This project using serverless framework.
fork from https://github.com/serverless/examples/tree/master/aws-node-github-webhook-listener
export TARGET_AWS_ACCOUNT_ID=xxx
# optional
export GITHUB_WEBHOOK_SECRET=xxx
export VPC_SG_ID=sg-xxx
export VPC_SUBNET_A_ID=xxx
export VPC_SUBNET_C_ID=xxx
export CUSTOM_DOMAIN=xxx
$ npm run create_domain
$ npm run deploy
# with serverless debug
$ SLS_DEBUG=* npm run deploy
$ npm run logs
$ npm run delete_domain
$ npm run remove
- check GitHub hooks ip address
$ curl https://api.github.com/meta
...
"hooks": [
"192.30.252.0/22",
"185.199.108.0/22",
"140.82.112.0/20"
],
...
- add resourcePolicy to serverless.yaml file
provider:
resourcePolicy:
- Effect: Allow
Principal: "*"
Action: execute-api:Invoke
Resource:
- execute-api:/*/*/*
Condition:
IpAddress:
aws:SourceIp:
- "192.30.252.0/22"
- "185.199.108.0/22"
- "140.82.112.0/20"