-
Notifications
You must be signed in to change notification settings - Fork 3
/
serverless.yml
347 lines (346 loc) · 10.9 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
service: sqsbrowserevents
provider:
name: aws
runtime: python2.7
deploymentBucket: ${opt:region}-reuters-serverless-artifactory
stage: ${opt:env}
defPoolName: "sqs_browser"
defVersion: "0.0.0"
defCognitoRegion: ""
cfLogs: true
region: ${opt:region}
stackTags:
application: sqs-browser-events
environment: ${opt:env}
release-tag: ${self:custom.version}
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:DescribeTable
- dynamodb:UpdateItem
- dynamodb:DeleteItem
- dynamodb:GetRecords
- dynamodb:BatchWriteItem
- dynamodb:GetShardIterator
- dynamodb:DescribeStream
- dynamodb:ListStreams
Resource:
- "arn:aws:dynamodb:${self:custom.region}:*:table/${self:custom.sessionTable}*"
- "arn:aws:dynamodb:${self:custom.region}:*:table/${self:custom.historyTable}*"
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource: "arn:aws:logs:*:*:*"
- Effect: Allow
Action:
- lambda:*
Resource: "*"
- Effect: Allow
Action:
- kinesis:GetRecords
- kinesis:GetShardIterator
- kinesis:DescribeStream
- kinesis:ListStreams
- kinesis:PutRecord
Resource: "*"
- Effect: Allow
Action:
- cognito-identity:*
Resource: "*"
- Effect: Allow
Action:
- sqs:*
Resource: "*"
environment:
COGNITO_REGION: ${self:custom.cognitoRegion}
SESSION_TABLE: ${self:custom.sessionTable}
SESSION_TABLE_ACCOUNT_GSI: ${self:custom.sessionTable}-gsi-account
COGNITO_IDENTITY_POOL: ${self:custom.cognitoPoolName}
SQS_QUEUE_PREFIX: ${self:custom.sqsQueuePrefix}
HISTORY_TABLE: ${self:custom.historyTable}
SQS_SENDER_LAMBDA: ${self:custom.sqsSender}
DISPATCHER_LAMBDA: ${self:custom.eventDispatcher}
DISPATCHER_BATCH_SIZE: 20
MAX_MSG_LIST_LENGTH: 50
SQS_MESSAGE_RETENTION_PERIOD: 3600
SESSION_TTL: 3600
USER_MESSAGE_TTL: 86400
USER_HISTORY_ADDER_LAMBDA: ${self:custom.userHistoryAdder}
SEND_READ_RECEIPTS_VIA_SQS: 1
EVENT_STREAM: ${self:custom.browserEventStream}
READ_RECEIPT_ADDER_CHUNK_SIZE: 50
include:
- lib/**
custom:
cognitoRegion: ${opt:cognito-region, self:provider.defCognitoRegion}
version: ${opt:version, self:provider.defVersion}
region: ${opt:region}
sqsQueuePrefix: cognito-sqs-${opt:env}
sessionTable: ${opt:env}-sqs-browser-sessions
browserEventStream: ${opt:env}-sqs-browser-event-stream
historyTable: ${opt:env}-sqs-browser-messages
# function names
sqsSender: ${opt:env}-sqs-browser-sender
userHistoryAdder: ${opt:env}-sqs-browser-user-hist-adder
eventDispatcher: ${opt:env}-sqs-browser-event-dispatcher
sessionUpdateProcessor: ${opt:env}-sqs-browser-session-updates
sessionManagerAPI: ${opt:env}-sqs-browser-session-manager-api
userMessageAPI: ${opt:env}-sqs-browser-user-messages
cognitoPoolName: ${opt:poolname, self:provider.defPoolName}
functions:
SessionUpdateProcessor:
handler: session_update.lambda_handler
name: ${self:custom.sessionUpdateProcessor}
memorySize: 128
timeout: 300
description: Listen for changes from the session table, and remove unused SQS queues, version ${self:custom.version}
events:
- stream:
type: dynamodb
batchSize: 100
arn:
Fn::GetAtt:
- sessionTable
- StreamArn
SessionManagerAPI:
handler: session_manager.api_gateway_handler
name: ${self:custom.sessionManagerAPI}
memorySize: 512
timeout: 55
description: API Gateway for session creation, removal, version ${self:custom.version}
events:
- http:
method: get
path: /create/{accountId}/{userId}/{sessionId}
- http:
method: get
path: /destroy/{accountId}/{userId}/{sessionId}
- http:
method: get
path: /renew/{accountId}/{userId}/{sessionId}
- http:
method: get
path: /status/{accountId}/{userId}/{sessionId}
- http:
method: get
path: /status
- http:
method: get
path: /cleanup
SQSSender:
handler: sqs_sender.lambda_handler
name: ${self:custom.sqsSender}
memorySize: 128
timeout: 300
description: send a batch of messages to SQS queues, version ${self:custom.version}
UserHistoryAdder:
handler: user_history_adder.lambda_handler
name: ${self:custom.userHistoryAdder}
memorySize: 256
timeout: 300
description: add batch of user history entries to DynamoDB, version ${self:custom.version}
EventDispatcher:
handler: dispatcher.lambda_handler
name: ${self:custom.eventDispatcher}
memorySize: 512
timeout: 300
description: dispatch user messsages, invoke directly or via Kinesis stream, version ${self:custom.version}
