Skip to content

Commit

Permalink
Add CloudFormation to deploy STAC harvester as lambda functions
Browse files Browse the repository at this point in the history
  • Loading branch information
@xinli-cai
xinli-cai committed Dec 18, 2023
1 parent 425bf8e commit d1bb905
Show file tree
Hide file tree
Showing 2 changed files with 130 additions and 88 deletions.
92 changes: 4 additions & 88 deletions docs/cloudformation/geocore-hnap-harvest.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,22 +74,6 @@ Resources:
RestrictPublicBuckets: True
AccessControl: Private

GeocoreFormatTemplateBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub 'webpresence-geocore-template-${Environment}'
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
PublicAccessBlockConfiguration:
BlockPublicAcls: True
BlockPublicPolicy: True
IgnorePublicAcls: True
RestrictPublicBuckets: True
AccessControl: Private


HnapJsonHarvester2:
Type: AWS::Serverless::Function
Properties:
Expand All @@ -100,11 +84,11 @@ Resources:
Key:
Fn::If:
- IsProd
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230712-0000.zip
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230823-1800.zip
- Fn::If:
- IsStage
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230330-0000.zip
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230330-0000.zip
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230823-1800.zip
- cloudformation-templates/lambda/geocore-hnap-harvest/geocore-hnap-harvest-20230823-1800.zip
MemorySize: 3009
Handler: app.lambda_handler
Timeout: 900
Expand Down Expand Up @@ -237,68 +221,7 @@ Resources:
Layers:
- arn:aws:lambda:ca-central-1:336392948345:layer:AWSSDKPandas-Python37:5

GeocoreStacHarvestAndTransformFunction:
Type: AWS::Serverless::Function
Properties:
Runtime: python3.9
Role: !GetAtt LambdaExecutionRole.Arn
CodeUri:
Bucket: !Ref DeploymentBucket
Key:
Fn::If:
- IsProd
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20230605-1500.zip
- Fn::If:
- IsStage
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20230605-1500.zip
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20230605-1500.zip
MemorySize: 4096
Handler: app.lambda_handler
Timeout: 900
Environment:
Variables:
GEOCORE_TEMPLATE_BUCKET_NAME: !Ref GeocoreFormatTemplateBucket
GEOCORE_TEMPLATE_NAME: 'geocore-format-null-template.json'
GEOCORE_TO_PARQUET_BUCKET_NAME: !Ref GeocoreHnapJsontoGeojsonBucket
STAC_API_ROOT: 'https://datacube.services.geo.ca/api'
ROOT_NAME: 'CCMEO Datacube API / CCCOT Cube de données API'
SOURCE: 'ccmeo'
Events:
ApiEvent:
Type: Api
Properties:
RestApiId: !Ref RestApi
Path: /stac_harvest
Method: any
Layers:
- arn:aws:lambda:ca-central-1:336392948345:layer:AWSSDKPandas-Python39:8


StacHarvesterRule:
Type: AWS::Events::Rule
Properties:
Name: !Sub 'stac-harvester-1day-${Environment}'
Description: Stac Harvester on a 1 day interval
State: ENABLED
ScheduleExpression: 'rate(1 day)'
Targets:
-
Arn:
Fn::GetAtt:
- GeocoreStacHarvestAndTransformFunction
- Arn
Id: !Ref GeocoreStacHarvestAndTransformFunction

PermissionForEventsToInvokeStacHarvesterLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Ref GeocoreStacHarvestAndTransformFunction
Action: 'lambda:InvokeFunction'
Principal: 'events.amazonaws.com'
SourceArn: !GetAtt
- StacHarvesterRule
- Arn


LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
Expand Down Expand Up @@ -509,13 +432,6 @@ Resources:
httpMethod: POST
uri: !Sub 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GeocoretoParquet.Arn}/invocations'
responses: {}
/stac_harvest:
get:
x-amazon-apigateway-integration:
type: aws_proxy
httpMethod: POST
uri: !Sub 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${GeocoreStacHarvestAndTransformFunction.Arn}/invocations'
responses: {}
securityDefinitions:
api_key:
type: "apiKey"
Expand Down
126 changes: 126 additions & 0 deletions docs/cloudformation/geocore-stac-harvest-stack.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,126 @@
AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: Deploys STAC datacube harvester solution + STAC to geocore translation

Parameters:
Environment:
Type: AWS::SSM::Parameter::Value<String>
Default: /webpresence/environment
Description: SSM parameter name for environment
DeploymentBucket:
Type: AWS::SSM::Parameter::Value<String>
Default: /webpresence/deployment-bucket
Description: S3 bucket where all deployment files are stored


Conditions:
IsProd: !Equals [prod, !Ref Environment]
IsStage: !Equals [stage, !Ref Environment]
IsDev: !Equals [dev, !Ref Environment]

Resources:
GeocoreFormatTemplateBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub 'webpresence-geocore-template-${Environment}'
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
PublicAccessBlockConfiguration:
BlockPublicAcls: True
BlockPublicPolicy: True
IgnorePublicAcls: True
RestrictPublicBuckets: True
AccessControl: Private

GeocoreStacHarvestAndTransformFunction:
Type: AWS::Serverless::Function
Properties:
Runtime: python3.9
Role: !GetAtt LambdaExecutionRole.Arn
CodeUri:
Bucket: !Ref DeploymentBucket
Key:
Fn::If:
- IsProd
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20231019-1200.zip
- Fn::If:
- IsStage
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20231019-1200.zip
- cloudformation-templates/lambda/stac-to-geocore/stac-to-geocore-20231019-1200.zip
MemorySize: 4096
Handler: app.lambda_handler
Timeout: 900
Environment:
Variables:
GEOCORE_TEMPLATE_BUCKET_NAME: !Ref GeocoreFormatTemplateBucket
GEOCORE_TEMPLATE_NAME: 'geocore-format-null-template.json'
GEOCORE_TO_PARQUET_BUCKET_NAME: !Sub 'webpresence-geocore-json-to-geojson-${Environment}'
STAC_API_ROOT: 'https://datacube.services.geo.ca/api'
ROOT_NAME: 'CCMEO Datacube API / CCCOT Cube de données API'
SOURCE: 'ccmeo'
Layers:
- arn:aws:lambda:ca-central-1:336392948345:layer:AWSSDKPandas-Python39:8

StacHarvesterRule:
Type: AWS::Events::Rule
Properties:
Name: !Sub 'stac-harvester-1day-${Environment}'
Description: Stac Harvester on a 1 day interval
State: ENABLED
ScheduleExpression: 'rate(1 day)'
Targets:
-
Arn:
Fn::GetAtt:
- GeocoreStacHarvestAndTransformFunction
- Arn
Id: !Ref GeocoreStacHarvestAndTransformFunction


PermissionForEventsToInvokeStacHarvesterLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Ref GeocoreStacHarvestAndTransformFunction
Action: 'lambda:InvokeFunction'
Principal: 'events.amazonaws.com'
SourceArn: !GetAtt
- StacHarvesterRule
- Arn

LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
- arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess
Policies:
- PolicyName: 'policy'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 's3:*'
Resource:
- !Sub arn:aws:s3:::webpresence-geocore-template-${Environment}/*
- !Sub arn:aws:s3:::webpresence-geocore-template-${Environment}
- !Sub arn:aws:s3:::webpresence-geocore-json-to-geojson-${Environment}/*
- !Sub arn:aws:s3:::webpresence-geocore-json-to-geojson-${Environment}

LogGroup:
Type: Custom::LogGroup
Properties:
ServiceToken: !ImportValue LogGroupHelperLambdaArn
LogGroupName: !Sub '/${Environment}/webpresence/stac_harvester'
RetentionInDays: 3653

0 comments on commit d1bb905

Please sign in to comment.