--- AWSTemplateFormatVersion: '2010-09-09' Description: 'This template is an example of nested Microsoft Quick Starts' Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - KeyPairName - AvailabilityZones - Label: default: Microsoft Active Directory configuration Parameters: - DomainAdminUser - DomainAdminPassword - DomainDNSName - DomainNetBIOSName - Label: default: Microsoft SQL Server configuration Parameters: - SQLServiceAccount - SQLServiceAccountPassword - AvailabiltyGroupName - Label: default: Microsoft SharePoint configuration Parameters: - SPBinaryBucket - SPBinaryKey - SPProductKey - Label: default: Microsoft Exchange configuration Parameters: - ExchangeNode1PrivateIP1 - ExchangeNode1PrivateIP2 - ExchangeNode2PrivateIP1 - ExchangeNode2PrivateIP2 - FileServerPrivateIP - Label: default: Microsoft Remote Desktop Gateway configuration Parameters: - DeployRDGW - NumberOfRDGWHosts - RDGWCIDR - Label: default: S3 Bucket Configuration Parameters: - S3BucketName - S3KeyPrefix ParameterLabels: AvailabiltyGroupName: default: Availability group name AvailabilityZones: default: Availability Zones DeployRDGW: default: Deploy RD Gateway DomainAdminPassword: default: Domain admin password DomainAdminUser: default: Domain admin user name DomainDNSName: default: Domain DNS name DomainNetBIOSName: default: Domain NetBIOS name ExchangeNode1PrivateIP1: default: Exchange Node 1 private IP address 1 ExchangeNode1PrivateIP2: default: Exchange Node 1 private IP address 2 ExchangeNode2PrivateIP1: default: Exchange Node 2 private IP address 1 ExchangeNode2PrivateIP2: default: Exchange Node 2 private IP address 2 FileServerPrivateIP: default: File Server private IP address KeyPairName: default: Key pair mame NumberOfRDGWHosts: default: Number of RD Gateway hosts RDGWCIDR: default: Allowed RD Gateway external access CIDR S3BucketName: default: S3 bucket name S3KeyPrefix: default: S3 key prefix SPBinaryBucket: default: SharePoint binary bucket SPBinaryKey: default: SharePoint binary key SPProductKey: default: SharePoint product key SQLServiceAccount: default: Service account name SQLServiceAccountPassword: default: Service account password Parameters: AvailabiltyGroupName: AllowedPattern: '[a-zA-Z0-9\-]+' Default: "SQLAG1" Description: "NetBIOS name of the SQL database or availability group (up to 15 characters)." MaxLength: '15' MinLength: '1' Type: "String" AvailabilityZones: Description: 'List of Availability Zones to use for the subnets in the VPC. Only two Availability Zones are used for this deployment, and the logical order is preserved.' Type: List DeployRDGW: Description: Deploy Remote Desktop Gateway Type: String AllowedValues: - 'Yes' - 'No' Default: 'Yes' DomainAdminPassword: AllowedPattern: (?=^.{6,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* Description: Password for the domain admin user. Must be at least 8 characters and contain letters, numbers, and symbols. MaxLength: '32' MinLength: '8' NoEcho: 'true' Type: String DomainAdminUser: AllowedPattern: '[a-zA-Z0-9]*' Default: Admin Description: User name for the account that will be added as Domain Administrator. This is separate from the default Administrator account. MaxLength: '25' MinLength: '5' Type: String DomainDNSName: AllowedPattern: '[a-zA-Z0-9\-]+\..+' Default: example.com Description: Fully qualified domain name (FQDN) of the forest root domain. MaxLength: '25' MinLength: '2' Type: String DomainNetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: example Description: NetBIOS name of the domain (up to 15 characters) for users of earlier versions of Windows. MaxLength: '15' MinLength: '1' Type: String ExchangeNode1PrivateIP1: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.110 Description: The primary private IP for Exchange node 1. Type: String ExchangeNode1PrivateIP2: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.111 Description: The secondary private IP for Exchange node 1. Type: String ExchangeNode2PrivateIP1: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.110 Description: The primary private IP for Exchange node 2. Type: String ExchangeNode2PrivateIP2: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.111 Description: The secondary private IP for Exchange node 2. Type: String FileServerPrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.210 Description: The primary private IP for the file-share witness server. Type: String KeyPairName: Description: Public/private key pair that allows you to securely connect to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName NumberOfRDGWHosts: AllowedValues: - '1' - '2' - '3' - '4' Default: '1' Description: The number of RD Gateway hosts to create (up to four). Type: String RDGWCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: Allowed CIDR block for external access to the RD Gateway hosts. Type: String S3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: S3 bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Description: S3 bucket name for the assets. S3 bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String S3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Description: S3 key prefix for the assets. S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String SPBinaryBucket: Type: String MinLength: 2 MaxLength: 255 SPBinaryKey: Type: String MinLength: 2 MaxLength: 255 SPProductKey: Type: String Description: The product key to use with SharePoint. MinLength: 29 MaxLength: 29 Default: M692G-8N2JP-GG8B2-2W2P7-YY7J6 # Default SharePoint 2019 Enterprise Trial Key SQLServiceAccount: AllowedPattern: '[a-zA-Z0-9]*' Default: sqlsa Description: User name for the SQL Server service account. This account is a Domain User. MaxLength: '25' MinLength: '5' Type: String SQLServiceAccountPassword: AllowedPattern: (?