aws-lambda-pdf/template.yml at main · antoniowd/aws-lambda-pdf · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Chromium's Serverless Application

Parameters:
  AppBucketName:
    Type: String
    Description: "REQUIRED: Unique S3 bucket name to use for the app."

Resources:
  ApiGateway:
    Type: AWS::Serverless::Api
    Properties:
      Name: ChromiumPDFApi
      StageName: prod
      Auth:
        ApiKeyRequired: true

  ApiKey:
    Type: AWS::ApiGateway::ApiKey
    Properties:
      Enabled: true
      Name: MyApiKey
      StageKeys:
        - RestApiId: !Ref ApiGateway
          StageName: prod

  UsagePlan:
    Type: AWS::ApiGateway::UsagePlan
    Properties:
      UsagePlanName: MyUsagePlan
      ApiStages:
        - ApiId: !Ref ApiGateway
          Stage: prod
      Throttle:
        BurstLimit: 100
        RateLimit: 50
      Quota:
        Limit: 10000
        Period: MONTH

  UsagePlanKey:
    Type: AWS::ApiGateway::UsagePlanKey
    Properties:
      KeyId: !Ref ApiKey
      KeyType: API_KEY
      UsagePlanId: !Ref UsagePlan

  ChromiumLayer:
    Type: AWS::Serverless::LayerVersion
    Properties:
      Description: Chromium with Node.js integration for AWS Lambda
      ContentUri: layers/chromium
      CompatibleRuntimes:
        - &nodejsRuntime nodejs18.x
      # Chromium doesn't currently have ARM support; see https://github.com/Sparticuz/chromium#can-i-use-arm-or-graviton-instances
      CompatibleArchitectures:
        - &chromiumArch x86_64
      RetentionPolicy: Delete
    Metadata:
      BuildMethod: *nodejsRuntime
      BuildArchitecture: *chromiumArch

  GeneratePdfFromHtml:
    Type: AWS::Serverless::Function
    Properties:
      Handler: index.handler
      CodeUri: functions/html
      Description: Generate PDFs from HTML using Chromium
      Runtime: *nodejsRuntime
      Architectures:
        - *chromiumArch
      Layers:
        - !Ref ChromiumLayer
      # Adjust as necessary
      Timeout: 60
      MemorySize: 1600
      Role: !GetAtt LambdaExecutionRole.Arn
      Events:
        Api:
          Type: Api
          Properties:
            RestApiId: !Ref ApiGateway
            Path: /pdf/html
            Method: POST
      Environment:
        Variables:
          BUCKET_NAME: !Ref AppBucketName
          REGION: !Ref "AWS::Region"

  GeneratePdfFromHtmlLogGroup:
    Type: AWS::Logs::LogGroup
    DependsOn: [ GeneratePdfFromHtml ]
    Properties:
      LogGroupName: !Sub /aws/lambda/${GeneratePdfFromHtml}
      RetentionInDays: 7

  AppBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Ref AppBucketName
      LifecycleConfiguration:
        Rules:
          - Id: DeleteAfter24Hours
            Status: Enabled
            ExpirationInDays: 1

  LambdaExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      Policies:
        - PolicyName: S3AccessPolicy
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
              - Effect: Allow
                Action:
                  - s3:PutObject
                  - s3:GetObject
                  - s3:DeleteObject
                  - s3:ListBucket
                  - s3:PutObjectAcl
                  - s3:GetObjectAcl
                Resource:
                  - !Sub "arn:aws:s3:::${AppBucketName}/*"
                  - !Sub "arn:aws:s3:::${AppBucketName}"

Outputs:
  ApiUrl:
    Description: "URL for API endpoint"
    Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/prod/"
  Region:
    Description: "AWS Region"
    Value: !Ref "AWS::Region"
  BucketName:
    Description: "Name of the S3 bucket"
    Value: !Ref AppBucketName
  BucketArn:
    Description: "ARN of the S3 bucket"
    Value: !GetAtt AppBucket.Arn
  LambdaFunctionName:
    Description: "Name of the Lambda function"
    Value: !Ref GeneratePdfFromHtml
  LambdaFunctionArn:
    Description: "ARN of the Lambda function"
    Value: !GetAtt GeneratePdfFromHtml.Arn
  RoleName:
    Description: "Name of the IAM Role"
    Value: !Ref LambdaExecutionRole
  RoleArn:
    Description: "ARN of the IAM Role"
    Value: !GetAtt LambdaExecutionRole.Arn