serverless.yml

service: passwordbreachcheck

frameworkVersion: '2'

provider:
  name: aws
  apiGateway:
    shouldStartNameWithService: true

  stage: dev
  region: ca-central-1
  environment:
    DYNAMODB_TABLE: ${self:service}-${opt:stage, self:provider.stage}
    S3_BUCKET: ${self:service}-${opt:stage, self:provider.stage}
  iamRoleStatements:
    - Effect: Allow
      Action:
        - dynamodb:Query
        - dynamodb:Scan
        - dynamodb:GetItem
        - dynamodb:PutItem
        - dynamodb:UpdateItem
        - dynamodb:DeleteItem
        - dynamodb:BatchWriteItem
      Resource: "arn:aws:dynamodb:${opt:region, self:provider.region}:*:table/${self:provider.environment.DYNAMODB_TABLE}"
    - Effect: Allow
      Action:
        - s3:*
      Resource: "arn:aws:s3:::${self:service}-${opt:stage, self:provider.stage}/*"

functions:

  checkhash:
    runtime: nodejs12.x
    handler: checkhash.checkhash
    events:
      - http:
          path: checkhash/{hash}
          method: get
          cors: true

  html:
    runtime: nodejs12.x
    handler: static.html
    events:
      - http:
          path: /
          method: get

  importpassword:
    runtime: python3.7
    timeout: 900
    handler: ImportPassword.CSVtoDynamoDB
    events:
      - s3:
          bucket: ${self:service}-${opt:stage, self:provider.stage}
          event: s3:ObjectCreated:*
          rules:
            - suffix: .csv

resources:
  Resources:
    PasswordBreachCheckTable:
      Type: 'AWS::DynamoDB::Table'
      DeletionPolicy: Retain
      Properties:
        AttributeDefinitions:
          -
            AttributeName: passwordhash
            AttributeType: S
        KeySchema:
          -
            AttributeName: passwordhash
            KeyType: HASH
        BillingMode: PAY_PER_REQUEST
        TableName: ${self:provider.environment.DYNAMODB_TABLE}

plugins: 
    - serverless-dynamodb-fixtures
    - serverless-aws-static-file-handler

custom:
  fixtures:
      rules:
      - table: ${self:provider.environment.DYNAMODB_TABLE} 
        enable: true
        sources:
          - ./sampledata.json