serverless.yml

service: aiamond-gptbackend

provider:
  name: aws
  stage: dev
  runtime: python3.11
  region: eu-central-1
  profile: default
  environment:
    OPENAI_API_KEY: ${env:OPENAI_API_KEY}
    GPT3_MODEL: ${env:GPT3_MODEL}
    GPT4_MODEL: ${env:GPT4_MODEL}
  memorySize: 256 # minimum memory size for Lambda
  timeout: 90 # timeout for Lambda
  logRetentionInDays: 7 # keep logs for 7 days
  apiGateway:
    shouldStartNameWithService: true
  iamRoleStatements:
    - Effect: Allow
      Action:
        - dynamodb:*
      Resource: "*"

plugins:
  - serverless-wsgi
  - serverless-python-requirements
  - serverless-dotenv-plugin
  - serverless-offline

custom:
  stage: ${opt:stage, self:provider.stage}
  wsgi:
    app: app.app
    packRequirements: false
  pythonRequirements:
    dockerizePip: non-linux
    layer: true
    noDeploy:
      - boto3
  dotenv:
    path: .env

package:
  include:
    - app.py
  exclude:
    - node_modules/**
    - venv/**

resources:
  Resources:    
    ConversationsTable:
      Type: 'AWS::DynamoDB::Table'
      Properties:
        TableName: 'Conversations'
        AttributeDefinitions:
          - AttributeName: 'id'
            AttributeType: 'S'
        KeySchema:
          - AttributeName: 'id'
            KeyType: 'HASH'
        ProvisionedThroughput:
          ReadCapacityUnits: 1
          WriteCapacityUnits: 1

    CognitoUserPool:
      Type: 'AWS::Cognito::UserPool'
      Properties:
        UserPoolName: ${self:service}-${self:custom.stage}-user-pool
        UsernameAttributes:
          - email
        AutoVerifiedAttributes:
          - email
        AdminCreateUserConfig:
          AllowAdminCreateUserOnly: true

    CognitoUserPoolClient:
      Type: 'AWS::Cognito::UserPoolClient'
      Properties:
        ClientName: ${self:service}-${self:custom.stage}-user-pool-client
        UserPoolId:
          Ref: CognitoUserPool
        ExplicitAuthFlows:
          - ALLOW_USER_SRP_AUTH
          - ALLOW_REFRESH_TOKEN_AUTH

functions:
  app:
    handler: wsgi_handler.handler
    layers:
      - { Ref: PythonRequirementsLambdaLayer }
    events:
      - http:
          path: /api/
          method: ANY
          cors: true
          authorizer:
            type: COGNITO_USER_POOLS
            name: SharedCognitoAuthorizer
            arn: 
              Fn::GetAtt: [CognitoUserPool, Arn]
      - http:
          path: '/api/{proxy+}'
          method: ANY
          cors: true
          authorizer:
            type: COGNITO_USER_POOLS
            name: ProxyCognitoAuthorizer
            arn: 
              Fn::GetAtt: [CognitoUserPool, Arn]