AWSTemplateFormatVersion: '2010-09-09' Description: Chainlink node Quick Start entrtypoint for deployment (qs-1s6adgs60) Metadata: QuickStartDocumentation: EntrypointName: 'Parameters for launching into a new VPC' Order: '1' cfn-lint: config: ignore_checks: - E9101 - E9007 ignore_reasons: E9101: Currently do to require parameters, on submodule. Will be updated when submodule is. AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - AvailabilityZones - VPCCIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - RemoteAccessCIDR - VPCTenancy - Label: default: Amazon EC2 configuration Parameters: - KeyPairName - BastionAMIOS - BastionInstanceType - ChainlinkNodeInstanceType - ChainlinkNodeRootVolumeSize - Label: default: Linux bastion configuration Parameters: - NumBastionHosts - BastionHostName - BastionTenancy - EnableBanner - BastionBanner - EnableTCPForwarding - EnableX11Forwarding - Label: default: Chainlink node configuration Parameters: - BlockchainNetwork - ChainlinkNodeGUIEmail - ChainlinkNodeGUIPassword - BlockchainNodeUrl - NodeWalletPassword - UseSSLCertificate - SSLCertificateARN - Label: default: Aurora PostreSQL configuration Parameters: - DBName - DBAutoMinorVersionUpgrade - DBBackupRetentionPeriod - DBMultiAZ - DBEngineVersion - DBInstanceClass - DBMasterUsername - DBMasterUserPassword - DBPort - Label: default: Amazon DevOps Guru Parameters: - EnableAmazonDevOpsGuru - AdministratorAccountId - EmailAddress - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion ParameterLabels: AvailabilityZones: default: Availability Zones VPCCIDR: default: VPC CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR RemoteAccessCIDR: default: Allowed bastion external access CIDR VPCTenancy: default: VPC tenancy KeyPairName: default: SSH key pair name BastionAMIOS: default: Bastion AMI operating system ChainlinkNodeInstanceType: default: Chainlink node instance type ChainlinkNodeRootVolumeSize: default: Chainlink node root volume size NumBastionHosts: default: Number of bastion hosts BastionHostName: default: Bastion hostname BastionTenancy: default: Bastion tenancy BastionBanner: default: Banner text EnableBanner: default: Bastion banner EnableTCPForwarding: default: TCP forwarding EnableX11Forwarding: default: X11 forwarding BlockchainNetwork: default: Blockchain network ChainlinkNodeGUIEmail: default: Chainlink node GUI email ChainlinkNodeGUIPassword: default: Chainlink node GUI password BlockchainNodeUrl: default: Blockchain node web socket URL NodeWalletPassword: default: Chainlink node wallet password UseSSLCertificate: default: SSL certificate with AWS Certificate Manager SSLCertificateARN: default: SSL certificate ARN DBName: default: Database name DBAutoMinorVersionUpgrade: default: Database auto minor version upgrade DBBackupRetentionPeriod: default: Database backup retention period DBMultiAZ: default: Database in Multi-AZ for high availability DBEngineVersion: default: Database engine version DBInstanceClass: default: Database instance class DBMasterUsername: default: Database primary user name DBMasterUserPassword: default: Database primary password DBPort: default: Database port EnableAmazonDevOpsGuru: default: Amazon DevOps Guru AdministratorAccountId: Default: AWS administrator account ID EmailAddress: Default: Email address to receive SNS notifications QSS3BucketName: default: Quick Start S3 bucket name QSS3KeyPrefix: default: Quick Start S3 key prefix QSS3BucketRegion: default: Quick Start S3 bucket Region Parameters: AvailabilityZones: Description: 'Select 2 Availability Zones to use for the subnets in the VPC.' Type: List VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.0.0/16 Description: CIDR block for the VPC. Type: String PublicSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.128.0/20 Description: CIDR block for the public DMZ subnet 1, located in Availability Zone 1. Type: String PublicSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.144.0/20 Description: CIDR block for the public DMZ subnet 2, located in Availability Zone 2. Type: String PrivateSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/19 Description: CIDR block for private subnet 1, located in Availability Zone 1. Type: String PrivateSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.32.0/19 Description: CIDR block for private subnet 2, located in Availability Zone 2. Type: String RemoteAccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: Allowed CIDR block for external SSH access to the bastions and Chainlink