--- AWSTemplateFormatVersion: '2010-09-09' Description: MongoDB Atlas AWS CloudFormation Quickstart. (qs-1rkorhec7) Metadata: cfn-lint: { config: { ignore_checks: [ W9002, W9003, W9006, E3001, E1010 ] } } AWS::CloudFormation::Interface: ParameterGroups: - Label: default: MongoDB Atlas ApiKey Configuration Parameters: - Profile - OrgId - Label: default: MongoDB Atlas Configuration Parameters: - ProjectName - ClusterName - ClusterRegion - ClusterInstanceSize - DatabaseUserRoleDatabaseName - DatabaseUserName - DatabasePassword ParameterLabels: Profile: default: A secret with name cfn/atlas/profile/{Profile} OrgId: default: MongoDB Atlas API OrgId ProjectName: default: Name of new Atlas Project ClusterName: default: Name of new cluster ClusterRegion: default: The AWS Region for Atlas Cluster ClusterInstanceSize: default: MongoDB Atlas Instance Size DatabaseUserRoleDatabaseName: default: MongoDB Atlas Database User Role Database Name DatabaseUserName: default: MongoDB Atlas Database User Name DatabasePassword: default: MongoDB Atlas Database User Password Parameters: Profile: Description: "A secret with name cfn/atlas/profile/{Profile}" Type: String Default: "default" OrgId: Description: "Your MongoDB Cloud Organization Id" Type: String Default: "OrgId" ProjectName: Description: "The name of the project." Type: String Default: "aws-quickstart" ClusterName: Description: Name of the cluster as it appears in Atlas. Once the cluster is created, its name cannot be changed. Type: String Default: "Cluster-1" ClusterInstanceSize: Default: "M10" Description: Atlas provides different cluster tiers, each with a default storage capacity and RAM size. The cluster you select is used for all the data-bearing hosts in your cluster tier. See https://docs.atlas.mongodb.com/reference/amazon-aws/#amazon-aws. Type: String AllowedValues: - "M10" - "M20" - "M30" - "M40" - "R40" - "M40_NVME" - "M50" - "R50" - "M50_NVME" - "M60" - "R60" - "M60_NVME" - "M80" - "R80" - "M80_NVME" - "M140" - "M200" - "R200" - "M200_NVME" - "M300" - "R300" - "R400" - "M400_NVME" - "R700" ClusterRegion: Default: "US_EAST_1" Description: AWS Region where the Atlas database runs. Type: String AllowedValues: - "US_EAST_1" - "US_EAST_2" - "CA_CENTRAL_1" - "US_WEST_1" - "US_WEST_2" - "SA_EAST_1" - "AP_SOUTH_1" - "AP_EAST_1" - "AP_SOUTHEAST_1" - "AP_SOUTHEAST_2" - "AP_NORTHEAST_1" - "AP_NORTHEAST_2" - "EU_CENTRAL_1" - "EU_WEST_1" - "EU_NORTH_1" - "EU_WEST_2" - "EU_WEST_3" - "EU_SOUTH_1" - "ME_SOUTH_1" - "AF_SOUTH_1" ClusterMongoDBMajorVersion: Description: The version of MongoDB Type: String Default: "5.0" AllowedValues: - "4.4" - "5.0" - "6.0" DatabaseUserRoleDatabaseName: Description: Database Name Type: String Default: "test" DatabaseUserName: Description: MongoDB Atlas Database User Name. Type: String Default: "testUser" DatabasePassword: Description: MongoDB Atlas Database User Password. Type: String NoEcho: true Resources: AtlasIAMRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root" Action: 'sts:AssumeRole' - Effect: Allow Principal: AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root" Service: ecs-tasks.amazonaws.com Action: 'sts:AssumeRole' ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly AtlasProject: Type: MongoDB::Atlas::Project DependsOn: AtlasIAMRole Properties: OrgId: !Ref "OrgId" Profile: !Ref "Profile" Name: !Ref "ProjectName" AtlasProjectIPAccessList: Type: MongoDB::Atlas::ProjectIpAccessList Properties: ProjectId: !GetAtt "AtlasProject.Id" Profile: !Ref "Profile" AccessList: - IPAddress: "0.0.0.0/0" Comment: "Testing open all ips" AtlasCluster: Type: MongoDB::Atlas::Cluster Properties: Profile: !Ref "Profile" ProjectId: !GetAtt "AtlasProject.Id" Name: !Ref "ClusterName" MongoDBMajorVersion: !Ref "ClusterMongoDBMajorVersion" ClusterType: "REPLICASET" ReplicationSpecs: - NumShards: '1' AdvancedRegionConfigs: - AutoScaling: DiskGB: Enabled: 'true' Compute: Enabled: 'false' ScaleDownEnabled: 'false' AnalyticsSpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' ElectableSpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' ReadOnlySpecs: EbsVolumeType: STANDARD InstanceSize: !Ref "ClusterInstanceSize" NodeCount: '3' Priority: '7' RegionName: !Ref ClusterRegion AtlasDatabaseUser: Type: MongoDB::Atlas::DatabaseUser Properties: ProjectId: !GetAtt "AtlasProject.Id" Profile: !Ref "Profile" Username: !Ref "DatabaseUserName" Password: !Ref "DatabasePassword" DatabaseName: "admin" Roles: - RoleName: "readWrite" DatabaseName: !Ref "DatabaseUserRoleDatabaseName" Scopes: - Name: !Ref "ClusterName" Type: "CLUSTER" Outputs: AtlasIAMRole: Description: "ARN for AWS IAM Role database cluster access" Value: !GetAtt "AtlasIAMRole.Arn" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasIAMRoleARN" ] ] AtlasDatabaseUser: Description: "Atlas database user, configured for AWS IAM Role access." Value: !Ref AtlasDatabaseUser Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasDatabaseUser" ] ] AtlasProject: Description: "Info on your Atlas deployment" Value: !Ref AtlasProject Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasProjectId" ] ] AtlasProjectIPAccessList: Description: "Atlas project ip access list" Value: !Ref AtlasProjectIPAccessList Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasProjectIPAccessList" ] ] AtlasCluster: Description: "Info on your Atlas Cluster" Value: !Ref AtlasCluster Export: Name: !Join [ "-", [ !Ref "AWS::StackName","AtlasCluster" ] ] ClusterState: Description: "Cluster State" Value: !GetAtt "AtlasCluster.StateName" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","ClusterState" ] ] ClusterSrvAddress: Description: "Hostname for mongodb+srv:// connection string" Value: !GetAtt "AtlasCluster.ConnectionStrings.StandardSrv" Export: Name: !Join [ "-", [ !Ref "AWS::StackName","ClusterSrvAddress" ] ]