-
Notifications
You must be signed in to change notification settings - Fork 41
/
Copy pathtextract_bounding_box_api.yaml
248 lines (225 loc) · 7.83 KB
/
textract_bounding_box_api.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
AWSTemplateFormatVersion: '2010-09-09'
Description: Textract bounding box cloudformation template by Srce Cde
Parameters:
CodeBucketName:
Description: Enter S3 bucket name where the code is uploaded
Type: String
S3KeyPresignedUploadLambda:
Description: Enter S3 key reference for pre-signed upload lambda
Type: String
S3KeyPresignedDownloadLambda:
Description: Enter S3 key reference for pre-signed download lambda
Type: String
S3KeyImageProcessLambda:
Description: Enter S3 key reference for image processing lambda
Type: String
LambdaLayer:
Description: Enter S3 key reference for OpennCV layer
Type: String
Resources:
S3Bucket:
Type: AWS::S3::Bucket
DependsOn:
- ImageProcessingLambda
Properties:
BucketName: !Join [ '-', [ !Ref AWS::StackName, !Ref AWS::Region, !Ref AWS::AccountId ] ]
NotificationConfiguration:
LambdaConfigurations:
- Event: s3:ObjectCreated:*
Function: !GetAtt ImageProcessingLambda.Arn
Filter:
S3Key:
Rules:
- Name: prefix
Value: upload/
ImageProcessingLambda:
Type: AWS::Lambda::Function
Properties:
Handler: lambda_function.lambda_handler
Runtime: python3.9
Timeout: 12
Role: !GetAtt ImageProcessIAMRole.Arn
Layers:
- !Ref OpencvLayer
Code:
S3Bucket: !Ref CodeBucketName
S3Key: !Ref S3KeyImageProcessLambda
S3InvokeLambdaPermission:
Type: AWS::Lambda::Permission
DependsOn:
- ImageProcessingLambda
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref ImageProcessingLambda
Principal: s3.amazonaws.com
SourceArn: !Sub
- 'arn:aws:s3:::${S3Bucket}'
- { S3Bucket: !Join [ '-', [ !Ref AWS::StackName, !Ref AWS::Region, !Ref AWS::AccountId ] ] }
ImageProcessIAMRole:
Type: AWS::IAM::Role
Properties:
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AWSLambdaExecute
- arn:aws:iam::aws:policy/AmazonTextractFullAccess
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
OpencvLayer:
Type: AWS::Lambda::LayerVersion
Properties:
CompatibleRuntimes:
- python3.9
Content:
S3Bucket: !Ref CodeBucketName
S3Key: !Ref LambdaLayer
Description: OpenCV layer
PresignedUploadLambda:
Type: AWS::Lambda::Function
Properties:
Handler: lambda_function.lambda_handler
Runtime: python3.9
Role: !GetAtt PresignedIAMRole.Arn
Environment:
Variables:
BUCKET_NAME: !Join [ '-', [ !Ref AWS::StackName, !Ref AWS::Region, !Ref AWS::AccountId ] ]
PREFIX: 'upload'
Code:
S3Bucket: !Ref CodeBucketName
S3Key: !Ref S3KeyPresignedUploadLambda
PresignedIAMRole:
Type: AWS::IAM::Role
Properties:
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AWSLambdaExecute
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
PresignedDownloadLambda:
Type: AWS::Lambda::Function
Properties:
Handler: lambda_function.lambda_handler
Runtime: python3.9
Timeout: 5
Role: !GetAtt PresignedIAMRole.Arn
Environment:
Variables:
BUCKET_NAME: !Join [ '-', [ !Ref AWS::StackName, !Ref AWS::Region, !Ref AWS::AccountId ] ]
PREFIX: 'processed'
Code:
S3Bucket: !Ref CodeBucketName
S3Key: !Ref S3KeyPresignedDownloadLambda
HTTPApi:
Type: AWS::ApiGatewayV2::Api
Properties:
Name: sampleapi
ProtocolType: HTTP
UploadIntegration:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref HTTPApi
Description: Lambda Integration
IntegrationType: AWS_PROXY
IntegrationUri: !Join
- ''
- - 'arn:'
- !Ref 'AWS::Partition'
- ':apigateway:'
- !Ref 'AWS::Region'
- ':lambda:path/2015-03-31/functions/'
- !GetAtt PresignedUploadLambda.Arn
- /invocations
IntegrationMethod: POST
PayloadFormatVersion: '2.0'
DownloadIntegration:
Type: AWS::ApiGatewayV2::Integration
Properties:
ApiId: !Ref HTTPApi
Description: Lambda Integration
IntegrationType: AWS_PROXY
IntegrationUri: !Join
- ''
- - 'arn:'
- !Ref 'AWS::Partition'
- ':apigateway:'
- !Ref 'AWS::Region'
- ':lambda:path/2015-03-31/functions/'
- !GetAtt PresignedDownloadLambda.Arn
- /invocations
IntegrationMethod: POST
PayloadFormatVersion: '2.0'
UploadRoute:
Type: AWS::ApiGatewayV2::Route
DependsOn:
- UploadIntegration
Properties:
ApiId: !Ref HTTPApi
RouteKey: GET /upload
AuthorizationType: AWS_IAM
Target: !Join
- /
- - integrations
- !Ref UploadIntegration
DownloadRoute:
Type: AWS::ApiGatewayV2::Route
DependsOn:
- DownloadIntegration
Properties:
ApiId: !Ref HTTPApi
RouteKey: GET /download
AuthorizationType: AWS_IAM
Target: !Join
- /
- - integrations
- !Ref DownloadIntegration
Deployment:
Type: AWS::ApiGatewayV2::Deployment
DependsOn:
- UploadRoute
- DownloadRoute
- MyStage
Properties:
Description: My deployment
ApiId: !Ref HTTPApi
StageName: v1
MyStage:
Type: AWS::ApiGatewayV2::Stage
Properties:
StageName: v1
Description: Prod Stage
ApiId: !Ref HTTPApi
APIUploadLambdaPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref PresignedUploadLambda
Principal: apigateway.amazonaws.com
SourceArn: !Sub
- 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${API}/${STAGE}/*/*'
- API: !Ref HTTPApi
STAGE: !Ref MyStage
APIDownloadLambdaPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref PresignedDownloadLambda
Principal: apigateway.amazonaws.com
SourceArn: !Sub
- 'arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${API}/${STAGE}/*/*'
- API: !Ref HTTPApi
STAGE: !Ref MyStage
Outputs:
Endpoint:
Description: API Endpoint
Value: !Sub "https://${HTTPApi}.execute-api.${AWS::Region}.amazonaws.com/${MyStage}/"