events:
- stream:
type: kinesis
batchSize: 5
arn:
Fn::GetAtt:
- browserEventStream
- Arn
UserMessageAPI:
handler: user_message_api.api_gateway_handler
name: ${self:custom.userMessageAPI}
memorySize: 512
timeout: 300
description: respond to queries about user messages, version ${self:custom.version}
events:
- http:
method: get
path: /messages/user/{userId}
- http:
method: get
path: /messages/set-read/user/{userId}/message/{messageId}
- http:
method: post
path: /messages/set-read/user/{userId}
- http:
method: get
path: /messages/set-read/user/{userId}/asof/{tstamp}
DispatcherAPI:
handler: dispatcher.api_gateway_handler
name: ${opt:env}-sqs-browser-dispatcher-api
memorySize: 256
timeout: 300
description: dispatch user messsages, version ${self:custom.version}
events:
- http:
method: get
path: /notify
- http:
method: get
path: /notify/account/{accountId}
- http:
method: get
path: /notify/user/{userId}/session/{sessionId}
- http:
method: get
path: /notify/user/{userId}
resources:
Resources:
ApiGatewayMethodCreateAccountidVarUseridVarSessionidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodMessagesUserUseridVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodDestroyAccountidVarUseridVarSessionidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodRenewAccountidVarUseridVarSessionidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodStatusAccountidVarUseridVarSessionidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodStatusGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodCleanupGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodNotifyGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodNotifyAccountAccountidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodNotifyUserUseridVarSessionSessionidVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodNotifyUserUseridVarGet:
Properties:
AuthorizationType: AWS_IAM
ApiGatewayMethodMessagesSetDashreadUserUseridVarMessageMessageidVarGet:
Properties:
AuthorizationType: AWS_IAM
browserEventStream:
Type: AWS::Kinesis::Stream
DeletionPolicy: Retain
Properties:
Name: ${self:custom.browserEventStream}
ShardCount: 10
noticeHistoryTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: ${self:custom.historyTable}
AttributeDefinitions:
- AttributeName: userId
AttributeType: N
- AttributeName: messageId
AttributeType: S
KeySchema:
- AttributeName: userId
KeyType: HASH
- AttributeName: messageId
KeyType: RANGE
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
sessionTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: ${self:custom.sessionTable}
AttributeDefinitions:
- AttributeName: accountId
AttributeType: N
- AttributeName: sessionId
AttributeType: S
- AttributeName: userId
AttributeType: N
KeySchema:
- AttributeName: userId
KeyType: HASH
- AttributeName: sessionId
KeyType: RANGE
GlobalSecondaryIndexes:
- IndexName: ${self:custom.sessionTable}-gsi-account
KeySchema:
- AttributeName: accountId
KeyType: HASH
Projection:
ProjectionType: ALL
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
StreamSpecification:
StreamViewType: NEW_AND_OLD_IMAGES
sessionManagerAPIErrorMetricFilter:
Type: "AWS::Logs::MetricFilter"
Properties:
LogGroupName:
Ref: SessionManagerAPILogGroup
FilterPattern: "[ERROR]"
MetricTransformations:
-
MetricValue: "1"
MetricNamespace: "${opt:env}-SQSBrowser"
MetricName: "ErrorCount"
userMessageAPIErrorMetricFilter:
Type: "AWS::Logs::MetricFilter"
Properties:
LogGroupName:
Ref: UserMessageAPILogGroup
FilterPattern: "[ERROR]"
MetricTransformations:
-
MetricValue: "1"
MetricNamespace: "${opt:env}-SQSBrowser"
MetricName: "ErrorCount"
sqsSenderErrorMetricFilter:
Type: "AWS::Logs::MetricFilter"
Properties:
LogGroupName:
Ref: SQSSenderLogGroup
FilterPattern: "[ERROR]"
MetricTransformations:
-
MetricValue: "1"
MetricNamespace: "${opt:env}-SQSBrowser"
MetricName: "ErrorCount"
userHistoryAdderErrorMetricFilter:
Type: "AWS::Logs::MetricFilter"
Properties:
LogGroupName:
Ref: UserHistoryAdderLogGroup
FilterPattern: "[ERROR]"
MetricTransformations:
-
MetricValue: "1"
MetricNamespace: "${opt:env}-SQSBrowser"
MetricName: "ErrorCount"
eventDispatcherErrorMetricFilter:
Type: "AWS::Logs::MetricFilter"
Properties:
LogGroupName:
Ref: EventDispatcherLogGroup
FilterPattern: "[ERROR]"
MetricTransformations:
-
MetricValue: "1"
MetricNamespace: "${opt:env}-SQSBrowser"
MetricName: "ErrorCount"