{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "QS(0023) - This template deploys a SharePoint 2016 traditional topology farm with two Web Front-End servers and two Application servers or a streamlined topology farm with two Web Front End servers, two Application servers, two Distributed Cache Server, and two Search servers. This template is intended to be installed into an existing VPC that was built using the sample reference architecture titled: \"Implementing Active Directory Domain Services in the AWS Cloud\" **WARNING** This template creates Amazon EC2 Windows instance and related resources. You will be billed for the AWS resources used if you create a stack from this template.", "Metadata": { "AWS::CloudFormation::Interface": { "ParameterGroups": [ { "Label": { "default": "Network Configuration" }, "Parameters": [ "KeyPairName", "PrivateSubnet1ID", "PrivateSubnet2ID", "PublicSubnet1ID", "PublicSubnet2ID", "VPCID", "VPCCIDR" ] }, { "Label": { "default": "Microsoft SharePoint Configuration" }, "Parameters": [ "ELBConfiguration", "IncludeOfficeOnlineServer", "SPISOImageURI", "SPKey", "SPTopology", "SPFarmAccount", "SPFarmAccountPassword", "SPInstanceType", "SQLServerAccessSecurityGroupID", "OOSInstanceType", "LatestAmiId" ] }, { "Label": { "default": "Microsoft Active Directory Configuration" }, "Parameters": [ "ADServer1NetBIOSName", "ADServer1PrivateIP", "ADServer2NetBIOSName", "ADServer2PrivateIP", "DomainAdminUser", "DomainAdminPassword", "DomainMemberSGID", "DomainDNSName", "DomainNetBIOSName" ] }, { "Label": { "default": "WSFC Configuration" }, "Parameters": [ "WSFCNode1NetBIOSName", "WSFCNode2NetBIOSName" ] }, { "Label": { "default": "AWS Quick Start Configuration" }, "Parameters": [ "QSS3BucketName", "QSS3KeyPrefix" ] } ], "ParameterLabels": { "ADServer1NetBIOSName": { "default": "Domain Controller 1 NetBIOS Name" }, "ADServer1PrivateIP": { "default": "Domain Controller 1 Private IP Address" }, "ADServer2NetBIOSName": { "default": "Domain Controller 2 NetBIOS Name" }, "ADServer2PrivateIP": { "default": "Domain Controller 2 Private IP Address" }, "DomainAdminPassword": { "default": "Domain Admin Password" }, "DomainAdminUser": { "default": "Domain Admin User Name" }, "DomainDNSName": { "default": "Domain DNS Name" }, "DomainMemberSGID": { "default": "Domain Member Security Group ID" }, "DomainNetBIOSName": { "default": "Domain NetBIOS Name" }, "ELBConfiguration": { "default": "ELB Configuration" }, "IncludeOfficeOnlineServer": { "default": "Include Office Online Servers" }, "KeyPairName": { "default": "Key Pair Name" }, "LatestAmiId": { "default": "SSM Parameter to Grab Latest AMI ID" }, "OOSInstanceType": { "default": "Office Online Server Instance Type" }, "PrivateSubnet1ID": { "default": "Private Subnet 1 ID" }, "PrivateSubnet2ID": { "default": "Private Subnet 2 ID" }, "PublicSubnet1ID": { "default": "Public Subnet 1 ID" }, "PublicSubnet2ID": { "default": "Public Subnet 2 ID" }, "QSS3BucketName": { "default": "Quick Start S3 Bucket Name" }, "QSS3KeyPrefix": { "default": "Quick Start S3 Key Prefix" }, "SPFarmAccount": { "default": "Farm Account Name" }, "SPFarmAccountPassword": { "default": "Farm Account Password" }, "SPInstanceType": { "default": "SharePoint Server Instance Type" }, "SPISOImageURI": { "default": "Installation Media ISO Image File URI" }, "SPKey": { "default": "Product Key" }, "SPTopology": { "default": "Farm Topology" }, "SQLServerAccessSecurityGroupID": { "default": "Allows access to SQL Servers" }, "WSFCNode1NetBIOSName": { "default": "WSFC Node 1 NetBIOS Name" }, "WSFCNode2NetBIOSName": { "default": "WSFC Node 2 NetBIOS Name" }, "VPCID": { "default": "VPC ID" }, "VPCCIDR": { "default": "VPC CIDR" } } } }, "Parameters": { "ADServer1NetBIOSName": { "AllowedPattern": "[a-zA-Z0-9\\-]+", "Default": "DC1", "Description": "NetBIOS name of the existing Domain Controller in AZ1", "MaxLength": "15", "MinLength": "1", "Type": "String" }, "ADServer1PrivateIP": { "Default": "10.0.0.10", "Description": "Fixed private IP for the first existing Active Directory server located in AZ1", "Type": "String" }, "ADServer2NetBIOSName": { "AllowedPattern": "[a-zA-Z0-9\\-]+", "Default": "DC2", "Description": "NetBIOS name of the existing Domain Controller in AZ2", "MaxLength": "15", "MinLength": "1", "Type": "String" }, "ADServer2PrivateIP": { "Default": "10.0.64.10", "Description": "Fixed private IP for the second existing Active Directory server located in AZ2", "Type": "String" }, "DomainAdminPassword": { "AllowedPattern": "(?