AWSTemplateFormatVersion: '2010-09-09' Description: "This templates sets up a standalone Ignition in an existing AWS VPC (qs-ign00lbf3)" Metadata: LICENSE: Apache License Version 2.0 cfn-lint: config: ignore_checks: - E9101 - W9002 - W9003 AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Stack Parameters: - ParentStackName - Label: default: Network configuration Parameters: - VPCID - KeyPairName - BastionSecurityGroupID - VPCCIDR - WebAccessCIDR - PrivateSubnet1ID - PrivateSubnet2ID - PublicSubnet1ID - PublicSubnet2ID - PrimaryPrivateIPAddress - BackupPrivateIPAddress - Label: default: Database configuration Parameters: - DBName - DBAutoMinorVersionUpgrade - DBBackupRetentionPeriod - DBEngineVersion - DBInstanceClass - DBMasterUsername - DBMasterUserPassword - DBMasterUserPassword2 - DBPort - DBMultiAZ - DBAllocatedStorageEncrypted - DBExportLogToCloudwatch - EnableEventSubscription - NotificationList - Label: default: Ignition configuration Parameters: - LicenseAgreement - IgnitionInstanceType - IgnitionGatewayName - IgnitionRootUsername - IgnitionRootPassword - IgnitionRootPassword2 - EnableIgnitionBackup - EnablePublic - Label: default: Partner Solution configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: ParentStackName: default: Primary Cloud Formation stack name BastionSecurityGroupID: default: Bastion security group ID DBName: default: Database name DBEngineVersion: default: Database Engine Version DBAllocatedStorageEncrypted: default: Enable database encryption DBExportLogToCloudwatch: default: Export database logs to Amazon Cloudwatch DBAutoMinorVersionUpgrade: default: Automatic minor database version upgrades DBBackupRetentionPeriod: default: Database backup retention period DBInstanceClass: default: Database instance class DBMasterUsername: default: Database administrator username DBMasterUserPassword: default: Database administrator password DBMasterUserPassword2: default: Database administrator password (verification) DBPort: default: Database port DBMultiAZ: default: Multi-AZ deployment QSS3BucketName: default: Partner Solution S3 bucket name QSS3BucketRegion: default: Partner Solution S3 bucket Region QSS3KeyPrefix: default: Partner Solution S3 key prefix PrivateSubnet1ID: default: Private subnet 1 ID PrivateSubnet2ID: default: Private subnet 2 ID PublicSubnet1ID: default: Public subnet 1 ID PublicSubnet2ID: default: Public subnet 2 ID PrimaryPrivateIPAddress: default: EC2 instance primary private IP address BackupPrivateIPAddress: default: EC2 instance backup private IP address KeyPairName: default: Key name VPCID: default: VPC ID VPCCIDR: default: VPC CIDR WebAccessCIDR: default: Web access CIDR EnableEventSubscription: default: Enable event subscription NotificationList: default: SNS notification email LicenseAgreement: default: Inductive Automation Software License Agreement IgnitionInstanceType: default: Ignition instance type IgnitionGatewayName: default: Ignition Gateway name IgnitionRootUsername: default: Ignition root account username IgnitionRootPassword: default: Ignition root account password IgnitionRootPassword2: default: Ignition root account password (verification) EnableIgnitionBackup: default: Enable Ignition redundancy EnablePublic: default: Provide public access to Ignition Parameters: ParentStackName: Type: String Description: Primary CloudFormation stack name Default: IgnitionStandaloneStack DBAllocatedStorageEncrypted: Default: "true" AllowedValues: - "true" - "false" Description: Choose "false" if you don't want to encrypt the database. Type: String DBExportLogToCloudwatch: Default: "true" AllowedValues: - "true" - "false" Description: Choose "false" if you don't want to export database logs to Amazon CloudWatch. Type: String DBAutoMinorVersionUpgrade: AllowedValues: - "true" - "false" Default: "false" Description: Choose "true" to enable automatic minor database version upgrades. Type: String DBBackupRetentionPeriod: Default: "35" Description: Number of days to retain automatic database snapshots. Type: String DBEngineVersion: Description: Database engine version. Type: String Default: 14.5 AllowedValues: - 11.17 - 12.12 - 13.8 - 14.5 DBInstanceClass: AllowedPattern: "db\\.