serverless-appsync-plugin-example/serverless.yml at master · serverless-appsync/serverless-appsync-plugin-example · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
service: blog

frameworkVersion: '3'

configValidationMode: error

plugins:
  - serverless-iam-roles-per-function
  - serverless-appsync-plugin
  - serverless-esbuild

params:
  prod:
    domain: api.blog.serverless.rehab
    cachingEnabled: true
    wafEnabled: true

  default:
    domain: ${sls:stage}.blog.serverless.rehab
    cachingEnabled: false
    wafEnabled: false

provider:
  name: aws
  runtime: nodejs16.x
  region: us-east-1

appSync:
  name: blogs-api

  logging:
    level: ALL

  xrayEnabled: false

  domain:
    name: ${param:domain}
    hostedZoneId: Z077055311IDUQVT5EK0D

  authentication:
    type: AMAZON_COGNITO_USER_POOLS
    config:
      userPoolId: !Ref CognitoUserPool
      defaultAction: ALLOW

  caching:
    enabled: ${param:cachingEnabled}
    behavior: PER_RESOLVER_CACHING
    type: SMALL
    ttl: 300
    atRestEncryption: true
    transitEncryption: true

  waf:
    enabled: ${param:wafEnabled}
    rules:
      - throttle: 100
      - disableIntrospection

  dataSources:
    posts:
      type: AMAZON_DYNAMODB
      config:
        tableName: !Ref Posts

  resolvers:
    - Query.getPost:
        dataSource: posts
        caching:
          ttl: 60
          keys:
            - '$context.arguments.id'

      Mutation.createPost: posts

      Mutation.updatePost:
        request: false
        response: false
        dataSource:
          type: AWS_LAMBDA
          config:
            function:
              handler: src/updatePost.handler
              iamRoleStatements:
                - Effect: 'Allow'
                  Action:
                    - dynamodb:UpdateItem
                  Resource: !GetAtt Posts.Arn

      Mutation.deletePost:
        kind: PIPELINE
        functions:
          - deletePost
          - putEvent

  pipelineFunctions:
    deletePost: posts

    putEvent:
      dataSource:
        type: HTTP
        config:
          endpoint: !Sub https://events.${AWS::Region}.amazonaws.com/
          iamRoleStatements:
            - Effect: 'Allow'
              Action:
                - 'events:PutEvents'
              Resource: '*'
          authorizationConfig:
            authorizationType: AWS_IAM
            awsIamConfig:
              signingRegion: !Sub ${AWS::Region}
              signingServiceName: events

resources:
  Resources:
    Posts:
      Type: AWS::DynamoDB::Table
      Properties:
        TableName: posts
        BillingMode: PAY_PER_REQUEST
        AttributeDefinitions:
          - AttributeName: id
            AttributeType: S
        KeySchema:
          - AttributeName: id
            KeyType: HASH

    CognitoUserPool:
      Type: AWS::Cognito::UserPool
      Properties:
        UserPoolName: blog
        UsernameAttributes:
          - email

    CognitoUserPoolClient:
      Type: AWS::Cognito::UserPoolClient
      Properties:
        UserPoolId: !Ref CognitoUserPool
        ClientName: Web
        CallbackURLs:
          - https://example.com/signedin
        LogoutURLs:
          - https://example.com/signedout