diff options
Diffstat (limited to 'serverless.yml')
-rw-r--r-- | serverless.yml | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/serverless.yml b/serverless.yml new file mode 100644 index 0000000..cc9bdc5 --- /dev/null +++ b/serverless.yml | |||
@@ -0,0 +1,76 @@ | |||
1 | service: serverless-oauth2 | ||
2 | provider: | ||
3 | name: aws | ||
4 | runtime: nodejs6.10 | ||
5 | stage: ${opt:stage, self:custom.defaultStage} | ||
6 | environment: | ||
7 | GIT_HOSTNAME: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/GIT_HOSTNAME" | ||
8 | OAUTH_TOKEN_PATH: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_TOKEN_PATH" | ||
9 | OAUTH_AUTHORIZE_PATH: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_AUTHORIZE_PATH" | ||
10 | OAUTH_CLIENT_ID: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_CLIENT_ID" | ||
11 | OAUTH_CLIENT_SECRET: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_CLIENT_SECRET" | ||
12 | REDIRECT_URL: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/REDIRECT_URL" | ||
13 | OAUTH_SCOPES: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_SCOPES" | ||
14 | TZ: "utc" | ||
15 | iamRoleStatements: | ||
16 | - Effect: Allow | ||
17 | Action: | ||
18 | - ssm:DescribeParameters | ||
19 | - ssm:GetParameters | ||
20 | Resource: "arn:aws:ssm:${opt:region, self:provider.region}:*:parameter/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/*" | ||
21 | - Effect: Allow | ||
22 | Action: | ||
23 | - kms:Decrypt | ||
24 | Resource: "arn:aws:kms:${opt:region, self:provider.region}:*:key/${self:custom.kms_key.${opt:region, self:provider.region}.${self:provider.stage}}" | ||
25 | |||
26 | custom: | ||
27 | defaultStage: dev | ||
28 | kms_key: | ||
29 | "us-east-1": | ||
30 | prod: "01660d80-64fb-4444-9b21-bb15ac2f97ec" | ||
31 | dev: "foo" | ||
32 | |||
33 | functions: | ||
34 | auth: | ||
35 | handler: auth.auth | ||
36 | memorySize: 128 | ||
37 | timeout: 5 | ||
38 | events: | ||
39 | - http: | ||
40 | path: /auth | ||
41 | method: get | ||
42 | cors: true | ||
43 | callback: | ||
44 | handler: auth.callback | ||
45 | memorySize: 128 | ||
46 | timeout: 5 | ||
47 | events: | ||
48 | - http: | ||
49 | path: /callback | ||
50 | method: get | ||
51 | cors: true | ||
52 | success: | ||
53 | handler: auth.success | ||
54 | memorySize: 128 | ||
55 | timeout: 5 | ||
56 | events: | ||
57 | - http: | ||
58 | path: /success | ||
59 | method: get | ||
60 | cors: true | ||
61 | default: | ||
62 | handler: auth.default | ||
63 | memorySize: 128 | ||
64 | timeout: 5 | ||
65 | events: | ||
66 | - http: | ||
67 | path: / | ||
68 | method: get | ||
69 | cors: true | ||
70 | |||
71 | plugins: | ||
72 | - serverless-plugin-optimize | ||
73 | - serverless-offline | ||
74 | |||
75 | package: | ||
76 | individually: true | ||