All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::FC::Service

Last Updated:Jul 11, 2023

ALIYUN::FC::Service is used to create a service in Function Compute. All functions of a service share the same settings, such as permission settings and log configurations. A service can have multiple functions, all of which share service resources, such as Logstores and RAM roles.

A service helps you clearly organize your business logic and serves as the basic unit for O&M management. A service can represent an application. The functions that are used to create the same application belong to a single service. Services are independent of each other and cannot share resources with each other.

Syntax

{
  "Type": "ALIYUN::FC::Service",
  "Properties": {
    "Description": String,
    "VpcConfig": Map,
    "ServiceName": String,
    "Role": String,
    "DeletionForce": Boolean,
    "Tags": List,
    "NasConfig": Map,
    "LogConfig": Map,
    "TracingConfig": Map,
    "InternetAccess": Boolean,
    "VpcBindings": List,
    "OssMountConfig": Map
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

Description

String

No

Yes

The description of the service.

None.

VpcConfig

Map

No

Yes

The configurations of the virtual private cloud (VPC). The configurations allow functions to access the specified VPC.

For more information, see VpcConfig properties.

If you want to delete the VPC configurations when you update a stack, set this property to the following value:

{
 "VpcId": "",
 "VSwitchIds": [],
 "SecurityGroupId": ""
}

ServiceName

String

Yes

No

The service name.

The name must be 1 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). It must start with a letter or an underscore (_).

Role

String

No

Yes

The Alibaba Cloud Resource Name (ARN) of the RAM role that is used to grant the required permissions to Function Compute.

You can use the RAM role in the following scenarios:

  • You want to send the function execution logs to your Logstore.

  • You want to generate a token for a function to access other Alibaba Cloud resources when the function is invoked.

NasConfig

Map

No

Yes

The configurations of Apsara File Storage NAS (NAS). The configurations allow functions to access the specified NAS resources.

For more information, see NasConfig properties.

If you want to delete the NAS configurations when you update a stack, set this property to the following value:

{
 "MountPoints": [],
 "UserId": -1,
 "GroupId": -1
}

LogConfig

Map

No

Yes

The log configurations. The function execution logs are written to the Logstore that you specify in the configurations.

For more information, see LogConfig proeprties.

TracingConfig

Map

No

Yes

The configurations of Managed Service for OpenTelemetry.

After Function Compute is integrated with Managed Service for OpenTelemetry, you can record the duration of a request in Function Compute, view the cold start duration of a function, and record the execution duration of a function.

For more information, see TracingConfig properties.

InternetAccess

Boolean

No

Yes

Specifies whether to allow the functions of the service to access the Internet.

Valid values:

  • true

  • false

DeletionForce

Boolean

No

Yes

Specifies whether to forcefully delete the service.

This property takes effect when VpcConfig is specified. Valid values:

  • true: forcefully deletes the service. The service is deleted before all elastic network interfaces (ENIs) that Function Compute creates for the service are deleted.

    Note

    If the service is created based on the vSwitch or security group that you specify in the ALIYUN::FC::Service resource type, you can set DeletionForce to true to directly delete the service.

  • false (default): does not forcefully delete the service. The service is deleted until all ENIs that Function Compute creates for the service are deleted.

If the service is created based on a vSwitch or security group created in the current stack, you can leave DeletionForce empty when you delete the service. After you delete the service, you cannot invoke the functions of the service within 1 hour. This way, the ENIs and the stack can be deleted as expected.

Tags

List

No

Yes

The tags of the service.

You can add up to 20 tags.

For more information, see Tags properties.

VpcBindings

List

No

Yes

The IDs of the VPCs that you want to bind to Function Compute.

By default, you can use public endpoints and private endpoints to invoke functions after the functions are created. If you want to invoke a function over the specified VPC, you must bind the VPC to Function Compute.

You can specify up to 20 VPCs.

OssMountConfig

Map

No

Yes

The mount configurations of Object Storage Service (OSS).

For more information, see OssMountConfig property.

LogConfig syntax

"LogConfig": {
  "Project": String,
  "Logstore": String,
  "EnableRequestMetrics": Boolean,
  "LogBeginRule": String   
}

LogConfig properties

Property

Type

Required

Editable

Description

Constraint

Project

String

No

Yes

The name of the project in LogHub.

None.

Logstore

String

No

Yes

The name of the Logstore in LogHub.

None.

EnableRequestMetrics

Boolean

No

Yes

Specifies whether to enable request monitoring.