=^.{6,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*", "Description": "Password for the domain admin user. Must be at least 8 characters containing letters, numbers and symbols", "MaxLength": "32", "MinLength": "8", "NoEcho": "true", "Type": "String" }, "DomainAdminUser": { "AllowedPattern": "[a-zA-Z0-9]*", "Default": "StackAdmin", "Description": "User name for the account that will be added as Domain Administrator. This is separate from the default \"Administrator\" account", "MaxLength": "25", "MinLength": "5", "Type": "String" }, "DomainDNSName": { "AllowedPattern": "[a-zA-Z0-9\\-]+\\..+", "Default": "example.com", "Description": "Fully qualified domain name (FQDN) of the forest root domain e.g. corp.example.com", "MaxLength": "25", "MinLength": "2", "Type": "String" }, "DomainMemberSGID": { "Description": "ID of the Domain Member Security Group (e.g., sg-7f16e910)", "Type": "AWS::EC2::SecurityGroup::Id" }, "DomainNetBIOSName": { "AllowedPattern": "[a-zA-Z0-9\\-]+", "Default": "example", "Description": "NetBIOS name of the domain (up to 15 characters) for users of earlier versions of Windows e.g. CORP", "MaxLength": "15", "MinLength": "1", "Type": "String" }, "ELBConfiguration": { "AllowedValues": [ "internal", "external" ], "Default": "external", "Description": "Specify how to configure the Elastic Load Balancer. Allowed values are internal or external", "Type": "String" }, "IncludeOfficeOnlineServer": { "AllowedValues": [ "true", "false" ], "Default": "false", "Description": "To include an Office Online Server in each AZ, set this parameter to true.", "Type": "String" }, "KeyPairName": { "Description": "Public/private key pairs allow you to securely connect to your instance after it launches", "Type": "AWS::EC2::KeyPair::KeyName" }, "LatestAmiId": { "Type": "AWS::SSM::Parameter::Value", "Default": "/aws/service/ami-windows-latest/Windows_Server-2012-R2_RTM-English-64Bit-Base" }, "OOSInstanceType": { "AllowedValues": [ "m4.large", "m4.xlarge" ], "Default": "m4.xlarge", "Description": "Amazon EC2 instance type for the Office Online Servers", "Type": "String" }, "PrivateSubnet1ID": { "Description": "ID of the private subnet in AZ1 (e.g., subnet-a0246dcd)", "Type": "AWS::EC2::Subnet::Id" }, "PrivateSubnet2ID": { "Description": "ID of the private subnet in AZ2 (e.g., subnet-a0246dcd)", "Type": "AWS::EC2::Subnet::Id" }, "PublicSubnet1ID": { "Description": "ID of the public subnet in AZ1 (e.g., subnet-a0246dcd)", "Type": "AWS::EC2::Subnet::Id" }, "PublicSubnet2ID": { "Description": "ID of the public subnet in AZ2 (e.g., subnet-a0246dcd)", "Type": "AWS::EC2::Subnet::Id" }, "QSS3BucketName": { "AllowedPattern": "^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$", "ConstraintDescription": "Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-).", "Default": "aws-quickstart", "Description": "S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-).", "Type": "String" }, "QSS3KeyPrefix": { "AllowedPattern": "^[0-9a-zA-Z-/]*$", "ConstraintDescription": "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", "Default": "quickstart-microsoft-sharepoint/", "Description": "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).", "Type": "String" }, "SPFarmAccount": { "AllowedPattern": "[a-zA-Z0-9]*", "Default": "spfarm", "Description": "User name for the SP Farm account.", "MaxLength": "25", "MinLength": "5", "Type": "String" }, "SPFarmAccountPassword": { "AllowedPattern": "(?=^.