AWSTemplateFormatVersion: '2010-09-09' Description: >- Creates an Oracle Database and Grid Infrastructure 12c. It will deploy database instances into the private subnets in separate Availability Zones. ***NOTE*** You must have Oracle Enterprise licensing to use Oracle Data Guard. See the deployment guide at http://aws.amazon.com/quickstart for details. Creates Amazon EC2 instances and related resources. You will be billed for the AWS resources used if you create a stack from this template. The following Oracle downloads must be in your bucket: linuxamd64_12102_database_1of2.zip, linuxamd64_12102_database_2of2.zip, linuxamd64_12102_grid_1of2.zip and linuxamd64_12102_grid_2of2.zip for Oracle 12.1.0.2 Version, and linuxx64_12201_database.zip and linuxx64_12201_grid_home.zip for Oracle 12.2.0.1 Version, oracleasm-support-2.1.8-1.el6.x86_64.rpm and oracleasmlib-2.0.4-1.el6.x86_64.rpm for Oracle Linux 6.7 or RHEL 7.2, and oracleasmlib-2.0.12-1.el7.x86_64.rpm for Oracle Linux 7.3. For Oracle Secure Backup also: osbws_installer.zip. (qs-1qui35f08) Metadata: QuickStartDocumentation: EntrypointName: "Launch into an existing VPC" OptionalParameters: - OSBInstall AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network Configuration Parameters: - VPCID - PrivateSubnet1ID - PrivateSubnet2ID - BastionSecurityGroupID - Label: default: Amazon EC2 Configuration Parameters: - KeyPairName - OracleAMIOS - OracleInstanceType - PrimaryIPAddress - StandbyIPAddress - EnableCWL - Label: default: Oracle Database Configuration Parameters: - OracleVersion - DomainName - DatabasePort - DatabaseName - DataGuardConfig - CharacterSet - StandbyName - DatabasePass - AsmPass - EBSData - DataVolumeType - DataIOPS - EBSReco - RecoVolumeType - RecoIOPS - InstallBucketName - InstallBucketPrefix - Label: default: Oracle Secure Backup Cloud Module (Optional) Parameters: - OSBInstall - OSBOTN - OSBPass - OSBBucketName - OSBKey - OSBSecret - Label: default: AWS Quick Start Configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: OracleVersion: default: Oracle Version AsmPass: default: ASM Password BastionSecurityGroupID: default: Bastion Security Group ID CharacterSet: default: Character Set DataIOPS: default: Data - IOPS per EBS Volume DataVolumeType: default: Data Diskgroup Volume Type DatabaseName: default: Primary Database Name DatabasePass: default: Database Password DatabasePort: default: Database Port Number DataGuardConfig: default: Data Guard Configuration DomainName: default: Domain Name EBSData: default: Data Diskgroup GiB/Disk EBSReco: default: Recovery (Reco) Diskgroup GiB/Disk InstallBucketName: default: Binaries Bucket Name InstallBucketPrefix: default: Binaries Bucket Key Prefix KeyPairName: default: Key Pair Name OracleAMIOS: default: Database Operating System OracleInstanceType: default: Database Instance Type OSBBucketName: default: S3 Bucket for Backups OSBInstall: default: Install Oracle Secure Backup OSBKey: default: AWS Access Key ID OSBOTN: default: OTN Account Email/Login OSBPass: default: OTN Account Password OSBSecret: default: AWS Secret Access Key PrimaryIPAddress: default: Primary Database Private IP PrivateSubnet1ID: default: Private Subnet ID 1 PrivateSubnet2ID: default: Private Subnet ID 2 QSS3BucketName: default: Quick Start S3 Bucket Name QSS3BucketRegion: default: Quick Start S3 bucket region QSS3KeyPrefix: default: Quick Start S3 Key Prefix RecoIOPS: default: Reco - IOPS per EBS Volume RecoVolumeType: default: Reco Diskgroup Volume Type StandbyIPAddress: default: Standby Database Private IP StandbyName: default: Standby Database Name VPCID: default: VPC ID EnableCWL: default: Enable CloudWatch Logs Parameters: AsmPass: AllowedPattern: ([A-Za-z0-9_#&]{3,30}) ConstraintDescription: Input your ASM Password, Min 3, Maximum of 30 characters. Description: Enter your ASM Password, Min 3, maximum of 30 characters. This password is used for the SYSASM, ASM Monitor, and ASM EM admin users of Oracle