This repository has been archived by the owner on Oct 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
template.yaml
194 lines (181 loc) · 6.32 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS::Serverless-2016-10-31
Globals:
Function:
Runtime: nodejs14.x
Timeout: 5
Resources:
FailureFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.failure
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
FailureFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref FailureFunction
ModHeaderFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.modheader
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
ModHeaderFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref ModHeaderFunction
ModBodyFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.modbody
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
ModBodyFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref ModBodyFunction
RespondFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.respond
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
RespondFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref RespondFunction
ModUriFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.moduri
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
ModUriFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref ModUriFunction
SuccessFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.success
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
SuccessFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref SuccessFunction
SuccessResponseFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/lambda_at_edge.success_response
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
SuccessResponseFunctionV:
Type: AWS::Lambda::Version
Properties:
FunctionName: !Ref SuccessResponseFunction
ProxyFunction:
Type: AWS::Serverless::Function
Properties:
Handler: src/api_gateway.proxy
CodeUri: ./
Role: !GetAtt LambdaEdgeExecutionRole.Arn
Events:
Api:
Type: Api
Properties:
Path: /{proxy+}
Method: any
RestApiId:
Ref: ApiGatewayApi
ApiGatewayApi:
Type: AWS::Serverless::Api
Properties:
StageName: Prod
LambdaEdgeExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- edgelambda.amazonaws.com
- lambda.amazonaws.com
Action:
- sts:AssumeRole
ManagedPolicyArns:
- !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
CloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
CacheBehaviors:
- PathPattern: /Failure/*
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
LambdaFunctionARN: !Ref FailureFunctionV
- PathPattern: /ModHeader/*
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
LambdaFunctionARN: !Ref ModHeaderFunctionV
- PathPattern: /ModBody/*
AllowedMethods: [GET, HEAD, OPTIONS, PUT, PATCH, POST, DELETE]
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
IncludeBody: true
LambdaFunctionARN: !Ref ModBodyFunctionV
- PathPattern: /Respond/*
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
LambdaFunctionARN: !Ref RespondFunctionV
- PathPattern: /ModUri/*
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
LambdaFunctionARN: !Ref ModUriFunctionV
DefaultCacheBehavior:
CachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
OriginRequestPolicyId: acba4595-bd28-49b8-b9fe-13317c0390fa
TargetOriginId: DefaultOrigin
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: viewer-request
LambdaFunctionARN: !Ref SuccessFunctionV
- EventType: origin-request
LambdaFunctionARN: !Ref SuccessFunctionV
- EventType: viewer-response
LambdaFunctionARN: !Ref SuccessResponseFunctionV
Enabled: true
Origins:
- DomainName: !Sub "${ApiGatewayApi}.execute-api.us-east-1.amazonaws.com"
OriginPath: !Sub "/${ApiGatewayApiProdStage}"
Id: DefaultOrigin
CustomOriginConfig:
OriginProtocolPolicy: match-viewer
Outputs:
ApiGatewayUrl:
Value: !Sub "https://${ApiGatewayApi}.execute-api.us-east-1.amazonaws.com/${ApiGatewayApiProdStage}"
WebsiteUrl:
Value: !Sub "https://${CloudFrontDistribution.DomainName}"