ALIYUN::FC::Service is used to create a service. A service is an object that helps you organize and manage resources in Function Compute. All functions of a service share the same configurations, such as service authorizations and logging configurations. One service can have multiple functions, all of which can share the service resources such as Logstore and service role.

Services can help you better organize your business components.

You can manage resources in the form of services. A service can represent an application. Functions used for the same application can be organized into a single service. Services are independent of one other and cannot share resources.

Syntax

{
  "Type": "ALIYUN::FC::Service",
  "Properties": {
    "Description": String,
    "VpcConfig": Map,
    "ServiceName": String,
    "Role": String,
    "NasConfig": Map,
    "LogConfig": Map,
    "InternetAccess": Boolean
  }
}

Properties

Name Type Required Editable Description Validity
Description String No Yes The description of the service. None
VpcConfig Map No Yes The VPC configuration, which enables a function to access a specified VPC. None
ServiceName String Yes Yes The name of the service. The name must be 1 to 128 characters in length.
Role String No Yes The RAM role that is used to grant certain permissions to Function Compute. Scenarios:
  1. You can authorize Function Compute to send function execution logs to a specified Logstore.
  2. You can generate a token for a function to access other cloud resources during execution.
None
NasConfig Map No Yes The Apsara File Storage NAS configuration that enables a function to access a specified Apsara File Storage NAS file system. None
LogConfig Map No Yes The log configuration. Function Compute writes function execution logs to the configured Logstore. None
InternetAccess Boolean No Yes Specifies whether to allow a function to access the Internet. When this parameter is set to true, the function can access the Internet. None

LogConfig syntax

"LogConfig": {
  "Project": String,
  "Logstore": String
}

LogConfig properties

Name Type Required Editable Description Validity
Project String No Yes The name of the project in LogHub. None
Logstore String No Yes The name of the Logstore in Loghub. None

VpcConfig syntax

"VpcConfig": {
  "SecurityGroupId": String,
  "VSwitchIds": String,
  "VpcId": String
}

VpcConfig properties

Name Type Required Editable Description Validity
SecurityGroupId String Yes Yes The ID of the security group. None
VSwitchIds String Yes Yes A list of one or more VSwitch IDs. Example: [String, ...]. This list must include at least one VSwitch ID.
VpcId String Yes Yes The ID of the VPC. None

NasConfig syntax

"NasConfig": {
  "MountPoints": List,
  "UserId": Integer,
  "GroupId": Integer
}

NasConfig properties

Name Type Required Editable Description Validity
MountPoints List Yes Yes A list of mount points. None
UserId Integer Yes Yes The user ID. Valid values: -1 to 65534.
GroupId Integer Yes Yes The group ID. Valid values: -1 to 65534.

MountPoints syntax

"MountPoints": [
  {
    "ServerAddr": String,
    "MountDir": String
  }
]

MountPoints properties

Name Type Required Editable Description Validity
ServerAddr String Yes Yes The remote directory in the Apsara File Storage NAS file system that the service needs to access. None
MountDir String Yes Yes The mount point in the local file system. None

Response parameters

Fn::GetAtt

ServiceId: the unique ID generated by the system for each service.

Examples

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "Service": {
      "Type": "ALIYUN::FC::Service",
      "Properties": {
        "Description": {
          "Ref": "Description"
        },
        "VpcConfig": {
          "Ref": "VpcConfig"
        },
        "ServiceName": {
          "Ref": "ServiceName"
        },
        "Role": {
          "Ref": "Role"
        },
        "NasConfig": {
          "Ref": "NasConfig"
        },
        "LogConfig": {
          "Ref": "LogConfig"
        },
        "InternetAccess": {
          "Ref": "InternetAccess"
        }
      }
    }
  },
  "Parameters": {
    "Description": {
      "Type": "String",
      "Description": "Service description"
    },
    "VpcConfig": {
      "Type": "Json",
      "Description": "VPC configuration. Function Compute uses the config to setup ENI in the specific VPC."
    },
    "ServiceName": {
      "MinLength": 1,
      "Type": "String",
      "Description": "Service name",
      "MaxLength": 128
    },
    "Role": {
      "Type": "String",
      "Description": "The role grants Function Compute the permission to access user\u2019s cloud resources, such as pushing logs to user\u2019s log store. The temporary STS token generated from this role can be retrieved from function context and used to access cloud resources. "
    },
    "NasConfig": {
      "Type": "Json",
      "Description": "NAS configuration. Function Compute uses a specified NAS configured on the service."
    },
    "LogConfig": {
      "Type": "Json",
      "Description": "Log configuration. Function Compute pushes function execution logs to the configured log store."
    },
    "InternetAccess": {
      "Type": "Boolean",
      "Description": "Set it to true to enable Internet access.",
      "AllowedValues": [
        "True",
        "true",
        "False",
        "false"
      ]
    }
  },
  "Outputs": {
    "ServiceId": {
      "Description": "The service ID",
      "Value": {
        "Fn::GetAtt": [
          "Service",
          "ServiceId"
        ]
      }
    }
  }
}