-
-
Save codecitizen/47073231d781979baec47148e40ab38b to your computer and use it in GitHub Desktop.
| service: my-service | |
| provider: | |
| name: aws | |
| runtime: nodejs8.10 | |
| stage: ${opt:stage, 'dev'} | |
| environment: | |
| REDIS_HOST: | |
| "Fn::GetAtt": [ElasticCacheCluster, RedisEndpoint.Address] | |
| functions: | |
| trigger: | |
| handler: src/serverless.trigger | |
| vpc: | |
| securityGroupIds: | |
| - "Fn::GetAtt": ServerlessSecurityGroup.GroupId | |
| subnetIds: | |
| - Ref: PrivateSubnetA | |
| events: | |
| - http: POST /trigger | |
| status: | |
| handler: src/serverless.getStatus | |
| vpc: | |
| securityGroupIds: | |
| - "Fn::GetAtt": ServerlessSecurityGroup.GroupId | |
| subnetIds: | |
| - Ref: PrivateSubnetA | |
| events: | |
| - http: GET /status | |
| transform: | |
| handler: src/serverless.transform | |
| vpc: | |
| securityGroupIds: | |
| - "Fn::GetAtt": ServerlessSecurityGroup.GroupId | |
| subnetIds: | |
| - Ref: PrivateSubnetA | |
| resources: | |
| Resources: | |
| VPC: | |
| Type: AWS::EC2::VPC | |
| Properties: | |
| CidrBlock: "10.0.0.0/16" | |
| IP: | |
| Type: AWS::EC2::EIP | |
| Properties: | |
| Domain: vpc | |
| InternetGateway: | |
| Type: AWS::EC2::InternetGateway | |
| VPCGatewayAttachment: | |
| Type: AWS::EC2::VPCGatewayAttachment | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| InternetGatewayId: | |
| Ref: InternetGateway | |
| NatGateway: | |
| Type: AWS::EC2::NatGateway | |
| Properties: | |
| AllocationId: | |
| Fn::GetAtt: | |
| - IP | |
| - AllocationId | |
| SubnetId: | |
| Ref: PublicSubnetA | |
| PrivateSubnetA: | |
| DependsOn: VPC | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| AvailabilityZone: ${self:provider.region}a | |
| CidrBlock: "10.0.1.0/24" | |
| PublicSubnetA: | |
| DependsOn: VPC | |
| Type: AWS::EC2::Subnet | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| AvailabilityZone: ${self:provider.region}a | |
| CidrBlock: "10.0.2.0/24" | |
| PrivateRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| PrivateRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: | |
| Ref: PrivateRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| NatGatewayId: | |
| Ref: NatGateway | |
| PublicRouteTable: | |
| Type: AWS::EC2::RouteTable | |
| Properties: | |
| VpcId: | |
| Ref: VPC | |
| PublicRoute: | |
| Type: AWS::EC2::Route | |
| Properties: | |
| RouteTableId: | |
| Ref: PublicRouteTable | |
| DestinationCidrBlock: 0.0.0.0/0 | |
| GatewayId: | |
| Ref: InternetGateway | |
| SubnetRouteTableAssociationLambdaPrivateA: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PrivateSubnetA | |
| RouteTableId: | |
| Ref: PrivateRouteTable | |
| SubnetRouteTableAssociationLambdaPublicA: | |
| Type: AWS::EC2::SubnetRouteTableAssociation | |
| Properties: | |
| SubnetId: | |
| Ref: PublicSubnetA | |
| RouteTableId: | |
| Ref: PublicRouteTable | |
| ServerlessSecurityGroup: | |
| DependsOn: VPC | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: SecurityGroup for Serverless Functions | |
| VpcId: | |
| Ref: VPC | |
| ServerlessStorageSecurityGroup: | |
| DependsOn: VPC | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| GroupDescription: Ingress for Redis Cluster | |
| VpcId: | |
| Ref: VPC | |
| SecurityGroupIngress: | |
| - IpProtocol: tcp | |
| FromPort: '6379' | |
| ToPort: '6379' | |
| SourceSecurityGroupId: | |
| Ref: ServerlessSecurityGroup | |
| ServerlessCacheSubnetGroup: | |
| Type: AWS::ElastiCache::SubnetGroup | |
| Properties: | |
| Description: "Cache Subnet Group" | |
| SubnetIds: | |
| - Ref: PrivateSubnetA | |
| ElasticCacheCluster: | |
| DependsOn: ServerlessStorageSecurityGroup | |
| Type: AWS::ElastiCache::CacheCluster | |
| Properties: | |
| AutoMinorVersionUpgrade: true | |
| Engine: redis | |
| CacheNodeType: ${self:custom.config.CACHE_INSTANCE_SIZE} | |
| NumCacheNodes: 1 | |
| VpcSecurityGroupIds: | |
| - "Fn::GetAtt": ServerlessStorageSecurityGroup.GroupId | |
| CacheSubnetGroupName: | |
| Ref: ServerlessCacheSubnetGroup | |
| custom: | |
| config: | |
| CACHE_INSTANCE_SIZE: cache.t2.micro |
no probs :)
I use it all the time, thanks!
uhhhh... anyway to simplyfy this to an existing elasti cache cluster?
interesting but, why did you create also a public gateway, a public subnet, a public routing table, a public route if you don't use them?
I am getting :
` Error --------------------------------------------------
Error: {"errorMessage":"You're not authorized to access this resource. - Please contact support and provide this identifier to reference this issue - QVFQVQTP3V4B"}
at _callee$ (/usr/local/lib/node_modules/serverless/node_modules/@serverless/platform-sdk/src/utils/checkHttpResponse.js:19:9)
at tryCatch (/usr/local/lib/node_modules/serverless/node_modules/regenerator-runtime/runtime.js:45:40)
at Generator.invoke [as _invoke] (/usr/local/lib/node_modules/serverless/node_modules/regenerator-runtime/runtime.js:271:22)
at Generator.prototype.(anonymous function) [as next] (/usr/local/lib/node_modules/serverless/node_modules/regenerator-runtime/runtime.js:97:21)
at step (/usr/local/lib/node_modules/serverless/node_modules/@serverless/platform-sdk/dist/utils/checkHttpResponse.js:7:191)
at /usr/local/lib/node_modules/serverless/node_modules/@serverless/platform-sdk/dist/utils/checkHttpResponse.js:7:361
at process._tickCallback (internal/process/next_tick.js:68:7)
For debugging logs, run again after setting the "SLS_DEBUG=*" environment variable.
Get Support --------------------------------------------
Docs: docs.serverless.com
Bugs: github.com/serverless/serverless/issues
Issues: forum.serverless.com
Your Environment Information ---------------------------
Operating System: darwin
Node Version: 10.16.0
Framework Version: 1.61.3
Plugin Version: 3.3.0
SDK Version: 2.3.0
Components Core Version: 1.1.2
Components CLI Version: 1.4.0`
this can help too:
This is building a VPC? I already have a VPC with REDIS within it. How would I get to it? An example of that would be shorter to read through as well. :)
Thanks for share this ☺
Getting tis warning
Warning: Invalid configuration encountered
at 'functions.trigger.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items
at 'functions.status.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items
at 'functions.transform.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items
@dheerdotk I had the same issue. Perhaps the serverless.yml syntax has changed this this was posted. I was able to get it to work by updating all the instances where Fn::GetAtt is being called with a string to calling them with an array. For example:
"Fn::GetAtt": ServerlessSecurityGroup.GroupId
should be changed to
Fn::GetAtt: [ServerlessSecurityGroup, GroupId]
Thank you - your example was very helpful.