From 80b6050c258f8504b04d59c5db67ddadc3403721 Mon Sep 17 00:00:00 2001
From: Mark Steele <mark.steele@autodesk.com>
Date: Tue, 17 Apr 2018 16:41:11 -0400
Subject: Initial import

---
 serverless.yml | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 serverless.yml

(limited to 'serverless.yml')

diff --git a/serverless.yml b/serverless.yml
new file mode 100644
index 0000000..cc9bdc5
--- /dev/null
+++ b/serverless.yml
@@ -0,0 +1,76 @@
+service: serverless-oauth2
+provider:
+  name: aws
+  runtime: nodejs6.10
+  stage: ${opt:stage, self:custom.defaultStage}
+  environment:
+    GIT_HOSTNAME: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/GIT_HOSTNAME"
+    OAUTH_TOKEN_PATH: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_TOKEN_PATH"
+    OAUTH_AUTHORIZE_PATH: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_AUTHORIZE_PATH"
+    OAUTH_CLIENT_ID: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_CLIENT_ID"
+    OAUTH_CLIENT_SECRET:  "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_CLIENT_SECRET"
+    REDIRECT_URL: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/REDIRECT_URL"
+    OAUTH_SCOPES: "/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/OAUTH_SCOPES"
+    TZ: "utc"
+  iamRoleStatements:
+    - Effect: Allow
+      Action:
+        - ssm:DescribeParameters
+        - ssm:GetParameters
+      Resource: "arn:aws:ssm:${opt:region, self:provider.region}:*:parameter/ctrl-alt-del/oauth/${opt:stage, self:provider.stage}/*"
+    - Effect: Allow
+      Action:
+        - kms:Decrypt
+      Resource: "arn:aws:kms:${opt:region, self:provider.region}:*:key/${self:custom.kms_key.${opt:region, self:provider.region}.${self:provider.stage}}"
+
+custom:
+  defaultStage: dev
+  kms_key:
+    "us-east-1":
+      prod: "01660d80-64fb-4444-9b21-bb15ac2f97ec"
+      dev: "foo"
+
+functions:
+  auth:
+    handler: auth.auth
+    memorySize: 128
+    timeout: 5
+    events:
+      - http:
+          path: /auth
+          method: get
+          cors: true               
+  callback:
+    handler: auth.callback
+    memorySize: 128
+    timeout: 5
+    events:
+      - http:
+          path: /callback
+          method: get
+          cors: true
+  success:
+    handler: auth.success
+    memorySize: 128
+    timeout: 5
+    events:
+      - http:
+          path: /success
+          method: get
+          cors: true  
+  default:
+    handler: auth.default
+    memorySize: 128
+    timeout: 5
+    events:
+      - http:
+          path: /
+          method: get
+          cors: true 
+
+plugins:
+  - serverless-plugin-optimize
+  - serverless-offline
+
+package:
+  individually: true
-- 
cgit v1.2.3