AWSTemplateFormatVersion: "2010-09-09" Transform: AWS::Serverless-2016-10-31 Description: Tasks REST API Service Globals: Function: Runtime: nodejs14.x Timeout: 3 Api: Cors: AllowMethods: "'*'" AllowHeaders: "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent'" AllowOrigin: "'*'" AllowCredentials: "'*'" Resources: TasksApi: Type: AWS::Serverless::Api Properties: Auth: Authorizers: MyLambdaTokenAuthorizer: FunctionArn: !GetAtt MyAuthFunction.Arn StageName: v1 MyAuthFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/auth Handler: app.handler GetTasksFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/handlers/getTasks Handler: app.handler Policies: - DynamoDBCrudPolicy: TableName: !Ref TasksTable Environment: Variables: TASKS_TABLE: !Ref TasksTable Events: GetTasksFunctionApi: Type: Api Properties: RestApiId: !Ref TasksApi Path: /tasks Method: GET Auth: Authorizer: MyLambdaTokenAuthorizer GetTaskByIdFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/handlers/getTaskById Handler: app.handler Policies: - DynamoDBCrudPolicy: TableName: !Ref TasksTable Environment: Variables: TASKS_TABLE: !Ref TasksTable Events: GetByIdFunctionApi: Type: Api Properties: RestApiId: !Ref TasksApi Path: /tasks/{id} Method: GET Auth: Authorizer: MyLambdaTokenAuthorizer DeleteTaskFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/handlers/deleteTask Handler: app.handler Policies: - DynamoDBCrudPolicy: TableName: !Ref TasksTable Environment: Variables: TASKS_TABLE: !Ref TasksTable Events: DeleteByIdFunctionApi: Type: Api Properties: RestApiId: !Ref TasksApi Path: /tasks/{id} Method: DELETE Auth: Authorizer: MyLambdaTokenAuthorizer GetTokenFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/handlers/getToken Handler: app.handler Runtime: nodejs14.x Events: GetTokenFunctionApi: Type: Api Properties: RestApiId: !Ref TasksApi Path: /token Method: POST # Auth: # Authorizer: NONE GetSignedUrlFunction: Type: AWS::Serverless::Function Properties: CodeUri: src/handlers/getSignedUrl Handler: app.handler Runtime: nodejs14.x Environment: Variables: S3_BUCKET: !Ref UploadsBucket TASKS_TABLE: !Ref TasksTable Policies: - S3WritePolicy: BucketName: !Ref UploadsBucket Events: GetSignedUrlFunctionApi: Type: Api Properties: RestApiId: !Ref TasksApi Path: /signedUrl Method: GET Auth: Authorizer: MyLambdaTokenAuthorizer UploadsBucket: Type: AWS::S3::Bucket Properties: BucketName: !Sub "uploads-${AWS::StackName}-${AWS::Region}-${AWS::AccountId}" VersioningConfiguration: Status: Enabled CorsConfiguration: CorsRules: - AllowedHeaders: - "*" AllowedMethods: - GET - PUT - HEAD AllowedOrigins: - "*" BucketEncryption: ServerSideEncryptionConfiguration: - ServerSideEncryptionByDefault: SSEAlgorithm: AES256 Outputs: TasksApi: Description: API Gateway endpoint URL Value: !Sub "https://${TasksApi}.execute-api.${AWS::Region}.amazonaws.com/v1/" S3BucketName: Description: S3 bucket for file uploads Value: !Ref UploadsBucket