AWSTemplateFormatVersion: '2010-09-09' Description: This template deploys InterSystems IRIS into a new a VPC, including 3 Availability Zones. **WARNING** This template creates Amazon EC2 instance and related resources. You will be billed for the AWS resources used if you create a stack from this template. (qs-1r5s7urrb) Metadata: cfn-lint: config: ignore_checks: - W9002 - W9003 - W9006 QuickStartDocumentation: EntrypointName: "Parameters for deploying into a new VPC" Order: "1" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: "IRIS configuration" Parameters: - IRISPasswordParameter - S3BucketNameParameter - Label: default: "Network configuration" Parameters: - AvailabilityZones - RemoteAccessCIDRParameter - VPCCIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PrivateSubnet3CIDR - Label: default: "EC2 instance configuration" Parameters: - InstanceTypeParameter - SshKeyParameter - Label: default: "AWS Quick Start configuration" Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: AvailabilityZones: default: Availability Zones RemoteAccessCIDRParameter: default: "CIDR block for remote access" InstanceTypeParameter: default: "EC2 instance type for IRIS nodes" PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR PrivateSubnet3CIDR: default: Private subnet 3 CIDR SshKeyParameter: default: "SSH key-pair name to connect to EC2 instances" IRISPasswordParameter: default: "IRIS password" S3BucketNameParameter: default: "IRIS S3 bucket name" QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket Region QSS3KeyPrefix: default: Quick Start S3 key prefix VPCCIDR: default: VPC CIDR Parameters: AvailabilityZones: Description: 'Availability Zones to use for the subnets in the VPC. The logical order is preserved. This deployment uses 3 Availability Zones.' Type: List SshKeyParameter: Description: SSH key pair to log in to the instances. #Default: anton-isc Type: AWS::EC2::KeyPair::KeyName RemoteAccessCIDRParameter: # AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ # ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: Allowed CIDR block for external access to the instances. Restrict this to /32 for better security. Default: 0.0.0.0/0 Type: String IRISPasswordParameter: Description: Password for the IRIS administrator (SuperUser/_SYSTEM user). Use at least 4 alphanumeric characters. Type: String NoEcho: true MinLength: 4 MaxLength: 32 # AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' S3BucketNameParameter: Description: S3 bucket with IRIS binaries. Type: String Default: '' InstanceTypeParameter: Description: Cluster node instance type. Type: String Default: m5.large AllowedValues: - m5.large - r5.xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - r5.16xlarge PrivateSubnet1CIDR: # AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.1.0/24 Description: CIDR block for the private subnet located in Availability Zone 1. Type: String PrivateSubnet2CIDR: # AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.2.0/24 Description: CIDR block for the private subnet located in Availability Zone 2. Type: String PrivateSubnet3CIDR: Default: 10.0.3.0/24 Description: CIDR block for the private subnet located in Availability Zone 3. Type: String QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: The Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html.' Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). Default: quickstart-intersystems-iris/ Description: S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/16 Description: CIDR block for the VPC. Type: String Conditions: UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AvailabilityZones: !Join [',', !Ref 'AvailabilityZones'] NumberOfAZs: '3' PrivateSubnet1ACIDR: !Ref 'PrivateSubnet1CIDR' PrivateSubnet2ACIDR: !Ref 'PrivateSubnet2CIDR' PrivateSubnet3ACIDR: !Ref 'PrivateSubnet3CIDR' VPCCIDR: !Ref 'VPCCIDR' IRISStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/iris-cluster-main.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: VpcIdParameter: !GetAtt 'VPCStack.Outputs.VPCID' InstanceSubnetIdParameter: !Join - ',' - - !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' - !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' - !GetAtt 'VPCStack.Outputs.PrivateSubnet3AID' BastionSubnetIdParameter: !Join - ',' - - !GetAtt 'VPCStack.Outputs.PublicSubnet1ID' - !GetAtt 'VPCStack.Outputs.PublicSubnet2ID' RemoteAccessCIDRParameter: !Ref 'RemoteAccessCIDRParameter' InstanceTypeParameter: !Ref 'InstanceTypeParameter' SshKeyParameter: !Ref 'SshKeyParameter' IRISPasswordParameter: !Ref 'IRISPasswordParameter' S3BucketNameParameter: !Ref 'S3BucketNameParameter' QSS3BucketName: !Ref 'QSS3BucketName' QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' BastionStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-linux-bastion/templates/linux-bastion.template' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: BastionAMIOS: 'Amazon-Linux2-HVM' KeyPairName: !Ref 'SshKeyParameter' PublicSubnet1ID: !GetAtt VPCStack.Outputs.PublicSubnet1ID PublicSubnet2ID: !GetAtt VPCStack.Outputs.PublicSubnet2ID QSS3BucketName: !Ref QSS3BucketName QSS3KeyPrefix: !Sub "${QSS3KeyPrefix}submodules/quickstart-linux-bastion/" QSS3BucketRegion: !Ref QSS3BucketRegion RemoteAccessCIDR: !Ref RemoteAccessCIDRParameter VPCID: !GetAtt VPCStack.Outputs.VPCID Outputs: JDBCEndpoint: Description: JDBC Connection String Value: !Join - '' - ['', !GetAtt 'IRISStack.Outputs.JDBCEndpoint', ''] Node01IP: Description: Node 01 Access Value: !Join - '' - ['', !GetAtt 'IRISStack.Outputs.Node01PrivateIP', ''] Node02IP: Description: Node 02 Access Value: !Join - '' - ['', !GetAtt 'IRISStack.Outputs.Node02PrivateIP', ''] BastionPublicIP: Description: Basion Host public IP Value: !Join - '' - ['', !GetAtt BastionStack.Outputs.EIP1, ''] #- ['', !GetAtt Bastion.Outputs.NodePublicIP, '']