--- AWSTemplateFormatVersion: 2010-09-09 Description: "Atlassian Bitbucket Data Center in new VPC License: Apache 2.0 (qs-1qup6r9tq)" Metadata: QSLint: Exclusions: [E9101, EIAMPolicyWildcardResource, ERDSDBInstancePubliclyAccessible] QuickStartDocumentation: EntrypointName: "Launch into a new VPC" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Bitbucket setup Parameters: - BitbucketVersion - Label: default: Cluster nodes Parameters: - CloudWatchIntegration - ClusterNodeInstanceType - ClusterNodeMax - ClusterNodeMin - ClusterNodeVolumeSize - DeploymentAutomationRepository - DeploymentAutomationBranch - DeploymentAutomationPlaybook - DeploymentAutomationCustomParams - DeploymentAutomationKeyName - Label: default: File server Parameters: - FileServerInstanceType - HomeSize - HomeVolumeType - HomeIops - Label: default: Database Parameters: - DBEngine - DBEngineVersion - DBInstanceClass - DBIops - DBMasterUserPassword - DBMultiAZ - DBPassword - DBStorage - DBStorageType - Label: default: Bastion host provisioning Parameters: - BastionHostRequired - KeyPairName - Label: default: Elasticsearch Parameters: - ElasticSearchPassword - ElasticsearchInstanceType - ElasticsearchNodeVolumeSize - Label: default: Networking Parameters: - AccessCIDR - InternetFacingLoadBalancer - CustomDnsName - SSLCertificateARN - VPCCIDR - AvailabilityZones - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - Label: default: Advanced (Optional) Parameters: - BitbucketProperties - JvmHeapOverride - JvmSupportOpts - CreateBucket - DBMaster - DBSnapshotId - ESBucketName - HomeVolumeSnapshotId - HomeDeleteOnTermination - BitbucketLicenseKey - BitbucketAdminPassword - BitbucketDatasetURL - Label: default: AWS Quick Start Configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - ExportPrefix ParameterLabels: BitbucketProperties: default: Bitbucket properties BitbucketVersion: default: Version * BitbucketLicenseKey: default: License Key for Bitbucket (if you have one) BitbucketAdminPassword: default: Password for the administrator account BitbucketDatasetURL: default: HTTP/HTTPS URL to download the Bitbucket Dataset JvmHeapOverride: default: JVM Heap Size Override JvmSupportOpts: default: Additional JVM options AccessCIDR: default: Trusted IP range * ClusterNodeMax: default: Maximum number of cluster nodes ClusterNodeMin: default: Minimum number of cluster nodes ClusterNodeInstanceType: default: Bitbucket cluster node instance type ClusterNodeVolumeSize: default: Cluster node instance volume size CreateBucket: default: Create S3 bucket for Elasticsearch snapshots DBEngine: default: The database engine to deploy with DBEngineVersion: default: The database engine version to use DBInstanceClass: default: Database instance class DBIops: default: RDS Provisioned IOPS DBMasterUserPassword: default: Master password * DBMaster: default: Bitbucket primary database DBMultiAZ: default: Enable RDS Multi-AZ deployment DBPassword: default: Bitbucket database password * DBStorage: default: Database storage DBStorageType: default: Database storage type DBSnapshotId: default: Database snapshot ID to restore DeploymentAutomationRepository: default: Deployment Automation Git Repository URL DeploymentAutomationBranch: default: Deployment Automation Branch DeploymentAutomationPlaybook: default: Ansible playbook to invoke during instance initialization DeploymentAutomationCustomParams: default: Custom command-line parameters for Ansible DeploymentAutomationKeyName: default: SSH key name to use with the repository CloudWatchIntegration: default: Enable CloudWatch integration ElasticSearchPassword: default: Elasticsearch master user password * ElasticsearchInstanceType: default: Elasticsearch instance type ElasticsearchNodeVolumeSize: default: Elasticsearch disk space per node (GB) ESBucketName: default: Elasticsearch