AWSTemplateFormatVersion: 2010-09-09
Description: Amazon Managed Blockchain Basic Initial Member Template (qs-1q1tsb2rh)
Metadata:
  LICENSE: Apache License Version 2.0
  AWS::CloudFormation::Interface:
    ParameterGroups:
      - Label:
          default: Network configuration
        Parameters:
          - NetworkName
          - NetworkDescription
          - Edition
          - ThresholdPercentage
          - ThresholdComparator
          - ProposalDurationInHours
      - Label:
          default: First member configuration
        Parameters:
          - FirstMemberName
          - FirstMemberDescription
          - FirstMemberAdminUsername
          - FirstMemberAdminPassword
          - PeerNode1AZ
          - PeerNode2AZ
          - PeerNode3AZ
          - InstanceType
    ParameterLabels:
      NetworkName:
        default: Network name
      NetworkDescription:
        default: Network description
      Edition:
        default: Edition
      ThresholdPercentage:
        default: Threshold percentage
      ThresholdComparator:
        default: Threshold comparator
      ProposalDurationInHours:
        default: Proposal duration
      FirstMemberName:
        default: First member name
      FirstMemberDescription:
        default: First member description
      FirstMemberAdminUsername:
        default: First member admin username
      FirstMemberAdminPassword:
        default: First member admin password
      PeerNode1AZ:
        default: Peer node 1 Availability Zone
      PeerNode2AZ:
        default: Peer node 2 Availability Zone
      PeerNode3AZ:
        default: Peer node 3 Availability Zone
      InstanceType:
        default: Instance type
Parameters:
  NetworkName:
    Description: The name of your Amazon Managed Blockchain network.
    AllowedPattern: "^[0-9a-zA-Z]+$"
    ConstraintDescription: Network name must be alphanumeric and cannot contain spaces.
    Type: String
  NetworkDescription:
    Description: An optional description of your network.
    Type: String
  Edition:
    Description: Setting that determines the number of peer nodes per member and the selection of instance types that can be used for them.
    ConstraintDescription: Must be STARTER or STANDARD
    Default: STARTER
    AllowedValues:
      - STARTER
      - STANDARD
    Type: String
  FirstMemberName:
    Description: The name of the first member in your Amazon Managed Blockchain network.
    AllowedPattern: "^[0-9a-zA-Z]+$"
    ConstraintDescription: FirstMemberName must be alphanumeric.
    Type: String
  FirstMemberDescription:
    Description: An optional description of your first member.
    Type: String
  FirstMemberAdminUsername:
    Description: The user name of your first member's admin user.
    AllowedPattern: "^[0-9a-zA-Z/]+$"
    ConstraintDescription: AdminUsername must contain only uppercase and lowercase letters and numbers.
    Type: String
  FirstMemberAdminPassword:
    Description: The password of your first member's admin user.
    MinLength: 8
    MaxLength: 32
    AllowedPattern: "^(?!.*?['\"\\/ @])(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9]).*{8,32}$"
    ConstraintDescription: >-
      AdminPassword must be at least 8 characters long and must contain at least one
      uppercase character, one lowercase character, and one digit. It must not
      contain ', ", \, /, @ or spaces. It must not exceed 32 characters in length.
    Type: String
    NoEcho: true
  ThresholdPercentage:
    Description: The percentage of favorable votes needed to approve a blockchain proposal.
    MinValue: 1
    MaxValue: 100
    Type: Number
    Default: 50
  ThresholdComparator:
    Description: >-
      This comparator is used to determine how the vote percentages are compared
      with the threshold. If it is GREATER_THAN, then the percentage of favorable
      votes must exceed the ThresholdPercentage for a proposal to pass. If it is
      GREATER_THAN_OR_EQUAL_TO, then the percentage of favorable votes must at
      least be equal to the threshold for a proposal to pass.