=^.{6,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* Description: Password for the SQL Server service account. Must be at least 8 characters and contain letters, numbers, and symbols. MaxLength: '32' MinLength: '8' NoEcho: 'true' Type: String Conditions: CreateRDGW: !Equals [!Ref DeployRDGW, 'Yes'] Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml Parameters: AvailabilityZones: !Join - ',' - !Ref 'AvailabilityZones' NumberOfAZs: '2' ADStack: Type: AWS::CloudFormation::Stack DependsOn: VPCStack Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-microsoft-activedirectory/templates/ad-1.template Parameters: DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' QSS3BucketName: !Ref 'S3BucketName' QSS3KeyPrefix: !Sub '${S3KeyPrefix}submodules/quickstart-microsoft-activedirectory/' VPCCIDR: !GetAtt 'VPCStack.Outputs.VPCCIDR' SQLStack: Type: AWS::CloudFormation::Stack DependsOn: ADStack Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-microsoft-sql/templates/sql.template Parameters: ADScenarioType: Microsoft AD on Amazon EC2 DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainMemberSGID: !GetAtt 'ADStack.Outputs.DomainMemberSGID' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' SQLServiceAccount: !Ref 'SQLServiceAccount' SQLServiceAccountPassword: !Ref 'SQLServiceAccountPassword' AvailabiltyGroupName: !Ref 'AvailabiltyGroupName' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' QSS3BucketName: !Ref 'S3BucketName' QSS3KeyPrefix: !Sub '${S3KeyPrefix}submodules/quickstart-microsoft-sql/' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' SharePointFarmStack: Type: AWS::CloudFormation::Stack DependsOn: SQLStack Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-microsoft-sharepoint/templates/sharepoint-farm.yaml Parameters: ADAdminPassword: !Ref 'DomainAdminPassword' ADAdminUserName: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainNetBIOSName: !Ref 'DomainNetBIOSName' ADMemberSecurityGroup: !GetAtt 'ADStack.Outputs.DomainMemberSGID' KeyPairName: !Ref 'KeyPairName' Subnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' Subnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' SPProductKey: !Ref 'SPProductKey' SQLServerAccessSecurityGroup: !GetAtt 'SQLStack.Outputs.SQLServerAccessSecurityGroupID' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' VPCCIDR: !GetAtt 'VPCStack.Outputs.VPCCIDR' SPBinaryBucket: !Ref 'SPBinaryBucket' SPBinaryKey: !Ref 'SPBinaryKey' SQLAdminUserName: !Ref 'SQLServiceAccount' SQLAdminPassword: !Ref 'SQLServiceAccountPassword' SPDatabaseName: !Ref 'AvailabiltyGroupName' ExchangeStack: Type: AWS::CloudFormation::Stack DependsOn: ADStack Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-microsoft-exchange/templates/exchange.template Parameters: DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainMemberSGID: !GetAtt 'ADStack.Outputs.DomainMemberSGID' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' PublicSubnet1ID: !GetAtt 'VPCStack.Outputs.PublicSubnet1ID' PublicSubnet2ID: !GetAtt 'VPCStack.Outputs.PublicSubnet2ID' ExchangeNode1PrivateIP1: !Ref 'ExchangeNode1PrivateIP1' ExchangeNode1PrivateIP2: !Ref 'ExchangeNode1PrivateIP2' ExchangeNode2PrivateIP1: !Ref 'ExchangeNode2PrivateIP1' ExchangeNode2PrivateIP2: !Ref 'ExchangeNode2PrivateIP2' FileServerPrivateIP: !Ref 'FileServerPrivateIP' QSS3BucketName: !Ref 'S3BucketName' QSS3KeyPrefix: !Sub '${S3KeyPrefix}submodules/quickstart-microsoft-exchange/' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' VPCCidrBlock: !GetAtt 'VPCStack.Outputs.VPCCIDR' RDGWStack: Type: AWS::CloudFormation::Stack DependsOn: ADStack Condition: CreateRDGW Properties: TemplateURL: !Sub https://${S3BucketName}.s3.amazonaws.com/${S3KeyPrefix}submodules/quickstart-microsoft-rdgateway/templates/rdgw-standalone.template Parameters: AdminPassword: !Ref 'DomainAdminPassword' AdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' KeyPairName: !Ref 'KeyPairName' NumberOfRDGWHosts: !Ref 'NumberOfRDGWHosts' PublicSubnet1ID: !GetAtt 'VPCStack.Outputs.PublicSubnet1ID' PublicSubnet2ID: !GetAtt 'VPCStack.Outputs.PublicSubnet2ID' QSS3BucketName: !Ref 'S3BucketName' QSS3KeyPrefix: !Sub '${S3KeyPrefix}submodules/quickstart-microsoft-rdgateway/' RDGWCIDR: !Ref 'RDGWCIDR' VPCID: !GetAtt 'VPCStack.Outputs.VPCID'