AWSTemplateFormatVersion: "2010-09-09" Description: "(SO0164) Content Localization on AWS v2.1.3" Parameters: AdminEmail: Description: "Email address of the Content Localization on AWS administrator" Type: String OpensearchNodeSize: Description: "The node type to be provisioned for the Opensearch cluster" Type: String Default: "t3.small.search" AllowedValues: - "t3.small.search" - "m4.large.search" - "m4.xlarge.search" - "c4.large.search" - "c4.xlarge.search" - "r4.large.search" - "r4.xlarge.search" Conditions: EnableAnonymizedData: !Equals [ !FindInMap [AnonymizedData,SendAnonymizedData,Data], "Yes"] Mappings: MediaInsights: Release: Version: "v5.1.6" Application: SourceCode: GlobalS3Bucket: "solutions-reference" TemplateKeyPrefix: "content-localization-on-aws/v2.1.3" RegionalS3Bucket: "solutions" CodeKeyPrefix: "content-localization-on-aws/v2.1.3" Version: "v2.1.3" Solution: Data: SolutionId: "SO0164" SolutionName: "Content Localization on AWS" ApplicationType: "AWS-Solutions" AppRegistryApplicationName: "ContentLocalizationOnAws" AnonymizedData: SendAnonymizedData: Data: "Yes" Resources: # Deploy Media Insights on AWS Framework MieStack: Type: "AWS::CloudFormation::Stack" Properties: TemplateURL: !Join - "" - - "https://solutions-reference.s3.amazonaws.com/media-insights-on-aws/" - !FindInMap - MediaInsights - Release - Version - "/media-insights-on-aws-stack.template" Parameters: DeployAnalyticsPipeline: "Yes" DeployTestResources: "No" MaxConcurrentWorkflows: 5 EnableXrayTrace: "Yes" SolutionId: SO0164 SolutionVersion: "v2.1.3" # Deploy Opensearch OpensearchStack: Type: "AWS::CloudFormation::Stack" Properties: TemplateURL: !Join - "" - - "https://" - !FindInMap - Application - SourceCode - GlobalS3Bucket - ".s3.amazonaws.com/" - !FindInMap - Application - SourceCode - TemplateKeyPrefix - "/content-localization-on-aws-opensearch.template" Parameters: AnalyticsStreamArn: !GetAtt MieStack.Outputs.AnalyticsStreamArn MieDataplaneBucket: !GetAtt MieStack.Outputs.DataplaneBucket NodeType: !Ref OpensearchNodeSize MieKMSArn: !GetAtt MieStack.Outputs.MieKMSArn # Deploy Auth stack AuthStack: Type: "AWS::CloudFormation::Stack" Properties: TemplateURL: !Join - "" - - "https://" - !FindInMap - Application - SourceCode - GlobalS3Bucket - ".s3.amazonaws.com/" - !FindInMap - Application - SourceCode - TemplateKeyPrefix - "/content-localization-on-aws-auth.template" Parameters: AdminEmail: !Ref AdminEmail WorkflowApiId: !GetAtt MieStack.Outputs.WorkflowApiRestID DataplaneApiId: !GetAtt MieStack.Outputs.DataplaneApiRestID SearchDomainArn: !GetAtt OpensearchStack.Outputs.DomainArn DataplaneBucket: !GetAtt MieStack.Outputs.DataplaneBucket ParentStackName: !Ref MieStack MieKMSArn: !GetAtt MieStack.Outputs.MieKMSArn WebStack: Type: "AWS::CloudFormation::Stack" Properties: TemplateURL: !Join - "" - - "https://" - !FindInMap - Application - SourceCode - GlobalS3Bucket - ".s3.amazonaws.com/" - !FindInMap - Application - SourceCode - TemplateKeyPrefix - "/content-localization-on-aws-web.template" Parameters: DataplaneEndpoint: !GetAtt MieStack.Outputs.DataplaneApiEndpoint WorkflowEndpoint: !GetAtt MieStack.Outputs.WorkflowApiEndpoint SearchEndpoint: !GetAtt OpensearchStack.Outputs.DomainEndpoint DataplaneBucket: !GetAtt MieStack.Outputs.DataplaneBucket UserPoolId: !GetAtt AuthStack.Outputs.UserPoolId IdentityPoolId: !GetAtt AuthStack.Outputs.IdentityPoolId PoolClientId: !GetAtt AuthStack.Outputs.UserPoolClientId # Deploy video workflow VideoWorkflow: Type: "AWS::CloudFormation::Stack" Properties: TemplateURL: !Join - "" - - "https://" - !FindInMap - Application - SourceCode - GlobalS3Bucket - ".s3.amazonaws.com/" - !FindInMap - Application - SourceCode - TemplateKeyPrefix - "/content-localization-on-aws-video-workflow.template" Parameters: WorkflowCustomResourceArn: Fn::GetAtt: - MieStack - Outputs.WorkflowCustomResourceArn OperatorLibraryStack: Fn::GetAtt: - MieStack - Outputs.OperatorLibraryStack AnonymizedDataCustomResourceRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - sts:AssumeRole Path: "/" Policies: - PolicyName: !Sub "${AWS::StackName}-anonymized-data-logger" PolicyDocument: Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents