AWSTemplateFormatVersion: '2010-09-09' Description: CICD Pipeline setup for a cost efficient Elastic Beanstalk Blue-Green deployment (qs-1odpn28j4). Metadata: QSLint: Exclusions: [ W9002, W9003, W9004, W9006 ] cfn-lint: config: ignore_checks: - E0002 AWS::CloudFormation::Interface: ParameterGroups: - Label: default: AWS Elastic Beanstalk configuration Parameters: - BeanstalkSourceStageS3BucketName - BeanstalkSourceStageS3BucketKey - ExistingBlueEnvironmentName - ExistingBeanstalkApplicationName - GreenEnvironmentName - Label: default: AWS CodePipeline parameters Parameters: - AdministratorEmail - NameofthePipeline - UrlSwapCodeBuildServerName - Label: default: Git2s3 setup parameters. Valid only when GitToS3integration parameter is set to true. Ignore otherwise. Parameters: - GitToS3integration - CustomDomainName - ApiSecret - AllowedIps - Label: default: AWS Quick Start Configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: AdministratorEmail: default: Admin Email Address AllowedIps: default: Allowed IPs ApiSecret: default: API Secret BeanstalkSourceStageS3BucketKey: default: Beanstalk Source Stage S3 Bucket key BeanstalkSourceStageS3BucketName: default: Beanstalk Source Stage S3 Bucket CustomDomainName: default: Custom Domain Name ExistingBeanstalkApplicationName: default: Existing Beanstalk Application Name ExistingBlueEnvironmentName: default: Existing Blue Environment Name GitToS3integration: default: Git to S3 integration GreenEnvironmentName: default: Green Environment Name NameofthePipeline: default: Name of the Pipeline QSS3BucketName: default: Quick Start S3 Bucket Name QSS3BucketRegion: default: Quick Start S3 bucket region QSS3KeyPrefix: default: Quick Start S3 Key Prefix UrlSwapCodeBuildServerName: default: Url Swap CodeBuild Server Name Conditions: CreateBeanstalkStack: !Or - !Condition 'CreateNewBeanstalkEnv' - !Condition 'CreateNewBeanstalkApp' CreateBucketForBeanstalkSource: !And - !Equals - !Ref 'BeanstalkSourceStageS3BucketName' - '' - !Not - !Equals - !Ref 'GitToS3integration' - 'true' CreateGittoS3Integration: !Equals - !Ref 'GitToS3integration' - 'true' CreateNewBeanstalkApp: !Equals - !Ref 'ExistingBeanstalkApplicationName' - '' CreateNewBeanstalkEnv: !Equals - !Ref 'ExistingBlueEnvironmentName' - '' GovCloudCondition: !Equals - !Ref 'AWS::Region' - us-gov-west-1 UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Mappings: SampleBeantalkparameters: php: NewBlueEnvironmentName: BlueEnvironment NewBeanstalkApplicationName: BlueGreenBeanstalkApplication SolutionStackForNewBeanstalkEnv: 64bit Amazon Linux 2 v3.5.0 running PHP 8.0 AppPackageS3Bucket: elasticbeanstalk-samples AppPackageS3key: php-sample.zip Parameters: AdministratorEmail: AllowedPattern: ^[a-z0-9]+(\.[_a-z0-9]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,15})$ ConstraintDescription: Can contain only ASCII characters. This must be in the format of something@email.com Description: The administrator email address for the manual approval stage in the pipeline. The Amazon SNS subscription email will be sent to this address. Type: String AllowedIps: Default: 131.103.20.160/27,165.254.145.0/26,104.192.143.0/24 Description: >- (Optional) This applies only to the gitpull method. This is a comma-separated list of IP CIDR blocks for source IP authentication. Bitbucket Cloud IP ranges are provided as defaults. Provide this value only when the GitToS3integration parameter is set to true. Type: String ApiSecret: Default: '' Description: >- (Optional) This applies only to the git pull method. WebHook Secrets for use with GitHub Enterprise and GitLab. If a secret is matched IP range authentication is bypassed. Cannot contain: comma, backward slash, and double quotes.Provide this value only when the GitToS3integration parameter is set to true. NoEcho: 'true' Type: String BeanstalkSourceStageS3BucketKey: Default: '' Description: >- The path to the Elastic Beanstalk application source package (in .zip format) that will trigger the source stage in the pipeline. If the GitToS3integration parameter is set to true, this parameter is the S3 bucket key where the Git webhook will place the zip file as input to the source stage in the pipeline. The key should be in the format