@cumulus/deployment

default: prefix: change-me-cumulus stackName: '{{prefix}}' prefixNoDash: ChangeMeCumulus dbStackName: '{{prefix}}-db' urs_url: https://uat.urs.earthdata.nasa.gov/ cmaDir: '/opt/' non_complete_execution_payload_timeout: 30 ## days complete_execution_payload_timeout: 10 ## days complete_execution_payload_disable: false non_complete_execution_payload_disable: false oauth: provider: earthdata userGroup: N/A samlConfig: entityID: 'YourEntityId' assertionConsumerService: 'https://example.com/saml/auth' idpLogin: 'https://example.gov/affwebservices/public/saml2sso' launchpadMetadataPath: 's3://{{buckets.internal.name}}/{{prefix}}/launchpad/launchpad-sbx-metadata.xml' ## lambda function that returns temporary credentials sts_credentials_lambda: gsfc-ngap-sh-s3-sts-get-keys api_lambda_memory: 512 repo_owner: nasa message_adapter_repo: cumulus-message-adapter message_adapter_filename: cumulus-message-adapter.zip customCompilation: true injectWorkflowLambdaAliases: true DLQDefaultTimeout: 60 DLQDefaultMessageRetentionPeriod: 1209600 ## 14 days, the maximum currently allowed for SQS processDefaultDeadLetterQueues: true deployDistributionApi: false nested_templates: CumulusApiDistribution: cfFile: node_modules/@cumulus/deployment/app/cumulus_api.template.yml configFile: node_modules/@cumulus/deployment/app/cumulus_api_distribution.config.yml CumulusApiBackend: cfFile: node_modules/@cumulus/deployment/app/cumulus_api.template.yml configFile: node_modules/@cumulus/deployment/app/cumulus_api_backend.config.yml WorkflowLambdaVersions: cfFile: node_modules/@cumulus/deployment/app/workflow_lambda_versions.template.yml configFile: node_modules/@cumulus/deployment/app/workflow_lambda_versions.config.yml # if not specified the value of the apigatewy backend endpoint is used # api_backend_url: https://apigateway-url-to-api-backend/ # if not specified the value of the apigateway dist url is used # api_distribution_url: https://apigateway-url-to-distribution-app/ params: - name: CmrPassword value: '{{CMR_PASSWORD}}' # this has to be set in .env - name: LaunchpadPassphrase value: '{{LAUNCHPAD_PASSPHRASE}}' # set in .env if needed shared_data_bucket: 'cumulus-data-shared' system_bucket: '{{buckets.internal.name}}' buckets: internal: name: change-me type: internal private: name: change-me type: private protected: name: change-me type: protected public: name: change-me type: public iams: ecsRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-ecs' lambdaApiGatewayRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-lambda-api-gateway' lambdaProcessingRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-lambda-processing' stepRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-steprole' instanceProfile: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:instance-profile/{{prefix}}-ecs' distributionRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-distribution-api-lambda' scalingRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-scaling-role' migrationRoleArn: 'arn:aws:iam::{{AWS_ACCOUNT_ID}}:role/{{prefix}}-migration-processing' cmr: oauthProvider: earthdata username: CmrUser provider: CUMULUS clientId: CUMULUS password: cmrPassword cmrEnvironment: UAT cmrLimit: 100 cmrPageSize: 50 launchpad: api: launchpadApi certificate: launchpad.pfx passphrase: launchpadPassphrase ems: provider: CUMULUS host: change-ems-host port: 22 path: / username: cumulus privateKey: ems-private.pem dataSource: UAT submitReport: false retentionInDays: 30 # this whole section has to be updated in each deployment section vpc: vpcId: '{{VPC_ID}}' # this has to be set in .env subnets: - '{{AWS_SUBNET}}' # this has to be set in .env securityGroup: '{{SECURITY_GROUP}}' ecs: