-
Notifications
You must be signed in to change notification settings - Fork 3
/
serverless.yml
107 lines (100 loc) · 3.3 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Welcome to Serverless!
#
# This file is the main config file for your service.
# It's very minimal at this point and uses default values.
# You can always add more config options for more control.
# We've included some commented out config examples here.
# Just uncomment any of them to get that config option.
#
# For full config options, check the docs:
# docs.serverless.com
#
# Happy Coding!
service: lambda-puppeteer # NOTE: update this with your service name
# You can pin your service to only deploy with a specific Serverless version
# Check out our docs for more details
# frameworkVersion: "=X.X.X"
provider:
name: aws
runtime: nodejs8.10
stage: ${opt:stage, 'dev'} # Example use "sls deploy --stage prod"
environment:
EMAIL_ADDRESS: ${ssm:emailAddress-${opt:stage, self:provider.stage}~true}
EMAIL_PASSWORD: ${ssm:emailPassword-${opt:stage, self:provider.stage}~true}
STEP_FUNCTIONS_DATA_BUCKET: ${self:service}-${opt:stage, self:provider.stage}-step-functions-data-bucket
iamRoleStatements: # permissions for all functions are set here
- Effect: Allow
Action:
- s3:PutObject
- s3:GetObject
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- Ref: "StepFunctionsDataBucket"
- "/*"
resources:
Resources:
StepFunctionsDataBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:provider.environment.STEP_FUNCTIONS_DATA_BUCKET}
package:
include:
- bin/*
- sharedlib/*
plugins:
- serverless-step-functions
- serverless-pseudo-parameters
stepFunctions:
stateMachines:
pdfWorkflow:
name: ${self:service}-${opt:stage, self:provider.stage}-pdf-workflow
events:
- http:
path: pdf/create
method: POST
definition:
Comment: "A workflow to create a PDF, optionally encrypt it and finally email it to a specified recipient"
StartAt: GeneratePdf
States:
GeneratePdf:
Type: Task
Resource: "arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:service}-${opt:stage}-generatePdf"
ResultPath: $.pdfFilePath
Next: IsEncryptionRequired
Retry:
- ErrorEquals:
- States.ALL
IntervalSeconds: 10
MaxAttempts: 5
BackoffRate: 2
IsEncryptionRequired:
Type: Choice
Choices:
- Variable: $.encryptionRequired
BooleanEquals: true
Next: Encrypt
Default: SendByEmail
Encrypt:
Type: Task
Resource: "arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:service}-${opt:stage}-encrypt"
ResultPath: $.encryptedFilePath
Next: SendByEmail
SendByEmail:
Type: Task
Resource: "arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:service}-${opt:stage}-emailPdfReport"
End: true
Retry:
- ErrorEquals:
- States.ALL
IntervalSeconds: 30
MaxAttempts: 4
BackoffRate: 4
functions:
generatePdf:
handler: lib/handler.generatePdf
encrypt:
handler: lib/handler.encrypt
emailPdfReport:
handler: lib/handler.emailPdfReport