{6,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*", "Description": "Password for the SP Farm account. Must be at least 8 characters containing letters, numbers and symbols", "MaxLength": "32", "MinLength": "8", "NoEcho": "true", "Type": "String" }, "SPInstanceType": { "AllowedValues": [ "c4.2xlarge", "c4.4xlarge" ], "ConstraintDescription": "Only Compute Optimized instance types c4.2xlarge, c4.4xlarge allowed", "Default": "c4.2xlarge", "Description": "Amazon EC2 instance type for the SharePoint Web Front-End and App Servers", "Type": "String" }, "SPISOImageURI": { "AllowedPattern": "^(?i)(s3|http|https):\\/\\/.+", "Description": "S3 URI to an S3 bucket containing the SharePoint Server 2016 installation media ISO image file (e.g., s3://sample-bucket/microsoft/sharepoint/installation-media.img). An HTTP/HTTPS URI can also be used (e.g., https://example.com/microsoft/sharepoint/installation-media.img)", "Type": "String" }, "SPKey": { "Default": "NQGJR-63HC8-XCRQH-MYVCH-3J3QR", "Description": "The Product Key for SharePoint 2016. The trial key is provided by default. You can replace with your own key", "Type": "String" }, "SPTopology": { "AllowedValues": [ "traditional", "streamlined" ], "Default": "traditional", "Description": "Specify the topology for the SharePoint farm to be deployed. Allowed values are traditional or streamlined", "Type": "String" }, "SQLServerAccessSecurityGroupID": { "Description": "ID of the SQL Servers Security Group (e.g., sg-7f16e910)", "Type": "AWS::EC2::SecurityGroup::Id" }, "VPCID": { "Description": "ID of the VPC (e.g., vpc-0343606e)", "Type": "AWS::EC2::VPC::Id" }, "VPCCIDR": { "AllowedPattern": "[a-zA-Z0-9]+\\..+", "Default": "10.0.0.0/16", "Description": "CIDR Block used by the VPC", "Type": "String" }, "WSFCNode1NetBIOSName": { "AllowedPattern": "[a-zA-Z0-9]+", "Default": "WSFCNode1", "Description": "NetBIOS name of the first SQL WSFC Node (up to 15 characters)", "MaxLength": "15", "MinLength": "1", "Type": "String" }, "WSFCNode2NetBIOSName": { "AllowedPattern": "[a-zA-Z0-9]+", "Default": "WSFCNode2", "Description": "NetBIOS name of the second SQL WSFC Node (up to 15 characters)", "MaxLength": "15", "MinLength": "1", "Type": "String" } }, "Conditions": { "StreamlinedTopologyCondition": { "Fn::Equals": [ { "Ref": "SPTopology" }, "streamlined" ] }, "IncludeOOSCondition": { "Fn::Equals": [ { "Ref": "IncludeOfficeOnlineServer" }, "true" ] }, "ELBConfigCondition": { "Fn::Equals": [ { "Ref": "ELBConfiguration" }, "internal" ] }, "GovCloudCondition": { "Fn::Equals": [ { "Ref": "AWS::Region" }, "us-gov-west-1" ] } }, "Resources": { "SPAPP1WaitCondition": { "Type": "AWS::CloudFormation::WaitCondition", "DependsOn": "SPAPP1", "Properties": { "Handle": { "Ref": "SPAPP1WaitHandle" }, "Timeout": "3600" } }, "SPAPP1WaitHandle": { "Type": "AWS::CloudFormation::WaitConditionHandle" }, "SPAPP2WaitCondition": { "Type": "AWS::CloudFormation::WaitCondition", "DependsOn": "SPAPP2", "Properties": { "Handle": { "Ref": "SPAPP2WaitHandle" }, "Timeout": "3600" } }, "SPAPP2WaitHandle": { "Type": "AWS::CloudFormation::WaitConditionHandle" }, "SPAPP1": { "Type": "AWS::EC2::Instance", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPAPP1.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPAPP1", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Add-SPFarmLoginToWSFCNode2.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Add-SPFarmLoginToWSFCNode2.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\spfarm_login.sql": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/spfarm_login.sql", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'Application' -CreateFarm", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartWaitHandle -Handle '", { "Ref": "SPAPP1WaitHandle" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPAPP1' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer1PrivateIP" }, ",", { "Ref": "ADServer2PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-create-SPFarmAcct": { "command": { "Fn::Join": [ "", [ "powershell.exe -ExecutionPolicy RemoteSigned -Command ", "\"Invoke-Command -ScriptBlock { New-ADUser ", "-Name '", { "Ref": "SPFarmAccount" }, "' -UserPrincipalName '", { "Ref": "SPFarmAccount" }, "@", { "Ref": "DomainDNSName" }, "' -AccountPassword (ConvertTo-SecureString '", { "Ref": "SPFarmAccountPassword" }, "' -AsPlainText -Force) ", "-Enabled $true ", "-PasswordNeverExpires $true -EA 0 } -ComputerName '", { "Ref": "ADServer1NetBIOSName" }, "' -Credential ", "(New-Object System.Management.Automation.PSCredential('", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "',", "(ConvertTo-SecureString '", { "Ref": "DomainAdminPassword" }, "' -AsPlainText -Force)))", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "c-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "d-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" }, "b-add-spfarm-node2": { "command": { "Fn::Join": [ "", [ "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Add-SPFarmLoginToWSFCNode2.ps1", " -DomainNetBIOSName '", { "Ref": "DomainNetBIOSName" }, "' -SPFarmAccount '", { "Ref": "SPFarmAccount" }, "' -ADServer1NetBIOSName '", { "Ref": "ADServer1NetBIOSName" }, "' -WSFCNode2NetBIOSName '", { "Ref": "WSFCNode2NetBIOSName" }, "' -DomainAdminUser '", { "Ref": "DomainAdminUser" }, "' -DomainAdminPassword '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "c-signal-success": { "command": "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet1ID" }, "Tags": [ { "Key": "Name", "Value": "SPAPP1" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } } }, "SPAPP2": { "Type": "AWS::EC2::Instance", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPAPP2.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPAPP2", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'Application'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartWaitHandle -Handle '", { "Ref": "SPAPP2WaitHandle" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPAPP2' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer2PrivateIP" }, ",", { "Ref": "ADServer1PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" }, "b-signal-success": { "command": "powershell -Command \"Write-AWSQuickStartStatus\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet2ID" }, "Tags": [ { "Key": "Name", "Value": "SPAPP2" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } } }, "SPDCACHE1": { "Type": "AWS::EC2::Instance", "Condition": "StreamlinedTopologyCondition", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPDCACHE1.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPDCACHE1", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'DistributedCache'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPDCACHE1' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPDCACHE1' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer1PrivateIP" }, ",", { "Ref": "ADServer2PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet1ID" }, "Tags": [ { "Key": "Name", "Value": "SPDCACHE1" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPDCACHE2": { "Type": "AWS::EC2::Instance", "Condition": "StreamlinedTopologyCondition", "DependsOn": "SPDCACHE1", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPDCACHE2.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPDCACHE2", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'DistributedCache'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPDCACHE2' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPDCACHE2' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer2PrivateIP" }, ",", { "Ref": "ADServer1PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet2ID" }, "Tags": [ { "Key": "Name", "Value": "SPDCACHE2" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPSEARCH1": { "Type": "AWS::EC2::Instance", "Condition": "StreamlinedTopologyCondition", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPSEARCH1.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPSEARCH1", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'Search'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPSEARCH1' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPSEARCH1' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer1PrivateIP" }, ",", { "Ref": "ADServer2PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet1ID" }, "Tags": [ { "Key": "Name", "Value": "SPSEARCH1" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPSEARCH2": { "Type": "AWS::EC2::Instance", "Condition": "StreamlinedTopologyCondition", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPSEARCH2.