-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserverless.yml
242 lines (219 loc) · 6.2 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
service: eztoll
frameworkVersion: "2"
provider:
name: aws
runtime: go1.x
lambdaHashingVersion: 20201221
stage: dev
region: us-east-1
memorySize: 128
timeout: 3
iamRoleStatements:
- Effect: "Allow"
Action:
- "dynamodb:PutItem"
- "dynamodb:GetItem"
- "dynamodb:UpdateItem"
- "dynamodb:Query"
Resource:
- !GetAtt TollTable.Arn
- Effect: "Allow"
Action:
- "rekognition:DetectText"
Resource:
- "*"
- Effect: "Allow"
Action:
- "sqs:SendMessage"
- "sqs:SendMessageBatch"
Resource:
- !GetAtt PaymentQueue.Arn
- !GetAtt PaymentDLQ.Arn
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource:
- !Join ["/", [!GetAtt RawImageBucket.Arn, "*"]]
environment:
TOLLTABLE: !Ref TollTable
PAYMENTQUEUE: !Ref PaymentQueue
PAYMENTDLQ: !Ref PaymentDLQ
RAWIMAGEDLQ: !Ref RawImageDLQ
package:
patterns:
- "!./**"
- ./bin/**
functions:
ProcessRawImages:
handler: bin/process_raw_images
reservedConcurrency: 1
events:
- sqs:
batchSize: 10
maximumRetryAttempts: 1
arn: !GetAtt RawImageQueue.Arn
ProcessEvents:
handler: bin/process_events
reservedConcurrency: 1
timeout: 60
ProcessPayments:
handler: bin/process_payments
reservedConcurrency: 1
events:
- sqs:
batchSize: 10
maximumRetryAttempts: 1
arn: !GetAtt PaymentQueue.Arn
PostPayment:
handler: bin/post_payment
reservedConcurrency: 1
events:
- http:
path: payment
method: post
GetTolls:
handler: bin/get_tolls
reservedConcurrency: 1
events:
- http:
path: tolls/{id}
method: get
resources:
Resources:
RawImageBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:service}-${self:provider.stage}-rawimages
AccessControl: Private
NotificationConfiguration:
QueueConfigurations:
- Event: s3:ObjectCreated:Put
Queue: !GetAtt RawImageQueue.Arn
LifecycleConfiguration:
Rules:
- Status: Enabled
Transitions:
- TransitionInDays: 30
StorageClass: STANDARD_IA
ArchivedImagesBucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
TableEventBucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
TollTable:
Type: AWS::DynamoDB::Table
Properties:
AttributeDefinitions:
- AttributeName: plate_num
AttributeType: S
- AttributeName: id
AttributeType: S
KeySchema:
- AttributeName: plate_num
KeyType: HASH
- AttributeName: id
KeyType: RANGE
BillingMode: PAY_PER_REQUEST
KinesisStreamSpecification:
StreamArn: !GetAtt TableEventStream.Arn
TableEventStream:
Type: AWS::Kinesis::Stream
Properties:
ShardCount: 1
TableEventDeliveryStream:
Type: AWS::KinesisFirehose::DeliveryStream
Properties:
DeliveryStreamType: KinesisStreamAsSource
KinesisStreamSourceConfiguration:
KinesisStreamARN: !GetAtt TableEventStream.Arn
RoleARN: !GetAtt TableEventDeliveryRole.Arn
ExtendedS3DestinationConfiguration:
BucketARN: !GetAtt TableEventBucket.Arn
RoleARN: !GetAtt TableEventDeliveryRole.Arn
ProcessingConfiguration:
Enabled: true
Processors:
- Type: Lambda
Parameters:
- ParameterName: LambdaArn
ParameterValue: !GetAtt ProcessEventsLambdaFunction.Arn
RawImageQueue:
Type: AWS::SQS::Queue
Properties:
RedrivePolicy:
deadLetterTargetArn: !GetAtt RawImageDLQ.Arn
maxReceiveCount: 1
RawImageQueuePolicy:
Type: AWS::SQS::QueuePolicy
Properties:
Queues:
- !Ref RawImageQueue
PolicyDocument:
Statement:
- Effect: Allow
Action:
- SQS:SendMessage
Resource: !GetAtt RawImageQueue.Arn
Principal:
Service: s3.amazonaws.com
Condition:
ArnLike:
aws:SourceArn: arn:aws:s3:*:*:${self:service}-${self:provider.stage}-rawimages
RawImageDLQ:
Type: AWS::SQS::Queue
Properties:
MessageRetentionPeriod: 1209600
PaymentQueue:
Type: AWS::SQS::Queue
Properties:
RedrivePolicy:
deadLetterTargetArn: !GetAtt PaymentDLQ.Arn
maxReceiveCount: 1
PaymentDLQ:
Type: AWS::SQS::Queue
Properties:
MessageRetentionPeriod: 1209600
TableEventDeliveryRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- firehose.amazonaws.com
Action:
- sts:AssumeRole
Policies:
- PolicyName: root
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- kinesis:DescribeStream
- kinesis:GetRecords
- kinesis:GetShardIterator
- kinesis:ListShards
Resource:
- !GetAtt TableEventStream.Arn
- Effect: Allow
Action:
- s3:AbortMultipartUpload
- s3:GetBucketLocation
- s3:GetObject
- s3:ListBucket
- s3:ListBucketMultipartUploads
- s3:PutObject
Resource:
- !Join ["/", [!GetAtt TableEventBucket.Arn, "*"]]
- Effect: Allow
Action:
- lambda:InvokeFunction
- lambda:GetFunctionConfiguration
Resource:
- !GetAtt ProcessEventsLambdaFunction.Arn