-
Notifications
You must be signed in to change notification settings - Fork 0
/
serverless.yaml
128 lines (124 loc) · 4.26 KB
/
serverless.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# "org" ensures this Service is used with the correct Serverless Framework Access Key.
org: nananah
service: curve-lend-telegram-bot
provider:
name: aws
runtime: nodejs20.x
memorySize: 1024 # optional, in MB, default is 1024
timeout: 10 # optional, in seconds, default is 6
versionFunctions: false # optional, default is true
tracing:
lambda: true # optional, enables tracing for all functions (can be true (true equals 'Active') 'Active' or 'PassThrough')
environment:
BOT_TOKEN_DEV: ${env:BOT_TOKEN_DEV}
BOT_TOKEN_PROD: ${env:BOT_TOKEN_PROD}
DRPC_KEY: ${env:DRPC_KEY}
AWS_ACCOUNT_ID: ${env:AWS_ACCOUNT_ID}
SQS_URL: ${construct:address-queue-worker.queueUrl}
SLS_STAGE: ${sls:stage}
iam:
role:
statements:
- Effect: 'Allow'
Action:
- 'dynamodb:PutItem'
- 'dynamodb:Get*'
- 'dynamodb:BatchGetItem'
- 'dynamodb:Scan*'
- 'dynamodb:Query*'
- 'dynamodb:UpdateItem'
- 'dynamodb:DeleteItem'
- 'dynamodb:DescribeTable'
Resource: arn:aws:dynamodb:${aws:region}:${aws:accountId}:table/${sls:stage}-WatchedAddresses
- Effect: 'Allow'
Action:
- 'dynamodb:PutItem'
- 'dynamodb:Scan*'
- 'dynamodb:DeleteItem'
- 'dynamodb:DescribeTable'
Resource: arn:aws:dynamodb:${aws:region}:${aws:accountId}:table/${sls:stage}-NewlyAddedAddresses
- Effect: "Allow"
Resource: "*"
Action:
- "sns:*"
- "cloudwatch:PutMetricData"
functions:
echo:
handler: functions/chat.handler
name: ${sls:stage}-curve-lend-telegram-bot-chat
logRetentionInDays: 7
timeout: 20
events:
- httpApi:
method: POST
path: /telegraf
address-queue-publisher:
handler: functions/sqs-publisher.handler
name: ${sls:stage}-curve-lend-telegram-bot-sqs-publisher
logRetentionInDays: 7
events:
- schedule:
rate: rate(5 minutes)
new-address-worker:
handler: functions/sns-worker.handler
name: ${sls:stage}-curve-lend-telegram-bot-sns-worker
logRetentionInDays: 7
events:
- sns: ${sls:stage}-dispatch-new-address
new-address-list-trimmer:
handler: functions/new-address-list-trimmer.handler
name: ${sls:stage}-curve-lend-telegram-bot-new-address-list-trimmer
logRetentionInDays: 7
events:
- schedule:
rate: rate(1 hour)
dynamodb-item-count-to-cloudwatch:
handler: functions/dynamodb-item-count-to-cloudwatch.handler
name: ${sls:stage}-curve-lend-telegram-bot-dynamodb-stats-to-cloudwatch
logRetentionInDays: 1
events:
- schedule:
rate: rate(6 hours)
constructs:
address-queue-worker:
type: queue
worker:
handler: functions/sqs-worker.handler
name: ${sls:stage}-curve-lend-telegram-bot-address-queue-worker
logRetentionInDays: 7
timeout: 120
alarm: ${env:SQS_DEAD_LETTER_QUEUE_NOTIFICATION_EMAIL}
encryption: 'kmsManaged'
batchSize: 20 # Get 100 queued items at a time; IF this number needs to go higher, then sqs-worker.js and its associated getUsersData.js will need to be reworked because BatchGetCommand allows max 100 entries requested at once
maxBatchingWindow: 60 # Seconds (consume 100 items at a time, or less if threshold not reached after 60s)
maxConcurrency: 2 # At most 2 concurrent lambdas invoked at once
resources:
Resources:
WatchedAddresses:
Type: AWS::DynamoDB::Table
Properties:
TableName: ${sls:stage}-WatchedAddresses
BillingMode: PAY_PER_REQUEST
AttributeDefinitions:
- AttributeName: telegram_user_id
AttributeType: N
KeySchema:
- AttributeName: telegram_user_id
KeyType: HASH
SSESpecification:
SSEEnabled: true
NewlyAddedAddresses:
Type: AWS::DynamoDB::Table
Properties:
TableName: ${sls:stage}-NewlyAddedAddresses
BillingMode: PAY_PER_REQUEST
AttributeDefinitions:
- AttributeName: user_id_and_address
AttributeType: S
KeySchema:
- AttributeName: user_id_and_address
KeyType: HASH
SSESpecification:
SSEEnabled: true
plugins:
- serverless-lift