forked from bahrmichael/aws-scheduler
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathserverless.yml
164 lines (154 loc) · 4.56 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
service: aws-scheduler-v2
provider:
name: aws
runtime: python3.8
stage: ${opt:stage, 'prod'}
region: ${opt:region, 'eu-west-2'}
environment:
STAGE: "${self:provider.stage}"
tags:
department: research
project: aws-scheduler
apiKeys:
- name: api-key-${self:provider.stage}
iamRoleStatements:
- Effect: Allow
Action:
- dynamodb:DescribeTable
- dynamodb:DeleteItem
- dynamodb:Scan
- dynamodb:PutItem
- dynamodb:DescribeTable
- dynamodb:Query
- dynamodb:GetItem
- dynamodb:GetShardIterator
- dynamodb:UpdateItem
Resource:
- "${self:custom.table.arn}"
- "${self:custom.cron_table.arn}"
- "Fn::Join": ["/", ["${self:custom.table.arn}", "index/*"]]
- Effect: Allow
Action:
- lambda:InvokeFunction
Resource: { "Fn::Join": [":", ["arn:aws:lambda:${self:provider.region}", { "Ref": "AWS::AccountId" }, "function", "${self:custom.scheduleFunction}" ] ] }
- Effect: Allow
Action:
- SQS:SendMessage
Resource:
- "${self:custom.queue.arn}"
- Effect: Allow
Action:
- SNS:Publish
Resource:
- "*"
- Effect: Allow
Action:
- cloudwatch:PutMetricData
Resource: "*"
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource: "*"
custom:
customDomain:
domainName: platformschedular.oneadvanced.io
stage: prod
basePath: ''
certificateName: 'platformschedular.oneadvanced.io'
createRoute53Record: true
endpointType: 'regional'
securityPolicy: tls_1_2
apiType: rest
autoDomain: false
wsgi:
app: app.app
packRequirements: false
pythonRequirements:
dockerizePip: non-linux
inbound:
name: "scheduler-input-v2-${self:provider.stage}"
arn: { "Fn::Join": [":", ["arn:aws:sns:${self:provider.region}", { "Ref": "AWS::AccountId" }, "${self:custom.inbound.name}" ] ] }
queue:
name: "scheduler-queue-v2-${self:provider.stage}"
arn: { "Fn::Join": [":", ["arn:aws:sqs:${self:provider.region}", { "Ref": "AWS::AccountId" }, "${self:custom.queue.name}" ] ] }
url: { "Fn::Join": ["/", ["https://sqs.${self:provider.region}.amazonaws.com", { "Ref": "AWS::AccountId" }, "${self:custom.queue.name}" ] ] }
table:
arn: { "Fn::Join": [":", ["arn:aws:dynamodb:${self:provider.region}", { "Ref": "AWS::AccountId" }, "table/aws-scheduler-events-v2-${self:provider.stage}" ] ] }
cron_table:
arn: { "Fn::Join": [":", ["arn:aws:dynamodb:${self:provider.region}", { "Ref": "AWS::AccountId" }, "table/aws-scheduler-cron-events-v2-${self:provider.stage}" ] ] }
scheduleFunction: "aws-scheduler-v2-${self:provider.stage}-scheduler"
functions:
consumer:
handler: handler.consumer
events:
- sns:
arn:
Fn::Join:
- ':'
- - 'arn:aws:sns'
- Ref: 'AWS::Region'
- Ref: 'AWS::AccountId'
- "${self:custom.inbound.name}"
topicName: "${self:custom.inbound.name}"
environment:
ENFORCE_USER: true
QUEUE_URL: "${self:custom.queue.url}"
tags:
resource: aws-scheduler-consumer
eventLoader:
handler: handler.event_loader
events:
- schedule: rate(1 minute)
environment:
SCHEDULE_FUNCTION: "${self:custom.scheduleFunction}"
# when we have to wait for DynamoDB autoscaling we may exceed the default of 6s
timeout: 30
tags:
resource: aws-scheduler-event-loader
scheduler:
handler: handler.scheduler
environment:
QUEUE_URL: "${self:custom.queue.url}"
# when we have to wait for DynamoDB autoscaling we may exceed the default of 6s
timeout: 30
tags:
resource: aws-scheduler-scheduler
emitter:
handler: handler.emitter
events:
- sqs:
arn:
Fn::Join:
- ':'
- - arn
- aws
- sqs
- Ref: AWS::Region
- Ref: AWS::AccountId
- "${self:custom.queue.name}"
timeout: 20
tags:
resource: aws-scheduler-emitter
app:
handler: wsgi.handler
events:
- http:
path: /
method: ANY
private: true
- http:
path: '{proxy+}'
method: ANY
private: true
environment:
TOPIC_URL: "${self:custom.inbound.arn}"
plugins:
- serverless-domain-manager
- serverless-python-requirements
- serverless-wsgi
package:
exclude:
- venv/**
- node_modules/**