Valid values:

  • true

  • false

LogBeginRule

String

No

Yes

The log segmentation rule.

None.

VpcConfig syntax

"VpcConfig": {
  "SecurityGroupId": String,
  "VSwitchIds": List,
  "VpcId": String
}

VpcConfig properties

Property

Type

Required

Editable

Description

Constraint

SecurityGroupId

String

Yes

Yes

The ID of the security group.

None.

VSwitchIds

List

Yes

Yes

The IDs of the vSwitches.

Separate multiple IDs with commas (,).

VpcId

String

Yes

Yes

The VPC ID.

None.

NasConfig syntax

"NasConfig": {
  "MountPoints": List,
  "UserId": Integer,
  "GroupId": Integer
}

NasConfig properties

Property

Type

Required

Editable

Description

Constraint

MountPoints

List

Yes

Yes

The mount targets.

For more information, see MountPoints properties.

UserId

Integer

Yes

Yes

The user ID.

Valid values: -1 to 65534.

GroupId

Integer

Yes

Yes

The group ID.

Valid values: -1 to 65534.

TracingConfig syntax

"TracingConfig": {
  "Type": String,
  "Params": Map
}

TracingConfig properties

Property

Type

Required

Editable

Description

Constraint

Type

String

No

Yes

The type of the tracing system.

None.

Params

Map

No

Yes

The parameters of Managed Service for OpenTelemetry.

None.

MountPoints syntax

"MountPoints": [
  {
    "ServerAddr": String,
    "MountDir": String
  }
]

MountPoints properties

Property

Type

Required

Editable

Description

Constraint

ServerAddr

String

Yes

Yes

The address of the NAS server.

None.

MountDir

String

Yes

Yes

The local mount directory.

None.

Tags syntax

"Tags": [
  {
    "Key": String,
    "Value": String
  }
]  

Tags properties

Property

Type

Required

Editable

Description

Constraint

Key

String

Yes

No

The key of the tag.

The tag key must be 1 to 128 characters in length, and cannot contain http:// or https://. It cannot start with aliyun or acs:.

Value

String

No

No

The value of the tag.

The tag value can be up to 128 characters in length, and cannot contain http:// or https://. It cannot start with aliyun or acs:.

OssMountConfig syntax

"OssMountConfig": {
  "MountPoints": List
}

OssMountConfig property

Property

Type

Required

Editable

Description

Constraint

MountPoints

List

Yes

Yes

The detailed configurations of the OSS mount targets.

For more information, see MountPoints properties.

MountPoints syntax

"MountPoints": [
  {
    "ReadOnly": "Boolean",
    "BucketName": "String",
    "BucketPath": "String",
    "EndPoint": "String",
    "MountDir": "String",
  }
]

MountPoints properties

Property

Type

Required

Editable

Description

Constraint

ReadOnly

Boolean

Yes

Yes

Specifies whether the mount targets are read-only.

Valid values:

  • true

  • false

BucketName

String

Yes

Yes

The OSS bucket that you want to mount.

None.

BucketPath

String

Yes

Yes

The path to which you want to mount the OSS bucket.

None.

EndPoint

String

Yes

Yes

The OSS endpoint.

None.

MountDir

String

Yes

Yes

The mount directory.

None.

Return values

Fn::GetAtt

  • ServiceId: the service ID. The system generates a unique ID for each service.

  • ServiceName: the service name.

  • Tags: the tags of the service.

  • Role: the ARN of the RAM role that is used to grant the required permissions to Function Compute.

  • LogProject: the log project.

  • Logstore: the Logstore.

  • InternetAccess: indicates whether the functions of the service are allowed to access the Internet.

  • VpcId: the VPC ID.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Description: Test FC
Parameters: {}
Resources:
  Service:
    Type: ALIYUN::FC::Service
    Properties:
      ServiceName: mytest
Outputs: {}                 

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Description": "Test FC",
  "Parameters": {
  },
  "Resources": {
    "Service": {
      "Type": "ALIYUN::FC::Service",
      "Properties": {
        "ServiceName": "mytest"
      }
    }
  },
  "Outputs": {
  }
}

For more examples, visit FunctionInvoker.json. In the examples, the following resource types are used: ALIYUN::FC::Service, ALIYUN::FC::Function, ALIYUN::FC::FunctionInvoker, ALIYUN::FC::Trigger, ALIYUN::FC::Version, ALIYUN::FC::Alias, and ALIYUN::FC::ProvisionConfig.