Created
September 12, 2020 05:22
-
-
Save sashaProdan/3af281d780fa48aa4d8122a22c772802 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "AWSTemplateFormatVersion": "2010-09-09", | |
| "Description": "The AWS CloudFormation template for this Serverless application", | |
| "Resources": { | |
| "ServerlessDeploymentBucket": { | |
| "Type": "AWS::S3::Bucket", | |
| "Properties": { | |
| "BucketEncryption": { | |
| "ServerSideEncryptionConfiguration": [ | |
| { | |
| "ServerSideEncryptionByDefault": { | |
| "SSEAlgorithm": "AES256" | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "ServerlessDeploymentBucketPolicy": { | |
| "Type": "AWS::S3::BucketPolicy", | |
| "Properties": { | |
| "Bucket": { | |
| "Ref": "ServerlessDeploymentBucket" | |
| }, | |
| "PolicyDocument": { | |
| "Statement": [ | |
| { | |
| "Action": "s3:*", | |
| "Effect": "Deny", | |
| "Principal": "*", | |
| "Resource": [ | |
| { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:", | |
| { | |
| "Ref": "AWS::Partition" | |
| }, | |
| ":s3:::", | |
| { | |
| "Ref": "ServerlessDeploymentBucket" | |
| }, | |
| "/*" | |
| ] | |
| ] | |
| } | |
| ], | |
| "Condition": { | |
| "Bool": { | |
| "aws:SecureTransport": false | |
| } | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "SendLogGroup": { | |
| "Type": "AWS::Logs::LogGroup", | |
| "Properties": { | |
| "LogGroupName": "/aws/lambda/process-scores-dev-send" | |
| } | |
| }, | |
| "ReceiveLogGroup": { | |
| "Type": "AWS::Logs::LogGroup", | |
| "Properties": { | |
| "LogGroupName": "/aws/lambda/process-scores-dev-receive" | |
| } | |
| }, | |
| "IamRoleLambdaExecution": { | |
| "Type": "AWS::IAM::Role", | |
| "Properties": { | |
| "AssumeRolePolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Principal": { | |
| "Service": [ | |
| "lambda.amazonaws.com" | |
| ] | |
| }, | |
| "Action": [ | |
| "sts:AssumeRole" | |
| ] | |
| } | |
| ] | |
| }, | |
| "Policies": [ | |
| { | |
| "PolicyName": { | |
| "Fn::Join": [ | |
| "-", | |
| [ | |
| "process-scores", | |
| "dev", | |
| "lambda" | |
| ] | |
| ] | |
| }, | |
| "PolicyDocument": { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogStream", | |
| "logs:CreateLogGroup" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::Sub": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/process-scores-dev*:*" | |
| } | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:PutLogEvents" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::Sub": "arn:${AWS::Partition}:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/lambda/process-scores-dev*:*:*" | |
| } | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "sqs:ReceiveMessage", | |
| "sqs:DeleteMessage", | |
| "sqs:GetQueueAttributes" | |
| ], | |
| "Resource": [ | |
| { | |
| "Fn::GetAtt": [ | |
| "MyQueue", | |
| "Arn" | |
| ] | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| } | |
| ], | |
| "Path": "/", | |
| "RoleName": { | |
| "Fn::Join": [ | |
| "-", | |
| [ | |
| "process-scores", | |
| "dev", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| "lambdaRole" | |
| ] | |
| ] | |
| } | |
| } | |
| }, | |
| "SendLambdaFunction": { | |
| "Type": "AWS::Lambda::Function", | |
| "Properties": { | |