snapshot S3 bucket name ExportPrefix: default: ASI Exported Prefix FileServerInstanceType: default: File server instance type HomeDeleteOnTermination: default: Delete Home on termination HomeIops: default: Home directory IOPS HomeSize: default: Home directory size HomeVolumeSnapshotId: default: Home volume snapshot ID to restore HomeVolumeType: default: Home directory volume type InternetFacingLoadBalancer: default: Make instance internet facing BastionHostRequired: default: Deploy Bastion host KeyPairName: default: SSH Key Pair Name CustomDnsName: default: Existing DNS name SSLCertificateARN: default: SSL Certificate ARN QSS3BucketName: default: Quick Start S3 Bucket Name QSS3KeyPrefix: default: Quick Start S3 Key Prefix AvailabilityZones: default: Availability Zones VPCCIDR: default: IP address block for the VPC PrivateSubnet1CIDR: default: AZ1 private IP address block PrivateSubnet2CIDR: default: AZ2 private IP address block PublicSubnet1CIDR: default: AZ1 public IP address block PublicSubnet2CIDR: default: AZ2 public IP address block Parameters: BitbucketProperties: Default: '' Description: A space-separated list of bitbucket properties in the form 'key1=value1 key2=value2 ...' Find documentation at https://confluence.atlassian.com/x/m5ZKLg. Type: String BitbucketVersion: Default: "7.17.1" AllowedPattern: '([^1234]\.\d+\.\d+(-?.*))' ConstraintDescription: 'Must be a valid Bitbucket version number. For example: 5.0.0 or higher' Description: 'Version of Bitbucket to install. Please use version 5.0.0 or higher. Find valid versions at http://go.atlassian.com/bbs-releases.' Type: String BitbucketLicenseKey: Default: '' Description: Provide a license key for Bitbucket Data Center if you have one. NoEcho: true Type: String BitbucketAdminPassword: AllowedPattern: '((?=^.{0,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*)|(^$)' ConstraintDescription: Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, 1 (non / @ " ') symbol Description: (Optional) Password for the Bitbucket administrator ('admin') account. MaxLength: 128 NoEcho: true Type: String BitbucketDatasetURL: Default: '' Description: Provide the HTTP/HTTPS URL for the dataset to restore. Type: String JvmHeapOverride: Default: '' Description: Override the default amount of memory to allocate to the JVM for your instance type - set size in meg or gig e.g. 1024m or 1g. Type: String JvmSupportOpts: Default: '' Description: Pass in any additional JVM options to tune the Bitbucket instance. Type: String AccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x. Description: CIDR block allowed to access the Atlassian product. This should be set to a trusted IP range; if you want to give public access use '0.0.0.0/0'. MinLength: 9 MaxLength: 18 Type: String ClusterNodeInstanceType: Default: c5.xlarge AllowedValues: - c4.large - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - c5.large - c5.xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.18xlarge - c5d.large - c5d.xlarge - c5d.2xlarge - c5d.4xlarge - c5d.9xlarge - c5d.18xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - h1.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - i3.metal - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - m4.16xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5.12xlarge - m5.24xlarge - m5d.large - m5d.xlarge - m5d.2xlarge - m5d.4xlarge - m5d.12xlarge - m5d.24xlarge - r4.large - r4.xlarge - r4.2xlarge - r4.4xlarge - r4.8xlarge - r4.16xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.12xlarge - r5.24xlarge - r5d.large - r5d.xlarge - r5d.2xlarge - r5d.4xlarge - r5d.12xlarge - r5d.24xlarge - t2.medium - t2.large - t2.xlarge - t2.2xlarge - t3.medium - t3.large - t3.xlarge - t3.2xlarge - x1.16xlarge - x1.32xlarge - x1e.xlarge - x1e.2xlarge - x1e.4xlarge - x1e.8xlarge - x1e.16xlarge - x1e.32xlarge - z1d.large - z1d.xlarge - z1d.2xlarge - z1d.3xlarge - z1d.6xlarge - z1d.12xlarge ConstraintDescription: Must be an EC2 instance type from the selection list Description: 'Instance type for the cluster application nodes. See https://confluence.atlassian.com/x/GpdKLg for guidance.' Type: String ClusterNodeMax: Description: Maximum number of nodes in the cluster. Default: 2 Type: Number ClusterNodeMin: Default: 1 Description: Set to 1 for new deployment. Can be updated post launch. Type: Number ClusterNodeVolumeSize: Default: 50 Description: Size of cluster node root volume in Gb. Type: Number CreateBucket: Default: "true" AllowedValues: ["true", "false"] ConstraintDescription: Must be 'true' or 'false'. Description: Set to true to create the S3 bucket within this stack, must be used in conjunction with ESBucketName. Type: String DeploymentAutomationRepository: Default: 'https://bitbucket.org/atlassian/dc-deployments-automation.git' Type: String Description: The deployment automation repository to use for per-node initialization. Leave this as default unless you have customizations. DeploymentAutomationBranch: Default: "master" Type: String Description: The deployment automation repository branch to pull from. DeploymentAutomationPlaybook: Default: "aws_bitbucket_dc_node.yml" Type: String Description: The Ansible playbook to invoke to initialize the application node on first start. DeploymentAutomationCustomParams: Default: "" Type: String Description: Additional command-line options for the `ansible-playbook` command. See https://bitbucket.org/atlassian/dc-deployments-automation/src/master/README.md for more information about overriding parameters. (Optional) DeploymentAutomationKeyName: Default: "" Type: String Description: Named Key Pair name to use with this repository. The key should be imported into the SSM parameter store. (Optional) CloudWatchIntegration: Default: "Metrics and Logs" Type: String Description: "Enables CloudWatch metrics with or without log gathering. If cost is an issue, you can disable this altogether." AllowedValues: ["Off", "Metrics Only", "Metrics and Logs"] ConstraintDescription: "Must be 'Off', 'Metrics Only', or 'Metrics and Logs'" DBEngine: Default: 'PostgreSQL' Description: 'Database Engine to use. PostgreSQL or Amazon Aurora PostgreSQL.' AllowedValues: - 'Amazon Aurora PostgreSQL' - 'PostgreSQL' ConstraintDescription: Must be 'Amazon Aurora PostgreSQL' or 'PostgreSQL'. Type: String DBEngineVersion: Default: 12 AllowedValues: - 12 - 11 - 10 Description: "The database engine version to use; we'll install a suitable minor version for your chosen engine. Make sure that the Bitbucket version you're installing supports the database engine selected." Type: String DBInstanceClass: Default: db.m4.large AllowedValues: - db.m4.large - db.m4.xlarge - db.m4.2xlarge - db.m4.4xlarge - db.m4.10xlarge - db.m4.16xlarge - db.r4.large - db.r4.xlarge - db.r4.2xlarge - db.r4.4xlarge - db.r4.8xlarge - db.r4.16xlarge - db.r5.large - db.r5.xlarge - db.r5.2xlarge - db.r5.4xlarge - db.r5.12xlarge - db.r5.24xlarge - db.t2.medium - db.t2.large - db.t2.xlarge - db.t2.2xlarge - db.t3.medium - db.t3.large - db.t3.xlarge - db.t3.2xlarge ConstraintDescription: Must be a valid RDS instance class from the list Description: RDS instance type (only r4 and r5 families are supported for Aurora). Type: String DBIops: Default: 1000 ConstraintDescription: Must be in the range 1000 - 30000. Description: 'Must be in the range of 1000 - 30000 and a multiple of 1000. This value is only used with Provisioned IOPS. Note: The ratio of IOPS per allocated-storage must be between 3.00 and 10.00. Not valid for Aurora.' MinValue: 1000 MaxValue: 30000 Type: Number DBMasterUserPassword: AllowedPattern: >- ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9])(?!.*[@/"']).