[a-z0-9]*\\.[a-z0-9]*" ConstraintDescription: "Must select a valid database instance type." Default: db.r5.large Description: Name of the class that determines the computation and memory capacity of the database instance. Type: String DBMasterUserPassword: AllowedPattern: >- ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)((?=.*[^A-Za-z0-9])(?!.*[@/"'])).*$ ConstraintDescription: >- Must have a minimum of 8 characters. Must include 1 uppercase letter, 1 lowercase letter, 1 number, and 1 symbol (not including / @ " '). Description: Database administrator account password. MaxLength: "64" MinLength: "8" NoEcho: "True" Type: String DBMasterUserPassword2: AllowedPattern: >- ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)((?=.*[^A-Za-z0-9])(?!.*[@/"'])).*$ ConstraintDescription: >- Must have a minimum of 8 characters. Must include 1 uppercase letter, 1 lowercase letter, 1 number, and 1 symbol (not including / @ " '). Description: Verify the database administrator account password. MaxLength: "64" MinLength: "8" NoEcho: "True" Type: String DBMasterUsername: AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*" ConstraintDescription: "Must begin with a letter and contain only alphanumeric characters." Default: pgadmin Description: Database administrator account user name. MaxLength: "16" MinLength: "1" Type: String DBPort: Default: 5432 Description: Database instance listener port. Type: Number ConstraintDescription: Must be in the range 1150–65535. MinValue: 1150 MaxValue: 65535 DBMultiAZ: AllowedValues: - "true" - "false" Default: "true" Description: Choose "false" if you don't want the database instance deployed to multiple Availability Zones for high availability. Type: String DBName: AllowedPattern: "[a-zA-Z0-9]*" Description: Amazon Aurora database name. MaxLength: "64" MinLength: "0" Default: 'AuroraPostgresDB' Type: String PrivateSubnet1ID: Description: The ID of the private subnet in Availability Zone 1. Type: 'AWS::EC2::Subnet::Id' PrivateSubnet2ID: Description: The ID of the private subnet in Availability Zone 2. Type: 'AWS::EC2::Subnet::Id' PublicSubnet1ID: Description: The ID of the public subnet in Availability Zone 1. Type: 'AWS::EC2::Subnet::Id' PublicSubnet2ID: Description: The ID of the public subnet in Availability Zone 2. Type: 'AWS::EC2::Subnet::Id' PrimaryPrivateIPAddress: Default: 10.0.128.10 Description: Private IP address for the primary Ignition EC2 instance. Type: String BackupPrivateIPAddress: Default: 10.0.144.10 Description: Private IP address for the backup Ignition EC2 instance. Type: String VPCID: Description: ID of the existing VPC into which to deploy Amazon Aurora (for example, "vpc-0343606e"). Type: 'AWS::EC2::VPC::Id' Default: '' VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form "x.x.x.x/16-28". Default: 10.0.0.0/16 Description: CIDR block of the existing VPC. Type: String WebAccessCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(0|1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form "x.x.x.x/x". Description: CIDR block to allow web access to the load balancer. Type: String KeyPairName: ConstraintDescription: Must be the name of an existing EC2 key pair. Description: Public/private key pair, which allows you to connect securely to your instance after it launches. Type: "AWS::EC2::KeyPair::KeyName" BastionSecurityGroupID: Description: ID of the bastion host security group to enable SSH connections (for example, "sg-7f16e910"). Empty value indicates bastion security group is not used. Default: "" Type: String LicenseAgreement: Description: I have read and accept the terms of the Inductive Automation Software License Agreement (https://inductiveautomation.com/ignition/license). Type: String Default: '-' AllowedValues: - I agree - '-' ConstraintDescription: You must choose "I agree" to complete the deployment. IgnitionInstanceType: AllowedValues: - t2.nano - t2.micro - t2.small - t2.medium - t2.large - t2.xlarge - t2.2xlarge - t3.nano - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge ConstraintDescription: Must contain valid instance type. Default: m5.large Description: Amazon EC2 instance type for Ignition instances. Type: String IgnitionGatewayName: AllowedPattern: "[a-zA-Z0-9]*" Default: Ignition Description: Ignition Gateway system name. Type: String IgnitionRootUsername: Default: admin Description: Ignition root account user name. Type: String IgnitionRootPassword: AllowedPattern: >- ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)((?