-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathserverless.yml
166 lines (150 loc) · 4.6 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
# Welcome to Serverless!
#
# This file is the main config file for your service.
# It's very minimal at this point and uses default values.
# You can always add more config options for more control.
# We've included some commented out config examples here.
# Just uncomment any of them to get that config option.
#
# For full config options, check the docs:
# docs.serverless.com
#
# Happy Coding!
service:
name: ${self:custom.serviceName}
awsKmsKeyArn: ${self:custom.kmsKeyArn}
package:
individually: true
# You can pin your service to only deploy with a specific Serverless version
# Check out our docs for more details
# frameworkVersion: "=X.X.X"
provider:
name: aws
runtime: nodejs6.10
memorySize: 128
environment:
jwtSecret: ${s3:${self:custom.serviceName}-${opt:stage}-secrets/jwtSecret}
LOG_LEVEL: debug
iamRoleStatements:
-
Effect: Allow
Action:
- 'kms:Decrypt'
Resource: ${self:custom.kmsKeyArn}
-
Effect: Allow
Action:
- dynamodb:DescribeTable
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
Resource: "arn:aws:dynamodb:${opt:region}:${self:custom.accountId}:table/*"
-
Effect: Allow
Action:
- rekognition:ListCollections
- rekognition:CreateCollection
- rekognition:IndexFaces
- rekognition:SearchFacesByImage
Resource: "arn:aws:rekognition:${opt:region}:${self:custom.accountId}:collection/*"
-
Effect: Allow
Action:
- s3:GetObject
Resource: "arn:aws:s3:::${self:custom.serviceName}-${opt:stage}-photos/*"
-
Effect: Allow
Action:
- sns:Publish
Resource: ${self:custom.matchesSNSTopicArn}
plugins:
- serverless-webpack
- serverless-aws-documentation
- serverless-dynamodb-autoscaling
custom:
serviceName: ratio-amz-rekognition
accountId: ${env:${opt:stage}_AWS_ACCOUNT_ID}
kmsKeyArn: ${env:${opt:stage}_AWS_KMS_KEY_ARN}
facesMetadataTableName: ${self:custom.serviceName}-${opt:stage}-faces-metadata
matchesSNSTopicName: ${self:custom.serviceName}-${opt:stage}-matches-topic
matchesSNSTopicArn: arn:aws:sns:${opt:region}:${self:custom.accountId}:${self:custom.matchesSNSTopicName}
serviceVersion: ${env:SERVICE_VERSION}
capacities:
- table: facesMetadataTable
read:
minimum: 10 # Minimum read capacity
maximum: 1000 # Maximum read capacity
usage: 0.75 # Targeted usage percentage
write:
minimum: 10 # Minimum write capacity
maximum: 200 # Maximum write capacity
usage: 0.5 # Targeted usage percentage
functions:
indexFace:
handler: src/handlers/indexFace/index.default
memorySize: 128
timeout: 30
events:
- s3:
bucket: ${self:custom.serviceName}-${opt:stage}-photos
event: s3:ObjectCreated:*
rules:
- prefix: indexFaces/
- suffix: .jpg
environment:
facesMetadataTable: ${self:custom.facesMetadataTableName}
searchFaces:
handler: src/handlers/searchFaces/index.default
memorySize: 128
timeout: 30
events:
- s3:
bucket: ${self:custom.serviceName}-${opt:stage}-photos
event: s3:ObjectCreated:*
rules:
- prefix: searchFaces/
- suffix: .jpg
environment:
facesMetadataTable: ${self:custom.facesMetadataTableName}
matchesSNSTopic: ${self:custom.matchesSNSTopicArn}
serviceStatus:
handler: src/handlers/serviceStatus/index.default
memorySize: 128
timeout: 5
events:
- http:
path: /
method: GET
authorizer: apiAuthorizer
environment:
serviceVersion: ${self:custom.serviceVersion}
apiAuthorizer:
handler: src/handlers/apiAuthorizer/index.default
# you can add CloudFormation resource templates here
resources:
Resources:
facesMetadataTable:
Type: "AWS::DynamoDB::Table"
Properties:
AttributeDefinitions:
-
AttributeName: "faceId"
AttributeType: "S"
KeySchema:
-
AttributeName: "faceId"
KeyType: "HASH"
ProvisionedThroughput:
ReadCapacityUnits: "10"
WriteCapacityUnits: "10"
TableName: "${self:custom.facesMetadataTableName}"
matchesSNSTopic:
Type: "AWS::SNS::Topic"
Properties:
TopicName: "${self:custom.matchesSNSTopicName}"
Subscription:
- Endpoint: "${env:${opt:stage}_SNS_EMAIL}"
Protocol: "email"