| "Code": { | |
| "S3Bucket": { | |
| "Ref": "ServerlessDeploymentBucket" | |
| }, | |
| "S3Key": "serverless/process-scores/dev/1599887942723-2020-09-12T05:19:02.723Z/process-scores.zip" | |
| }, | |
| "FunctionName": "process-scores-dev-send", | |
| "Handler": "scores/producer.send", | |
| "MemorySize": 1024, | |
| "Role": { | |
| "Fn::GetAtt": [ | |
| "IamRoleLambdaExecution", | |
| "Arn" | |
| ] | |
| }, | |
| "Runtime": "nodejs12.x", | |
| "Timeout": 6, | |
| "Environment": { | |
| "Variables": { | |
| "SQS_URL": "MyQueue", | |
| "S3_HTML_TEMPLATES": "process-scores-html-templates-sf68N5umh8gC8yM4", | |
| "S3_LANGUAGE_TEMPLATES": "process-scores-language-templates-gY9b7REadVPtKChV", | |
| "S3_STATIC_WEBSITE": "process-scores-static-website-pD4c7M2297pjAmST" | |
| } | |
| } | |
| }, | |
| "DependsOn": [ | |
| "SendLogGroup" | |
| ] | |
| }, | |
| "SendLambdaVersionxZ1uDkr6y1IHdQMh1ZtL835D9K61ihNwKH8K7Mbw8c": { | |
| "Type": "AWS::Lambda::Version", | |
| "DeletionPolicy": "Retain", | |
| "Properties": { | |
| "FunctionName": { | |
| "Ref": "SendLambdaFunction" | |
| }, | |
| "CodeSha256": "TXhe8XYH2fesGrsXDkt0/O4AQFwoZwGfvh38ovE2x28=" | |
| } | |
| }, | |
| "ReceiveLambdaFunction": { | |
| "Type": "AWS::Lambda::Function", | |
| "Properties": { | |
| "Code": { | |
| "S3Bucket": { | |
| "Ref": "ServerlessDeploymentBucket" | |
| }, | |
| "S3Key": "serverless/process-scores/dev/1599887942723-2020-09-12T05:19:02.723Z/process-scores.zip" | |
| }, | |
| "FunctionName": "process-scores-dev-receive", | |
| "Handler": "scores/consumer.receive", | |
| "MemorySize": 1024, | |
| "Role": { | |
| "Fn::GetAtt": [ | |
| "IamRoleLambdaExecution", | |
| "Arn" | |
| ] | |
| }, | |
| "Runtime": "nodejs12.x", | |
| "Timeout": 6, | |
| "Environment": { | |
| "Variables": { | |
| "SQS_URL": "MyQueue", | |
| "S3_HTML_TEMPLATES": "process-scores-html-templates-sf68N5umh8gC8yM4", | |
| "S3_LANGUAGE_TEMPLATES": "process-scores-language-templates-gY9b7REadVPtKChV", | |
| "S3_STATIC_WEBSITE": "process-scores-static-website-pD4c7M2297pjAmST" | |
| } | |
| } | |
| }, | |
| "DependsOn": [ | |
| "ReceiveLogGroup" | |
| ] | |
| }, | |
| "ReceiveLambdaVersioneTgVFxXFqvyUrwXfQLifVn1aSigzAVwWNaytKtqKs": { | |
| "Type": "AWS::Lambda::Version", | |
| "DeletionPolicy": "Retain", | |
| "Properties": { | |
| "FunctionName": { | |
| "Ref": "ReceiveLambdaFunction" | |
| }, | |
| "CodeSha256": "TXhe8XYH2fesGrsXDkt0/O4AQFwoZwGfvh38ovE2x28=" | |
| } | |
| }, | |
| "ApiGatewayRestApi": { | |
| "Type": "AWS::ApiGateway::RestApi", | |
| "Properties": { | |
| "Name": "dev-process-scores", | |
| "EndpointConfiguration": { | |
| "Types": [ | |
| "EDGE" | |
| ] | |
| }, | |
| "Policy": "" | |
| } | |
| }, | |
| "ApiGatewayResourceScores": { | |
| "Type": "AWS::ApiGateway::Resource", | |
| "Properties": { | |
| "ParentId": { | |
| "Fn::GetAtt": [ | |
| "ApiGatewayRestApi", | |
| "RootResourceId" | |
| ] | |
| }, | |
| "PathPart": "scores", | |
| "RestApiId": { | |
| "Ref": "ApiGatewayRestApi" | |
| } | |
| } | |
| }, | |
| "ApiGatewayMethodScoresOptions": { | |
| "Type": "AWS::ApiGateway::Method", | |
| "Properties": { | |
| "AuthorizationType": "NONE", | |
| "HttpMethod": "OPTIONS", | |
