service: esdp-api app: esdp-api-app frameworkVersion: '4' package: patterns: - drizzle/** stages: prod: # Enables observability in the prod stage observability: true # Sepcify parameter values to be used in the prod stage params: es_endpoint: https://insurtechtoolkit.com domain: es.imex.online es_user: Imex2 es_password: Patrick infra_service: esdp-infra infra_stage: shared beta: # Enables observability in the prod stage observability: false # Sepcify parameter values to be used in the prod stage params: es_endpoint: https://4284-79073.el-alt.com domain: beta.es.imex.online es_user: Imex2 es_password: Patrick infra_service: esdp-infra infra_stage: shared alpha: # Enables observability in the prod stage observability: false # Sepcify parameter values to be used in the prod stage params: es_endpoint: https://4284-79287.el-alt.com domain: alpha.es.imex.online es_user: Imex2 es_password: Patrick infra_service: esdp-infra infra_stage: shared dev: # Enables observability in the prod stage observability: false # Sepcify parameter values to be used in the prod stage params: es_endpoint: https://4284-79287.el-alt.com domain: dev.es.imex.online es_user: Imex2 es_password: Patrick infra_service: esdp-infra infra_stage: shared custom: infra_stack: ${param:infra_service}-${param:infra_stage} db: host: ${cf:${self:custom.infra_stack}.DbProxyEndpoint} port: ${cf:${self:custom.infra_stack}.DbPort} name: ${cf:${self:custom.infra_stack}.DbName} secretArn: ${cf:${self:custom.infra_stack}.DbSecretArn} # params: # dev: # domain: dev.es.imex.online # alpha: # domain: alpha.es.imex.online # beta: # domain: beta.es.imex.online # prod: # domain: es.imex.online provider: name: aws runtime: nodejs22.x region: ca-central-1 domain: ${param:domain} httpApi: # This creates a cheaper, faster "HTTP API" Gateway cors: true # Automatically configures CORS # Ensure all Lambdas can reach the shared RDS Proxy in the infra VPC vpc: securityGroupIds: - ${cf:${self:custom.infra_stack}.LambdaSecurityGroupId} subnetIds: - ${cf:${self:custom.infra_stack}.PrivateSubnetAId} - ${cf:${self:custom.infra_stack}.PrivateSubnetBId} # Default DB connection settings for all Lambdas (used by src/lib/db.ts) environment: DB_HOST: ${self:custom.db.host} DB_PORT: ${self:custom.db.port} DB_NAME: ${self:custom.db.name} DB_SECRET_ARN: ${self:custom.db.secretArn} # Allow Lambdas to fetch the DB credentials from Secrets Manager iam: role: statements: - Effect: Allow Action: - secretsmanager:GetSecretValue Resource: - ${self:custom.db.secretArn} build: esbuild: bundle: true minify: false sourcemap: true exclude: - '@aws-sdk/*' target: node22 platform: node functions: vehicleType: handler: src/handlers/vehicleType.handler events: - httpApi: path: /vehicleType method: post scrub: handler: src/handlers/scrub.handler environment: ES_ENDPOINT: ${param:es_endpoint} ES_USER: ${param:es_user} ES_PASSWORD: ${param:es_password} events: - httpApi: path: /scrub method: post emsupload: handler: src/handlers/emsupload.handler environment: ES_ENDPOINT: ${param:es_endpoint} UPLOAD_BUCKET_NAME: ${self:service}-uploads-${sls:stage} iamRoleStatements: - Effect: Allow Action: - s3:PutObject - s3:PutObjectAcl - s3:GetObject Resource: - arn:aws:s3:::${self:service}-uploads-${sls:stage}/* events: - httpApi: path: /emsupload method: post dbMigrate: handler: src/handlers/dbMigrate.handler timeout: 30 memorySize: 512 iamRoleStatements: - Effect: Allow Action: - secretsmanager:GetSecretValue Resource: - ${cf:${self:custom.infra_stack}.DbSecretArn} dbPing: handler: src/handlers/dbPing.handler timeout: 15 memorySize: 256 iamRoleStatements: - Effect: Allow Action: - secretsmanager:GetSecretValue Resource: - ${cf:${self:custom.infra_stack}.DbSecretArn} resources: Resources: UploadBucket: Type: AWS::S3::Bucket Properties: BucketName: ${self:service}-uploads-${sls:stage} CorsConfiguration: CorsRules: - AllowedOrigins: - '*' AllowedMethods: - PUT - POST AllowedHeaders: - '*'