*$ ConstraintDescription: >- Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % & Description: "Password for the master ('postgres') account. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % &" NoEcho: True MaxLength: 128 MinLength: 8 Type: String DBMultiAZ: Description: Whether to provision a multi-AZ RDS instance. Default: "true" AllowedValues: - "true" - "false" ConstraintDescription: Must be 'true' or 'false'. Type: String DBPassword: AllowedPattern: '(?=^.{6,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*' ConstraintDescription: 'Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &' Description: "Database password used by BitBucket. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &" MaxLength: 128 NoEcho: true Type: String DBMaster: Default: '' ConstraintDescription: Must be a valid RDS ARN. Description: Database ARN of the RDS instance to replicate. Setting this parameter will bring up Bitbucket as a Disaster recovery standby, with an RDS read replica database. Not valid for Aurora. Type: String DBSnapshotId: Default: '' ConstraintDescription: Must be a valid RDS snapshot ID, or blank. Description: RDS snapshot ID of an existing backup to restore. Must be used in conjunction with HomeVolumeSnapshotId. Leave blank for a new instance. Not valid for Aurora. Type: String DBStorage: Default: 100 Description: Database allocated storage size, in gigabytes (GB). If you choose Provisioned IOPS, storage should be between 100 and 6144. Not used for Aurora. MinValue: 5 MaxValue: 6144 Type: Number DBStorageType: Default: General Purpose (SSD) AllowedValues: - General Purpose (SSD) - Provisioned IOPS ConstraintDescription: Must be 'General Purpose (SSD)' or 'Provisioned IOPS'. Description: Database storage type. Type: String ElasticSearchPassword: Description: "Password for the elasticsearch master user, the username will be 'bitbucket'. If no password is specified, Bitbucket will authenticate with the elasticsearch cluster using IAM request signing (not recommended)." Type: String NoEcho: True ElasticsearchInstanceType: Description: EC2 instance type for the Amazon Elasticsearch service to run on. Type: String Default: m4.xlarge.elasticsearch AllowedValues: - m4.large.elasticsearch - m4.xlarge.elasticsearch - m4.2xlarge.elasticsearch - r4.large.elasticsearch - r4.xlarge.elasticsearch - r4.2xlarge.elasticsearch - r4.4xlarge.elasticsearch - r4.8xlarge.elasticsearch - i2.xlarge.elasticsearch - i2.2xlarge.elasticsearch ConstraintDescription: Must be an Elasticsearch instance type in the M4, R4 or I2 family ElasticsearchNodeVolumeSize: Description: The EBS volume size (in GB) of each Elasticsearch node. Type: Number Default: 100 MinValue: 100 ESBucketName: Default: '' AllowedPattern: '[a-z0-9-]*' ConstraintDescription: Must contain only lowercase letters, numbers and hyphens (-). Description: Name of a new, or existing, S3 bucket configured for Elasticsearch snapshots. Type: String ExportPrefix: Default: 'ATL-' Description: Each Atlassian Standard Infrastructure (ASI) uses a unique identifier. If you have multiple ASIs within the same AWS region, use this field to specify where to deploy Bitbucket. Type: String FileServerInstanceType: Default: m4.xlarge AllowedValues: - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - m4.16xlarge - x1.32xlarge ConstraintDescription: Must be an EC2 instance type in the C4, M4, or X1 family, 'xlarge' or larger. Description: Instance type for the file server hosting the Bitbucket shared home directory. See https://confluence.atlassian.com/x/GpdKLg for guidance. Type: String HomeDeleteOnTermination: Default: "true" AllowedValues: ["true", "false"] ConstraintDescription: Must be 'true' or 'false'. Description: Delete Bitbucket home directory volume when the file server instance is terminated. You must back up your data before terminating your file server