# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
# SPDX-License-Identifier: MIT-0

AWSTemplateFormatVersion: 2010-09-09
Description: |
  Create the shared portfolio of Data Science environments in AWS Service Catalog

Outputs:
  ProductId:
    Description: Service Catalog data science product Id
    Value: !Ref DataScienceEnvironmentProduct

  PortfolioId:
    Description: Service Catalog data science portfolio Id
    Value: !Ref DataScienceEnvironmentPortfolio

  ProductName:
    Description: Service Catalog data science product name
    Value: !GetAtt DataScienceEnvironmentProduct.ProductName

  ProvisioningArtifactIds:
    Description: Service Catalog data science provisioning artifact Ids
    Value: !GetAtt DataScienceEnvironmentProduct.ProvisioningArtifactIds

  ProvisioningArtifactNames:
    Description: Service Catalog data science provisioning artifact names
    Value: !GetAtt DataScienceEnvironmentProduct.ProvisioningArtifactNames


Parameters:
  StackSetName:
    Type: String 
    Description: A parent stack name

  SCPortfolioPrincipalRoleArn:
    Type: String 
    Description: Data Science Administrator role ARN

  SCProductLaunchRoleArn:
    Type: String 
    Description: Service Catalog Launch role ARN

Resources:

  DataScienceEnvironmentPortfolio:
    Type: 'AWS::ServiceCatalog::Portfolio'
    Properties:
      ProviderName: 'Data Science Administration Team'
      Description: 'This portfolio is a collection of products designed to support managing data science environments'
      DisplayName: 'Products for managing data science environments'

  DataScienceEnvironmentProduct:
    Type: 'AWS::ServiceCatalog::CloudFormationProduct'
    Properties:
      Name: !Sub '${StackSetName}-${AWS::Region} Data Science Environment v1.2'
      Description: 'A secure SageMaker Studio environment with VPC, S3 buckets, and service catalog portfolio to support data science projects'
      Owner: 'Data Science Administration Team'
      ProvisioningArtifactParameters:
        - Name: 'DS Environment v1.2'
          Description: 'A secure SageMaker Studio environment deployment into VPC'
          Info:
            LoadTemplateFromURL: 'https://s3.amazonaws.com/< S3_CFN_STAGING_BUCKET_PATH >/env-main.yaml'

  SCPortfolioProductAssociation:
    Type: 'AWS::ServiceCatalog::PortfolioProductAssociation'
    Properties:
      PortfolioId: !Ref DataScienceEnvironmentPortfolio
      ProductId: !Ref DataScienceEnvironmentProduct

  DSAdminPortfolioPrincipleAssociation:
    Type: 'AWS::ServiceCatalog::PortfolioPrincipalAssociation'
    Properties:
      PortfolioId: !Ref DataScienceEnvironmentPortfolio
      PrincipalARN: !Ref SCPortfolioPrincipalRoleArn
      PrincipalType: IAM

  SCProductLaunchRoleConstraint:
    Type: 'AWS::ServiceCatalog::LaunchRoleConstraint'
    DependsOn: SCPortfolioProductAssociation
    Properties:
      Description: !Sub 'AWS Service Catalog uses ${SCProductLaunchRoleArn} to launch a data science environment product'
      PortfolioId: !Ref DataScienceEnvironmentPortfolio
      ProductId: !Ref DataScienceEnvironmentProduct
      RoleArn: !Ref SCProductLaunchRoleArn