ASM. NoEcho: 'true' Type: String BastionSecurityGroupID: Description: ID of the Bastion Security Group (e.g., sg-7f16e910) Type: AWS::EC2::SecurityGroup::Id OracleVersion: AllowedValues: - 12.1.0.2 - 12.2.0.1 ConstraintDescription: Default is 12.1.0.2. Default: 12.2.0.1 Description: Version of Oracle Database Software. Type: String CharacterSet: AllowedValues: - AL32UTF8 - AR8ISO8859P6 - AR8MSWIN1256 - BLT8ISO8859P13 - BLT8MSWIN1257 - CL8ISO8859P5 - CL8MSWIN1251 - EE8ISO8859P2 - EE8MSWIN1250 - EL8ISO8859P7 - EL8MSWIN1253 - IW8ISO8859P8 - IW8MSWIN1255 - JA16EUC - JA16EUCTILDE - JA16SJIS - JA16SJISTILDE - KO16MSWIN949 - NE8ISO8859P10 - NEE8ISO8859P4 - TH8TISASCII - TR8MSWIN1254 - US7ASCII - UTF8 - VN8MSWIN1258 - WE8ISO8859P1 - WE8ISO8859P15 - WE8ISO8859P9 - WE8MSWIN1252 - ZHS16GBK - ZHT16HKSCS - ZHT16MSWIN950 - ZHT32EUC ConstraintDescription: Default is AL32UTF8, Unicode 6.2 UTF-8 Universal character set. Default: AL32UTF8 Description: Character set for Oracle Database. Type: String DatabaseName: AllowedPattern: ([A-Za-z0-9-]{3,8}) ConstraintDescription: No special chars, Min 3, Maximum of 8 characters. Default: orcl Description: Enter your Database Name, Min 3, Maximum of 8 characters (limited by DB_NAME). Primary instance will have the same name of this. Type: String DatabasePass: AllowedPattern: ([A-Za-z0-9_#$]{3,30}) ConstraintDescription: Input your database Password, Min 3, Maximum of 30 characters. Description: Enter your Database Password, Min 3, maximum of 30 characters. This password is used for the SYS, SYSTEM, and DBSNMP users of Oracle Database. NoEcho: 'true' Type: String DatabasePort: ConstraintDescription: Database port Number usually 1521, but avoid this number for production use 1530, for example Default: '1525' Description: Oracle Database listener port number. Type: Number DataGuardConfig: AllowedValues: - Data Guard - Single ConstraintDescription: Single - One instance only, Data Guard - Two instances (Primary + Standby) Default: Data Guard Description: 'Configuration: Single - One instance only, Data Guard - Two instances (Primary + Standby)' Type: String DomainName: ConstraintDescription: String domain name. Default: dataguard-env Description: Name of Domain to reach your Database Endpoint after setup. Type: String EBSData: ConstraintDescription: Must be a valid Number from 4 GiB to 16000 GiB Default: '20' Description: Enter the number of Gigabytes for Each ASM Disk (EBS) for DATA Diskgroup total of 6 (six) volumes, maximum of 16000 GiB each. Type: Number MinValue: '4' MaxValue: '16000' EBSReco: ConstraintDescription: Must be a valid Number from 4 GiB to 16000 GiB Default: '6' Description: Enter the number of Gigabytes for Each ASM Disk (EBS) for RECO Diskgroup total of 3 (three) volumes, maximum of 16000 GiB each. Type: Number MinValue: '4' MaxValue: '16000' InstallBucketName: AllowedPattern: ^[0-9a-zA-Z-]+([0-9a-zA-Z-]+)*$ ConstraintDescription: Bucket name can include numbers, lowercase letters, uppercase letters, hyphens (-). Description: Name of your S3 bucket with your Oracle Binaries (e.g., bucket-name) Type: String InstallBucketPrefix: AllowedPattern: ^[0-9a-zA-Z-]+(/[0-9a-zA-Z-]+)*$ ConstraintDescription: Key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). It cannot start or end with forward slash (/) because they are automatically appended. Description: Name of your S3 prefix with your Oracle Binaries (e.g., key/prefix) Type: String Default: oracle/database/12 KeyPairName: ConstraintDescription: must be the name of an existing EC2 KeyPair. Description: Name of an existing EC2 KeyPair to enable SSH access to the instance Type: AWS::EC2::KeyPair::KeyName OracleAMIOS: AllowedValues: - Red-Hat-Enterprise-Linux-7.2-HVM - Oracle-Linux-7.3-HVM Default: Red-Hat-Enterprise-Linux-7.2-HVM Description: Operating system and version for database nodes. Type: String OracleInstanceType: AllowedValues: - t2.medium - t2.large - m3.medium - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - m4.16xlarge - r3.large - r3.xlarge - r3.2xlarge - r3.4xlarge - r3.8xlarge - r4.large - r4.xlarge - r4.2xlarge - r4.4xlarge - r4.8xlarge - r4.16xlarge - x1.16xlarge - x1.32xlarge ConstraintDescription: Must be a valid EC2 instance type. Default: r3.2xlarge Description: Choose your Oracle Database instance type. Type: String OSBBucketName: ConstraintDescription: Enter your bucket name, must be an existing bucket. Description: Name of your S3 bucket to store your Oracle backups. Type: String OSBInstall: AllowedValues: - 'true' - 'false' Default: 'false' Description: Install (true) or don't install (false) optional Oracle Secure Backup. Type: String OSBKey: Description: The AWS Access Key to access your backup bucket, something like AKIAIV3KL4XXIT7DXXYY. Type: String OSBOTN: Description: Your OTN (Oracle Technology Network) account login. Type: String OSBPass: Description: Password of your OTN (Oracle Technology Network) account. NoEcho: 'true' Type: String OSBSecret: Description: The AWS Secret Key to access your backup bucket, something like c/ZeLyzixxx3HfxPVLX9IOKMXEdSbqks3Acz7QHj. NoEcho: 'true' Type: String PrimaryIPAddress: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ ConstraintDescription: IP address parameter must be in the form x.x.x.x Default: 10.0.0.5 Description: This must be a valid IP address for private subnet 1. Type: String PrivateSubnet1ID: Description: ID of the private subnet 1 in Availability Zone 1 (e.g., subnet-a0246dcd) Type: AWS::EC2::Subnet::Id PrivateSubnet2ID: Description: ID of the private subnet 2 in Availability Zone 2 (e.g., subnet-b58c3d67) Type: AWS::EC2::Subnet::Id QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value.' Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: quickstart-oracle-database/ Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String DataIOPS: ConstraintDescription: The number of IOPS that are provisioned for the volume, Maximum of 20000 IOPS per volume. Default: '600' Description: 'IOPS per EBS Volume, only for io1 types. DATA diskgroup total IOPS will be this value x 6. Maximum of 20000 IOPS per volume. Limited to 50 IOPS : 1 GiB.' Type: Number MinValue: '0' MaxValue: '20000' RecoIOPS: ConstraintDescription: The number of IOPS that are provisioned for the volume, Maximum of 20000 IOPS per volume. Default: '200' Description: 'IOPS per EBS Volume, only for io1 types. RECO diskgroup total IOPS will be this value x 3. Maximum of 20000 IOPS per volume. Limited to 50 IOPS : 1 GiB.' Type: Number MinValue: '0' MaxValue: '20000' DataVolumeType: AllowedValues: - gp2 - io1 ConstraintDescription: Only gp2 or io1 are allowed. Default: gp2 Description: 'Disk type for EBS Data Diskgroup. gp2 (performance ratio of 3 IOPS: 1 GiB) or io1 (performance ratio up to 50 IOPS : 1 GiB).' Type: String RecoVolumeType: AllowedValues: - gp2 - io1 ConstraintDescription: Only gp2 or io1 are allowed. Default: gp2 Description: 'Disk type for EBS Reco Diskgroup. gp2 (performance ratio of 3 IOPS: 1 GiB) or io1 (performance ratio up to 50 IOPS : 1 GiB).' Type: String StandbyIPAddress: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ ConstraintDescription: IP address parameter must be in the form x.x.x.x Default: 10.0.32.5 Description: This must be a valid IP address for private subnet 2. Type: String StandbyName: AllowedPattern: ([A-Za-z0-9-]{3,12}) ConstraintDescription: Only Letters and Numbers, Min 3, Maximum of 12 characters. Default: orclsb Description: Enter your Standby instance name, Min 3, Maximum of 12 characters. Type: String VPCID: Description: ID of the VPC (e.g., vpc-0343606e) Type: AWS::EC2::VPC::Id EnableCWL: AllowedValues: - 'true' - 'false' Default: 'false' Description: enable pushing instance logs to CloudWatch Logs Type: String Rules: SubnetsInVPC: Assertions: - Assert: !EachMemberIn - !ValueOfAll - AWS::EC2::Subnet::Id - VpcId - !RefAll 'AWS::EC2::VPC::Id' AssertDescription: All subnets must in the VPC