AWSTemplateFormatVersion: "2010-09-09" Description: Amazon Transcribe Post Call Analytics - PCA Server - BulkImport State Machine Transform: AWS::Serverless-2016-10-31 Parameters: BulkUploadStepFunctionName: Type: AWS::SSM::Parameter::Value Default: BulkUploadStepFunctionName BulkUploadBucketName: Type: AWS::SSM::Parameter::Value Default: BulkUploadBucket InputBucketName: Type: AWS::SSM::Parameter::Value Default: InputBucketName Globals: Function: Runtime: python3.8 MemorySize: 1024 Timeout: 60 Resources: BulkFilesCount: Type: "AWS::Serverless::Function" Properties: CodeUri: ../../src/pca Handler: pca-aws-sf-bulk-files-count.lambda_handler Policies: - Statement: - Sid: S3BucketReadPolicy Effect: Allow Action: - s3:ListBucket - s3:GetObject Resource: - !Sub arn:aws:s3:::${BulkUploadBucketName} - !Sub arn:aws:s3:::${BulkUploadBucketName}/* - Statement: - Sid: SSMGetParameterPolicy Effect: Allow Action: - ssm:GetParameter Resource: !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/* BulkMoveFiles: Type: "AWS::Serverless::Function" Properties: CodeUri: ../../src/pca Handler: pca-aws-sf-bulk-move-files.lambda_handler Timeout: 300 Policies: - Statement: - Sid: S3BucketReadWritePolicy Effect: Allow Action: - s3:ListBucket - s3:GetObject - s3:PutObject - s3:DeleteObject Resource: - !Sub arn:aws:s3:::${BulkUploadBucketName} - !Sub arn:aws:s3:::${BulkUploadBucketName}/* - !Sub arn:aws:s3:::${InputBucketName} - !Sub arn:aws:s3:::${InputBucketName}/* BulkQueueSpace: Type: "AWS::Serverless::Function" Properties: CodeUri: ../../src/pca Handler: pca-aws-sf-bulk-queue-space.lambda_handler Timeout: 30 Policies: - arn:aws:iam::aws:policy/AmazonTranscribeReadOnlyAccess LogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: !Sub '/aws/vendedlogs/${BulkUploadStepFunctionName}' RetentionInDays: 90 Role: Type: "AWS::IAM::Role" Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: states.amazonaws.com Action: sts:AssumeRole Policies: - PolicyName: AllowInvokeFunctions PolicyDocument: Statement: - Effect: Allow Action: lambda:InvokeFunction Resource: - !GetAtt BulkFilesCount.Arn - !GetAtt BulkQueueSpace.Arn - !GetAtt BulkMoveFiles.Arn - PolicyName: CloudWatchLogs PolicyDocument: Statement: - Effect: Allow Action: - logs:CreateLogDelivery - logs:GetLogDelivery - logs:UpdateLogDelivery - logs:DeleteLogDelivery - logs:ListLogDeliveries - logs:PutResourcePolicy - logs:DescribeResourcePolicies - logs:DescribeLogGroups Resource: "*" StateMachine: Type: "AWS::StepFunctions::StateMachine" Properties: StateMachineName: !Ref BulkUploadStepFunctionName DefinitionS3Location: ./bulk-definition.json DefinitionSubstitutions: BulkFilesCountArn: !GetAtt BulkFilesCount.Arn BulkQueueSpaceArn: !GetAtt BulkQueueSpace.Arn BulkMoveFilesArn: !GetAtt BulkMoveFiles.Arn LoggingConfiguration: Level: ERROR IncludeExecutionData: true Destinations: - CloudWatchLogsLogGroup: LogGroupArn: !GetAtt LogGroup.Arn RoleArn: !GetAtt Role.Arn Outputs: RolesForKMSKey: Value: !Join - ', ' - - !Sub '"${BulkMoveFilesRole.Arn}"' - !Sub '"${BulkFilesCountRole.Arn}"'