--- AWSTemplateFormatVersion: '2010-09-09' Description: > This Cloudformation Template deploys the single server option of the BigBlueButton application server. Disclaimer: Not for production use. Demo and testing purposes only. Author: David Surey Parameters: BBBApplicationVersion: Description: Application Version for BBB Type: String Default: focal-260 BBBOperatorEMail: Description: E-Mail address to notify if there are any operational issues Type: String AllowedPattern: "([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)" ConstraintDescription: Must be a valid email address. Default: johndoe@example.com BBBNotificationTopic: Description: Topic to be used for alarm notifications Type: String BBBPublicApplicationSubnets: Description: Comma separated list of the appserver's subnets Type: CommaDelimitedList BBBApplicationInstanceAMI: Description: Ubuntu Version to be deployed for Application Instances Default: focal-20.04 Type: String BBBApplicationInstanceType: Description: Instance type for the appserver Type: String Default: t3a.xlarge BBBApplicationDataVolumeSize: Description: Size of the application instance data volume Type: Number Default: 20 BBBApplicationRootVolumeSize: Description: Size of the application instance data volume Type: Number Default: 20 BBBApplicationMaxInstances: Type: Number Description: Maximum number of appserver instances Default: 3 BBBApplicationMinInstances: Type: Number Description: Minimum number of appserver instances Default: 1 BBBApplicationDesiredInstances: Type: Number Description: Desired number of appserver instances Default: 1 BBBApplicationSecurityGroup: Description: Security Group that should be assigned for the appserver Type: String BBBHostedZone: Description: Hosted zone in which the DNS entries for the app servers should be created Type: String BBBDomainName: Description: Base domain name used for the instance Type: String BBBStackBucketStack: Description: S3 Bucket Stack that contains scripts and sources Type: String BBBSystemLogsGroup: Description: Log group to be used for the system logs Type: String BBBApplicationLogsGroup: Description: Log group to be used for the Application logs Type: String BBBSystemLogsGroupArn: Description: Log group to be used for the system logs Type: String BBBApplicationLogsGroupArn: Description: Log group to be used for the Application logs Type: String Resources: BBBApplicationAutoScaling: Type: AWS::AutoScaling::AutoScalingGroup Properties: VPCZoneIdentifier: !Ref BBBPublicApplicationSubnets LaunchTemplate: LaunchTemplateId: !Ref BBBApplicationInstanceLaunchTemplate Version: !GetAtt BBBApplicationInstanceLaunchTemplate.LatestVersionNumber TerminationPolicies: - DEFAULT MaxSize: !Ref BBBApplicationMaxInstances MinSize: !Ref BBBApplicationMinInstances DesiredCapacity: !Ref BBBApplicationDesiredInstances NotificationConfiguration: TopicARN: Ref: BBBNotificationTopic NotificationTypes: - autoscaling:EC2_INSTANCE_LAUNCH - autoscaling:EC2_INSTANCE_LAUNCH_ERROR - autoscaling:EC2_INSTANCE_TERMINATE - autoscaling:EC2_INSTANCE_TERMINATE_ERROR CreationPolicy: ResourceSignal: Timeout: PT30M UpdatePolicy: AutoScalingReplacingUpdate: WillReplace: true BBBApplicationEC2Role: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: [ ec2.amazonaws.com ] Action: [ "sts:AssumeRole" ] Path: / Policies: - PolicyName: "bbbawsorchestrationaccess" PolicyDocument: Version: "2012-10-17" Statement: - Effect: "Allow" Action: - route53:ChangeResourceRecordSets - route53:GetHostedZone - route53:ListResourceRecordSets Resource: !Sub "arn:aws:route53:::hostedzone/${BBBHostedZone}" - Effect: Allow Action: - s3:GetObject Resource: - !Sub "arn:aws:s3:::${BBBStackBucketStack}/*" - Effect: Allow Action: - logs:PutLogEvents - logs:CreateLogStream - logs:DescribeLogStreams - logs:CreateLogGroup Resource: - !Ref BBBSystemLogsGroupArn - !Ref BBBApplicationLogsGroupArn ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore BBBApplicationEC2InstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: / Roles: - !Ref BBBApplicationEC2Role BBBApplicationInstanceLaunchTemplate: Type: AWS::EC2::LaunchTemplate Properties: LaunchTemplateData: BlockDeviceMappings: - DeviceName: /dev/sda1 Ebs: VolumeType: gp2 VolumeSize: !Ref BBBApplicationRootVolumeSize Encrypted: true - DeviceName: /dev/sdf Ebs: VolumeSize: !Ref BBBApplicationDataVolumeSize VolumeType: gp2 Encrypted: true IamInstanceProfile: Arn: !GetAtt BBBApplicationEC2InstanceProfile.Arn ImageId: !Ref BBBApplicationInstanceAMI InstanceType: !Ref BBBApplicationInstanceType NetworkInterfaces: - AssociatePublicIpAddress: true DeviceIndex: 0 Groups: - !Ref BBBApplicationSecurityGroup UserData: Fn::Base64: !Sub | #!/bin/bash -xe apt update -y while fuser /var/{lib/{dpkg,apt/lists},cache/apt/archives}/lock >/dev/null 2>&1; do sleep 1; done DEBIAN_FRONTEND='noninteractive' apt -y -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confold' full-upgrade apt autoremove -y apt autoclean while fuser /var/{lib/{dpkg,apt/lists},cache/apt/archives}/lock >/dev/null 2>&1; do sleep 1; done apt install -y git jq unzip python3-pip cd /tmp pip3 install -U https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install while fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do sleep 1; done aws s3 cp s3://${BBBStackBucketStack}/bbb-appsingle-bootstrap.sh /tmp/bbb-bootstrap.sh chmod +x /tmp/bbb-bootstrap.sh /tmp/bbb-bootstrap.sh -a ${BBBStackBucketStack} \ -b ${BBBSystemLogsGroup} \ -c ${BBBDomainName} \ -e ${BBBHostedZone} \ -g ${BBBOperatorEMail} \ -h ${BBBApplicationVersion} \ -i ${AWS::Region} /usr/local/bin/cfn-signal -e $? --stack ${AWS::StackName} --resource BBBApplicationAutoScaling --region ${AWS::Region} || true Outputs: BBBApplicationEC2InstanceProfile: Description: Big Blue Button Application Instance Profile Value: Ref: BBBApplicationEC2InstanceProfile BBBApplicationEC2Role: Description: Big Blue Button Application Instance Role Value: Ref: BBBApplicationEC2Role BBBApplicationAutoScaling: Description: Big Blue Button Application Instance Autoscaling Group Value: Ref: BBBApplicationAutoScaling BBBApplicationInstanceLaunchTemplate: Description: Big Blue Button Application Instance Launch Template Value: Ref: BBBApplicationInstanceLaunchTemplate