restartTasksOnDeploy: false container_stop_timeout: 2m amiid: ami-03e7dd4efa9b91eda instanceType: change-ecs-instanceType volumeSize: 50 availabilityZone: 'us-east-1b' minInstances: 1 desiredInstances: 1 maxInstances: 2 clusterAutoscaling: scaleInThresholdPercent: 25 scaleInAdjustmentPercent: -5 scaleOutThresholdPercent: 75 scaleOutAdjustmentPercent: 10 tasks: AsyncOperation: image: cumuluss/async-operation:26 cpu: 400 memory: 700 count: 1 envs: AWS_REGION: function: Fn::Sub value: '${AWS::Region}' docker: # Allowed registry values are 'dockerhub' and 'ecr' registry: dockerhub storageDriver: devicemapper es: name: es5vpc elasticSearchMapping: 8 # defining the APIs. Each item will include a separate endpoint apiStage: dev logToSharedDestination: dynamos: !!files ['node_modules/@cumulus/api/config/tables.yml'] dynamo2ElasticSearch: batchSize: 10 startingPosition: TRIM_HORIZON lambda: dbIndexer tables: - CollectionsTable - RulesTable - ProvidersTable - GranulesTable - PdrsTable - ExecutionsTable # set to true to activate pointInTime on all tables enablePointInTime: false AutoScalingPolicyConfiguration: targetValue: 30 scaleInCooldown: 0 scaleOutCooldown: 0 sns: # This topic receives errored kinesis messages and tries them again. kinesisFallback: subscriptions: lambda: endpoint: function: Fn::GetAtt array: - fallbackConsumerLambdaFunction - Arn protocol: lambda reportExecutions: subscriptions: lambda: endpoint: function: Fn::GetAtt array: - reportExecutionsLambdaFunction - Arn protocol: lambda reportGranules: subscriptions: lambda: endpoint: function: Fn::GetAtt array: - reportGranulesLambdaFunction - Arn protocol: lambda reportPdrs: subscriptions: lambda: endpoint: function: Fn::GetAtt array: - reportPdrsLambdaFunction - Arn protocol: lambda backgroundQueueName: backgroundProcessing sqs_consumer_rate: 500 sqs: startSF: visibilityTimeout: 60 retry: 30 consumer: - lambda: sqs2sf schedule: rate(1 minute) messageLimit: '{{sqs_consumer_rate}}' state: ENABLED backgroundProcessing: visibilityTimeout: 60 retry: 30 maxExecutions: 5 consumer: - lambda: sqs2sfThrottle schedule: rate(1 minute) messageLimit: '{{sqs_consumer_rate}}' state: ENABLED triggerLambdaFailure: MessageRetentionPeriod: 1209600 visibilityTimeout: 60 kinesisFailure: visibilityTimeout: 20 rules: dailyEmsProductMetadataReport: schedule: cron(0 4 * * ? *) state: ENABLED targets: - lambda: EmsProductMetadataReport dailyEmsIngestReport: # run at 5:00am GMT daily schedule: cron(0 5 * * ? *) state: ENABLED targets: - lambda: EmsIngestReport dailyEmsDistributionReport: schedule: cron(0 8 * * ? *) state: ENABLED targets: - lambda: EmsDistributionReport dailyExecutionPayloadCleanup: # run at 0400 GMT daily schedule: cron(0 4 * * ? *) state: ENABLED targets: - lambda: cleanExecutions sfSemaphoreDown: eventPattern: source: - aws.states detail-type: - "Step Functions Execution Status Change" detail: status: - "ABORTED" - "FAILED" - "SUCCEEDED" - "TIMED_OUT" state: ENABLED targets: - lambda: sfSemaphoreDown publishReports: eventPattern: source: - aws.states detail-type: - "Step Functions Execution Status Change" state: ENABLED targets: - lambda: publishReports sqsMessageConsumer: schedule: rate(1 minute) state: ENABLED targets: - lambda: sqsMessageConsumer input: messageLimit: '{{sqs_consumer_rate}}' timeLimit: 60 useWorkflowLambdaVersions: true stepFunctions: !!files ['workflows.yml'] lambdas: !!files [ 'lambdas.yml', 'node_modules/@cumulus/api/config/lambdas.yml', 'node_modules/@cumulus/api/config/workflowLambdas.yml' ] workflowLambdas: !!files [ 'lambdas.yml', 'node_modules/@cumulus/api/config/workflowLambdas.yml' ] dashboard: !!files [ 'node_modules/@cumulus/deployment/app/cloudwatchDashboard.yml' ]