node UI. Default: 0.0.0.0/0 Type: String VPCTenancy: AllowedValues: - default - dedicated Default: default Description: The allowed tenancy of instances launched into the VPC. Type: String KeyPairName: Description: Name of an existing public/private key pair. If you do not have one in this AWS Region, create it before continuing. Type: 'AWS::EC2::KeyPair::KeyName' BastionAMIOS: AllowedValues: - Amazon-Linux2-HVM - CentOS-7-HVM - Ubuntu-Server-20.04-LTS-HVM - SUSE-SLES-15-HVM Default: Amazon-Linux2-HVM Description: The Linux distribution for the AMI to be used for the bastion instances. Type: String BastionInstanceType: Description: Amazon EC2 instance type for the bastion instances. Type: String Default: t2.micro AllowedValues: - t2.nano - t2.micro - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge ChainlinkNodeInstanceType: AllowedValues: - t2.nano - t2.micro - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - c5.large - c5.xlarge - c5.2xlarge - c5.4xlarge Default: t3.small Description: Amazon EC2 instance type for the Chainlink node's instances. Type: String ChainlinkNodeRootVolumeSize: Description: The size in GB for the root EBS volume for Chainlink nodes. Type: Number Default: '30' NumBastionHosts: AllowedValues: - '1' - '2' Default: '1' Description: The number of bastion hosts to create. The maximum number is two. Type: String BastionHostName: Default: 'LinuxBastion' Description: The value used for the name tag of the bastion host. Type: String BastionTenancy: Description: Bastion VPC tenancy (dedicated or default). Type: String Default: default AllowedValues: - dedicated - default EnableBanner: AllowedValues: - 'true' - 'false' Default: 'false' Description: Choose *true* to display a banner when connecting via SSH to the bastion. Type: String BastionBanner: Default: '' Description: Banner text to display upon login. Type: String EnableTCPForwarding: Type: String Description: To enable TCP forwarding, choose *true*. Default: 'false' AllowedValues: - 'true' - 'false' EnableX11Forwarding: Type: String Description: To enable X11 forwarding, choose *true*. Default: 'false' AllowedValues: - 'true' - 'false' BlockchainNetwork: AllowedValues: - Ethereum-Mainnet - Ethereum-Goerli-Testnet - BSC-Mainnet - BSC-Testnet - Matic-Mainnet - Matic-Mumbai-Testnet - RSK-Mainnet - Gnosis-Chain-Mainnet - Avalanche-Mainnet - Avalanche-Fuji-Testnet - Fantom-Mainnet - Fantom-Testnet - Arbitrum-Mainnet - Arbitrum-Goerli-Testnet - Heco-Mainnet - Optimism-Mainnet - Optimism-Goerli-Testnet - Harmony-Mainnet - Moonriver-Mainnet - Moonbeam-Mainnet - Metis-Mainnet - Klaytn-Baobab-Testnet Default: Ethereum-Goerli-Testnet Description: 'Blockchain network to run Chainlink node.' Type: String ChainlinkNodeGUIEmail: Default: chainlinkuser@email.com Description: 'The Chainlink node GUI email.' MaxLength: '64' MinLength: '1' Type: String ChainlinkNodeGUIPassword: Description: 'The Chainlink node GUI password, must contain 4 uppercase letters, 4 lowercase letters, 4 numbers, and 4 special characters.' MaxLength: '50' MinLength: '16' NoEcho: 'True' Type: String BlockchainNodeUrl: Default: 'wss://blockchainNodeEndpoint' Description: 'The web socket endpoint for a blockchain node.' MaxLength: '240' MinLength: '6' Type: String NodeWalletPassword: Description: 'Node wallet password, must contain 4 uppercase letters, 4 lowercase letters, 4 numbers, and 4 special characters.' MaxLength: '50' MinLength: '16' NoEcho: 'True' Type: String UseSSLCertificate: AllowedValues: - 'true' - 'false' Default: 'true' Description: 'Use a public certificate created through AWS Certificate Manager (ACM).' Type: String SSLCertificateARN: Description: 'ARN of the SSL Certificate created through AWS Certificate Manager.' AllowedPattern: '.+' Default: 'arn:aws:acm:region:account-id:certificate' Type: String DBName: AllowedPattern: '[a-zA-Z0-9]*' Description: 'Name of the Amazon Aurora database.' MaxLength: '64' MinLength: '0' Default: 'PostgresDB' Type: String DBAutoMinorVersionUpgrade: AllowedValues: - 'true' - 'false' Default: 'false' Description: 'Select true to set up auto minor version upgrade.' Type: String DBBackupRetentionPeriod: Default: '7' Description: 'The number of days that automatic database snapshots are retained.' Type: String DBMultiAZ: AllowedValues: - 'true' - 'false' Default: 'true' Description: Specify if the database instance is a multiple Availability Zone deployment. Type: String DBEngineVersion: Description: The database engine version. Type: String Default: 11.9 AllowedValues: - 9.6.16 - 9.6.17 - 9.6.18 - 9.6.19 - 10.11 - 10.12 - 10.13 - 10.14 - 11.6 - 11.7 - 11.8 - 11.9 - 12.4 DBInstanceClass: AllowedPattern: "db\\.