| "MethodResponses": [ | |
| { | |
| "StatusCode": "200", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true, | |
| "method.response.header.Access-Control-Allow-Headers": true, | |
| "method.response.header.Access-Control-Allow-Methods": true | |
| }, | |
| "ResponseModels": {} | |
| } | |
| ], | |
| "RequestParameters": {}, | |
| "Integration": { | |
| "Type": "MOCK", | |
| "RequestTemplates": { | |
| "application/json": "{statusCode:200}" | |
| }, | |
| "ContentHandling": "CONVERT_TO_TEXT", | |
| "IntegrationResponses": [ | |
| { | |
| "StatusCode": "200", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'", | |
| "method.response.header.Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent'", | |
| "method.response.header.Access-Control-Allow-Methods": "'OPTIONS,POST'" | |
| }, | |
| "ResponseTemplates": { | |
| "application/json": "#set($origin = $input.params(\"Origin\"))\n#if($origin == \"\") #set($origin = $input.params(\"origin\")) #end\n#if($origin.matches(\".+\")) #set($context.responseOverride.header.Access-Control-Allow-Origin = $origin) #end" | |
| } | |
| } | |
| ] | |
| }, | |
| "ResourceId": { | |
| "Ref": "ApiGatewayResourceScores" | |
| }, | |
| "RestApiId": { | |
| "Ref": "ApiGatewayRestApi" | |
| } | |
| } | |
| }, | |
| "ApiGatewayMethodScoresPost": { | |
| "Type": "AWS::ApiGateway::Method", | |
| "Properties": { | |
| "HttpMethod": "POST", | |
| "RequestParameters": {}, | |
| "ResourceId": { | |
| "Ref": "ApiGatewayResourceScores" | |
| }, | |
| "RestApiId": { | |
| "Ref": "ApiGatewayRestApi" | |
| }, | |
| "ApiKeyRequired": false, | |
| "AuthorizationType": "NONE", | |
| "Integration": { | |
| "IntegrationHttpMethod": "POST", | |
| "Type": "AWS", | |
| "Uri": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:", | |
| { | |
| "Ref": "AWS::Partition" | |
| }, | |
| ":apigateway:", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ":lambda:path/2015-03-31/functions/", | |
| { | |
| "Fn::GetAtt": [ | |
| "SendLambdaFunction", | |
| "Arn" | |
| ] | |
| }, | |
| "/invocations" | |
| ] | |
| ] | |
| }, | |
| "PassthroughBehavior": "NEVER", | |
| "RequestTemplates": { | |
| "application/json": "\n #set( $body = $input.json(\"$\") )\n\n \n #define( $loop )\n {\n #foreach($key in $map.keySet())\n #set( $k = $util.escapeJavaScript($key) )\n #set( $v = $util.escapeJavaScript($map.get($key)).replaceAll(\"\\\\'\", \"'\") )\n \"$k\":\n \"$v\"\n #if( $foreach.hasNext ) , #end\n #end\n }\n #end\n\n {\n \"body\": $body,\n \"method\": \"$context.httpMethod\",\n \"principalId\": \"$context.authorizer.principalId\",\n \"stage\": \"$context.stage\",\n\n \"cognitoPoolClaims\" : {\n \n \"sub\": \"$context.authorizer.claims.sub\"\n },\n\n #set( $map = $context.authorizer )\n \"enhancedAuthContext\": $loop,\n\n #set( $map = $input.params().header )\n \"headers\": $loop,\n\n #set( $map = $input.params().querystring )\n \"query\": $loop,\n\n #set( $map = $input.params().path )\n \"path\": $loop,\n\n #set( $map = $context.identity )\n \"identity\": $loop,\n\n #set( $map = $stageVariables )\n \"stageVariables\": $loop,\n\n \"requestPath\": \"$context.resourcePath\"\n }\n\n ", | |
