--- AWSTemplateFormatVersion: '2010-09-09' Description: Boomi Atom Installation Script. This creates a VPC, Public Subnets and Private Subnets, and stages a Dell Boomi Atom. (qs-1r0e5j2b9) Metadata: QuickStartDocumentation: EntrypointName: Launch into an existing VPC AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - VPCID - PrivateSubnet1ID - BastionSecurityGroupID - Label: default: Amazon EC2 configuration Parameters: - InstanceType - KeyPairName - BoomiInstanceVolumeSize - Label: default: Dell Boomi Atom configuration Parameters: - AtomName - BoomiAccountID - BoomiUsername - BoomiPassword - BoomiInstallToken - BoomiInstallDir ParameterLabels: KeyPairName: default: SSH key name VPCID: default: VPC ID InstanceType: default: Boomi Atom instance type BoomiInstanceVolumeSize: default: Amazon EBS volume size for Boomi Atom instance BoomiAccountID: default: Boomi account ID BoomiUsername: default: Boomi username BoomiPassword: default: Boomi password BoomiInstallToken: default: Boomi installation token PrivateSubnet1ID: default: Private subnet ID AtomName: default: Atom name BoomiInstallDir: default: Boomi install directory Parameters: KeyPairName: Description: Key pair that allows you to connect securely to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: Must be an existing name. BastionSecurityGroupID: Type: AWS::EC2::SecurityGroup::Id InstanceType: Description: Boomi host instance type. Type: String Default: m5.xlarge AllowedValues: - m5.xlarge - m5.2xlarge - m5.4xlarge - r5.xlarge - c5.xlarge - c5.2xlarge - c5.4xlarge BoomiInstanceVolumeSize: Description: Size of the Amazon EBS volume attached to the Atom instance. Size range is 1GiB–16TiB. Type: Number Default: 100 VPCID: Description: VPC to deploy into. Type: AWS::EC2::VPC::Id PrivateSubnet1ID: Description: ID of the private subnet, in Availability Zone 1 in your existing VPC. Type: AWS::EC2::Subnet::Id BoomiUsername: Description: Boomi account username. (Not required if using a Boomi installation token.) Type: String BoomiPassword: Description: Boomi account password. (Not required if using a Boomi installation token.) Type: String NoEcho: true BoomiAccountID: Description: Boomi account ID to associate with the new Atom. Type: String BoomiInstallDir: Description: Boomi installation directory. Type: String Default: /opt/boomi/ AtomName: Description: Boomi Atom instance name. Type: String Default: atom1 AllowedPattern: "[a-zA-Z0-9_]*" BoomiInstallToken: Description: Boomi installation token. Type: String Default: '' Rules: PasswordOrMFAToken: Assertions: - Assert: !Or - !And - !Equals [!Ref BoomiPassword, ''] - !Not [!Equals [!Ref BoomiInstallToken, '']] - !And - !Not [!Equals [!Ref BoomiPassword, '']] - !Equals [!Ref BoomiInstallToken, ''] AssertDescription: You must supply either a password or an MFA installation token. Conditions: InstallTokenProvided: !Not [!Equals [!Ref BoomiInstallToken, '']] Resources: AtomWaitHandle: Type: AWS::CloudFormation::WaitConditionHandle AtomWaitCondition: Type: AWS::CloudFormation::WaitCondition Properties: Handle: !Ref 'AtomWaitHandle' Timeout: "900" Count: 1 BoomiSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: boomi VpcId: !Ref VPCID Tags: - Key: Name Value: BoomiSG SecurityGroupIngress: - FromPort: 22 IpProtocol: tcp SourceSecurityGroupId: !Ref BastionSecurityGroupID ToPort: 22 AtomInstanceEBS: Type: AWS::EC2::Volume Metadata: cfn-lint: config: ignore_checks: - EBSVolumeEncryption ignore_reasons: - EBSVolumeEncryption: "Ignore invalid check" Properties: Size: !Ref BoomiInstanceVolumeSize Encrypted: true AvailabilityZone: !Select [ 0, !GetAZs '' ] Tags: - Key: Name Value: Atom DeletionPolicy: Snapshot AtomInstance: Type: 'AWS::EC2::Instance' Properties: Tags: - Key: Name Value: !Ref 'AtomName' ImageId: '{{resolve:ssm:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2}}' InstanceType: Ref: InstanceType AvailabilityZone: !Select [ 0, !GetAZs '' ] NetworkInterfaces: - GroupSet: - !Ref BoomiSecurityGroup AssociatePublicIpAddress: false DeviceIndex: '0' DeleteOnTermination: true SubnetId: !Ref PrivateSubnet1ID Volumes: - Device: "/dev/xvdf" VolumeId: !Ref AtomInstanceEBS KeyName: Ref: KeyPairName UserData: Fn::Base64: !Sub | #!