-
Notifications
You must be signed in to change notification settings - Fork 33
Expand file tree
/
Copy pathtemplate.yml
More file actions
70 lines (68 loc) · 1.91 KB
/
template.yml
File metadata and controls
70 lines (68 loc) · 1.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS::Serverless-2016-10-31
Resources:
mainInternalAPI:
Type: AWS::Serverless::Api
Properties:
StageName: api
EndpointConfiguration: PRIVATE
TracingEnabled: true
DefinitionBody:
openapi: "3.0.0"
paths:
"/":
get:
x-amazon-apigateway-integration:
httpMethod: POST
type: aws_proxy
uri: !Sub arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${ main.Arn }/invocations
responses: {}
x-amazon-apigateway-policy:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal: "*"
Action:
- "execute-api:Invoke"
Resource: "execute-api:/*"
- Effect: "Deny"
Principal: "*"
Action:
- "execute-api:Invoke"
Resource: "execute-api:/*"
Condition:
StringNotEquals:
aws:SourceVpc:
- "vpc-11111111"
- "vpc-22222222"
- "vpc-33333333"
main:
Type: AWS::Serverless::Function
Properties:
CodeUri: ./
Handler: lib/lambda.handler
Runtime: ruby2.5
Timeout: 30
Tracing: "Active"
Role: "DEFAULT"
VpcConfig:
SecurityGroupIds:
- "DEFAULT"
SubnetIds:
- sub-A
- sub-B
Environment:
Variables:
TEST_ENVVAR:
Events:
InternalAPIget:
Type: Api
Properties:
RestApiId: !Ref mainInternalAPI
Path: /
Method: GET
# Output names must match ^[a-zA-Z0-9]+$
Outputs:
InternalAPIUrl:
Description: Endpoint for internal API
Value: !Sub "https://${ mainInternalAPI }.execute-api.${AWS::Region}.amazonaws.com/api"