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPSEARCH2", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'Search'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPSEARCH2' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPSEARCH2' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer2PrivateIP" }, ",", { "Ref": "ADServer1PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet2ID" }, "Tags": [ { "Key": "Name", "Value": "SPSEARCH2" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPWFE1": { "Type": "AWS::EC2::Instance", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPWFE1.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPWFE1", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'WebFrontEnd'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPWFE1' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPWFE1' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer1PrivateIP" }, ",", { "Ref": "ADServer2PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet1ID" }, "Tags": [ { "Key": "Name", "Value": "SPWFE1" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPWFE2": { "Type": "AWS::EC2::Instance", "DependsOn": "SPAPP1WaitCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installPreReqs", "installSP2016", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.SPWFE2.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r SPWFE2", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Download-File.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Download-File.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Mount-DiskImage.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Mount-DiskImage.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Disable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Disable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Enable-AutoLogon.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Enable-AutoLogon.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016PreReqs.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Install-SP2016.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/Install-SP2016.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\InstallSP2016.bat": { "content": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "\n", "powershell.exe -Command \"C:\\cfn\\scripts\\Install-SP2016.ps1 -SQLServer '", { "Ref": "WSFCNode1NetBIOSName" }, "' -SPFarmAccount '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "SPFarmAccount" }, "' -Password '", { "Ref": "SPFarmAccountPassword" }, "' -Key '", { "Ref": "SPKey" }, "' -ServerRole 'WebFrontEnd'", { "Fn::If": [ "StreamlinedTopologyCondition", " -StreamlinedTopology", "" ] }, "\"\n", "powershell.exe -Command \"Write-AWSQuickStartStatus\"", "\n" ] ] } }, "C:\\cfn\\scripts\\config2016.xml": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}scripts/config2016.xml", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'SPWFE2' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" }, "d-download-media": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Download-File.ps1 -Source '", { "Ref": "SPISOImageURI" }, "' -Destination 'C:\\cfn\\downloads\\sharepoint.img'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'SPWFE2' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer2PrivateIP" }, ",", { "Ref": "ADServer1PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installPreReqs": { "commands": { "a-install-prereqs": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Net-Framework-Features,Web-Server,Web-WebServer,Web-Common-Http,Web-Static-Content,Web-Default-Doc,Web-Dir-Browsing,Web-Http-Errors,Web-App-Dev,Web-Asp-Net,Web-Net-Ext,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Health,Web-Http-Logging,Web-Log-Libraries,Web-Request-Monitor,Web-Http-Tracing,Web-Security,Web-Basic-Auth,Web-Windows-Auth,Web-Filtering,Web-Digest-Auth,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Mgmt-Tools,Web-Mgmt-Console,Web-Mgmt-Compat,Web-Metabase,Application-Server,AS-Web-Support,AS-TCP-Port-Sharing,AS-WAS-Support,AS-HTTP-Activation,AS-TCP-Activation,AS-Named-Pipes,AS-Net-Framework,WAS,WAS-Process-Model,WAS-NET-Environment,WAS-Config-APIs,Web-Lgcy-Scripting,Windows-Identity-Foundation,Server-Media-Foundation,Xps-Viewer -Restart\"", "waitAfterCompletion": "forever" }, "b-mount-media": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Mount-DiskImage.ps1 -ImagePath 'C:\\cfn\\downloads\\sharepoint.img'\"", "waitAfterCompletion": "0" }, "c-install-prerequisiteinstaller": { "command": "powershell.exe -ExecutionPolicy RemoteSigned -Command \"C:\\cfn\\scripts\\Install-SP2016PreReqs.ps1\"", "waitAfterCompletion": "forever" } } }, "installSP2016": { "commands": { "a-enable-autologon-and-set-startup-script": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Enable-AutoLogon.ps1", " -UserName '", { "Ref": "DomainAdminUser" }, "@", { "Ref": "DomainDNSName" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "' -StartupScript 'C:\\cfn\\scripts\\InstallSP2016.bat'", "\"" ] ] }, "waitAfterCompletion": "0" }, "b-reboot": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command Restart-Computer -Force" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-disable-autologon": { "command": "powershell.exe -Command \"C:\\cfn\\scripts\\Disable-AutoLogon.ps1\"", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "SPInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet2ID" }, "Tags": [ { "Key": "Name", "Value": "SPWFE2" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "120", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "SPServersSG" }, { "Ref": "SPFarmSG" }, { "Ref": "DomainMemberSGID" }, { "Ref": "SQLServerAccessSecurityGroupID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "OOS1": { "Type": "AWS::EC2::Instance", "Condition": "IncludeOOSCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installOfficeOnlineServer", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.OOS1.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r OOS1", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'OOS1' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'OOS1' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer1PrivateIP" }, ",", { "Ref": "ADServer2PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installOfficeOnlineServer": { "commands": { "a-install-prereqs": { "command": { "Fn::Join": [ "", [ "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,InkandHandwritingServices,NET-Framework-Features,NET-Framework-Core -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-write-status": { "command": "powershell.exe -Command Write-AWSQuickStartStatus", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "OOSInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet1ID" }, "Tags": [ { "Key": "Name", "Value": "OOS1" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "50", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "OfficeOnlineServerSG" }, { "Ref": "OfficeOnlineServerFarmSG" }, { "Ref": "DomainMemberSGID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "OOS2": { "Type": "AWS::EC2::Instance", "Condition": "IncludeOOSCondition", "Metadata": { "AWS::CloudFormation::Authentication": { "S3AccessCreds": { "type": "S3", "roleName": { "Ref": "SPRole" }, "buckets": [ { "Ref": "QSS3BucketName" } ] } }, "AWS::CloudFormation::Init": { "configSets": { "config": [ "setup", "rename", "join", "installOfficeOnlineServer", "finalize" ] }, "setup": { "files": { "C:\\cfn\\cfn-hup.conf": { "content": { "Fn::Join": [ "", [ "[main]\n", "stack=", { "Ref": "AWS::StackName" }, "\n", "region=", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf": { "content": { "Fn::Join": [ "", [ "[cfn-auto-reloader-hook]\n", "triggers=post.update\n", "path=Resources.OOS2.Metadata.AWS::CloudFormation::Init\n", "action=cfn-init.exe -v -c config -s ", { "Ref": "AWS::StackId" }, " -r OOS2", " --region ", { "Ref": "AWS::Region" }, "\n" ] ] } }, "C:\\cfn\\scripts\\Unzip-Archive.