer:
            name: jwtAuth
  delete-note:
    name: delete-note
    handler: lambdas/delete.handler
    package:
      patterns:
        - "lambdas/delete.py"
    events:
      - httpApi:
          method: DELETE
          path: /${sls:stage}/note/{noteId}
          authorizer:
            name: jwtAuth

resources:
  Resources:
    # Notes Table
    NotesDynamoDBTable:
      Type: AWS::DynamoDB::Table
      Properties:
        TableName: notes-${sls:stage}
        AttributeDefinitions:
          - AttributeName: noteId
            AttributeType: S
          - AttributeName: email
            AttributeType: S
        KeySchema:
          - AttributeName: noteId
            KeyType: HASH
          - AttributeName: email
            KeyType: RANGE
        ProvisionedThroughput:
          ReadCapacityUnits: 1
          WriteCapacityUnits: 1
        GlobalSecondaryIndexes:
          - IndexName: emailIndex
            KeySchema:
              - AttributeName: email
                KeyType: HASH
            Projection:
              ProjectionType: ALL
            ProvisionedThroughput:
              ReadCapacityUnits: 1
              WriteCapacityUnits: 1
    # User pool
    UsersCognitoUserPool:
      Type: AWS::Cognito::UserPool
      Properties:
        UsernameAttributes:
          - email
          - phone_number
        AutoVerifiedAttributes:
          - email
    # User pool client
    UsersCognitoUserPoolClient:
      Type: AWS::Cognito::UserPoolClient
      Properties:
        UserPoolId:
          Ref: UsersCognitoUserPool

  Outputs:
    UserPool:
      Value:
        Ref: UsersCognitoUserPool
    UserPoolClient:
      Value:
        Ref: UsersCognitoUserPoolClient