instance if this option is set to 'true'. Type: String HomeIops: Default: 1000 Description: 'Home directory IOPS (100 - 20000, only used with Provisioned IOPS). Note: The ratio of IOPS provisioned to the volume size requested can be a maximum of 50; for example, a volume with 5000 IOPS must be at least 100 GiB.' Type: Number MinValue: 100 MaxValue: 20000 ConstraintDescription: Must be in the range 100 - 20000. HomeSize: Default: 100 Description: Home directory storage size, in gigabytes (GB) (100 - 16384). ConstraintDescription: Must be in the range 100 - 16384. MinValue: 100 MaxValue: 16384 Type: Number HomeVolumeSnapshotId: Default: '' ConstraintDescription: Must be a valid EBS snapshot ID Description: EBS snapshot ID of an existing backup to restore as the home directory volume. Must be used in conjunction with DBSnapshotId. Leave blank for a new instance. Type: String HomeVolumeType: Default: Provisioned IOPS Description: Bitbucket home storage type. AllowedValues: [General Purpose (SSD), Provisioned IOPS] ConstraintDescription: Must be 'General Purpose (SSD)' or 'Provisioned IOPS'. Type: String InternetFacingLoadBalancer: Default: "true" AllowedValues: ["true", "false"] ConstraintDescription: Must be 'true' or 'false'. Description: Controls whether the load balancer should be visible to the internet (true) or only within the VPC (false). Type: String BastionHostRequired: Default: "true" AllowedValues: - "true" - "false" Description: Whether to provision a Bastion host instance. If 'true', then you need to provide an EC2 Key Pair (otherwise, you won't be able to use the Bastion host to access BitBucket instances). Type: String KeyPairName: ConstraintDescription: Must be the name of an existing EC2 Key Pair. Note the supplied value must not include the file extension. Description: Public/private EC2 Key Pairs (without file extension) to allow you to securely access the Bastion host. Type: String Default: '' CustomDnsName: Default: "" Description: 'Use custom existing DNS name for your Data Center instance. Please note: you must own the domain and configure it to point at the load balancer.' Type: String SSLCertificateARN: Default: '' Description: "Amazon Resource Name (ARN) of your SSL certificate. If you want to use your own certificate that you generated outside of Amazon, you need to first import it to AWS Certificate Manager. After a successful import, you'll receive the ARN. If you want to create a certificate with AWS Certificate Manager (ACM certificate), you will receive the ARN after it's successfully created." MinLength: 0 MaxLength: 90 Type: String QSS3BucketName: Default: 'aws-quickstart' AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3KeyPrefix: Default: 'quickstart-atlassian-bitbucket/' AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String AvailabilityZones: Description: 'List of Availability Zones to use for the subnets in the VPC. Note: The logical order is preserved and only 2 AZs are used for this deployment.' Type: List PrivateSubnet1CIDR: Default: 10.0.0.0/19 AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: CIDR block for private subnet 1 located in Availability Zone 1. Type: String PrivateSubnet2CIDR: Default: 10.0.32.0/19 AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: CIDR block for private subnet 2 located in Availability Zone 2. Type: String PublicSubnet1CIDR: Default: 10.0.128.0/20 AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: CIDR Block for the public DMZ subnet 1 located in Availability Zone 1. Type: String PublicSubnet2CIDR: Default: 10.0.144.0/20 AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: CIDR Block for the public DMZ subnet 2 located in Availability Zone 2. Type: String VPCCIDR: Default: 10.0.0.0/16 AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: CIDR Block for the VPC. Type: String Conditions: GovCloudCondition: !Equals - !Ref 'AWS::Region' - us-gov-west-1 KeyProvided: !Not [!Equals [!Ref KeyPairName, '']] ProvisionBastion: !And - !Equals [!Ref BastionHostRequired, true] - !Condition KeyProvided Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-atlassian-services/templates/quickstart-vpc-for-atlassian-services.yaml - QSS3Region: !If - GovCloudCondition - s3-us-gov-west-1 - s3 Parameters: AccessCIDR: !Ref 'AccessCIDR' AvailabilityZones: !Join - ',' - !Ref 'AvailabilityZones' ExportPrefix: !Ref ExportPrefix KeyPairName: !Ref 'KeyPairName' PrivateSubnet1CIDR: !Ref 'PrivateSubnet1CIDR' PrivateSubnet2CIDR: !Ref 'PrivateSubnet2CIDR' PublicSubnet1CIDR: !Ref 'PublicSubnet1CIDR' PublicSubnet2CIDR: !Ref 'PublicSubnet2CIDR' VPCCIDR: !Ref 'VPCCIDR' BastionHostRequired: !Ref 'BastionHostRequired' BitbucketDCStack: DependsOn: VPCStack Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}templates/quickstart-bitbucket-dc.template.yaml - QSS3Region: !If - GovCloudCondition - s3-us-gov-west-1 - s3 Parameters: InternetFacingLoadBalancer: !Ref 'InternetFacingLoadBalancer' BitbucketProperties: !Ref 'BitbucketProperties' BitbucketVersion: !Ref 'BitbucketVersion' BitbucketLicenseKey: !Ref 'BitbucketLicenseKey' BitbucketAdminPassword: !Ref 'BitbucketAdminPassword' BitbucketDatasetURL: !Ref 'BitbucketDatasetURL' CidrBlock: !Ref 'AccessCIDR' CloudWatchIntegration: !Ref 'CloudWatchIntegration' ClusterNodeInstanceType: !Ref 'ClusterNodeInstanceType' ClusterNodeMax: !Ref 'ClusterNodeMax' ClusterNodeMin: !Ref 'ClusterNodeMin' ClusterNodeVolumeSize: !Ref 'ClusterNodeVolumeSize' CreateBucket: !Ref 'CreateBucket' CustomDnsName: !Ref 'CustomDnsName' DBInstanceClass: !Ref 'DBInstanceClass' DBIops: !Ref 'DBIops' DBMasterUserPassword: !Ref 'DBMasterUserPassword' DBMultiAZ: !Ref 'DBMultiAZ' DBPassword: !Ref 'DBPassword' DBEngine: !Ref 'DBEngine' DBEngineVersion: !Ref 'DBEngineVersion' DBMaster: !Ref 'DBMaster' DBSnapshotId: !Ref 'DBSnapshotId' DBStorage: !Ref 'DBStorage' DBStorageType: !Ref 'DBStorageType' DeploymentAutomationRepository: !Ref 'DeploymentAutomationRepository' DeploymentAutomationBranch: !Ref 'DeploymentAutomationBranch' DeploymentAutomationPlaybook: !Ref 'DeploymentAutomationPlaybook' DeploymentAutomationKeyName: !Ref 'DeploymentAutomationKeyName' DeploymentAutomationCustomParams: !Ref 'DeploymentAutomationCustomParams' ExportPrefix: !Ref ExportPrefix ElasticSearchPassword: !Ref ElasticSearchPassword ElasticsearchInstanceType: !Ref 'ElasticsearchInstanceType' ElasticsearchNodeVolumeSize: !Ref 'ElasticsearchNodeVolumeSize' ESBucketName: !Ref 'ESBucketName' FileServerInstanceType: !Ref 'FileServerInstanceType' HomeDeleteOnTermination: !Ref 'HomeDeleteOnTermination' HomeIops: !Ref 'HomeIops' HomeSize: !Ref 'HomeSize' HomeVolumeSnapshotId: !Ref 'HomeVolumeSnapshotId' HomeVolumeType: !Ref 'HomeVolumeType' JvmHeapOverride: !Ref 'JvmHeapOverride' JvmSupportOpts: !Ref 'JvmSupportOpts' KeyPairName: !Ref 'KeyPairName' SSLCertificateARN: !Ref 'SSLCertificateARN' BastionHostRequired: !Ref 'BastionHostRequired' Outputs: ClusterNodeGroup: Description: The name of the auto scaling group of cluster nodes Value: !GetAtt 'BitbucketDCStack.Outputs.ClusterNodeGroup' DBEndpointAddress: Description: The Database Connection String Value: !GetAtt 'BitbucketDCStack.Outputs.DBEndpointAddress' DBMaster: Description: The RDS ARN to use when creating a Data Center standby stack Value: !GetAtt 'BitbucketDCStack.Outputs.DBMaster' ServiceURL: Description: The URL of the Bitbucket Data Center instance Value: !GetAtt 'BitbucketDCStack.Outputs.ServiceURL' SGname: Description: The name of the SecurityGroup Value: !GetAtt 'BitbucketDCStack.Outputs.SGname' BastionPubIp: Condition: ProvisionBastion Description: The Public IP to ssh to the Bastion Value: !GetAtt 'VPCStack.Outputs.BastionPubIp'