AWSTemplateFormatVersion: "2010-09-09"

Description: Provides configuration for a Workstation instance.

Parameters:
  SubnetID:
    Type: AWS::EC2::Subnet::Id

  CreateVPNEndpoint:
    Type: String

  DirectoryId:
    Type: String

  DomainDNSName:
    Type: String

  DomainUser:
    Type: String

  DomainAdminPassword:
    Type: String
    NoEcho: True

  ADServer1PrivateIP:
    Type: String

  ADServer2PrivateIP:
    Type: String

  ActiveDirectorySecurityGroup:
    Type: AWS::EC2::SecurityGroup::Id

  WorkstationSecurityGroup:
    Type: AWS::EC2::SecurityGroup::Id

  ActiveDirectoryDocument:
    Type: String

  FSxDNSName:
    Type: String

  LicenseServerInstancePrivateIp:
    Type: String

  InstanceType:
    Type: String

  InstanceAMI:
    Type: AWS::EC2::Image::Id

  EC2InstanceProfile:
    Type: String

  DeadlineAppVersion:
    Type: String

  ResourceTags:
    Type: String

  ArtefactBucketName:
    Type: String

Conditions:
  IsClientVpn: !Equals [!Ref CreateVPNEndpoint, true]

Resources:
  WorkstationInstance:
    CreationPolicy:
      ResourceSignal:
        Count: 1
        Timeout: PT25M
    Type: AWS::EC2::Instance
    Metadata:
      AWS::CloudFormation::Init:
        configSets:
          config:
            - instance_config
            - software_install
            - post_install
        instance_config:
          files:
            C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\automount.bat:
              content: !Sub |
                @echo OFF
                if NOT "%username%" == "Administrator" (
                  if NOT "\\${FSxDNSName}\share" == "NONE" (
                    net use Z: \\${FSxDNSName}\share
                  )
                ) else (
                  echo Administrator Login - No network mounts
                )
            C:\cfn\cfn-hup.conf:
              content: !Sub |
                [main]
                stack=${AWS::StackId}
                region=${AWS::Region}
                interval=1
            C:\cfn\hooks.d\cfn-auto-reloader.conf:
              content: !Sub |
                [cfn-auto-reloader-hook]
                triggers=post.update
                path=Resources.WorkstationInstance.Metadata.AWS::CloudFormation::Init
                action=cfn-init.exe -v --stack ${AWS::StackId} --resource WorkstationInstance --configsets config --region ${AWS::Region}
          commands:
            01-mount-fsx:
              command: !Sub >-
                net use Z: \\${FSxDNSName}\share /persistent:yes /u:${DomainUser} ${DomainAdminPassword}
              waitAfterCompletion: 0
          services:
            windows:
              cfn-hup:
                enabled: true
                ensureRunning: true
                files:
                  - c:\\cfn\\cfn-hup.conf
                  - c:\\cfn\\hooks.d\\cfn-auto-reloader.conf
                audiosrv:
                  enabled: true
                  ensureRunning: true
                amazon-ssm-agent:
                  enabled: true
                  ensureRunning: true
        software_install:
          sources:
            C:\cfn\thinkbox: !Sub https://${ArtefactBucketName}.s3.${AWS::URLSuffix}/Deadline-${DeadlineAppVersion}-windows-installers.zip
          commands:
            01-install-client:
              command: !Sub >-
                powershell.exe -Command Start-Process -FilePath 'C:\cfn\thinkbox\DeadlineClient-${DeadlineAppVersion}-windows-installer.exe' -ArgumentList '--mode unattended', '--prefix C:\thinkbox\Deadline10', '--connectiontype Repository', '--repositorydir \\${FSxDNSName}\share\DeadlineRepository10', '--licensemode Standard', '--licenseserver @${LicenseServerInstancePrivateIp}', '--launcherstartup true', '--slavestartup false'
              ignoreErrors: true
              waitAfterCompletion: 0
        post_install:
          sources:
            Z:\assets: !Sub https://${ArtefactBucketName}.s3.amazonaws.com/BMW27_2.blend.zip
          files:
            C:\cfn\scripts\workstation-packages.ps1:
              source: https://raw.githubusercontent.com/aws-samples/aws-content-creation-render-environment-for-windows/main/scripts/workstation-packages.ps1
          commands:
            01-install-packages:
              command: powershell.exe -ExecutionPolicy Unrestricted .\workstation-packages.ps1
              cwd: C:\cfn\scripts\
              ignoreErrors: true
    Properties:
      BlockDeviceMappings:
        - DeviceName: /dev/sda1
          Ebs:
            VolumeSize: 150
            VolumeType: gp2
            Encrypted: true
            DeleteOnTermination: true
      IamInstanceProfile: !Ref EC2InstanceProfile
      ImageId: !Ref InstanceAMI
      InstanceType: !Ref InstanceType
      SsmAssociations:
        - DocumentName: !Ref ActiveDirectoryDocument
          AssociationParameters:
            - Key: directoryId
              Value:
                - !Ref DirectoryId
            - Key: directoryName
              Value:
                - !Ref DomainDNSName
            - Key: dnsIpAddresses
              Value:
                - !Ref ADServer1PrivateIP
                - !Ref ADServer2PrivateIP
      SecurityGroupIds:
        - !Ref ActiveDirectorySecurityGroup
        - !Ref WorkstationSecurityGroup
      SubnetId: !Ref SubnetID
      Tags:
        - Key: Name
          Value: !Join [/, [!Ref ResourceTags, workstation]]
      UserData: !Base64
        Fn::Sub: |
          <script>
          cfn-init.exe -v --stack ${AWS::StackName} --resource WorkstationInstance --configsets config --region ${AWS::Region}
          cfn-signal.exe -e %errorlevel% --stack ${AWS::StackName} --resource WorkstationInstance --region ${AWS::Region}
          </script>

Outputs:
  WorkstationIP:
    Value: !If [IsClientVpn, !GetAtt WorkstationInstance.PrivateIp, !GetAtt WorkstationInstance.PublicIp]

  DeadlineAppVersion:
    Value: !Ref DeadlineAppVersion