--- AWSTemplateFormatVersion: "2010-09-09" Description: Boomi Molecule Installation Script. This creates a VPC, Public Subnets and Private Subnets, and stages a Boomi Molecule cluster. (qs-1r813c2on). Metadata: QuickStartDocumentation: EntrypointName: "Launch into a new VPC" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "Network configuration" Parameters: - AvailabilityZones - VPCCIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - PublicSubnet3CIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PrivateSubnet3CIDR - RemoteAccessCIDR - Label: default: Amazon EC2 configuration Parameters: - KeyPairName - Label: default: Amazon EKS configuration Parameters: - NodeInstanceType - LoadBalancerType - NumberOfNodes - Label: default: "Boomi Molecule configuration" Parameters: - BoomiAccountID - BoomiUsername - BoomiPassword - BoomiMFAAPIToken - MoleculeClusterName - EKSClusterName - EFSProvisionedThroughputInMibps - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix - PerAccountSharedResources - PerRegionSharedResources ParameterLabels: KeyPairName: default: SSH key name PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR PrivateSubnet3CIDR: default: Private subnet 3 CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR PublicSubnet3CIDR: default: Public subnet 3 CIDR QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket region QSS3KeyPrefix: default: Quick Start S3 key prefix RemoteAccessCIDR: default: Allowed external access CIDR VPCCIDR: default: VPC CIDR BoomiAccountID: default: Boomi account ID BoomiUsername: default: Boomi user name BoomiPassword: default: Boomi password BoomiMFAAPIToken: default: Boomi MFA API token AvailabilityZones: default: Availability Zones MoleculeClusterName: default: Molecule cluster name EKSClusterName: default: EKS cluster name PerAccountSharedResources: default: Per account shared resources PerRegionSharedResources: default: Per region shared resources LoadBalancerType: default: Load balancer type NodeInstanceType: default: Node instance type NumberOfNodes: default: Number of nodes Conditions: UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Rules: PasswordOrMFAToken: Assertions: - Assert: !Or - !And - !Equals [!Ref BoomiPassword, ''] - !Not [!Equals [!Ref BoomiMFAAPIToken, '']] - !And - !Not [!Equals [!Ref BoomiPassword, '']] - !Equals [!Ref BoomiMFAAPIToken, ''] AssertionDescription: You must supply either a password *or* an MFA installation and API token. Parameters: KeyPairName: Description: A public/private key pair, which allows you to connect securely to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: Must be the name of an existing Keyname NodeInstanceType: Type: String Default: t3.xlarge Description: EKS node instance type AllowedValues: - t3.nano - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5.12xlarge - m5.24xlarge - c5.large - c5.xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.18xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - x1.16xlarge - x1.32xlarge - p3.2xlarge - p3.8xlarge - p3.16xlarge - r5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.12xlarge - r5.24xlarge - r5d.large - r5d.xlarge - r5d.2xlarge - r5d.4xlarge - r5d.12xlarge - r5d.24xlarge - z1d.large - z1d.xlarge - z1d.2xlarge - z1d.3xlarge - z1d.6xlarge - z1d.12xlarge VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/16 Description: The CIDR block for the VPC. Type: String PublicSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.128.0/20 Description: The CIDR block used for the public subnet located in Availability Zone 1. Type: String PublicSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.144.0/20 Description: The CIDR block used for the public subnet located in Availability Zone 2. Type: String PublicSubnet3CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.160.0/20 Description: The CIDR block for the public (DMZ) subnet 3 located in Availability Zone 3 Type: String PrivateSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/19 Description: The CIDR block used for the private subnet located in Availability Zone 1. Type: String PrivateSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.32.0/19 Description: The CIDR block used for the private subnet located in Availability Zone 2. Type: String PrivateSubnet3CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.64.0/19 Description: The CIDR block for private subnet 3 located in Availability Zone 3 Type: String AvailabilityZones: Description: List of Availability Zones to use for the subnets in the VPC. This deployment uses three Availability Zones, and the logical order of your selections is preserved. Type: List BoomiUsername: Description: The email account associated with the Boomi account. Type: String BoomiPassword: Description: The password associated with the Boomi account. Type: String NoEcho: true Default: '' MoleculeClusterName: Description: The name for the Boomi Molecule cluster. Type: String AllowedPattern: "[a-zA-Z0-9_-]*" Default: Boomi-Molecule-EKS EKSClusterName: Type: String Description: "(Optional) Name for the EKS cluster. If left blank, one is auto-generated. This must be unique within the Region." Default: '' BoomiMFAAPIToken: Description: An MFA API token generated by your Boomi Administrator. Type: String NoEcho: true Default: '' BoomiAccountID: Description: The Boomi account ID that you want to associate with the new Molecule cluster. Type: String QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: S3 bucket name for the Quick Start assets. This string can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3BucketRegion: Default: 'us-east-1' Description: "The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value." Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: quickstart-eks-boomi-molecule/ Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String RemoteAccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: The CIDR IP range that is permitted to access the instances. We recommend that you set this value to a trusted IP range. Type: String LoadBalancerType: Type: String Default: ALB AllowedValues: - ALB - NLB Description: EKS Service Load Balancer Type. PerAccountSharedResources: Type: String AllowedValues: ['AutoDetect', 'Yes', 'No'] Default: 'AutoDetect' Description: Choose "No" if you already deployed another EKS Quick Start stack in your AWS account. PerRegionSharedResources: Type: String AllowedValues: ['AutoDetect', 'Yes', 'No'] Default: 'AutoDetect' Description: Choose "No" if you already deployed another EKS Quick Start stack in your Region. NumberOfNodes: Default: 1 Description: The number of Amazon EKS node instances. The default is one for each of the three Availability Zones. Type: Number EFSProvisionedThroughputInMibps: Description: The provisioned throughput value for the EFS volume. Type: Number Default: 10 MaxValue: 1024 ConstraintDescription: "Value must be between 1-1024" Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: Fn::Sub: - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If - UsingDefaultBucket - !Ref AWS::Region - !Ref QSS3BucketRegion S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName Parameters: AvailabilityZones: !Join [',', !Ref 'AvailabilityZones'] NumberOfAZs: '3' VPCCIDR: !Ref VPCCIDR PrivateSubnet1ACIDR: !Ref PrivateSubnet1CIDR PrivateSubnet2ACIDR: !Ref PrivateSubnet2CIDR PrivateSubnet3ACIDR: !Ref PrivateSubnet3CIDR PublicSubnet1CIDR: !Ref PublicSubnet1CIDR PublicSubnet2CIDR: !Ref PublicSubnet2CIDR PublicSubnet3CIDR: !Ref PublicSubnet3CIDR PrivateSubnetATag2: "kubernetes.io/role/internal-elb=" PublicSubnetTag2: "kubernetes.io/role/elb=" MoleculeStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/existing.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: PublicSubnet1ID: !GetAtt VPCStack.Outputs.PublicSubnet1ID PublicSubnet2ID: !GetAtt VPCStack.Outputs.PublicSubnet2ID PublicSubnet3ID: !GetAtt VPCStack.Outputs.PublicSubnet3ID PrivateSubnet1ID: !GetAtt VPCStack.Outputs.PrivateSubnet1AID PrivateSubnet2ID: !GetAtt VPCStack.Outputs.PrivateSubnet2AID PrivateSubnet3ID: !GetAtt VPCStack.Outputs.PrivateSubnet3AID KeyPairName: !Ref KeyPairName QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Ref QSS3KeyPrefix QSS3BucketRegion: !Ref QSS3BucketRegion RemoteAccessCIDR: !Ref RemoteAccessCIDR VPCID: !GetAtt VPCStack.Outputs.VPCID NodeInstanceType: !Ref NodeInstanceType BoomiUsername: !Ref BoomiUsername BoomiPassword: !Ref BoomiPassword BoomiAccountID: !Ref BoomiAccountID BoomiMFAAPIToken: !Ref BoomiMFAAPIToken LoadBalancerType: !Ref LoadBalancerType MoleculeClusterName: !Ref MoleculeClusterName EKSClusterName: !Ref EKSClusterName NumberOfNodes: !Ref NumberOfNodes EFSProvisionedThroughputInMibps: !Ref EFSProvisionedThroughputInMibps PerAccountSharedResources: !Ref PerAccountSharedResources PerRegionSharedResources: !Ref PerRegionSharedResources