forked from fehmianac/s3-image-resizer
-
Notifications
You must be signed in to change notification settings - Fork 0
/
s3-image-resizer-template.yaml
175 lines (157 loc) · 5.09 KB
/
s3-image-resizer-template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
Image Resizer App API
Parameters:
BucketName:
Type: String
Default: 'Type your image server bucket name'
Description: (Required) The name of the S3 bucket where the Lambda function code is stored. Minimum 3 characters
BucketProxyUrl:
Type: String
Default: 'Type your image server bucket proxy url'
Description: (Required) Type your image server bucket proxy url ex https://cdn.example.com
AllowedResolutions:
Type: String
Default: '1920x1080,1280x720,640x480,320x240,160x120'
Description: (Required) Supported resolutions. Split by comma.
Prefix:
Type: String
Default: 'orginal'
Description: If you want to store image difference folder, you can set this value original image prefix.
CodeBucketName:
Type: String
Default: ''
Description: (Required) The name of the S3 bucket where the Lambda function code is stored. Minimum 3 characters
ExposeType:
Type: String
Default: 'FunctionUrl'
AllowedValues: ['FunctionUrl', 'ApiGateway']
Description: (Required) The type of exposure for the API. FunctionUrl or ApiGateway
Conditions:
IsFunctionUrlAuth: !Equals [!Ref ExposeType, "FunctionUrl"]
IsApiGatewayAuth: !Equals [!Ref ExposeType, "ApiGateway"]
Resources:
ImageResizerApi:
Type: AWS::ApiGatewayV2::Api
Properties:
Name: image-resizer-api
ProtocolType: HTTP
Condition: IsApiGatewayAuth
ProxyRoute:
Type: AWS::ApiGatewayV2::Route
Properties:
ApiId: !Ref ImageResizerApi
RouteKey: 'GET /resized-images'
AuthorizationType: NONE
OperationName: ApiEndpoints
Target: !Join
- '/'
- - 'integrations'
- !Ref ProxyRouteAnyMethod
Condition: IsApiGatewayAuth
ProxyRouteAnyMethod:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref ImageResizerApi
PayloadFormatVersion: '2.0'
Description: ProxyRoute Integration
IntegrationType: AWS_PROXY
IntegrationUri:
Fn::Sub:
arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${ImageResizerLambdaFunction.Arn}/invocations
Condition: IsApiGatewayAuth
Deployment:
Type: AWS::ApiGatewayV2::Deployment
DependsOn:
- ProxyRoute
Properties:
ApiId: !Ref ImageResizerApi
Condition: IsApiGatewayAuth
Stage:
Type: AWS::ApiGatewayV2::Stage
Properties:
StageName: prod
Description: Prod Stage
DeploymentId: !Ref Deployment
ApiId: !Ref ImageResizerApi
Condition: IsApiGatewayAuth
ImageResizerLambdaFunctionPermission:
Type: AWS::Lambda::Permission
DependsOn:
- ImageResizerApi
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref ImageResizerLambdaFunction
Principal: apigateway.amazonaws.com
Condition: IsApiGatewayAuth
ImageResizerLambdaFunction:
Type: AWS::Serverless::Function
Properties:
FunctionName: ImageResizerLambdaFunction
CodeUri:
Bucket: !Ref CodeBucketName
Key: deploy.zip
Handler: Resizer::Resizer.Entrypoint::Handler
Role: !GetAtt ImageResizerLambdaFunctionExecutionRole.Arn
MemorySize: 512
Timeout: 180
Runtime: dotnet8
Environment:
Variables:
BUCKET: !Ref BucketName
ALLOWED_RESOLUTIONS: !Ref AllowedResolutions
PREFIX: !Ref Prefix
URL: !Ref BucketProxyUrl
ImageResizerLambdaFunctionUrl:
Type: AWS::Lambda::Url
Properties:
AuthType: NONE
TargetFunctionArn: !Ref ImageResizerLambdaFunction
Condition: IsFunctionUrlAuth
ImageResizerLambdaFunctionUrlPermission:
Type: AWS::Lambda::Permission
DependsOn:
- ImageResizerLambdaFunction
Properties:
Action: lambda:InvokeFunctionUrl
FunctionName: !Ref ImageResizerLambdaFunction
FunctionUrlAuthType: 'NONE'
Principal: "*"
ImageResizerLambdaFunctionLogGroup:
Type: AWS::Logs::LogGroup
Properties:
LogGroupName: !Sub "/aws/lambda/ImageResizerLambdaFunction"
RetentionInDays: 14
ImageResizerLambdaFunctionExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
Policies:
- PolicyName: allowLambdaLogs
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- logs:*
Resource: arn:aws:logs:*:*:*
- PolicyName: ImageResizerS3PutObjectPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- s3:GetObject
- s3:PutObject
- s3:PutObjectAcl
- s3:PutObjectTagging
Resource: !Join [ '', [ 'arn:aws:s3:::', !Ref BucketName, '/*' ] ]