AWSTemplateFormatVersion: '2010-09-09' Description: This template deploys Autodesk Forge in an ASG behind an ALB load balancer in two private subnets. **WARNING** This template creates EC2 instances and related resources. You will be billed for the AWS resources used if you create a stack from this template. (qs-1oqea6241) Metadata: cfn-lint: config: ignore_checks: - W9006 # temporary to get rid of warnings AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - VPCID - PrivateSubnet1ID - PrivateSubnet2ID - PublicSubnet1ID - PublicSubnet2ID - RemoteAccessCIDR - Label: default: Security configuration Parameters: - KeyPairName - BastionSecurityGroupID - Label: default: Autodesk Forge nodes configuration Parameters: - ForgeNodeInstanceType - ForgeNodesMinSize - ForgeNodesMaxSize - ForgeNodesDesiredCapacity - OperatorEmail - Label: default: Autodesk Forge application runtime configuration Parameters: - ForgeApplicationRuntime - ForgeAppName - Label: default: Autodesk Forge credentials Parameters: - ForgeClientId - ForgeClientSecret - Label: default: '[Optional] Forge site domain configuration' Parameters: - ForgeSiteDomain - ALBSSLCertificateARN - Route53HostedZoneId - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: BastionSecurityGroupID: default: Bastion security group ID KeyPairName: default: Key pair name OperatorEmail: default: Operator email ForgeApplicationRuntime: default: Forge application runtime ForgeAppName: default: Forge application name ForgeClientId: default: Forge client ID ForgeClientSecret: default: Forge client secret PrivateSubnet1ID: default: Private subnet 1 ID PrivateSubnet2ID: default: Private subnet 2 ID PublicSubnet1ID: default: Public subnet 1 ID PublicSubnet2ID: default: Public subnet 2 ID QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket region QSS3KeyPrefix: default: Quick Start S3 key prefix RemoteAccessCIDR: default: Allowed external access CIDR VPCID: default: VPC ID ForgeNodeInstanceType: default: Forge nodes instance type ForgeNodesDesiredCapacity: default: Forge nodes desired capacity ForgeNodesMaxSize: default: Forge nodes max size ForgeNodesMinSize: default: Forge nodes min size ForgeSiteDomain: default: Forge site domain ALBSSLCertificateARN: default: ALB SSL certificate ARN Route53HostedZoneId: default: Route 53 hosted zone ID Parameters: ALBSSLCertificateARN: Default: '' Description: '[Optional] The ARN of the SSL certificate to be used for the Application Load Balancer.' Type: String BastionSecurityGroupID: Description: ID of the bastion host security group to enable SSH connections (e.g., sg-7f16e910). Empty value indicates bastion security group is not used. Default: "" Type: String KeyPairName: Description: The name of an existing public/private key pair, which allows you to securely connect to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName OperatorEmail: AllowedPattern: ([a-zA-Z0-9_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?) ConstraintDescription: Must be a valid email address. Description: Email address that notifications of any scaling operations will be sent to. Type: String ForgeApplicationRuntime: AllowedValues: - Node.js - .NET Core Default: Node.js Description: The runtime environment of the Autodesk Forge application. Type: String ForgeClientId: ConstraintDescription: Input your Forge Client ID Description: Client ID of your Forge application. You can obtain it on the Forge Developer Platform at https://developer.autodesk.com/myapps. NoEcho: 'True' Type: String ForgeClientSecret: ConstraintDescription: Input your Forge Client Secret Description: Client Secret of your Forge application. You can obtain it on the Forge Developer Platform at https://developer.autodesk.com/myapps. NoEcho: 'True' Type: String PrivateSubnet1ID: Description: The ID of the private subnet in Availability Zone 1 in your existing VPC (e.g., subnet-a0246dcd). Type: AWS::EC2::Subnet::Id PrivateSubnet2ID: Description: The ID of the private subnet in Availability Zone 2 in your existing VPC (e.g., subnet-b58c3d67). Type: AWS::EC2::Subnet::Id PublicSubnet1ID: Description: The ID of the public subnet 1 in Availability Zone 1 in your existing VPC (e.g., subnet-9bc642ac) Type: AWS::EC2::Subnet::Id PublicSubnet2ID: Description: The ID of the public subnet 1 in Availability Zone 2 in your existing VPC (e.g., subnet-e3246d8e) Type: AWS::EC2::Subnet::Id QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3BucketRegion: Default: us-east-1 Description: The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value. Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: quickstart-autodesk-forge/ Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String RemoteAccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: The CIDR IP range that is permitted to access the bastions and Forge web application. We recommend that you set this value to a trusted IP range. Type: String Route53HostedZoneId: Description: '[Optional] Route53 Hosted Zone ID where DNS record for Forge Site Domain will be added.' Type: String Default: '' VPCID: Description: The ID of your existing VPC (e.g., vpc-0343606e). Type: AWS::EC2::VPC::Id ForgeNodeInstanceType: AllowedValues: - t2.nano - t2.micro - t2.small - t2.medium - t2.large - t2.xlarge - t2.2xlarge - t3.nano - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge ConstraintDescription: Must contain valid instance type Default: t2.large Description: Amazon EC2 instance type for the Autodesk Forge instances. Type: String ForgeNodesDesiredCapacity: Default: '2' Description: The desired capacity for Forge nodes in the Auto Scaling group. Type: String ForgeNodesMaxSize: Default: '4' Description: The maximum number of Forge nodes in the Auto Scaling group. Type: String ForgeNodesMinSize: Default: '2' Description: The minimum number of Forge nodes in the Auto Scaling group. Type: String ForgeAppName: Default: forge-viewmodels-nodejs-aws Description: The name of the zip file that contains the packaged Forge application, without the .zip extension. The two provided options are forge-viewmodels-nodejs-aws and forge-viewmodels-netcore-aws. To deploy a custom application, you would need to deploy this Quick Start from your own private S3 bucket and add your custom package in the packages directory. Type: String ForgeSiteDomain: Description: '[Optional] Domain name of the Forge site. e.g. example.com. Valid FQDN required when using SSL.' AllowedPattern: (?!-)[a-zA-Z0-9-.]*(?