git-user/git-repository/git-user_git-repository.zip. This value differs from one Git repo to another. For more information, see the deployment steps in the Git Webhooks with AWS Services Quick Start deployment guide. Type: String BeanstalkSourceStageS3BucketName: Default: '' Description: >- (Optional) The S3 bucket for the source stage of the pipeline that AWS CodePipeline uses to pull the application package. If the GitToS3integration parameter value is set to false and if this value is left blank, a bucket will be created. If a bucket name is provided, that will be the bucket CodePipeline will look in to get the application source package. If the GitToS3integration parameter value is set to true, a new bucket will be created with this name to put the source package (zip file). If left blank, a bucket name will be automatically generated. Provide this value only when the GitToS3integration parameter is set to true. Type: String CustomDomainName: Default: '' Description: >- (Optional) Use a custom domain name for the webhook endpoint. If left blank, API Gateway will create a domain name for you. Provide this value only when the GitToS3integration parameter is set to true. Type: String ExistingBeanstalkApplicationName: Default: '' Description: >- (Optional) Required if the parameter ExistingBlueEnvironmentName is provided. Give the name of the existing Elastic Beanstalk application where the existing Elastic Beanstalk environment is running. Leaving this value blank creates a new sample application. You must provide a value for this parameter if you provide a value for ExistingBlueEnvironmentName. Type: String ExistingBlueEnvironmentName: Default: '' Description: >- (Optional) The name of the Elastic Beanstalk environment that’s designated as the blue environment. Leave this value blank, if you want to create a new sample environment with the PHP solution stack. Otherwise, provide a value to use for blue-green deployment. Type: String GitToS3integration: AllowedValues: - 'true' - 'false' Default: 'false' Description: >- Select true if you want to set up Git to S3 integration. If not, leave the default value as false. This will allow you to use an existing Git repository when deploying an application to Elastic Beanstalk. Type: String GreenEnvironmentName: Default: GreenEnvironment Description: >- The name of the green environment, which will be the clone of the blue environment. Traffic will be routed temporarily to the green environment, until the blue environment is finished with the deployment and testing. After successful deployment to the blue environment, traffic will be routed back to the blue environment, and the green environment will be terminated. Type: String NameofthePipeline: AllowedPattern: '[A-Za-z0-9.@\-_]+' ConstraintDescription: Can contain Only letters, numbers and certain special characters such as . (period), @ (at sign), - (hyphen), and _ (underscore) Default: BlueGreenCICDPipeline Description: The name of the CI/CD pipeline used in the blue-green deployment. MaxLength: '100' MinLength: '1' Type: String QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value.' Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: quickstart-codepipeline-bluegreen-deployment/ Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String UrlSwapCodeBuildServerName: Default: 'CICDurlSwap' Description: Url swap CodeBuild server name Type: String Rules: CheckforBeanstalkSourceBucketKey: RuleCondition: !Equals - '' - !Ref 'BeanstalkSourceStageS3BucketKey' Assertions: - Assert: !Not - !Equals - '' - !Ref 'BeanstalkSourceStageS3BucketKey' AssertDescription: Parameter 'BeanstalkSourceStageS3BucketKey' requires a value Resources: GittoS3IntegrationStack: Condition: CreateGittoS3Integration Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-git2s3/templates/git2s3.