AWSTemplateFormatVersion: 2010-09-09
Description: This template installs IBM MQ on EKS cluster. (qs-1tss294hd)
Metadata:
  LICENSE: Apache License, Version 2.0
  AWS::CloudFormation::Interface:
    ParameterGroups:
      - Label:
          default: EKS configuration
        Parameters:
          - EKSClusterName
          - AdditionalEKSAdminArns
      - Label:
          default: Application configuration
        Parameters:
          - AppNamespace
          - QSS3CodeLocation
          - MQAppPassword
          - MQAdminPassword
          - InternalLoadBalancer
      - Label:
          default: Boot node configuration
        Parameters:
          - BootNodeInstanceId
          - BootNodeUser
      - Label:
          default: Other configuration
        Parameters:
          - MainStackName
    ParameterLabels:
      AppNamespace:
        default: EKS namespace to deploy the app
      EKSClusterName:
        default: EKS cluster name
      MQAdminPassword:
        default: MQ admin password
      MQAppPassword:
        default: MQ app password
      InternalLoadBalancer:
        default: Setup internal Load Balancer
      BootNodeInstanceId:
        default: Boot node
      BootNodeUser:
        default: Boot node login user
      AdditionalEKSAdminArns:
        default: Additional EKS administrator ARNs (IAM users or roles)
      QSS3CodeLocation:
        default: Quick Start S3 location
      MainStackName:
        default: Main stack name
Parameters:
  AppNamespace:
    Type: String
    Default: "default"
    Description: Namespace in the EKS cluster where app will be deployed.
  MQAppPassword:
    Type: String
    NoEcho: true
    Description: App password for IBM MQ deployment
  MQAdminPassword:
    Type: String
    NoEcho: true
    Description: Admin password for IBM MQ deployment
  InternalLoadBalancer:
    Type: String
    Default: "true"
    AllowedValues: [ "true", "false" ]
    Description: Choose "false" to create public Load Balancer
  BootNodeInstanceId:
    Type: AWS::EC2::Instance::Id
    Description: Boot Node Instance Id
  BootNodeUser:
    Type: String
    Default: "ec2-user"
    Description: Boot Node User
  EKSClusterName:
    Type: String
    Description: Name for the new cluster (required).
  QSS3CodeLocation:
    Type: String
    Description: The S3 location for your copy of the Quick Start assets.
  AdditionalEKSAdminArns:
    Default: ""
    Description: >-
      (Optional) A comma-delimited list of IAM user or role Amazon Resource Names (ARNs)
      to be granted administrative access to the Amazon EKS cluster. For example, grant
      access to two users with their ARNs: "arn:aws:iam::012345678910:user/user1@example.com,
      arn:aws:iam::012345678910:user/user2@example.com"
    Type: String
  MainStackName:
    Type: String
    Description: The name of the main (parent) stack. This is used to title the CloudWatch log group to which installation output is written.

Resources:
  MQURLParameter:
    Type: AWS::SSM::Parameter
    Properties:
      Type: String
      Value: TBD
      Description: SSM Parameter for storing MQ Console URL
  InstallMQ:
    Type: AWS::SSM::Association
    Properties:
      Name: AWS-RunShellScript
      Targets:
      - Key: InstanceIds
        Values:
        - !Ref BootNodeInstanceId
      Parameters:
        commands:
        - !Sub |
          #!/bin/bash
          aws s3 cp ${QSS3CodeLocation} . --recursive
          echo "APPLICATION_NAMESPACE=${AppNamespace}" > scripts/ibm-mq-parameters.properties
          echo "APP_PASSWORD=${MQAppPassword}" >> scripts/ibm-mq-parameters.properties
          echo "ADMIN_PASSWORD=${MQAdminPassword}" >> scripts/ibm-mq-parameters.properties
          echo "INTERNAL_LOAD_BALANCER=${InternalLoadBalancer}" >> scripts/ibm-mq-parameters.properties
          echo "AWS_DEFAULT_REGION=${AWS::Region}" >> scripts/ibm-mq-parameters.properties
          echo "BOOTNODE_INSTANCE_ID=${BootNodeInstanceId}" >> scripts/ibm-mq-parameters.properties
          echo "BOOTNODE_USER=${BootNodeUser}" >> scripts/ibm-mq-parameters.properties
          echo "EKS_ADMIN_USER_ARNS='${AdditionalEKSAdminArns}'" >> scripts/ibm-mq-parameters.properties
          echo "EKS_CLUSTER_NAME=${EKSClusterName}" >> scripts/ibm-mq-parameters.properties
          echo "MQURL_SSM_PARAMETER=${MQURLParameter}" >> scripts/ibm-mq-parameters.properties

          echo "deploying IBM MQ"

          chmod 755 ./scripts/*.sh
          echo > install.log

          chown -R ${BootNodeUser} /opt/ibm
          chgrp -R ${BootNodeUser} /opt/ibm
          su - ${BootNodeUser} -c '/opt/ibm/scripts/install.sh' | tee install.log

        workingDirectory:
        - /opt/ibm
      WaitForSuccessTimeoutSeconds: 1200

Outputs:
  EKSName:
    Description: EKS Cluster name
    Value: !Ref EKSClusterName
  CloudWatchInstallLogs:
    Description: CloudWatch Install Logs
    Value: !Join ["",["https://", !Ref "AWS::Region",".console.aws.amazon.com/cloudwatch/home?region=",!Ref "AWS::Region","#logsV2:log-groups/log-group/", !Ref "MainStackName"]]
  DeploymentProperties:
    Description: Deployment properties
    Value: !Join ["",["https://", !Ref "AWS::Region",".console.aws.amazon.com/cloudwatch/home?region=",!Ref "AWS::Region","#logsV2:log-groups/log-group/", !Ref "MainStackName","/log-events/deployment.properties"]]
  MQURLParameterName:
    Description: Name of the SSM parameter that stores MQ Console URL
    Value: !Ref MQURLParameter
  MQURLParameterValue:
    Description: MQ Console URL parameter value, should be the console URL. If TBD, use the CLI or AWS Console to get the latest.
    Value: !GetAtt MQURLParameter.Value