    ConstraintDescription: Must be GREATER_THAN or GREATER_THAN_OR_EQUAL_TO
    Default: GREATER_THAN
    AllowedValues:
      - GREATER_THAN
      - GREATER_THAN_OR_EQUAL_TO
    Type: String
  ProposalDurationInHours:
    Description: The number of hours a proposal can be voted on.
    MinValue: 1
    MaxValue: 168
    Default: 24
    Type: Number
  PeerNode1AZ:
    Description: The Availability Zone for your first peer node.
    Default: us-east-1a
    Type: String
  PeerNode2AZ:
    Description: The Availability Zone for your second peer node. Can be blank.
    Default: us-east-1b
    Type: String
  PeerNode3AZ:
    Description: The Availability Zone for your third peer node. Can be blank.
    Type: String
  InstanceType:
    Description: The type of compute instance to use for your peer nodes.
    Default: bc.t3.small
    Type: String
    AllowedValues:
      - bc.t3.small
      - bc.t3.medium
      - bc.t3.large
      - bc.t3.xlarge
      - bc.m5.large
      - bc.m5.xlarge
      - bc.m5.2xlarge
      - bc.m5.4xlarge
      - bc.c5.large
      - bc.c5.xlarge
      - bc.c5.2xlarge
      - bc.c5.4xlarge
    ConstraintDescription: >-
      If Edition is STARTER, then this value must be bc.t3.small
      or bc.t3.medium.

Conditions:
  CreatePeerNode2: !Not [!Equals [!Ref PeerNode2AZ, ""]]
  CreatePeerNode3: !Not [!Equals [!Ref PeerNode3AZ, ""]]
  HasNetworkDescription: !Not [!Equals [!Ref NetworkDescription, ""]]
  HasFirstMemberDescription: !Not [!Equals [!Ref FirstMemberDescription, ""]]

Resources:
  Member:
    Type: AWS::ManagedBlockchain::Member
    Properties:
      NetworkConfiguration:
        Name: !Ref NetworkName
        Description:
          !If [
            HasNetworkDescription,
            !Ref NetworkDescription,
            !Ref "AWS::NoValue",
          ]
        Framework: HYPERLEDGER_FABRIC
        FrameworkVersion: "1.2"
        NetworkFrameworkConfiguration:
          NetworkFabricConfiguration:
            Edition: !Ref Edition
        VotingPolicy:
          ApprovalThresholdPolicy:
            ThresholdPercentage: !Ref ThresholdPercentage
            ProposalDurationInHours: !Ref ProposalDurationInHours
            ThresholdComparator: !Ref ThresholdComparator
      MemberConfiguration:
        Name: !Ref FirstMemberName
        Description:
          !If [
            HasFirstMemberDescription,
            !Ref FirstMemberDescription,
            !Ref "AWS::NoValue",
          ]
        MemberFrameworkConfiguration:
          MemberFabricConfiguration:
            AdminUsername: !Ref FirstMemberAdminUsername
            AdminPassword: !Ref FirstMemberAdminPassword
  PeerNode1:
    Type: AWS::ManagedBlockchain::Node
    Properties:
      MemberId: !GetAtt Member.MemberId
      NetworkId: !GetAtt Member.NetworkId
      NodeConfiguration:
        AvailabilityZone: !Ref PeerNode1AZ
        InstanceType: !Ref InstanceType
  PeerNode2:
    Type: AWS::ManagedBlockchain::Node
    Condition: CreatePeerNode2
    Properties:
      MemberId: !GetAtt Member.MemberId
      NetworkId: !GetAtt Member.NetworkId
      NodeConfiguration:
        AvailabilityZone: !Ref PeerNode2AZ
        InstanceType: !Ref InstanceType
  PeerNode3:
    Type: AWS::ManagedBlockchain::Node
    Condition: CreatePeerNode3
    Properties:
      MemberId: !GetAtt Member.MemberId
      NetworkId: !GetAtt Member.NetworkId
      NodeConfiguration:
        AvailabilityZone: !Ref PeerNode3AZ
        InstanceType: !Ref InstanceType