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AllowedIps: !Ref 'AllowedIps' ApiSecret: !Ref 'ApiSecret' CustomDomainName: !Ref 'CustomDomainName' OutputBucketName: !Ref 'BeanstalkSourceStageS3BucketName' BeanstalkSampleApplicationStack: Condition: CreateBeanstalkStack Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/elasticbeanstalk-sample.template' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: ExistingBlueEnvironmentName: !Ref 'ExistingBlueEnvironmentName' ExistingBeanstalkApplicationName: !Ref 'ExistingBeanstalkApplicationName' NewBlueEnvironmentName: !FindInMap - SampleBeantalkparameters - php - NewBlueEnvironmentName GreenEnvironmentName: !Ref 'GreenEnvironmentName' NewBeanstalkApplicationName: !FindInMap - SampleBeantalkparameters - php - NewBeanstalkApplicationName SolutionStackForNewBeanstalkEnv: !FindInMap - SampleBeantalkparameters - php - SolutionStackForNewBeanstalkEnv AppPackageS3Bucket: !FindInMap - SampleBeantalkparameters - php - AppPackageS3Bucket AppPackageS3key: !FindInMap - SampleBeantalkparameters - php - AppPackageS3key CopyFunctiontoS3BucketStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/copyfunction-to-s3bucket.template' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: QSS3BucketName: !Ref 'QSS3BucketName' #QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' GitToS3integration: !Ref 'GitToS3integration' BeanstalkSourceStageS3BucketName: !Ref 'BeanstalkSourceStageS3BucketName' CodePipelineStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/codepipeline-stack.template' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AdministratorEmail: !Ref 'AdministratorEmail' NameofthePipeline: !Ref 'NameofthePipeline' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' LambdaZipsBucket: !GetAtt 'CopyFunctiontoS3BucketStack.Outputs.LambdaZipsBucket' BlueEnvironmentName: !If - CreateNewBeanstalkEnv - !GetAtt 'BeanstalkSampleApplicationStack.Outputs.BeanstalkEnvironment' - !Ref 'ExistingBlueEnvironmentName' GreenEnvironmentName: !Ref 'GreenEnvironmentName' BeanstalkApplicationName: !If - CreateNewBeanstalkApp - !FindInMap - SampleBeantalkparameters - php - NewBeanstalkApplicationName - !Ref 'ExistingBeanstalkApplicationName' BeanstalkSourceStageBucketKey: !Ref 'BeanstalkSourceStageS3BucketKey' BeanstalkSourceStageBucket: !If - CreateGittoS3Integration - !GetAtt 'GittoS3IntegrationStack.Outputs.OutputBucketName' - !If - CreateBucketForBeanstalkSource - !GetAtt 'CopyFunctiontoS3BucketStack.Outputs.BeanstalkSourceBucket' - !Ref 'BeanstalkSourceStageS3BucketName' CodePipelineArtifactStore: !GetAtt 'CopyFunctiontoS3BucketStack.Outputs.CodePipelineArtifactStore' UrlSwapCodeBuildServerName: !Ref 'UrlSwapCodeBuildServerName' Outputs: NewBeanstalkEnvEndPointUrl: Condition: CreateNewBeanstalkEnv Description: New Beanstalk Environment Endpoint URL Value: !Join - '' - - http:// - !GetAtt 'BeanstalkSampleApplicationStack.Outputs.BeanstalkEnvEndPointUrl' CustomDomainNameCNAME: Condition: CreateGittoS3Integration Description: One of the Git2S3Integration Output Value: !GetAtt 'GittoS3IntegrationStack.Outputs.CustomDomainNameCNAME' PublicSSHKey: Condition: CreateGittoS3Integration Description: One of the Git2S3Integration Output Value: !GetAtt 'GittoS3IntegrationStack.Outputs.PublicSSHKey' GitPullWebHookApi: Condition: CreateGittoS3Integration Description: One of the Git2S3Integration Output Value: !GetAtt 'GittoS3IntegrationStack.Outputs.GitPullWebHookApi' ZipDownloadWebHookApi: Condition: CreateGittoS3Integration Description: One of the Git2S3Integration Output Value: !GetAtt 'GittoS3IntegrationStack.Outputs.ZipDownloadWebHookApi' GittoS3IntegrationOutputBucketName: Condition: CreateGittoS3Integration Description: One of the Git2S3Integration Output Value: !GetAtt 'GittoS3IntegrationStack.Outputs.OutputBucketName' CodePipelineName: Description: Name of the Pipeline Value: !Ref 'NameofthePipeline' BlueEnvironmentName: Description: Name of the Blue Environment Value: !If - CreateNewBeanstalkEnv - !GetAtt 'BeanstalkSampleApplicationStack.Outputs.BeanstalkEnvironment' - !Ref 'ExistingBlueEnvironmentName' GreenEnvironmentName: Description: Name of the Green Environment Value: !Ref 'GreenEnvironmentName' BeanstalkSourceBucketName: Description: Name of the bucket where the application code should be uploaded for the Elastic Beanstalk application in the CodePipeline Source Stage Value: !If - CreateGittoS3Integration - !GetAtt 'GittoS3IntegrationStack.Outputs.OutputBucketName' - !If - CreateBucketForBeanstalkSource - !GetAtt 'CopyFunctiontoS3BucketStack.Outputs.BeanstalkSourceBucket' - !Ref 'BeanstalkSourceStageS3BucketName'