mirror of
https://github.com/Hestia-Homes/Model.git
synced 2026-06-30 13:10:47 +00:00
Merge pull request #213 from Hestia-Homes/main
restructuring serverless script
This commit is contained in:
commit
2f3baae5fd
2 changed files with 73 additions and 49 deletions
|
|
@ -20,7 +20,7 @@ jobs:
|
||||||
- name: Install Serverless and plugins
|
- name: Install Serverless and plugins
|
||||||
run: |
|
run: |
|
||||||
npm install -g serverless
|
npm install -g serverless
|
||||||
# npm install -g serverless-domain-manager
|
npm install -g serverless-domain-manager
|
||||||
|
|
||||||
- name: AWS credentials for dev
|
- name: AWS credentials for dev
|
||||||
if: github.ref == 'refs/heads/dev'
|
if: github.ref == 'refs/heads/dev'
|
||||||
|
|
|
||||||
|
|
@ -12,63 +12,87 @@ provider:
|
||||||
DOMAIN_NAME: ${env:DOMAIN_NAME}
|
DOMAIN_NAME: ${env:DOMAIN_NAME}
|
||||||
ECR_URI: ${env:ECR_URI}
|
ECR_URI: ${env:ECR_URI}
|
||||||
GITHUB_SHA: ${env:GITHUB_SHA}
|
GITHUB_SHA: ${env:GITHUB_SHA}
|
||||||
|
iam:
|
||||||
|
role:
|
||||||
|
name: fastapi_backend_${env:PLAN_TRIGGER_BUCKET}_access
|
||||||
|
statements:
|
||||||
|
# Allow reading from MODEL_DIRECTORY_BUCKET and DATA_BUCKET
|
||||||
|
- Effect: Allow
|
||||||
|
Action:
|
||||||
|
- s3:GetObject
|
||||||
|
- s3:ListBucket
|
||||||
|
Resource:
|
||||||
|
- arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}
|
||||||
|
- arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}/*
|
||||||
|
- arn:aws:s3:::${env:DATA_BUCKET}
|
||||||
|
- arn:aws:s3:::${env:DATA_BUCKET}/*
|
||||||
|
# Allow reading and writing to PREDICTIONS_BUCKET
|
||||||
|
- Effect: Allow
|
||||||
|
Action:
|
||||||
|
- s3:GetObject
|
||||||
|
- s3:PutObject
|
||||||
|
- s3:ListBucket
|
||||||
|
Resource:
|
||||||
|
- arn:aws:s3:::${env:PREDICTIONS_BUCKET}
|
||||||
|
- arn:aws:s3:::${env:PREDICTIONS_BUCKET}/*
|
||||||
|
|
||||||
|
|
||||||
#plugins:
|
|
||||||
# - serverless-domain-manager
|
plugins:
|
||||||
#
|
- serverless-domain-manager
|
||||||
#custom:
|
|
||||||
# customDomain:
|
custom:
|
||||||
# domainName: api.${self:provider.environment.DOMAIN_NAME}
|
customDomain:
|
||||||
# basePath: 'sapmodel'
|
domainName: api.${self:provider.environment.DOMAIN_NAME}
|
||||||
# createRoute53Record: true
|
basePath: 'sapmodel'
|
||||||
# certificateArn: ${ssm:/ssl_certificate_arn}
|
createRoute53Record: true
|
||||||
|
certificateArn: ${ssm:/ssl_certificate_arn}
|
||||||
|
|
||||||
functions:
|
functions:
|
||||||
sap_prediction_lambda:
|
sap_prediction_lambda:
|
||||||
image:
|
image:
|
||||||
uri: ${env:ECR_URI}:${env:GITHUB_SHA}
|
uri: ${env:ECR_URI}:${env:GITHUB_SHA}
|
||||||
role: sapPredictionLambdaRole
|
# role: sapPredictionLambdaRole
|
||||||
events:
|
events:
|
||||||
- http:
|
- http:
|
||||||
path: /predict
|
path: /predict
|
||||||
method: POST
|
method: POST
|
||||||
|
|
||||||
resources:
|
#resources:
|
||||||
Resources:
|
# Resources:
|
||||||
sapPredictionLambdaRole:
|
# sapPredictionLambdaRole:
|
||||||
Type: AWS::IAM::Role
|
# Type: AWS::IAM::Role
|
||||||
Properties:
|
# Properties:
|
||||||
RoleName: sap-prediction-lambda-role
|
# RoleName: sap-prediction-lambda-role
|
||||||
AssumeRolePolicyDocument:
|
# AssumeRolePolicyDocument:
|
||||||
Version: '2012-10-17'
|
# Version: '2012-10-17'
|
||||||
Statement:
|
# Statement:
|
||||||
- Effect: Allow
|
# - Effect: Allow
|
||||||
Principal:
|
# Principal:
|
||||||
Service:
|
# Service:
|
||||||
- lambda.amazonaws.com
|
# - lambda.amazonaws.com
|
||||||
Action: sts:AssumeRole
|
# Action: sts:AssumeRole
|
||||||
Policies:
|
# Policies:
|
||||||
- PolicyName: sapPredictionLambdaS3Access
|
# - PolicyName: sapPredictionLambdaS3Access
|
||||||
PolicyDocument:
|
# PolicyDocument:
|
||||||
Version: '2012-10-17'
|
# Version: '2012-10-17'
|
||||||
Statement:
|
# Statement:
|
||||||
# Allow reading from MODEL_DIRECTORY_BUCKET and DATA_BUCKET
|
# # Allow reading from MODEL_DIRECTORY_BUCKET and DATA_BUCKET
|
||||||
- Effect: Allow
|
# - Effect: Allow
|
||||||
Action:
|
# Action:
|
||||||
- s3:GetObject
|
# - s3:GetObject
|
||||||
- s3:ListBucket
|
# - s3:ListBucket
|
||||||
Resource:
|
# Resource:
|
||||||
- arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}
|
# - arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}
|
||||||
- arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}/*
|
# - arn:aws:s3:::${env:MODEL_DIRECTORY_BUCKET}/*
|
||||||
- arn:aws:s3:::${env:DATA_BUCKET}
|
# - arn:aws:s3:::${env:DATA_BUCKET}
|
||||||
- arn:aws:s3:::${env:DATA_BUCKET}/*
|
# - arn:aws:s3:::${env:DATA_BUCKET}/*
|
||||||
# Allow reading and writing to PREDICTIONS_BUCKET
|
# # Allow reading and writing to PREDICTIONS_BUCKET
|
||||||
- Effect: Allow
|
# - Effect: Allow
|
||||||
Action:
|
# Action:
|
||||||
- s3:GetObject
|
# - s3:GetObject
|
||||||
- s3:PutObject
|
# - s3:PutObject
|
||||||
- s3:ListBucket
|
# - s3:ListBucket
|
||||||
Resource:
|
# Resource:
|
||||||
- arn:aws:s3:::${env:PREDICTIONS_BUCKET}
|
# - arn:aws:s3:::${env:PREDICTIONS_BUCKET}
|
||||||
- arn:aws:s3:::${env:PREDICTIONS_BUCKET}/*
|
# - arn:aws:s3:::${env:PREDICTIONS_BUCKET}/*
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue