From 1d8ea56b65c2170800e6490ae51547ee9ccf7233 Mon Sep 17 00:00:00 2001 From: Aljaz Ceru Date: Tue, 18 Feb 2025 13:44:58 -0600 Subject: [PATCH] cloudformation deployment --- cloudformation.yaml | 168 ++++++++++++++++++++++++++++++++++++++++++++ lambda_function.py | 4 +- 2 files changed, 170 insertions(+), 2 deletions(-) create mode 100644 cloudformation.yaml diff --git a/cloudformation.yaml b/cloudformation.yaml new file mode 100644 index 0000000..c7b24dc --- /dev/null +++ b/cloudformation.yaml @@ -0,0 +1,168 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: "Deploys an API Gateway, Lambda function, and IAM roles for Breez integration." + +Resources: + # IAM Role for Lambda Function + LambdaExecutionRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: LambdaAccessPolicy + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Action: + - logs:CreateLogGroup + - logs:CreateLogStream + - logs:PutLogEvents + Resource: "arn:aws:logs:*:*:*" + - Effect: Allow + Action: + - s3:GetObject + Resource: + - "arn:aws:s3:::lambda-nodeless-payment/*" + - Effect: Allow + Action: + - ssm:GetParameter + Resource: + - !Sub "arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/breez-test/api_key" + - !Sub "arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/breez-test/seed_phrase" + - !Sub "arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/breez-test/api_secret" + + # API Gateway + ApiGateway: + Type: AWS::ApiGateway::RestApi + Properties: + Name: BreezAPIGateway + Description: "API Gateway for Breez Lightning Network integration" + + # API Resources for each endpoint + ApiListPaymentsResource: + Type: AWS::ApiGateway::Resource + Properties: + RestApiId: !Ref ApiGateway + ParentId: !GetAtt ApiGateway.RootResourceId + PathPart: "list_payments" + + ApiReceiveResource: + Type: AWS::ApiGateway::Resource + Properties: + RestApiId: !Ref ApiGateway + ParentId: !GetAtt ApiGateway.RootResourceId + PathPart: "receive_payment" + + ApiSendResource: + Type: AWS::ApiGateway::Resource + Properties: + RestApiId: !Ref ApiGateway + ParentId: !GetAtt ApiGateway.RootResourceId + PathPart: "send_payment" + + # Lambda Function + BreezLambdaFunction: + Type: AWS::Lambda::Function + Properties: + FunctionName: BreezLambda + Runtime: python3.12 + Handler: lambda_function.lambda_handler + Role: !GetAtt LambdaExecutionRole.Arn + Code: + S3Bucket: "lambda-nodeless-payment" + S3Key: "lambda.zip" + Timeout: 30 + Environment: + Variables: + PARAMETER_PREFIX: "/breez/" + + # Allow API Gateway to invoke Lambda + LambdaInvokePermission: + Type: AWS::Lambda::Permission + DependsOn: BreezLambdaFunction + Properties: + Action: "lambda:InvokeFunction" + FunctionName: !Ref BreezLambdaFunction + Principal: "apigateway.amazonaws.com" + SourceArn: !Sub "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${ApiGateway}/*/*/*" + + + # API Methods + GetPaymentsMethod: + Type: AWS::ApiGateway::Method + DependsOn: BreezLambdaFunction + Properties: + RestApiId: !Ref ApiGateway + ResourceId: !Ref ApiListPaymentsResource + HttpMethod: GET + AuthorizationType: NONE + Integration: + Type: AWS_PROXY + IntegrationHttpMethod: POST + Uri: !Sub + - "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaArn}/invocations" + - LambdaArn: !GetAtt BreezLambdaFunction.Arn + + PostReceiveMethod: + Type: AWS::ApiGateway::Method + DependsOn: BreezLambdaFunction + Properties: + RestApiId: !Ref ApiGateway + ResourceId: !Ref ApiReceiveResource + HttpMethod: POST + AuthorizationType: NONE + Integration: + Type: AWS_PROXY + IntegrationHttpMethod: POST + Uri: !Sub + - "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaArn}/invocations" + - LambdaArn: !GetAtt BreezLambdaFunction.Arn + + PostSendMethod: + Type: AWS::ApiGateway::Method + DependsOn: BreezLambdaFunction + Properties: + RestApiId: !Ref ApiGateway + ResourceId: !Ref ApiSendResource + HttpMethod: POST + AuthorizationType: NONE + Integration: + Type: AWS_PROXY + IntegrationHttpMethod: POST + Uri: !Sub + - "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaArn}/invocations" + - LambdaArn: !GetAtt BreezLambdaFunction.Arn + + # API Deployment + ApiDeployment: + Type: AWS::ApiGateway::Deployment + DependsOn: + - GetPaymentsMethod + - PostReceiveMethod + - PostSendMethod + - LambdaInvokePermission + Properties: + RestApiId: !Ref ApiGateway + StageName: "prod" + +Outputs: + ApiGatewayBaseURL: + Description: "Base URL for API Gateway" + Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/prod" + PaymentsEndpoint: + Description: "Payments endpoint URL" + Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/prod/list_payments" + ReceiveEndpoint: + Description: "Receive endpoint URL" + Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/prod/receive_payment" + SendEndpoint: + Description: "Send endpoint URL" + Value: !Sub "https://${ApiGateway}.execute-api.${AWS::Region}.amazonaws.com/prod/send_payment" \ No newline at end of file diff --git a/lambda_function.py b/lambda_function.py index 5006715..1a4c046 100644 --- a/lambda_function.py +++ b/lambda_function.py @@ -43,8 +43,8 @@ class SdkListener(EventListener): class PaymentHandler: def __init__(self): - self.api_key = self._get_ssm_parameter('/breez/api_key') - self.seed_phrase = self._get_ssm_parameter('/breez/seed_phrase') + self.api_key = self._get_ssm_parameter('/breez-test/api_key') + self.seed_phrase = self._get_ssm_parameter('/breez-test/seed_phrase') if not self.api_key: raise Exception("Missing Breez API key in Parameter Store")