wp-update-server/serverless.yml at master · ReasonFoundation/wp-update-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
service: wp-update-server

bref:
  team: reason

provider:
  name: aws
  region: us-east-1
  stage: ${opt:stage, 'prod'}
  iam:
    role:
      statements:
        - Effect: Allow
          Action:
            - s3:GetObject
            - s3:ListBucket
          Resource:
            - !GetAtt WPUpdateBucket.Arn
            - !Sub '${WPUpdateBucket.Arn}/*'

functions:
  web:
    # `index.php` is the entrypoint of your application
    handler: index.php
    runtime: php-84-fpm
    timeout: 28 # in seconds (API Gateway has a max timeout of 29 seconds)
    environment:
      S3_BUCKET: !Ref WPUpdateBucket
      S3_PREFIX: ${env:S3_PREFIX, 'packages/'}
    events:
      - httpApi: '*'

resources:
  Resources:
    WPUpdateBucket:
      Type: AWS::S3::Bucket
      Properties:
        PublicAccessBlockConfiguration:
          BlockPublicAcls: true
          IgnorePublicAcls: true
          BlockPublicPolicy: false
          RestrictPublicBuckets: false
    # IAM policy that makes the bucket publicly readable
    WPUpdateBucketPolicy:
      Type: AWS::S3::BucketPolicy
      Properties:
        Bucket: !Ref WPUpdateBucket
        PolicyDocument:
          Statement:
            -   Effect: Allow
                Principal: '*' # everyone
                Action: s3:GetObject
                Resource: !Sub '${WPUpdateBucket.Arn}/*'

plugins:
  - ./vendor/bref/bref