Resource: - !Join ["", ["arn:aws:logs:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":log-group:/aws/lambda/*"]] - Effect: Allow Action: - ssm:PutParameter Resource: - !Join ["", ["arn:aws:ssm:", Ref: "AWS::Region", ":", Ref: "AWS::AccountId", ":parameter/*"]] AnonymizedDataCustomResource: Type: AWS::Lambda::Function Metadata: cfn_nag: rules_to_suppress: - id: W89 reason: "This Lambda function does not need to access any resource provisioned within a VPC." - id: W92 reason: "This function does not require performance optimization, so the default concurrency limits suffice." Properties: FunctionName: !Sub ${AWS::StackName}-anonymized-data Description: Used to send anonymized data Handler: anonymized-data-logger.handler Role: !GetAtt AnonymizedDataCustomResourceRole.Arn Code: S3Bucket: !Join [ "-", [ !FindInMap [ "Application", "SourceCode", "RegionalS3Bucket" ], Ref: "AWS::Region" ] ] S3Key: !Join [ "/", [ !FindInMap [ "Application", "SourceCode", "CodeKeyPrefix" ], "anonymized-data-logger.zip" ] ] Runtime: python3.11 Timeout: 180 # SendAnonymizedData AnonymizedDataUuid: Condition: EnableAnonymizedData Type: "Custom::UUID" Properties: ServiceToken: !GetAtt AnonymizedDataCustomResource.Arn Resource: UUID AnonymizedMetric: Condition: EnableAnonymizedData Type: "Custom::AnonymizedMetric" Properties: ServiceToken: !GetAtt AnonymizedDataCustomResource.Arn Resource: AnonymizedMetric SolutionId: "SO0164" UUID: !GetAtt AnonymizedDataUuid.UUID Version: !FindInMap ["Application", "SourceCode", "Version"] # AppRegistry Application: Type: AWS::ServiceCatalogAppRegistry::Application Properties: Description: !Sub - Service Catalog application to track and manage all your resources. The Solution ID is ${solutionId} and Solution Version is ${solutionVersion}. - solutionId: !FindInMap - Solution - Data - SolutionId solutionVersion: !FindInMap - Application - SourceCode - Version Name: !Join - "-" - - !FindInMap [Solution, Data, "AppRegistryApplicationName"] - !Ref AWS::Region - !Ref AWS::AccountId - !Ref AWS::StackName Tags: { 'Solutions:SolutionID': !FindInMap [Solution, Data, "SolutionId"], 'Solutions:SolutionName': !FindInMap [Solution, Data, "SolutionName"], 'Solutions:SolutionVersion': !FindInMap [Application, SourceCode, "Version"], 'Solutions:ApplicationType': !FindInMap [Solution, Data, "ApplicationType"], } AppRegistryApplicationStackAssociation: Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation Properties: Application: !GetAtt Application.Id Resource: !Ref AWS::StackId ResourceType: CFN_STACK DefaultApplicationAttributes: Type: AWS::ServiceCatalogAppRegistry::AttributeGroup Properties: Name: !Join ['-', [!Ref 'AWS::Region', !Ref 'AWS::StackName']] Description: Attribute group for solution information. Attributes: { "ApplicationType" : !FindInMap [Solution, Data, "ApplicationType"], "Version": !FindInMap [Application, SourceCode, "Version"], "SolutionID": !FindInMap [Solution, Data, "SolutionId"], "SolutionName": !FindInMap [Solution, Data, "SolutionName"] } AppRegistryApplicationAttributeAssociation: Type: AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation Properties: Application: !GetAtt Application.Id AttributeGroup: !GetAtt DefaultApplicationAttributes.Id AppRegistryApplicationStackAssociationOpenSearchStack: Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation Properties: Application: !GetAtt Application.Id Resource: !Ref OpensearchStack ResourceType: CFN_STACK AppRegistryApplicationStackAssociationAuthStack: Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation Properties: Application: !GetAtt Application.Id Resource: !Ref AuthStack ResourceType: CFN_STACK AppRegistryApplicationStackAssociationWebStack: Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation Properties: Application: !GetAtt Application.Id Resource: !Ref WebStack ResourceType: CFN_STACK AppRegistryApplicationStackAssociationVideoWorkflowStack: Type: AWS::ServiceCatalogAppRegistry::ResourceAssociation Properties: Application: !GetAtt Application.Id Resource: !Ref VideoWorkflow ResourceType: CFN_STACK Outputs: ContentLocalizationSolution: Value: !GetAtt WebStack.Outputs.CloudfrontUrl