Aliyun::Serverless::Service is used to create a service in Function Compute (FC).
Syntax
{
"Type": "Aliyun::Serverless::Service",
"Properties": {
"Role": String,
"Policies": List,
"Description": String,
"InternetAccess": Boolean,
"VpcConfig": Map,
"LogConfig": Map,
"NasConfig": Map
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
Role | String | No | Yes | The Alibaba Cloud Resource Name (ARN) of the RAM role that is used to grant required permissions to FC. | None |
Policies | List | No | Yes | The list of one or more policies that are attached to the default RAM user corresponding to FC. | Example:
If you specify the Role parameter, the Policies parameter does not take effect and the default RAM user corresponding to FC is not created. You can set the Policies parameter to a system policy name or a policy document. If you set the Policies parameter to a system policy name, the system creates a default RAM user corresponding to FC and attaches the policy to the default RAM user. If you set the Policies parameter to a policy document, the system creates a policy and a default RAM user corresponding to FC, and then attaches the created policy to the default RAM user. |
Description | String | No | Yes | The description of the service. | None |
InternetAccess | Boolean | No | Yes | Specifies whether to allow functions to access the Internet. | Default value: true. Valid values:
|
VpcConfig | Map | No | Yes | The VPC configurations. This parameter allows functions to access the specified VPC. | For more information, see VpcConfig properties. |
LogConfig | Map | No | Yes | The logging configurations. This parameter specifies a Logstore to store function execution logs. | For more information, see LogConfig properties. |
NasConfig | Map | No | Yes | The File Storage NAS (NAS) file system configurations. This parameter allows functions of the specified service to access the NAS file system. | For more information, see NasConfig properties. |
VpcConfig syntax
"VpcConfig": {
"SecurityGroupId": String,
"VSwitchIds": List,
"VpcId": String
}
VpcConfig properties
Property | Type | Required | Editable | Description | Constraint |
SecurityGroupId | String | Yes | Yes | The ID of the security group. | None |
VSwitchIds | List | Yes | Yes | A list of one or more vSwitch IDs. Example: [vSwitchId, ...]. | This list must include at least one vSwitch ID. |
VpcId | String | Yes | Yes | The ID of the VPC. | None |
LogConfig syntax
"LogConfig": {
"Project": String,
"Logstore": String
}
LogConfig properties
Property | Type | Required | Editable | Description | Constraint |
Project | String | No | Yes | The name of the project in LogHub. | None |
Logstore | String | No | Yes | The name of the Logstore in LogHub. | None |
NasConfig syntax
"NasConfig": {
"MountPoints": List,
"UserId": Integer,
"GroupId": Integer
}
NasConfig properties
Property | Type | Required | Editable | Description | Constraint |
MountPoints | List | Yes | Yes | The list of mount points. | For more information, see MountPoints properties. |
UserId | Integer | Yes | Yes | The ID of the user. | Valid values: -1 to 65534. |
GroupId | Integer | Yes | Yes | The ID of the application group. | Valid values: -1 to 65534. |
MountPoints syntax
"MountPoints": [
{
"ServerAddr": String,
"MountDir": String
}
]
MountPoints properties
Property | Type | Required | Editable | Description | Constraint |
ServerAddr | String | Yes | Yes | The remote directory in the NAS file system. | None |
MountDir | String | Yes | Yes | The directory in the local file system to mount the NAS file system. | None |
Response parameters
Fn::GetAtt
ServiceId: the unique ID generated by the system for each service.
ServiceName: the name of the service.
Examples
JSON
format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Transform": "Aliyun::Serverless-2018-04-03",
"Resources": {
"MyService": {
"Type": "Aliyun::Serverless::Service",
"Properties": {
"Policies": [
"AliyunFCReadOnlyAccess",
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:GetObject",
"oss:GetObjectACL"
],
"Resource": "*"
}
]
}
]
}
}
}
}
YAML
format
ROSTemplateFormatVersion: '2015-09-01'
Transform: 'Aliyun::Serverless-2018-04-03'
Resources:
MyService: # service name
Type: 'Aliyun::Serverless::Service'
Properties:
Policies:
- AliyunFCReadOnlyAccess # Managed Policy
- Version: '1' # Policy Document
Statement:
- Effect: Allow
Action:
- oss:GetObject
- oss:GetObjectACL
Resource: '*'