-
Notifications
You must be signed in to change notification settings - Fork 9
/
template.yaml
109 lines (101 loc) · 2.94 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Resources:
LambdaRequestAuthFunction:
Type: AWS::Serverless::Function
Properties:
Handler: authorizer.handler
Timeout: 30
Runtime: nodejs8.10
CodeUri: ./
Policies:
- AWSLambdaFullAccess
- CloudWatchLogsFullAccess
MyLambdaRouteHandlerFunction:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Timeout: 30
Runtime: nodejs8.10
CodeUri: ./
Policies:
- AWSLambdaFullAccess
- CloudWatchLogsFullAccess
- AmazonAPIGatewayInvokeFullAccess
- AmazonAPIGatewayAdministrator
MyWebSocketApi:
Type: AWS::ApiGatewayV2::Api
Properties:
Name: MyWebSocketApi
ProtocolType: WEBSOCKET
RouteSelectionExpression: "$request.body.action"
Auth:
Type: "AWS::ApiGatewayV2::Authorizer"
Properties:
Name: My-Authorizer
ApiId: !Ref MyWebSocketApi
AuthorizerType: REQUEST
AuthorizerUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaRequestAuthFunction.Arn}/invocations
IdentitySource:
- "route.request.header.x-some-header-to-auth-from"
ConnectRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref MyWebSocketApi
RouteKey: "$connect"
AuthorizationType: CUSTOM
OperationName: ConnectRoute
AuthorizerId: !Ref Auth
TestRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref MyWebSocketApi
RouteKey: test
AuthorizationType: NONE
OperationName: TestRoute
Target: !Join
- '/'
- - 'integrations'
- !Ref TestLambdaIntegration
TestLambdaIntegration:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref MyWebSocketApi
Description: Test Integration
IntegrationType: AWS_PROXY
IntegrationUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyLambdaRouteHandlerFunction.Arn}/invocations
Deployment:
Type: AWS::ApiGatewayV2::Deployment
DependsOn:
- TestRoute
Properties:
ApiId: !Ref MyWebSocketApi
Stage:
Type: AWS::ApiGatewayV2::Stage
Properties:
StageName: v1
Description: Version 1 'stage'
DeploymentId: !Ref Deployment
ApiId: !Ref MyWebSocketApi
PortfolioBlocksPermission:
Type: AWS::Lambda::Permission
DependsOn:
- MyWebSocketApi
- MyLambdaRouteHandlerFunction
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref MyLambdaRouteHandlerFunction
Principal: apigateway.amazonaws.com
AuthorizerFunctionPermission:
Type: AWS::Lambda::Permission
DependsOn:
- MyWebSocketApi
- LambdaRequestAuthFunction
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref LambdaRequestAuthFunction
Principal: apigateway.amazonaws.com