OL73SupportedRegionsRule: RuleCondition: !Equals - !Ref 'OracleAMIOS' - Oracle-Linux-7.3-HVM Assertions: - Assert: !Not - !Contains - - ap-south-1 - ca-central-1 - eu-west-2 - us-east-2 - !Ref 'AWS::Region' AssertDescription: Oracle Linux 7.3 is not available in this region Mappings: AWSInstanceType2Value: t2.medium: sga: '2458' shmall: '838861' shmmax: '3221225472' t2.large: sga: '4915' shmall: '1677722' shmmax: '6442450944' m3.medium: sga: '2304' shmall: '786432' shmmax: '3019898880' m3.large: sga: '4608' shmall: '1572864' shmmax: '6039797760' m3.xlarge: sga: '9216' shmall: '3145728' shmmax: '12079595520' m3.2xlarge: sga: '18432' shmall: '6291456' shmmax: '24159191040' m4.large: sga: '4915' shmall: '1677722' shmmax: '6442450944' m4.xlarge: sga: '9830' shmall: '3355444' shmmax: '12884901888' m4.2xlarge: sga: '19661' shmall: '6710887' shmmax: '25769803776' m4.4xlarge: sga: '39322' shmall: '13421773' shmmax: '51539607552' m4.10xlarge: sga: '98304' shmall: '33554432' shmmax: '128849018880' r3.large: sga: '9370' shmall: '3198157' shmmax: '12280922112' r3.xlarge: sga: '18739' shmall: '6396314' shmmax: '24561844224' r3.2xlarge: sga: '37478' shmall: '12792628' shmmax: '49123688448' r3.4xlarge: sga: '74957' shmall: '25585255' shmmax: '98247376896' r3.8xlarge: sga: '149914' shmall: '51170509' shmmax: '196494753792' m4.16xlarge: shmmax: '206158430208' sga: '196608' shmall: '53687092' r4.large: sga: '9370' shmall: '3198157' shmmax: '12280922112' r4.xlarge: sga: '18739' shmall: '6396314' shmmax: '24561844224' r4.2xlarge: sga: '37478' shmall: '12792628' shmmax: '49123688448' r4.4xlarge: sga: '74957' shmall: '25585255' shmmax: '98247376896' r4.8xlarge: sga: '149914' shmall: '51170509' shmmax: '196494753792' r4.16xlarge: shmmax: '392989507584' sga: '374784' shmall: '102341018' x1.16xlarge: shmmax: '785979015168' sga: '749568' shmall: '204682036' x1.32xlarge: shmmax: '1571958030336' sga: '1499136' shmall: '409364071' AWSAMIRegionMap: AMI: OL73HVM: OL7.3-x86_64-HVM-2016-11-09 RHEL72HVM: RHEL-7.2_HVM-20161025-x86_64-1-Hourly2-GP2 ap-northeast-1: OL73HVM: ami-de248ebf RHEL72HVM: ami-2265c543 ap-northeast-2: OL73HVM: ami-63b5620d RHEL72HVM: ami-a9e532c7 ap-south-1: RHEL72HVM: ami-917205fe ap-southeast-1: OL73HVM: ami-71f25012 RHEL72HVM: ami-22953841 ap-southeast-2: OL73HVM: ami-70596713 RHEL72HVM: ami-91cdf0f2 ca-central-1: RHEL72HVM: ami-b764d6d3 eu-central-1: OL73HVM: ami-5136f33e RHEL72HVM: ami-7def1712 eu-west-1: OL73HVM: ami-67164414 RHEL72HVM: ami-b22961c1 eu-west-2: RHEL72HVM: ami-b9353fdd sa-east-1: OL73HVM: ami-5edf4132 RHEL72HVM: ami-28f66a44 us-east-1: OL73HVM: ami-7c4b7e6b RHEL72HVM: ami-873e6190 us-east-2: RHEL72HVM: ami-0a33696f us-west-1: OL73HVM: ami-74f5a014 RHEL72HVM: ami-f88fc498 us-west-2: OL73HVM: ami-0d25886d RHEL72HVM: ami-5dd3743d OracleAMINameMap: Red-Hat-Enterprise-Linux-7.2-HVM: Code: RHEL72HVM repo: '#already come with repo' Oracle-Linux-7.3-HVM: Code: OL73HVM repo: '#already come with repo' Conditions: CreateStandby: !Equals - !Ref 'DataGuardConfig' - Data Guard EBSDataIOPS: !Equals - !Ref 'DataVolumeType' - io1 EBSRecoIOPS: !Equals - !Ref 'RecoVolumeType' - io1 EBSOptimizableInstance: !Not - !Or - !Equals - !Ref 'OracleInstanceType' - t2.medium - !Equals - !Ref 'OracleInstanceType' - t2.large - !Equals - !Ref 'OracleInstanceType' - m3.medium - !Equals - !Ref 'OracleInstanceType' - m3.large - !Equals - !Ref 'OracleInstanceType' - r3.large - !Equals - !Ref 'OracleInstanceType' - r3.8xlarge GovCloudCondition: !Equals - !Ref 'AWS::Region' - us-gov-west-1 CWL: !Equals - !Ref 'EnableCWL' - 'true' UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: Route53PrivateHostedZone: Type: AWS::Route53::HostedZone Properties: HostedZoneConfig: Comment: Private Hosted Zone for Oracle database Quick Start Name: !Join - '' - - !Ref 'DomainName' - . VPCs: - VPCId: !Ref 'VPCID' VPCRegion: !Ref 'AWS::Region' Route53RecordSet: Type: AWS::Route53::RecordSet Properties: HostedZoneId: !Ref 'Route53PrivateHostedZone' Name: !Join - '' - - !Ref 'DatabaseName' - . - !Ref 'DomainName' - . Type: A ResourceRecords: - !Ref 'PrimaryIPAddress' TTL: 60 InstanceRoleOrcl: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - !Sub arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore Policies: - PolicyDocument: Version: '2012-10-17' Statement: - Action: - s3:GetObject Resource: !Sub - arn:${AWS::Partition}:s3:::${S3Bucket}/${QSS3KeyPrefix}* - S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Effect: Allow - Action: - s3:GetObject Resource: !Sub - arn:${Partition}:s3:::${InstallBucketName}/${InstallBucketPrefix}/* - Partition: !If - GovCloudCondition - aws-us-gov - aws Effect: Allow PolicyName: aws-quick-start-s3-policy - !If - CWL - PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents - logs:DescribeLogStreams Resource: - !Sub arn:${AWS::Partition}:logs:*:*:* PolicyName: aws-quick-start-cloudwatchlogs-policy - !Ref 'AWS::NoValue' Path: / AssumeRolePolicyDocument: Statement: - Action: - sts:AssumeRole Principal: Service: - ec2.amazonaws.com Effect: Allow Version: '2012-10-17' InstanceProfileOrcl: Type: AWS::IAM::InstanceProfile Properties: Roles: - !Ref 'InstanceRoleOrcl' Path: / OracleServerAccessSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPCID' GroupDescription: Instances with access to Oracle servers OracleServerSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPCID' GroupDescription: Oracle server management and access ports SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 SourceSecurityGroupId: !Ref 'BastionSecurityGroupID' - IpProtocol: tcp FromPort: !Ref 'DatabasePort' ToPort: !Ref 'DatabasePort' SourceSecurityGroupId: !Ref 'OracleServerAccessSecurityGroup' - IpProtocol: tcp FromPort: 5500 ToPort: 5500 SourceSecurityGroupId: !Ref 'OracleServerAccessSecurityGroup' OracleServersSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: VpcId: !Ref 'VPCID' GroupDescription: Oracle inter-server communication and management ports SecurityGroupIngress: - IpProtocol: tcp FromPort: 22 ToPort: 22 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: !Ref 'DatabasePort' ToPort: !Ref 'DatabasePort' SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 5500 ToPort: 5500 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 111 ToPort: 111 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 2049 ToPort: 2049 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 32768 ToPort: 32768 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 44182 ToPort: 44182 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' - IpProtocol: tcp FromPort: 54508 ToPort: 54508 SourceSecurityGroupId: !Ref 'OracleServerSecurityGroup' LogGroup: Condition: CWL Type: AWS::Logs::LogGroup Properties: RetentionInDays: 7 PrimaryInstance: Type: AWS::EC2::Instance Metadata: AWS::CloudFormation::Authentication: S3AccessCreds: type: S3 buckets: - !Ref 'InstallBucketName' - !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] roleName: !Ref 'InstanceRoleOrcl' AWS::CloudFormation::Init: config: files: /tmp/orcl-setup.txt: content: !Join - '' - - !Sub - | QuickStartS3URL|${QuickStartS3URL} QSS3BucketName|${QSS3BucketName} QSS3KeyPrefix|${QSS3KeyPrefix} InstallBucketName|${InstallBucketName}/${InstallBucketPrefix} DatabasePass|${DatabasePass} AsmPass|${AsmPass} CharacterSet|${CharacterSet} DatabasePort|${DatabasePort} DatabaseName|${DatabaseName} StandbyName|${StandbyName} PrimaryIPAddress|${PrimaryIPAddress} StandbyIPAddress|${StandbyIPAddress} OSBInstall|${OSBInstall} OSBBName|${OSBBucketName} OSBKey|${OSBKey} OSBSecret|${OSBSecret} OSBOTN|${OSBOTN} OracleVersion|${OracleVersion} OSBPass|${OSBPass} - QuickStartS3URL: !If - GovCloudCondition - 'https://s3-us-gov-west-1.amazonaws.com' - 'https://s3.amazonaws.com' - Code| - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - Code - "\n" - SGA| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - sga - "\n" - SHMALL| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - shmall - "\n" - SHMMAX| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - shmmax - "\n" mode: '000440' owner: root group: root /tmp/rmanbackup.cmd: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/rmanbackup.cmd' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/osb.