=.*[^A-Za-z0-9])(?!.*[@/"'])).*$ ConstraintDescription: >- Must have a minimum of 8 characters. Must include 1 uppercase letter, 1 lowercase letter, 1 number, and 1 symbol (not including / @ " '). Description: Ignition root account password. MaxLength: 64 MinLength: 8 NoEcho: True Type: String IgnitionRootPassword2: AllowedPattern: >- ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)((?=.*[^A-Za-z0-9])(?!.*[@/"'])).*$ ConstraintDescription: >- Must have a minimum of 8 characters. Must include 1 uppercase letter, 1 lowercase letter, 1 number, and 1 symbol (not including / @ " '). Description: Verify the Ignition root account password. MaxLength: 64 MinLength: 8 NoEcho: True Type: String EnableIgnitionBackup: AllowedValues: - "true" - "false" Default: "true" Description: Choose "false" if you don't want to create a backup Ignition EC2 instance. Type: String EnablePublic: AllowedValues: - "true" - "false" Default: "true" Description: Choose "false" if you don't want the Ignition EC2 instance to have a public IP address. Type: String EnableEventSubscription: AllowedValues: - "true" - "false" Default: "true" Description: Choose "false" if you don't want to enable SNS topic subscription. Type: String NotificationList: Type: String Description: Email address to subscribe to the SNS topic, to receive CloudWatch alarm and Amazon RDS event notifications. AllowedPattern: '^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$' ConstraintDescription: Provide a valid email address. QSS3BucketName: AllowedPattern: ^[0-9a-z]+([0-9a-z-\.]*[0-9a-z])*$ ConstraintDescription: >- The S3 bucket name can include numbers, lowercase letters, and hyphens (-), but it cannot start or end with a hyphen. Default: aws-quickstart Description: >- Name of the S3 bucket for your copy of the deployment assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new location. MinLength: 3 MaxLength: 63 Type: String QSS3BucketRegion: Default: us-east-1 Description: >- AWS Region where the S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing the Region updates code references to point to a new location. When using your own bucket, specify the Region. Type: String QSS3KeyPrefix: AllowedPattern: ^([0-9a-zA-Z!-_\.\*'\(\)/]+/)*$ ConstraintDescription: >- The S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), underscores (_), periods (.), asterisks (*), single quotes ('), open parenthesis ((), close parenthesis ()), and forward slashes (/). End the prefix with a forward slash. Default: quickstart-inductive-automation-ignition/ Description: >- S3 key prefix that is used to simulate a folder for your copy of the deployment assets. Keep the default prefix unless you are customizing the template. Changing the prefix updates code references to point to a new location. Type: String Rules: LicenseAgreementRule: Assertions: - Assert: Fn::Contains: - - I agree - Ref: LicenseAgreement AssertDescription: User must agree to the terms of the license agreement. DBPasswordRule: Assertions: - Assert: Fn::Equals: - Ref: DBMasterUserPassword - Ref: DBMasterUserPassword2 AssertDescription: Database master user passwords do not match. IgnitionRootPasswordRule: Assertions: - Assert: Fn::Equals: - Ref: IgnitionRootPassword - Ref: IgnitionRootPassword2 AssertDescription: Ignition root user passwords do not match. Conditions: UseBastionSG: !Not - !Equals - !Ref 'BastionSecurityGroupID' - '' UseDatabaseEncryption: !Equals - !Ref DBAllocatedStorageEncrypted - "true" EnableIgnitionBackupCondition: !Equals - !Ref EnableIgnitionBackup - "true" UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: GWUUID: Type: AWS::SSM::Parameter Properties: Name: !Sub - /${ParentStackName}/${gwname}/gwuuid - gwname: !Ref IgnitionGatewayName Description: Parameter to hold the Ignition redundant backup UUID Type: String Value: '-' GWCert: Type: AWS::SSM::Parameter Properties: Name: !Sub - /${ParentStackName}/${gwname}/gwcert - gwname: !Ref IgnitionGatewayName Description: Parameter to hold the Ignition redundant backup certificate Type: String Value: '-' GWKey: Type: AWS::SSM::Parameter Properties: Name: !Sub - /${ParentStackName}/${gwname}/gwkey - gwname: !Ref IgnitionGatewayName Description: Parameter to hold the Ignition redundant backup private key Type: String Value: '-' AuroraStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-amazon-aurora-postgresql/templates/aurora_postgres.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: Subnet1ID: !Ref PrivateSubnet1ID Subnet2ID: !Ref PrivateSubnet2ID VPCID: !Ref VPCID DBName: !Ref DBName DBAutoMinorVersionUpgrade: !Ref DBAutoMinorVersionUpgrade DBAllocatedStorageEncrypted: !Ref DBAllocatedStorageEncrypted DBExportLogToCloudwatch: !Ref DBExportLogToCloudwatch DBBackupRetentionPeriod: !Ref DBBackupRetentionPeriod DBEngineVersion: !Ref DBEngineVersion DBInstanceClass: !Ref DBInstanceClass DBMasterUsername: !Ref DBMasterUsername DBMasterUserPassword: !Ref DBMasterUserPassword DBPort: !Ref DBPort DBMultiAZ: !Ref DBMultiAZ DBAccessCIDR: !Ref VPCCIDR EnableEventSubscription: !Ref EnableEventSubscription NotificationList: !Ref NotificationList IgnitionSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow access to the Workload instances VpcId: !Ref 'VPCID' SecurityGroupIngress: - !If - UseBastionSG - IpProtocol: tcp FromPort: 22 ToPort: 22 SourceSecurityGroupId: !Ref 'BastionSecurityGroupID' - IpProtocol: tcp FromPort: 22 ToPort: 22 CidrIp: !Ref WebAccessCIDR - IpProtocol: tcp FromPort: 443 ToPort: 443 CidrIp: !Ref WebAccessCIDR - IpProtocol: tcp FromPort: 8060 ToPort: 8060 CidrIp: !Ref VPCCIDR IgnitionPrimaryStack: Type: 'AWS::CloudFormation::Stack' DependsOn: AuroraStack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/ignition-ec2.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: ParentStackName: !Ref ParentStackName IgnitionSecurityGroupID: !GetAtt - IgnitionSecurityGroup - GroupId KeyPairName: !Ref KeyPairName SubnetID: !Ref PublicSubnet1ID PrivateIPAddress: !Ref PrimaryPrivateIPAddress GenerateClientVPNCerts: false LicenseAgreement: !Ref LicenseAgreement IgnitionInstanceType: !Ref IgnitionInstanceType IgnitionInstanceName: Ignition Master IgnitionGatewayName: !Ref IgnitionGatewayName IgnitionRootUsername: !Ref IgnitionRootUsername IgnitionRootPassword: !Ref IgnitionRootPassword IgnitionRootPassword2: !Ref IgnitionRootPassword2 IgnitionRedundantMode: !If - EnableIgnitionBackupCondition - 'master' - 'independent' IgnitionRedundantHostname: '' IgnitionPostgreSQLHostname: !GetAtt - AuroraStack - Outputs.RDSEndPointAddress IgnitionPostgreSQLPort: !Ref DBPort IgnitionPostgreSQLSchema: !Ref DBName IgnitionPostgreSQLUsername: !Ref DBMasterUsername IgnitionPostgreSQLPassword: !Ref DBMasterUserPassword IgnitionPostgreSQLPassword2: !Ref DBMasterUserPassword2 IgnitionGANOutgoingHostname: '' IgnitionGANOutgoingGatewayName: '' IgnitionGANSecurityGatewayNames: '' IgnitionGANInCertificateGatewayName: '' IgnitionGANIncomingGatewayNameForRedundancy: !If - EnableIgnitionBackupCondition - !Ref IgnitionGatewayName - '' IgnitionGANIncomingIPAddressForRedundancy: !If - EnableIgnitionBackupCondition - !Ref BackupPrivateIPAddress - '' IgnitionGANIncomingHostnameForRedundancy: !If - EnableIgnitionBackupCondition - !Sub - 'ip-${iptohost}.