[a-z0-9]*\\.[a-z0-9]*" ConstraintDescription: "Must select a valid database instance type." Default: db.t3.medium Description: "The name of the compute and memory capacity class of the database instance." Type: String DBMasterUsername: AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: 'Must begin with a letter and contain only alphanumeric characters.' Default: postgresadmin Description: 'The database admin account user name.' MaxLength: '16' MinLength: '1' Type: String DBMasterUserPassword: Description: The database admin account password. To avoid connectivity issues, do not end the password with a special character. Must contain at least 1 uppercase letter, 1 lowercase letter, and a symbol (non / @ " ' ). MaxLength: '64' MinLength: '8' NoEcho: 'True' Type: String DBPort: Default: 5432 Description: 'The port on which the instance listens for connections.' Type: Number ConstraintDescription: 'Must be in the range [1150-65535].' MinValue: 1150 MaxValue: 65535 EnableAmazonDevOpsGuru: AllowedValues: - 'true' - 'false' Default: 'true' Description: 'Enable Amazon DevOps Guru.' Type: String AdministratorAccountId: Type: String Description: 'AWS Account ID of the administrator account (the account in which StackSets are created).' MaxLength: 12 MinLength: 12 Default: '000000000000' EmailAddress: Description: 'Email address used for Amazon DevOps Guru SNS subscription.' Type: String Default: chainlinkuser@email.com QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: The Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String QSS3KeyPrefix: AllowedPattern: ^([0-9a-zA-Z-.]+/)*$ ConstraintDescription: The Quick Start S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). Default: quickstart-chainlinklabs-chainlink-node/ Description: S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End with a forward slash. See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html.' Type: String Conditions: UsingDefaultBucket: !Equals - !Ref QSS3BucketName - 'aws-quickstart' Resources: VPCStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AvailabilityZones: !Join - ',' - !Ref AvailabilityZones NumberOfAZs: '2' PrivateSubnet1ACIDR: !Ref PrivateSubnet1CIDR PrivateSubnet2ACIDR: !Ref PrivateSubnet2CIDR PublicSubnet1CIDR: !Ref PublicSubnet1CIDR PublicSubnet2CIDR: !Ref PublicSubnet2CIDR VPCCIDR: !Ref VPCCIDR VPCTenancy: !Ref VPCTenancy ChainlinkStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/quickstart-chainlink-node-workload.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: RemoteAccessCIDR: !Ref RemoteAccessCIDR PublicSubnet1ID: Fn::GetAtt: - VPCStack - Outputs.PublicSubnet1ID PublicSubnet2ID: Fn::GetAtt: - VPCStack - Outputs.PublicSubnet2ID PrivateSubnet1ID: Fn::GetAtt: - VPCStack - Outputs.PrivateSubnet1AID PrivateSubnet2ID: Fn::GetAtt: - VPCStack - Outputs.PrivateSubnet2AID VPCID: Fn::GetAtt: - VPCStack - Outputs.VPCID VPCCIDR: Fn::GetAtt: - VPCStack - Outputs.VPCCIDR KeyPairName: !Ref KeyPairName ChainlinkNodeInstanceType: !Ref ChainlinkNodeInstanceType ChainlinkNodeRootVolumeSize: !Ref ChainlinkNodeRootVolumeSize BlockchainNetwork: !Ref BlockchainNetwork ChainlinkNodeGUIEmail: !Ref ChainlinkNodeGUIEmail ChainlinkNodeGUIPassword: !Ref ChainlinkNodeGUIPassword BlockchainNodeUrl: !Ref BlockchainNodeUrl NodeWalletPassword: !Ref NodeWalletPassword DBName: !Ref DBName DBAutoMinorVersionUpgrade: !Ref DBAutoMinorVersionUpgrade DBBackupRetentionPeriod: !Ref DBBackupRetentionPeriod DBEngineVersion: !Ref DBEngineVersion DBInstanceClass: !Ref DBInstanceClass DBMasterUsername: !Ref DBMasterUsername DBMasterUserPassword: !Ref DBMasterUserPassword DBPort: !Ref DBPort DBMultiAZ: !Ref DBMultiAZ BastionAMIOS: !Ref BastionAMIOS BastionInstanceType: !Ref BastionInstanceType NumBastionHosts: !Ref NumBastionHosts BastionHostName: !Ref BastionHostName BastionTenancy: !Ref BastionTenancy EnableBanner: !Ref EnableBanner BastionBanner: !Ref BastionBanner EnableTCPForwarding: !Ref EnableTCPForwarding EnableX11Forwarding: !Ref EnableX11Forwarding UseSSLCertificate: !Ref UseSSLCertificate SSLCertificateARN: !Ref SSLCertificateARN EnableAmazonDevOpsGuru: !Ref EnableAmazonDevOpsGuru AdministratorAccountId: !Ref AdministratorAccountId EmailAddress: !Ref EmailAddress QSS3BucketRegion: !Ref QSS3BucketRegion QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Ref QSS3KeyPrefix