--- AWSTemplateFormatVersion: 2010-09-09 Description: >- Cisco Meraki- Main Stack- Deploys two vMX instances in different avalaibility zones along with a new SDWAN VPC and a Transit Gateway. **WARNING** You will be billed for the AWS resources used if you create a stack from this template. (qs-1sc6b07ep) Metadata: QuickStartDocumentation: EntrypointName: "Launch into a new VPC" Order: "1" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Meraki configuration Parameters: - MerakiOrgID - MerakiAPIKey - NumberOfvMXs - vMX1Token - vMX2Token - vMX1MerakiNetworkTag - vMX2MerakiNetworkTag - Label: default: Network configuration Parameters: - AvailabilityZones - VPCCIDR - AvailabilityZone1CIDR - AvailabilityZone2CIDR - AmazonSideASN - Label: default: EC2 configuration Parameters: - InstanceType - Label: default: AWS Lambda configuration Parameters: - LambdaRate - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion - KeyPairName ParameterLabels: KeyPairName: default: Key pair name MerakiOrgID: default: Meraki organization ID MerakiAPIKey: default: Meraki organization API key AvailabilityZones: default: Availability Zones to use for the SD-WAN VPC subnets InstanceType: default: Amazon EC2 instance type NumberOfvMXs: default: Number of vMX instances vMX1Token: default: Authentication token, first vMX instance vMX2Token: default: Authentication token, second vMX instance VPCCIDR: default: CIDR block for the VPC vMX1MerakiNetworkTag: default: Meraki network tag, first vMX instance vMX2MerakiNetworkTag: default: Meraki network tag, second vMX instance AvailabilityZone1CIDR: default: CIDR block for public subnet 1 AvailabilityZone2CIDR: default: CIDR block for public subnet 2 QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket Region QSS3KeyPrefix: default: Quick Start S3 key prefix AmazonSideASN: default: Transit gateway ASN LambdaRate: default: CloudWatch Events rule rate Parameters: MerakiOrgID: Description: Meraki organization ID. Type: String MerakiAPIKey: Description: Meraki organization API key. Type: String NoEcho: 'true' AvailabilityZones: Description: List of Availability Zones to use for the VPC subnets. Two Availability Zones are used for this deployment. Type: List InstanceType: Description: Amazon EC2 instance type for the vMX instances. For recommended and supported instance types, see https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(AWS)[vMX Setup Guide for Amazon Web Services (AWS)]. Type: String Default: c5.large AllowedValues: - c5.large - c5.xlarge - m4.large ConstraintDescription: Must be a valid EC2 instance type. NumberOfvMXs: Description: Number of vMX instances to deploy. Type: String AllowedValues: - '1' - '2' Default: '2' vMX1Token: Description: Onboarding token for the first vMX instance. You can obtain the token from the https://account.meraki.com/login/dashboard_login?go=%2F[Meraki dashboard^]. Type: String Default: change_to_match_the_token_from_meraki_dashboard vMX2Token: Description: Onboarding token for the second vMX instance. You can obtain the token from the https://account.meraki.com/login/dashboard_login?go=%2F[Meraki dashboard^]. Type: String Default: change_to_match_the_token_from_meraki_dashboard VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form `x.x.x.x/16-28`. Default: 10.249.0.0/16 Description: CIDR block for the SD-WAN VPC. Type: String AvailabilityZone1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form `x.x.x.x/16-28`. Default: 10.249.0.0/24 Description: CIDR block for public subnet 1, located in Availability Zone 1. Type: String AvailabilityZone2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form `x.x.x.x/16-28`. Default: 10.249.1.0/24 Description: CIDR block for public subnet 2, located in Availability Zone 2. Type: String QSS3BucketName: AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' ConstraintDescription: The Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html.' Type: String QSS3KeyPrefix: AllowedPattern: '^[0-9a-zA-Z-/]*$' ConstraintDescription: The Quick Start S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). The prefix should end with a forward slash (/). Default: quickstart-cisco-meraki-sd-wan-vmx/ Description: S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End with a forward slash. See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String KeyPairName: Description: EC2 key pair name. ConstraintDescription: Must be the name of an existing EC2 key pair. vMX instances launch with this key pair. Type: "AWS::EC2::KeyPair::KeyName" AmazonSideASN: Description: Autonomous System Number (ASN) for the transit gateway. Type: String LambdaRate: Description: How often the CloudWatch Events rule runs. The rule invokes AWS Lambda to update the VPC and transit gateway route tables. Default: rate(10 minutes) AllowedValues: - rate(1 minute) - rate(10 minutes) - rate(60 minutes) Type: String vMX1MerakiNetworkTag: Description: On the Meraki dashboard, the vMX network tag for the first vMX instance. Type: String Default: vMX1 vMX2MerakiNetworkTag: Description: On the Meraki dashboard, the vMX network tag for the second vMX instance. Type: String Default: vMX2 Conditions: UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: VPCStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AvailabilityZones: !Join - ',' - !Ref AvailabilityZones KeyPairName: !Ref KeyPairName NumberOfAZs: !Ref NumberOfvMXs PublicSubnet1CIDR: !Ref AvailabilityZone1CIDR PublicSubnet2CIDR: !Ref AvailabilityZone2CIDR VPCCIDR: !Ref VPCCIDR CreatePrivateSubnets: false WorkloadStack: DependsOn: VPCStack Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/quickstart-cisco-meraki-sdwan-vmx-workload.template.yaml - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: MerakiOrgID: Ref: MerakiOrgID MerakiAPIKey: Ref: MerakiAPIKey InstanceType: Ref: InstanceType KeyPairName: Ref: KeyPairName NumberOfvMXs: Ref: NumberOfvMXs vMX1Token: Ref: vMX1Token vMX2Token: Ref: vMX2Token vMX1MerakiNetworkTag: Ref: vMX1MerakiNetworkTag vMX2MerakiNetworkTag: Ref: vMX2MerakiNetworkTag AZ1PublicSubnetID: Fn::GetAtt: - VPCStack - Outputs.PublicSubnet1ID AZ2PublicSubnetID: Fn::GetAtt: - VPCStack - Outputs.PublicSubnet2ID VPCID: Fn::GetAtt: - VPCStack - Outputs.VPCID VPCRouteTableID: Fn::GetAtt: - VPCStack - Outputs.PublicSubnetRouteTable AmazonSideASN: Ref: AmazonSideASN LambdaRate: Ref: LambdaRate QSS3BucketName: Ref: QSS3BucketName QSS3BucketRegion: Ref: QSS3BucketRegion QSS3KeyPrefix: Ref: QSS3KeyPrefix Outputs: VPCID: Description: The ID of the deployed SD-WAN VPC. Value: Fn::GetAtt: - VPCStack - Outputs.VPCID vMX1InstanceID: Description: First vMX instance ID. Value: Fn::GetAtt: - WorkloadStack - Outputs.vMX1InstanceID vMX2InstanceID: Description: Second vMX instance ID. Value: Fn::GetAtt: - WorkloadStack - Outputs.vMX2InstanceID TransitGatewayID: Description: Transit gateway instance ID. Value: Fn::GetAtt: - WorkloadStack - Outputs.TransitGatewayID LambdaID: Description: AWS Lambda function ID. Value: Fn::GetAtt: - WorkloadStack - Outputs.LambdaID TGWRouteTable: Description: Transit gateway route table. Value: Fn::GetAtt: - WorkloadStack - Outputs.TGWRouteTable Postdeployment: Description: See the deployment guide for postdeployment steps. Value: https://aws.amazon.com/quickstart/?quickstart-all.sort-by=item.additionalFields.s