cloudformation.yaml

---
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Serverless Express Application/API powered by API Gateway and Lambda
Parameters:
  S3BUCKET:
    Type: "String"
    Default: "node-red-api"
Resources:
  ApiGatewayApi:
    Type: AWS::Serverless::Api
    Properties:
      DefinitionUri: ./simple-proxy-api.yaml
      StageName: prod
      Variables:
        ServerlessExpressLambdaFunctionName: !Ref noderedapi

  LambdaExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          Effect: Allow
          Principal:
            Service: lambda.amazonaws.com
          Action: sts:AssumeRole
      Path: "/"
      Policies:
      - PolicyName: root
        PolicyDocument:
          Version: '2012-10-17'
          Statement:
          - Effect: Allow
            Action:
            - logs:CreateLogGroup
            - logs:CreateLogStream
            - logs:PutLogEvents
            Resource: arn:aws:logs:*:*:*

  LambdaExecutionRolePolicyAppend:
    Type: "AWS::IAM::Policy"
    Properties: 
      PolicyDocument:
        Version: '2012-10-17'
        Statement:
        - Effect: "Allow"
          Action:
            - "s3:CreateBucket"
            - "s3:ListBucket"
          Resource: "arn:aws:s3:::node-red-api"
        - Effect: "Allow"
          Action:
            - "s3:PutObject"
            - "s3:GetObject"
          Resource: !Join
            - '/'
            - - "arn:aws:s3:::node-red-api"
              - !Ref noderedapi
              - '*'
      PolicyName: S3_access
      Roles:
        - !Ref LambdaExecutionRole

  LambdaApiGatewayExecutionPermission:
    Type: AWS::Lambda::Permission
    Properties:
      Action: lambda:InvokeFunction
      FunctionName: !GetAtt noderedapi.Arn
      Principal: apigateway.amazonaws.com
      SourceArn: !Join
        - ''
        - - 'arn:aws:execute-api:'
          - !Ref AWS::Region
          - ":"
          - !Ref AWS::AccountId
          - ":"
          - !Ref ApiGatewayApi
          - "/*/*"

  noderedapi:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: ./
      FunctionName: node-red-api
      Handler: lambda.handler
      MemorySize: 1024
      Role: !GetAtt LambdaExecutionRole.Arn
      Runtime: nodejs12.x
      Timeout: 30
      Environment:
        Variables:
          "S3_BUCKET": !Ref S3BUCKET
      Events:
        ProxyApiRoot:
          Type: Api
          Properties:
            RestApiId: !Ref ApiGatewayApi
            Path: /
            Method: ANY
        ProxyApiGreedy:
          Type: Api
          Properties:
            RestApiId: !Ref ApiGatewayApi
            Path: /{proxy+}
            Method: ANY

Outputs:
  LambdaFunctionConsoleUrl:
    Description: Console URL for the Lambda Function.
    Value: !Join
      - ''
      - - https://
        - !Ref AWS::Region
        - ".console.aws.amazon.com/lambda/home?region="
        - !Ref AWS::Region
        - "#/functions/"
        - !Ref noderedapi

  ApiGatewayApiConsoleUrl:
    Description: Console URL for the API Gateway API's Stage.
    Value: !Join
      - ''
      - - https://
        - !Ref AWS::Region
        - ".console.aws.amazon.com/apigateway/home?region="
        - !Ref AWS::Region
        - "#/apis/"
        - !Ref ApiGatewayApi
        - "/stages/prod"

  ApiUrl:
    Description: Invoke URL for your API. Clicking this link will perform a GET request
      on the root resource of your API.
    Value: !Join
      - ''
      - - https://
        - !Ref ApiGatewayApi
        - ".execute-api."
        - !Ref AWS::Region
        - ".amazonaws.com/prod/"