ALIYUN::FC::Service is used to create a service. A service is an object that helps you organize and manage resources in Function Compute. All functions of a service share the same configurations, such as service authorizations and logging configurations. One service can have multiple functions, all of which can share the service resources such as Logstore and service role.

Services can help you better organize your business components.

You can manage resources in the form of services. A service can represent an application. Functions used for the same application can be organized into a single service. Services are independent and cannot share resources to other services.

Syntax

{
  "Type": "ALIYUN::FC::Service",
  "Properties": {
    "Description": String,
    "VpcConfig": Map,
    "ServiceName": String,
    "Role": String,
    "NasConfig": Map,
    "LogConfig": Map,
    "InternetAccess": Boolean
  }
}

Properties

Name Type Required Editable Description Validity
Description String No Yes The description of the service. None
VpcConfig Map No Yes The VPC configuration, which enables a function to access a specific VPC. None
ServiceName String Yes Yes The name of the service. The name must be 1 to 128 characters in length.
Role String No Yes The RAM role granting Function Compute permission to execute specific functions.
  1. For example, you can authorize Function Compute to send function execution logs to the specified Logstore.
  2. The temporary STS token generated from this role can be retrieved from the function context and used to access other cloud resources.
None
NasConfig Map No Yes The NAS configuration, which enables a function to access a specific NAS file system. None
LogConfig Map No Yes The log configuration. Function Compute writes function execution logs to the configured Logstore. None
InternetAccess Boolean No Yes Indicates whether to allow a function to access the Internet. When this parameter is set to true, the function can access the Internet. None

LogConfig syntax

"LogConfig": {
  "Project": String,
  "Logstore": String
}

LogConfig properties

Name Type Required Editable Description Validity
Project String No Yes The project name in LogHub. None
Logstore String No Yes The Logstore name in LogHub. None

VpcConfig syntax

"VpcConfig": {
  "SecurityGroupId": String,
  "VSwitchIds": [String, ...],
  "VpcId": String
}

VpcConfig properties

Name Type Required Editable Description Validity
SecurityGroupId String Yes Yes The ID of the security group. None
VSwitchIds String Yes Yes The list of one or more VSwitch IDs. The list must include at least one VSwitch ID.
VpcId String Yes Yes The ID of the VPC. None

NasConfig syntax

"NasConfig": {
  "UserId": Integer,
  "GroupId": Integer,
  "MountPoints": [
    {
      "ServerAddr": String,
      "MountDir": String
    },
    ...
  ]
}

NasConfig properties

Name Type Required Editable Description Validity
UserId Integer Yes Yes The user ID used by a function to access the NAS file system. Valid values: -1 to 65534.
GroupId Integer Yes Yes The group ID used by a function to access the NAS file system. Valid values: -1 to 65534.
MountPoints List Yes Yes The list of NAS mount points in the service. None
ServerAddr String Yes Yes The remote directory in the NAS file system that the service needs to access. None
MountDir String Yes Yes The mount point in the local file system. None

Response parameters

Fn::GetAtt

ServiceId: the unique ID generated by the system for each service.

Examples

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "Service": {
      "Type": "ALIYUN::FC::Service",
      "Properties": {
        "Description": {
          "Ref": "Description"
        },
        "VpcConfig": {
          "Ref": "VpcConfig"
        },
        "ServiceName": {
          "Ref": "ServiceName"
        },
        "Role": {
          "Ref": "Role"
        },
        "NasConfig": {
          "Ref": "NasConfig"
        },
        "LogConfig": {
          "Ref": "LogConfig"
        },
        "InternetAccess": {
          "Ref": "InternetAccess"
        }
      }
    }
  },
  "Parameters": {
    "Description": {
      "Type": "String",
      "Description": "Service description"
    },
    "VpcConfig": {
      "Type": "Json",
      "Description": "VPC configuration. Function Compute uses the config to setup ENI in the specific VPC."
    },
    "ServiceName": {
      "MinLength": 1,
      "Type": "String",
      "Description": "Service name",
      "MaxLength": 128
    },
    "Role": {
      "Type": "String",
      "Description": "The role grants Function Compute the permission to access user\u2019s cloud resources, such as pushing logs to user\u2019s log store. The temporary STS token generated from this role can be retrieved from function context and used to access cloud resources. "
    },
    "NasConfig": {
      "Type": "Json",
      "Description": "NAS configuration. Function Compute uses a specified NAS configured on the service."
    },
    "LogConfig": {
      "Type": "Json",
      "Description": "Log configuration. Function Compute pushes function execution logs to the configured log store."
    },
    "InternetAccess": {
      "Type": "Boolean",
      "Description": "Set it to true to enable Internet access.",
      "AllowedValues": [
        "True",
        "true",
        "False",
        "false"
      ]
    }
  },
  "Outputs": {
    "ServiceId": {
      "Description": "The service ID",
      "Value": {
        "Fn::GetAtt": [
          "Service",
          "ServiceId"
        ]
      }
    }
  }
}