| "application/x-www-form-urlencoded": "\n #define( $body )\n {\n #foreach( $token in $input.path('$').split('&') )\n #set( $keyVal = $token.split('=') )\n #set( $keyValSize = $keyVal.size() )\n #if( $keyValSize >= 1 )\n #set( $key = $util.escapeJavaScript($util.urlDecode($keyVal[0])) )\n #if( $keyValSize >= 2 )\n #set($val = $util.escapeJavaScript($util.urlDecode($keyVal[1])).replaceAll(\"\\\\'\",\"'\"))\n #else\n #set( $val = '' )\n #end\n \"$key\": \"$val\"#if($foreach.hasNext),#end\n #end\n #end\n }\n #end\n\n \n #define( $loop )\n {\n #foreach($key in $map.keySet())\n #set( $k = $util.escapeJavaScript($key) )\n #set( $v = $util.escapeJavaScript($map.get($key)).replaceAll(\"\\\\'\", \"'\") )\n \"$k\":\n \"$v\"\n #if( $foreach.hasNext ) , #end\n #end\n }\n #end\n\n {\n \"body\": $body,\n \"method\": \"$context.httpMethod\",\n \"principalId\": \"$context.authorizer.principalId\",\n \"stage\": \"$context.stage\",\n\n \"cognitoPoolClaims\" : {\n \n \"sub\": \"$context.authorizer.claims.sub\"\n },\n\n #set( $map = $context.authorizer )\n \"enhancedAuthContext\": $loop,\n\n #set( $map = $input.params().header )\n \"headers\": $loop,\n\n #set( $map = $input.params().querystring )\n \"query\": $loop,\n\n #set( $map = $input.params().path )\n \"path\": $loop,\n\n #set( $map = $context.identity )\n \"identity\": $loop,\n\n #set( $map = $stageVariables )\n \"stageVariables\": $loop,\n\n \"requestPath\": \"$context.resourcePath\"\n }\n\n " | |
| }, | |
| "IntegrationResponses": [ | |
| { | |
| "StatusCode": "200", | |
| "SelectionPattern": "", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "400", | |
| "SelectionPattern": "[\\s\\S]*\\[400\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "401", | |
| "SelectionPattern": "[\\s\\S]*\\[401\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "403", | |
| "SelectionPattern": "[\\s\\S]*\\[403\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "404", | |
| "SelectionPattern": "[\\s\\S]*\\[404\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "422", | |
| "SelectionPattern": "[\\s\\S]*\\[422\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "500", | |
| "SelectionPattern": "[\\s\\S]*(Process\\s?exited\\s?before\\s?completing\\s?request|\\[500\\])[\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "502", | |
| "SelectionPattern": "[\\s\\S]*\\[502\\][\\s\\S]*", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| }, | |
| { | |
| "StatusCode": "504", | |
| "SelectionPattern": "([\\s\\S]*\\[504\\][\\s\\S]*)|(.*Task timed out after \\d+\\.\\d+ seconds$)", | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": "'*'" | |
| }, | |
| "ResponseTemplates": {} | |
| } | |
| ] | |
| }, | |
| "MethodResponses": [ | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "200" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "400" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "401" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "403" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "404" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "422" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "500" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "502" | |
| }, | |
| { | |
| "ResponseParameters": { | |