/bin/bash export PATH=$PATH:/usr/local/bin yum update -y yum install git -y git clone https://github.com/aws-quickstart/quickstart-linux-utilities.git /quickstart-linux-utilities cd /quickstart-linux-utilities source quickstart-cfn-tools.source qs_update-os qs_aws-cfn-bootstrap /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource AtomInstance --region ${AWS::Region} /opt/aws/bin/cfn-signal -e $? '${AtomWaitHandle}' Metadata: AWS::CloudFormation::Init: config: packages: yum: java-1.8.0-openjdk: [] files: /tmp/atom.service: content: !Sub | [Unit] Description=Dell Boomi Atom After=network.target RequiresMountsFor=/opt/boomi/Atom_${AtomName} [Service] Type=forking User=root Restart=always ExecStart=/opt/boomi/Atom_${AtomName}/bin/atom start ExecStop=/opt/boomi/Atom_${AtomName}/bin/atom stop ExecReload=/opt/boomi/Atom_${AtomName}/bin/atom restart [Install] WantedBy=multi-user.target mode: "000644" owner: "root" group: "root" commands: 02_create_xfs: command: mkfs -t xfs /dev/nvme1n1 && mkdir /opt/boomi && sh -c 'echo "/dev/nvme1n1 /opt/boomi xfs defaults,noatime 0 0" >> /etc/fstab' && mount -a 03_set_hostname: command: ln -sf /opt/boomi/Atom_$(curl http://169.254.169.254/latest/meta-data/local-hostname | sed -r 's/[-.]+/_/g')/jre/bin/java /usr/bin/java && . ~/.bash_profile 04_set_perms_and_create_dir: command: cd /usr/local && sudo mkdir boomi && sudo chown ec2-user:ec2-user boomi && cd /usr/local/boomi 05_get_installer: command: wget -P /usr/local/boomi https://platform.boomi.com/atom/atom_install64.sh && chmod +x /usr/local/boomi/atom_install64.sh 06_create_installer_dir: command: !Sub sudo mkdir -p ${BoomiInstallDir} && sudo chown -R ec2-user:ec2-user ${BoomiInstallDir} && cd /usr/local/boomi 07_start_installer: command: !If - InstallTokenProvided - !Sub | echo "installing via token: /usr/local/boomi/atom_install64.sh -q console -VinstallToken=${BoomiInstallToken} -VatomName=${AtomName} -VaccountId=${BoomiAccountID} -dir ${BoomiInstallDir}" && /usr/local/boomi/atom_install64.sh -q console -VinstallToken=${BoomiInstallToken} -VatomName=${AtomName} -VaccountId=${BoomiAccountID} -dir ${BoomiInstallDir} - !Sub | echo "installing via username/password: /usr/local/boomi/atom_install64.sh -q console -Vusername=${BoomiUsername} -Vpassword=******** -VatomName=${AtomName} -VaccountId=${BoomiAccountID} -dir ${BoomiInstallDir}" && /usr/local/boomi/atom_install64.sh -q console -Vusername=${BoomiUsername} -Vpassword="${BoomiPassword}" -VatomName=${AtomName} -VaccountId=${BoomiAccountID} -dir ${BoomiInstallDir} 08_create_service: command: mv /tmp/atom.service /lib/systemd/system/atom.service 09_start_service: command: systemctl enable atom && systemctl start atom EcInstanceAutorecoverAlarm: Type: AWS::CloudWatch::Alarm Properties: AlarmActions: - !Sub arn:${AWS::Partition}:automate:${AWS::Region}:ec2:recover AlarmDescription: Recover instance if its status checks fail. Namespace: AWS/EC2 MetricName: StatusCheckFailed_System Dimensions: - Name: InstanceId Value: !Ref AtomInstance EvaluationPeriods: 2 Period: 60 Statistic: Minimum ComparisonOperator: GreaterThanThreshold Threshold: 0 Outputs: Postdeployment: Description: See the deployment guide for post-deployment steps. Value: https://aws.amazon.com/quickstart/?quickstart-all.sort-by=item.additionalFields.sortDate&quickstart-all.sort-order=desc&awsm.page-quickstart-all=5