-
Notifications
You must be signed in to change notification settings - Fork 6
/
serverless.yml
64 lines (57 loc) · 1.52 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
service: ses-forwarder
provider:
name: aws
runtime: nodejs6.10
iamRoleStatements:
- Effect: "Allow"
Action:
- "ses:SendRawEmail"
Resource: "*"
- Effect: "Allow"
Action:
- s3:GetObject
- s3:PutObject
Resource: { "Fn::Join" : ["", ["arn:aws:s3:::", { "Ref" : "SesForwarderBucket" }, "/*" ] ] }
functions:
sesForwarder:
handler: handler.handle
timeout: 10
memorySize: 128
environment:
emailBucket:
Ref: SesForwarderBucket
resources:
Resources:
SesForwarderBucket:
Type: AWS::S3::Bucket
Properties:
BucketName:
Fn::Join: ["", ["sesforwarder-",{ "Ref" : "AWS::AccountId" } ] ]
LifecycleConfiguration:
Rules:
- ExpirationInDays: 3
Status: Enabled
SesForwarderBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: SesForwarderBucket
PolicyDocument:
Version: '2012-10-17'
Statement:
- Sid: GiveSESPermissionToWriteEmail
Effect: Allow
Principal:
Service: ses.amazonaws.com
Action: s3:PutObject
Resource:
Fn::Join: ["", ["arn:aws:s3:::",{"Ref":"SesForwarderBucket" },"/*"]]
Condition:
StringEquals:
aws:Referer:
Ref: AWS::AccountId
Outputs:
SesForwarderBucket:
Description: "Forwarder Bucket Name"
Value:
Ref: SesForwarderBucket