# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: MIT-0

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: HPC job management with a serverless API

Parameters:
  VpcId:
    Type: AWS::EC2::VPC::Id
  PrivateSubnetIds:
    Type: List<AWS::EC2::Subnet::Id>
  HeadNodeInstanceID:
    Type: AWS::EC2::Instance::Id
  LoadBalancerSG:
     Type: AWS::EC2::SecurityGroup::Id

Resources:
  # Create the internal application load balancer (ALB) in the private subnets.
  LoadBalancer:
    Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
    Properties:
      Scheme: internal
      SecurityGroups: 
        - !Ref LoadBalancerSG
      Subnets: !Ref PrivateSubnetIds
      Type: application
  # Create the ALB target group for ECS.
  LoadBalancerListenerTargetGroupAPI:
    Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
    Properties:
      Port: 6830
      Protocol: HTTP
      TargetType: instance
      Targets:
        - Id: !Ref HeadNodeInstanceID
      VpcId: !Ref VpcId
      Matcher:
        HttpCode: '200,401'
  # Create the ALB listener with the target group.
  LoadBalancerListener:
    Type: 'AWS::ElasticLoadBalancingV2::Listener'
    Properties:
      DefaultActions:
        - TargetGroupArn: !Ref LoadBalancerListenerTargetGroupAPI
          Type: forward
      LoadBalancerArn: !Ref LoadBalancer
      Port: 80
      Protocol: HTTP
  # Create the VPC Link configured with the private subnets.
  VpcLink:
      Type: 'AWS::ApiGatewayV2::VpcLink'
      Properties:
          Name: APIGWVpcLinkToPrivateHTTPEndpoint
          SubnetIds: !Ref PrivateSubnetIds
          SecurityGroupIds:
            - !Ref LoadBalancerSG
  # Create the API Gateway HTTP endpoint
  APIGWHTTPEndpoint:
      Type: 'AWS::ApiGatewayV2::Api'
      Properties:
          Name: hpc-serverless-job-mgmt-api
          ProtocolType: HTTP
  APIGWHTTPEndpointIntegration:
      Type: 'AWS::ApiGatewayV2::Integration'
      Properties:
        ApiId: !Ref APIGWHTTPEndpoint
        IntegrationType: HTTP_PROXY
        ConnectionId: !Ref VpcLink
        ConnectionType: VPC_LINK
        IntegrationMethod: ANY
        IntegrationUri: !Ref LoadBalancerListener
        PayloadFormatVersion: '1.0'
      DependsOn:
      - VpcLink
      - APIGWHTTPEndpoint
      - LoadBalancerListener
  # API GW route with ANY method
  APIGWRoute:
    Type: 'AWS::ApiGatewayV2::Route'
    Properties:
      ApiId: !Ref APIGWHTTPEndpoint
      RouteKey: '$default'
      Target: !Join 
        - /
        - - integrations
          - !Ref APIGWHTTPEndpointIntegration
    DependsOn:
    - APIGWHTTPEndpointIntegration
  # Set a default stage
  APIStageDefault:
    Type: 'AWS::ApiGatewayV2::Stage'
    Properties:
      ApiId: !Ref APIGWHTTPEndpoint
      StageName: $default
      AutoDeploy: true
    DependsOn:
      - APIGWHTTPEndpoint

Outputs:
  # Generated API GW endpoint URL that can be used to access the application running on a private ECS Fargate cluster.
  APIGWEndpoint:
    Description: API Gateway Endpoint
    Value: !GetAtt APIGWHTTPEndpoint.ApiEndpoint