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Unzip-Archive.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\modules\\AWSQuickStart.zip": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/modules/AWSQuickStart.zip", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" }, "C:\\cfn\\scripts\\Join-Domain.ps1": { "source": { "Fn::Sub": [ "https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-microsoft-utilities/scripts/Join-Domain.ps1", { "QSS3Region": { "Fn::If": [ "GovCloudCondition", "s3-us-gov-west-1", "s3" ] } } ] }, "authentication": "S3AccessCreds" } }, "services": { "windows": { "cfn-hup": { "enabled": "true", "ensureRunning": "true", "files": [ "C:\\cfn\\cfn-hup.conf", "C:\\cfn\\hooks.d\\cfn-auto-reloader.conf" ] } } }, "commands": { "a-set-execution-policy": { "command": "powershell.exe -Command \"Set-ExecutionPolicy RemoteSigned -Force\"", "waitAfterCompletion": "0" }, "b-unpack-quickstart-module": { "command": "powershell.exe -Command C:\\cfn\\scripts\\Unzip-Archive.ps1 -Source C:\\cfn\\modules\\AWSQuickStart.zip -Destination C:\\Windows\\system32\\WindowsPowerShell\\v1.0\\Modules\\", "waitAfterCompletion": "0" }, "c-init-quickstart-module": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "New-AWSQuickStartResourceSignal -Stack '", { "Ref": "AWS::StackName" }, "' -Resource 'OOS2' -Region '", { "Ref": "AWS::Region" }, "'\"" ] ] }, "waitAfterCompletion": "0" } } }, "rename": { "commands": { "1-execute-powershell-script-rename-computer": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"Rename-Computer -NewName 'OOS2' -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "join": { "commands": { "a-set-dns-servers": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"", "Get-NetAdapter | Set-DnsClientServerAddress -ServerAddresses ", { "Ref": "ADServer2PrivateIP" }, ",", { "Ref": "ADServer1PrivateIP" }, "\"" ] ] }, "waitAfterCompletion": "30" }, "b-join-domain": { "command": { "Fn::Join": [ "", [ "powershell.exe -Command \"C:\\cfn\\scripts\\Join-Domain.ps1 -DomainName '", { "Ref": "DomainDNSName" }, "' -UserName '", { "Ref": "DomainNetBIOSName" }, "\\", { "Ref": "DomainAdminUser" }, "' -Password '", { "Ref": "DomainAdminPassword" }, "'\"" ] ] }, "waitAfterCompletion": "forever" } } }, "installOfficeOnlineServer": { "commands": { "a-install-prereqs": { "command": { "Fn::Join": [ "", [ "powershell.exe -ExecutionPolicy RemoteSigned -Command \"Install-WindowsFeature Web-Server,Web-Mgmt-Tools,Web-Mgmt-Console,Web-WebServer,Web-Common-Http,Web-Default-Doc,Web-Static-Content,Web-Performance,Web-Stat-Compression,Web-Dyn-Compression,Web-Security,Web-Filtering,Web-Windows-Auth,Web-App-Dev,Web-Net-Ext45,Web-Asp-Net45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Includes,InkandHandwritingServices,NET-Framework-Features,NET-Framework-Core -Restart\"" ] ] }, "waitAfterCompletion": "forever" } } }, "finalize": { "commands": { "a-write-status": { "command": "powershell.exe -Command Write-AWSQuickStartStatus", "waitAfterCompletion": "0" } } } } }, "Properties": { "ImageId": { "Ref": "LatestAmiId" }, "InstanceType": { "Ref": "OOSInstanceType" }, "SubnetId": { "Ref": "PrivateSubnet2ID" }, "Tags": [ { "Key": "Name", "Value": "OOS2" } ], "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "VolumeSize": "50", "VolumeType": "gp2" } } ], "IamInstanceProfile": { "Ref": "SPInstanceProfile" }, "SecurityGroupIds": [ { "Ref": "OfficeOnlineServerSG" }, { "Ref": "OfficeOnlineServerFarmSG" }, { "Ref": "DomainMemberSGID" } ], "KeyName": { "Ref": "KeyPairName" }, "UserData": { "Fn::Base64": { "Fn::Join": [ "", [ "\n" ] ] } } }, "CreationPolicy": { "ResourceSignal": { "Count": "1", "Timeout": "PT75M" } } }, "SPWebFrontEndELB": { "Type": "AWS::ElasticLoadBalancing::LoadBalancer", "DependsOn": [ "SPWFE1", "SPWFE2" ], "Properties": { "Subnets": { "Fn::If": [ "ELBConfigCondition", [ { "Ref": "PrivateSubnet1ID" }, { "Ref": "PrivateSubnet2ID" } ], [ { "Ref": "PublicSubnet1ID" }, { "Ref": "PublicSubnet2ID" } ] ] }, "Scheme": { "Fn::If": [ "ELBConfigCondition", "internal", "internet-facing" ] }, "Instances": [ { "Ref": "SPWFE1" }, { "Ref": "SPWFE2" } ], "Listeners": [ { "LoadBalancerPort": "80", "InstancePort": "80", "Protocol": "TCP" } ], "SecurityGroups": [ { "Ref": "SPWebFrontEndELBSG" } ], "HealthCheck": { "Target": "TCP:80", "HealthyThreshold": "3", "UnhealthyThreshold": "5", "Interval": "10", "Timeout": "5" } } }, "SPWebFrontEndELBSG": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "Security Group for SharePoint ELB", "VpcId": { "Ref": "VPCID" }, "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": "0.0.0.0/0" }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": "0.0.0.0/0" } ] } }, "SPServersSG": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "Security Group for SharePoint Web Front-Ends and Central Admin", "VpcId": { "Ref": "VPCID" }, "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "18473", "ToPort": "18473", "CidrIp": { "Ref": "VPCCIDR" } }, { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": { "Ref": "VPCCIDR" } }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": { "Ref": "VPCCIDR" } } ] } }, "SPFarmSG": { "Type": "AWS::EC2::SecurityGroup", "DependsOn": "SPServersSG", "Properties": { "GroupDescription": "SharePoint Intra-Farm Communication", "VpcId": { "Ref": "VPCID" }, "SecurityGroupIngress": [ { "IpProtocol": "icmp", "FromPort": "-1", "ToPort": "-1", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "445", "ToPort": "445", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "808", "ToPort": "808", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "16500", "ToPort": "16519", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "22233", "ToPort": "22236", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "5985", "ToPort": "5985", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "5986", "ToPort": "5986", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "SourceSecurityGroupId": { "Ref": "SPServersSG" } }, { "IpProtocol": "tcp", "FromPort": "32843", "ToPort": "32846", "SourceSecurityGroupId": { "Ref": "SPServersSG" } } ] } }, "OfficeOnlineServerSG": { "Type": "AWS::EC2::SecurityGroup", "Condition": "IncludeOOSCondition", "Properties": { "GroupDescription": "Security Group for Office Online Servers", "VpcId": { "Ref": "VPCID" }, "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "80", "ToPort": "80", "CidrIp": { "Ref": "VPCCIDR" } }, { "IpProtocol": "tcp", "FromPort": "443", "ToPort": "443", "CidrIp": { "Ref": "VPCCIDR" } } ] } }, "OfficeOnlineServerFarmSG": { "Type": "AWS::EC2::SecurityGroup", "Condition": "IncludeOOSCondition", "Properties": { "GroupDescription": "Office Online Servers Intra-Farm Communication", "VpcId": { "Ref": "VPCID" }, "SecurityGroupIngress": [ { "IpProtocol": "tcp", "FromPort": "809", "ToPort": "809", "SourceSecurityGroupId": { "Ref": "OfficeOnlineServerSG" } } ] } }, "SPRole": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "ec2.amazonaws.com" ] }, "Action": [ "sts:AssumeRole" ] } ] }, "Policies": [ { "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:GetObject" ], "Resource": { "Fn::Sub": [ "arn:${Partition}:s3:::${QSS3BucketName}/${QSS3KeyPrefix}*", { "Partition": { "Fn::If": [ "GovCloudCondition", "aws-us-gov", "aws" ] } } ] }, "Effect": "Allow" } ] }, "PolicyName": "aws-quick-start-s3-policy" }, { "PolicyDocument": { "Version": "2012-10-17", "Statement": [ { "Action": [ "s3:GetObject" ], "Resource": [ "*" ], "Effect": "Allow" } ] }, "PolicyName": "media-download" } ], "ManagedPolicyArns": [ "arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM" ], "Path": "/" } }, "SPInstanceProfile": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ { "Ref": "SPRole" } ] } } }, "Outputs": { "ElasticLoadBalancer": { "Value": { "Fn::GetAtt": [ "SPWebFrontEndELB", "DNSName" ] }, "Description": "Address of the Elastic Load Balancer. After configuring your SharePoint Farm connect to your site using this address" } } }