pdfRest Self-Hosted HTTP80 Configuration

The pdfRest API Toolkit Self-Hosted on AWS offering gives application developers the ability to host the infrastructure to process document workflows within their AWS VPCs.

If the PDF processing solution is completely internal-facing, SSL encryption over port 443 may not be required. This solution details the bare minimum configuration required to build a scalabale, internal-only pdfRest Self-Hosted solution.

Note: The resources below can be deployed in an internal-only or externally accessible form, the steps will assume internal-only since we'll be running all traffic over HTTP:80. Some optional resources such as the Load Balancer may incur additional consumption charges within AWS.

1. Deploy the AMI

From the AMI Marketplace, deploy the pdfRest Self-Hosted AMI into the proper VPC. Chose any Security Group for now, we'll backtrack to apply the proper Security Groups to the EC2 instance and the Load Balancer in a future step.

2. Target Group

Create a Target Group with the following configuration:
        Target Type = Instances
        Protocol and Port = HTTP and Port 80
        VPC = The same VPC as the AMI's EC2 Protocol version = HTTP1
        Health check protocol and path = HTTP and path "/up" (minus "")
        Advanced Health Check Success Codes = 200-302

3. Load Balancer

Create a Load Balancer with the following configuration:
        Chose an Application Load Balancer
        IP address type = IPv4
        VPC = The same VPC as the AMI's EC2
        Security Group = Use default, we will change this shortly
        Listener = HTTP Port 80 Forward to the Target Group created above

4. Security Groups

In this section we will create two Security Groups. The first will be access permissions for the source of API calls to the Load Balancer. The second is for the AMI's EC2 instance, allowing the Load Balancer to communicate with it.

For the Source of API calls to Load Balancer, create a Security Group with the following Inbound Rule:
        Type = HTTP
        Protocol = TCP
        Port range = 80
        Source = Custom, enter the individual /32 IP of the existing AMI's EC2 instance or the subnet range that EC2 instances may reside on

Attach the above policy to the Load Balancer.
Next, for the AMI's EC2, create a Security group with the following Inbound Rule:
        Type = HTTP
        Protocol = TCP
        Port Range = 80
        Source = Select or enter the Security Group ID of the group created above (ID starts with "sg-")

5. Testing

From the Details tab of the Load Balancer created in Part 4, you can copy the Load Balancer's "DNS Name". You can either create a DNS CNAME record that redirects to this or send pdfRest API calls directly to the address.

Documentation for making calls to the new pdfRest Self-Hosted system can be found in the pdfRest Self-Hosted Reference Guide.