Application based on Serverless framework utilizing AWS Lamda, API Gateway and Cognito services.
- Install Serverless 0.5:
npm install serverless -g
- Checkout git repository:
git clone git@github.com:keboola/developer-portal.git
- Cd into directory:
cd developer-portal
- Install npm dependencies:
npm install
- AWS Setup (so far has to be manual)
- Verify email address used as sender for emails in SES console
- Save the email to Serverless variable
sesEmail
(using commandsls variables set
)
- Save the email to Serverless variable
- Create Cognito User Pool in AWS console
- Add email sender to
FROM
in sectionVerifications
- Save Cognito pool id to sls variable
cognitoUserPoolId
- Create app in section
Apps
- Do not generate client secret
- Enable sign-in API for server-based authentication
- Add
profile
toWritable Attributes
- Save client id to sls variable
cognitoUserPoolClientId
- Add email sender to
- Create S3 bucket for app icons and save it to sls variable
iconsS3Bucket
- Put bucket's public url to sls variable
iconsPublicFolder
- Put bucket's public url to sls variable
- Create Myql 5.7 RDS
- Put it's credentials to sls variables
rdsHost
,rdsUser
,rdsPassword
andrdsDatabase
- Put it's credentials to sls variables
- Verify email address used as sender for emails in SES console
- Deploy all resources using command
sls dash deploy
- Extend created IAM policy for lambda functions with these statements:
{
"Effect": "Allow",
"Action": ["s3:PutObject", "s3:GetObject", "s3:ReplicateObject"],
"Resource": "arn:aws:s3:::${icons_s3_bucket}/*"
},
{
"Effect": "Allow",
"Action": ["ses:SendEmail"],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": ["cognito-identity:*", "cognito-idp:*],
"Resource": "${cognito_user_pool_arn}"
}