${AWS::Region}.compute.internal' - iptohost: !Join [ '-', !Split [ '.', !Ref BackupPrivateIPAddress ] ] - '' IgnitionGANIncomingGatewayName1: '' IgnitionGANIncomingIPAddress1: '' IgnitionGANIncomingHostname1: '' IgnitionGANIncomingGatewayName2: '' IgnitionGANIncomingIPAddress2: '' IgnitionGANIncomingHostname2: '' EnablePublic: !Ref EnablePublic QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Ref QSS3KeyPrefix IgnitionBackupStack: Condition: EnableIgnitionBackupCondition Type: 'AWS::CloudFormation::Stack' DependsOn: IgnitionPrimaryStack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/ignition-ec2.template.yaml' - S3Region: !If [ UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion ] S3Bucket: !If [ UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName ] Parameters: ParentStackName: !Ref ParentStackName IgnitionSecurityGroupID: !GetAtt - IgnitionSecurityGroup - GroupId KeyPairName: !Ref KeyPairName SubnetID: !Ref PublicSubnet2ID PrivateIPAddress: !Ref BackupPrivateIPAddress GenerateClientVPNCerts: false LicenseAgreement: !Ref LicenseAgreement IgnitionInstanceType: !Ref IgnitionInstanceType IgnitionInstanceName: Ignition Backup IgnitionGatewayName: !Ref IgnitionGatewayName IgnitionRootUsername: !Ref IgnitionRootUsername IgnitionRootPassword: !Ref IgnitionRootPassword IgnitionRootPassword2: !Ref IgnitionRootPassword2 IgnitionRedundantMode: !If - EnableIgnitionBackupCondition - 'backup' - 'independent' IgnitionRedundantHostname: !GetAtt - IgnitionPrimaryStack - Outputs.IgnitionPrivateDnsName IgnitionPostgreSQLHostname: !GetAtt - AuroraStack - Outputs.RDSEndPointAddress IgnitionPostgreSQLPort: !Ref DBPort IgnitionPostgreSQLSchema: !Ref DBName IgnitionPostgreSQLUsername: !Ref DBMasterUsername IgnitionPostgreSQLPassword: !Ref DBMasterUserPassword IgnitionPostgreSQLPassword2: !Ref DBMasterUserPassword2 IgnitionGANOutgoingHostname: '' IgnitionGANOutgoingGatewayName: '' IgnitionGANSecurityGatewayNames: '' IgnitionGANInCertificateGatewayName: !Ref IgnitionGatewayName IgnitionGANIncomingGatewayNameForRedundancy: '' IgnitionGANIncomingIPAddressForRedundancy: '' IgnitionGANIncomingHostnameForRedundancy: '' IgnitionGANIncomingGatewayName1: '' IgnitionGANIncomingIPAddress1: '' IgnitionGANIncomingHostname1: '' IgnitionGANIncomingGatewayName2: '' IgnitionGANIncomingIPAddress2: '' IgnitionGANIncomingHostname2: '' EnablePublic: !Ref EnablePublic QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Ref QSS3KeyPrefix Outputs: DBName: Description: "Amazon Aurora database name." Value: !Ref DBName DBMasterUsername: Description: "Amazon Aurora database master user name." Value: !GetAtt AuroraStack.Outputs.DBMasterUsername RDSEndPointAddress: Description: "Amazon Aurora write endpoint." Value: !GetAtt AuroraStack.Outputs.RDSEndPointAddress RDSReadEndPointAddress: Description: "Amazon Aurora read endpoint." Value: !GetAtt AuroraStack.Outputs.RDSReadEndPointAddress RDSEndPointPort: Description: "Amazon Aurora port." Value: !GetAtt AuroraStack.Outputs.RDSEndPointPort RDSEndPoints: Description: "Full Amazon Aurora write endpoint." Value: !GetAtt AuroraStack.Outputs.RDSEndPoints RDSEncryptionKey: Condition: UseDatabaseEncryption Description: Alias of the encryption key created for Amazon RDS. Value: !GetAtt AuroraStack.Outputs.RDSEncryptionKey IgnitionPrimaryPrivateDnsName: Description: Private DNS name for the Ignition EC2 instance. Value: !GetAtt IgnitionPrimaryStack.Outputs.IgnitionPrivateDnsName IgnitionPrimaryPrivateIP: Description: Private IP address for the Ignition EC2 instance. Value: !GetAtt IgnitionPrimaryStack.Outputs.IgnitionPrivateIP IgnitionPrimaryPublicDnsName: Description: Public DNS name for the Ignition EC2 instance. Value: !GetAtt IgnitionPrimaryStack.Outputs.IgnitionPublicDnsName IgnitionPrimaryPublicIP: Description: Public IP address for the Ignition EC2 instance. Value: !GetAtt IgnitionPrimaryStack.Outputs.IgnitionPublicIP IgnitionBackupPrivateDnsName: Description: Private DNS name for the Ignition EC2 instance. Value: !GetAtt IgnitionBackupStack.Outputs.IgnitionPrivateDnsName IgnitionBackupPrivateIP: Description: Private IP address for the Ignition EC2 instance. Value: !GetAtt IgnitionBackupStack.Outputs.IgnitionPrivateIP IgnitionBackupPublicDnsName: Description: Public DNS name for the Ignition EC2 instance. Value: !GetAtt IgnitionBackupStack.Outputs.IgnitionPublicDnsName IgnitionBackupPublicIP: Description: Public IP address for the Ignition EC2 instance. Value: !GetAtt IgnitionBackupStack.Outputs.IgnitionPublicIP