| "method.response.header.Access-Control-Allow-Origin": true | |
| }, | |
| "ResponseModels": {}, | |
| "StatusCode": "504" | |
| } | |
| ] | |
| } | |
| }, | |
| "ApiGatewayDeployment1599887937942": { | |
| "Type": "AWS::ApiGateway::Deployment", | |
| "Properties": { | |
| "RestApiId": { | |
| "Ref": "ApiGatewayRestApi" | |
| }, | |
| "StageName": "dev" | |
| }, | |
| "DependsOn": [ | |
| "ApiGatewayMethodScoresOptions", | |
| "ApiGatewayMethodScoresPost" | |
| ] | |
| }, | |
| "SendLambdaPermissionApiGateway": { | |
| "Type": "AWS::Lambda::Permission", | |
| "Properties": { | |
| "FunctionName": { | |
| "Fn::GetAtt": [ | |
| "SendLambdaFunction", | |
| "Arn" | |
| ] | |
| }, | |
| "Action": "lambda:InvokeFunction", | |
| "Principal": "apigateway.amazonaws.com", | |
| "SourceArn": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "arn:", | |
| { | |
| "Ref": "AWS::Partition" | |
| }, | |
| ":execute-api:", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ":", | |
| { | |
| "Ref": "AWS::AccountId" | |
| }, | |
| ":", | |
| { | |
| "Ref": "ApiGatewayRestApi" | |
| }, | |
| "/*/*" | |
| ] | |
| ] | |
| } | |
| } | |
| }, | |
| "ReceiveEventSourceMappingSQSMyQueue": { | |
| "Type": "AWS::Lambda::EventSourceMapping", | |
| "DependsOn": "IamRoleLambdaExecution", | |
| "Properties": { | |
| "BatchSize": 10, | |
| "EventSourceArn": { | |
| "Fn::GetAtt": [ | |
| "MyQueue", | |
| "Arn" | |
| ] | |
| }, | |
| "FunctionName": { | |
| "Fn::GetAtt": [ | |
| "ReceiveLambdaFunction", | |
| "Arn" | |
| ] | |
| }, | |
| "Enabled": true | |
| } | |
| }, | |
| "MyQueue": { | |
| "Type": "AWS::SQS::Queue", | |
| "Properties": { | |
| "QueueName": "MyQueue" | |
| } | |
| }, | |
| "S3HTMLTemplatesBucket": { | |
| "Type": "AWS::S3::Bucket", | |
| "Properties": { | |
| "BucketName": "process-scores-html-templates-sf68N5umh8gC8yM4" | |
| } | |
| }, | |
| "S3LanguageTemplatesBucket": { | |
| "Type": "AWS::S3::Bucket", | |
| "Properties": { | |
| "BucketName": "process-scores-language-templates-gY9b7REadVPtKChV" | |
| } | |
| }, | |
| "S3StaticWebsiteBucket": { | |
| "Type": "AWS::S3::Bucket", | |
| "Properties": { | |
| "BucketName": "process-scores-static-website-pD4c7M2297pjAmST" | |
| } | |
| } | |
| }, | |
| "Outputs": { | |
| "ServerlessDeploymentBucketName": { | |
| "Value": { | |
| "Ref": "ServerlessDeploymentBucket" | |
| } | |
| }, | |
| "SendLambdaFunctionQualifiedArn": { | |
| "Description": "Current Lambda function version", | |
| "Value": { | |
| "Ref": "SendLambdaVersionxZ1uDkr6y1IHdQMh1ZtL835D9K61ihNwKH8K7Mbw8c" | |
| } | |
| }, | |
| "ReceiveLambdaFunctionQualifiedArn": { | |
| "Description": "Current Lambda function version", | |
| "Value": { | |
| "Ref": "ReceiveLambdaVersioneTgVFxXFqvyUrwXfQLifVn1aSigzAVwWNaytKtqKs" | |
| } | |
| }, | |
| "ServiceEndpoint": { | |
| "Description": "URL of the service endpoint", | |
| "Value": { | |
| "Fn::Join": [ | |
| "", | |
| [ | |
| "https://", | |
| { | |
| "Ref": "ApiGatewayRestApi" | |
| }, | |
| ".execute-api.", | |
| { | |
| "Ref": "AWS::Region" | |
| }, | |
| ".", | |
| { | |
| "Ref": "AWS::URLSuffix" | |
| }, | |
| "/dev" | |
| ] | |
| ] | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment