--- AWSTemplateFormatVersion: '2010-09-09' Description: MongoDB Atlas AWS CloudFormation Quickstart with VPC Peering. (qs-1rkorhefe) Metadata: cfn-lint: { config: { ignore_checks: [ W9002, W9003, W9006, E3001, E1010 ] } } AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network Configuration Parameters: - VPC - RouteTableCIDRBlock - VPCRegion - AtlasCidrBlock - Label: default: MongoDB Atlas ApiKey Configuration Parameters: - Profile - Label: default: MongoDB Atlas Configuration Parameters: - ProjectName - ClusterName - ClusterRegion - ClusterInstanceSize - DatabaseUserRoleDatabaseName - DatabaseUserName - DatabasePassword ParameterLabels: VPC: default: VPC-id to peer with Atlas cluster AtlasCidrBlock: default: IP addresses expressed in Classless Inter-Domain Routing (CIDR) notation. RouteTableCIDRBlock: default: CIDR block for app to use in VPC Peering. Profile: default: A secret with name cfn/atlas/profile/{Profile} OrgId: default: MongoDB Atlas API OrgId ProjectName: default: Name of new Atlas Project ClusterName: default: Name of new cluster ClusterRegion: default: The AWS Region for Atlas Cluster ClusterInstanceSize: default: MongoDB Atlas Instance Size DatabaseUserRoleDatabaseName: default: MongoDB Atlas Database User Role Database Name VPCRegion: default: The AWS Region for VPC DatabaseUserName: default: MongoDB Atlas Database User Name DatabasePassword: default: MongoDB Atlas Database User Password Parameters: Profile: Description: "A secret with name cfn/atlas/profile/{Profile}" Type: String Default: "default" OrgId: Description: "Your MongoDB Cloud Organization Id" Type: String Default: "OrgId" ProjectName: Description: "The name of the project." Type: String Default: "aws-quickstart-vpc" ClusterName: Description: Name of the cluster as it appears in Atlas. Once the cluster is created, its name cannot be changed. Type: String Default: "Cluster-1" ClusterInstanceSize: Default: "M10" Description: Atlas provides different cluster tiers, each with a default storage capacity and RAM size. The cluster you select is used for all the data-bearing hosts in your cluster tier. See https://docs.atlas.mongodb.com/reference/amazon-aws/#amazon-aws. Type: String AllowedValues: - "M10" - "M20" - "M30" - "M40" - "R40" - "M40_NVME" - "M50" - "R50" - "M50_NVME" - "M60" - "R60" - "M60_NVME" - "M80" - "R80" - "M80_NVME" - "M140" - "M200" - "R200" - "M200_NVME" - "M300" - "R300" - "R400" - "M400_NVME" - "R700" ClusterRegion: Default: "US_EAST_1" Description: AWS Region where the Atlas database runs. Type: String AllowedValues: - "US_EAST_1" - "US_EAST_2" - "CA_CENTRAL_1" - "US_WEST_1" - "US_WEST_2" - "SA_EAST_1" - "AP_SOUTH_1" - "AP_EAST_1" - "AP_SOUTHEAST_1" - "AP_SOUTHEAST_2" - "AP_SOUTHEAST_3" - "AP_NORTHEAST_1" - "AP_NORTHEAST_2" - "AP_NORTHEAST_3" - "EU_CENTRAL_1" - "EU_WEST_1" - "EU_NORTH_1" - "EU_WEST_2" - "EU_WEST_3" - "EU_SOUTH_1" - "ME_SOUTH_1" - "AF_SOUTH_1" ClusterMongoDBMajorVersion: Description: The version of MongoDB Type: String Default: "5.0" AllowedValues: - "4.4" - "5.0" - "6.0" DatabaseUserRoleDatabaseName: Description: Database Name Type: String Default: "admin" VPC: Type: AWS::EC2::VPC::Id Description: VPC-ID of your existing Virtual Private Cloud (VPC) which you wish to peer to your new MongoDB Atlas cluster. This is the VPC that your application uses usually. RouteTableCIDRBlock: Type: String Description: CIDR block to use for your VPC Peering. VPCRegion: Default: 'us-east-1' Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify this value. Type: String DatabaseUserName: Description: MongoDB Atlas Database User Name. Type: String Default: "testUser" DatabasePassword: Description: MongoDB Atlas Database User Password. Type: String NoEcho: true AtlasCidrBlock: Type: String Description: IP addresses expressed in Classless Inter-Domain Routing (CIDR) notation that MongoDB Cloud uses for the network peering containers in your project. Resources: AtlasIAMRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root" Action: 'sts:AssumeRole' AtlasProject: Type: MongoDB::Atlas::Project DependsOn: AtlasIAMRole Properties: OrgId: !Ref "OrgId" Profile: !Ref "Profile" Name: !Ref "ProjectName" AtlasProjectIPAccessList: Type: MongoDB::Atlas::ProjectIpAccessList Properties: ProjectId: !GetAtt "AtlasProject.Id" Profile: !Ref "Profile" AccessList: - IPAddress: "0.0.0.0/0" Comment: "Testing open all ips" AtlasNetworkPeering: Type: MongoDB::Atlas::NetworkPeering Properties: ProjectId: !GetAtt "AtlasProject.Id" Profile: !Ref "Profile" AccepterRegionName: !Ref "VPCRegion" AwsAccountId: !Sub "${AWS::AccountId}" RouteTableCIDRBlock: !Ref "RouteTableCIDRBlock" VpcId: !Ref "VPC" ContainerId: !GetAtt "NetworkContainer.Id" AtlasCluster: Type: MongoDB::Atlas::Cluster DependsOn: NetworkContainer # Important to wait for the Network Container, otherwise the network container deletion will fail when deleting the stack Properties: Profile: !Ref "Profile" ProjectId: !GetAtt "AtlasProject.Id" Name: !Ref "ClusterName" MongoDBMajorVersion: !Ref "ClusterMongoDBMajorVersion" ClusterType: "REPLICASET" ReplicationSpecs: - NumShards: '1' AdvancedRegionConfigs: - AutoScaling: DiskGB: Enabled: 'true' Compute: Enabled: 'false' ScaleDownEnabled: 'false' AnalyticsSpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' ElectableSpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' ReadOnlySpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' Priority: '7' RegionName: !Ref ClusterRegion AtlasDatabaseUser: Type: MongoDB::Atlas::DatabaseUser DependsOn: AtlasCluster Properties: ProjectId: !GetAtt "AtlasProject.Id" Profile: !Ref "Profile" Username: !Ref "DatabaseUserName" Password: !Ref "DatabasePassword" DatabaseName: "admin" Roles: - RoleName: "readWrite" DatabaseName: !Ref "DatabaseUserRoleDatabaseName" Scopes: - Name: !Ref "ClusterName" Type: "CLUSTER" NetworkContainer: Type: MongoDB::Atlas::NetworkContainer Properties: Profile: !Ref "Profile" AtlasCidrBlock: !Ref AtlasCidrBlock RegionName: !Ref ClusterRegion ProjectId: !GetAtt "AtlasProject.Id" Outputs: AtlasIAMRole: Description: "ARN for AWS IAM Role database cluster access" Value: !GetAtt "AtlasIAMRole.Arn" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasIAMRoleARN" ] ] AtlasDatabaseUser: Description: "Atlas database user, configured for AWS IAM Role access." Value: !Ref AtlasDatabaseUser Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasDatabaseUser" ] ] AtlasProject: Description: "Info on your Atlas deployment" Value: !Ref AtlasProject Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasProjectId" ] ] AtlasProjectIPAccessList: Description: "Atlas project ip access list" Value: !Ref AtlasProjectIPAccessList Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasProjectIPAccessList" ] ] AtlasCluster: Description: "Info on your Atlas Cluster" Value: !Ref AtlasCluster Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasCluster" ] ] ClusterState: Description: "Cluster State" Value: !GetAtt "AtlasCluster.StateName" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","ClusterState" ] ] ClusterSrvAddress: Description: "Hostname for mongodb+srv:// connection string" Value: !GetAtt "AtlasCluster.ConnectionStrings.StandardSrv" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","ClusterSrvAddress" ] ] AtlasNetworkPeering: Description: "Info on the network peering connection" Value: !Ref AtlasNetworkPeering Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasNetworkPeering" ] ]