service: Image-Resizer provider: name: aws runtime: nodejs6.10 memorySize: 1024 # optional, default is 1024 timeout: 100 # optional, default is 6 stage: dev region: eu-west-1 role: BucketAccess environment: BUCKET: "sample-bucket" SLS_DEBUG: "*" RESIZE_LAMBDA: ${self:provider.stage}-resizeImage package: individually: true # exclude: # - bin/** # - functions/** plugins: - serverless-plugin-browserify functions: getImage: name: ${self:service}-${self:provider.stage}-getImage handler: functions/getImage/index.handler events: - http: GET {proxy+} package: include: - functions/getImage/** resizeImage: name: ${self:provider.environment.RESIZE_LAMBDA} handler: functions/resizeImage/index.handler package: include: - functions/resizeImage/** uploadImage: name: ${self:service}-${self:provider.stage}-uploadImage handler: functions/uploadImage/index.handler events: - http: POST /upload package: include: - functions/uploadImage/** # you can add CloudFormation resource templates here resources: Resources: BucketAccess: Type: AWS::IAM::Role Properties: RoleName: ${self:provider.environment.BUCKET}-S3-BUCKET-ACCESS-${self:service} AssumeRolePolicyDocument: Version: "2012-10-17" Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: sts:AssumeRole Policies: - PolicyName: ${self:provider.environment.BUCKET}-access-bucket-${self:service} PolicyDocument: Version: "2012-10-17" Statement: - Effect: Allow Action: - "s3:*" Resource: - "Fn::Join": ["", ["arn:aws:s3:::", "${self:provider.environment.BUCKET}/*"]] - Effect: Allow Action: - "lambda:InvokeFunction" Resource: - "Fn::Join": ["", ["arn:aws:lambda:", {"Ref": "AWS::Region"}, ":", {"Ref": "AWS::AccountId"}, ":function:${self:provider.environment.RESIZE_LAMBDA}"]]