-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstack.yml
More file actions
140 lines (133 loc) · 4.33 KB
/
stack.yml
File metadata and controls
140 lines (133 loc) · 4.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
---
AWSTemplateFormatVersion: 2010-09-09
Description: The REST API stack for the GET and POST functions for multiple choice tasks.
Resources:
# Policy required for all lambda function roles.
BaseLambdaExecutionPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
Description: Base permissions needed by all lambda functions.
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
- ec2:CreateNetworkInterface
- ec2:DescribeNetworkInterfaces
- ec2:DeleteNetworkInterface
Resource: "*"
# FIXME How to hook up custom domain?
MyApiGateway:
Type: AWS::ApiGateway::RestApi
Properties:
Name: !Sub "${AWS::StackName}-MyApiGateway"
Description: A description
FailOnWarnings: true
Body:
swagger: 2.0
info:
description: |
The account API.
version: 1.0
basePath: /
schemes:
- https
consumes:
- application/json
produces:
- application/json
paths:
/labelers/{labelerId}:
get:
description: Get a number of new, unique multiple choice tasks for a particular user.
x-amazon-apigateway-integration:
uri: !Sub "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MultipleChoiceTask.Arn}/invocations"
credentials: !GetAtt MyApiGatewayRole.Arn
passthroughBehavior: when_no_match
httpMethod: POST
type: aws_proxy
operationId: getBatchMultipleChoiceTask
parameters:
- name: userId
in: path
description: TBD
required: true
type: string
format: uuid
/tasks:
post:
description: Update the database with the results of the labeled multiple choice task.
x-amazon-apigateway-integration:
uri: !Sub "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MultipleChoiceTask.Arn}/invocations"
credentials: !GetAtt MyApiGatewayRole.Arn
passthroughBehavior: when_no_match
httpMethod: POST
type: aws_proxy
operationId: postBatchMultipleChoiceTask
parameters:
- name: userId
in: path
description: TBD
required: true
type: string
format: uuid
- name: body
in: body
description: TBD
required: true
schema:
type: object
required:
- email
properties:
email:
type: string
MyApiGatewayDeployment:
Type: AWS::ApiGateway::Deployment
Properties:
RestApiId: !Ref MyApiGateway
StageName: prod
MyApiGatewayRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: apigateway.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: InvokeLambda
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- lambda:InvokeFunction
Resource:
- !GetAtt MultipleChoiceTask.Arn
MultipleChoiceTask:
Type: AWS::Lambda::Function
Properties:
Role: !GetAtt MultipleChoiceTaskRole.Arn # TODO
Handler: index.handler
Runtime: nodejs12.x
Code:
ZipFile: |
exports.handler = function(event) {}
MultipleChoiceTaskRole: # -> AppAPIRole
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- !Ref BaseLambdaExecutionPolicy