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/osb.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds /tmp/listener_prim.ora: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/listener_prim.ora' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000666' owner: root group: root authentication: S3AccessCreds /tmp/dbsetup.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/dbsetup.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/oracleexec.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/oracleexec.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds /tmp/tns_stdb.ora: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/tns_stdb.ora' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000666' owner: root group: root authentication: S3AccessCreds /tmp/db-post.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-post.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/db-config.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/db-config122.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config122.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/asm-config.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/asm-config.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/grid-setup.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/grid-setup.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/grid-setup122.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/grid-setup122.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/bootstrap.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/bootstrap.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds Properties: EbsOptimized: !If - EBSOptimizableInstance - true - !Ref 'AWS::NoValue' IamInstanceProfile: !Ref 'InstanceProfileOrcl' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - Code InstanceType: !Ref 'OracleInstanceType' KeyName: !Ref 'KeyPairName' NetworkInterfaces: - NetworkInterfaceId: !Ref 'PrimaryInstanceNetworkInterface' DeviceIndex: '0' BlockDeviceMappings: - DeviceName: /dev/xvda Ebs: VolumeSize: 20 VolumeType: gp2 - DeviceName: /dev/xvdb Ebs: VolumeSize: 50 VolumeType: gp2 - DeviceName: /dev/xvdc Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdd Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvde Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdf Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdg Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdh Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdi Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdj Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdk Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdx Ebs: VolumeSize: 25 VolumeType: gp2 - DeviceName: /dev/xvdy Ebs: VolumeSize: 1 VolumeType: gp2 UserData: !Base64 Fn::Join: - '' - - "#!/bin/bash \n" - "echo '[Installing and Starting Systems Manager Agent]'\n" - "yum install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm\n" - "systemctl enable amazon-ssm-agent\n" - "systemctl start amazon-ssm-agent\n" - "echo '[Cloning: Load QuickStart Common Utils]'\n" - "yum install -y git\n" - "until git clone --single-branch -b develop https://github.com/aws-quickstart/quickstart-linux-utilities.git\ \ ; do echo \"Retrying\";done\n" - "cd quickstart-linux-utilities\n" - "source quickstart-cfn-tools.source\n" - "echo '[Loaded: Load QuickStart Common Utils]'\n" - "echo '[Update Operating System]'\n" - "qs_update-os || qs_error\n" - "qs_bootstrap_pip || qs_error\n" - "pip install pystache==0.5.4\n" - "qs_aws-cfn-bootstrap || qs_error\n" - !If - CWL - !Join - '' - - "# Set Log Group Name (TODO: create qs_cloudwatch_loggroup_set)\n" - sed -i "s/__LOGGROUP__/\/aws-quick-start\/ - !Ref 'LogGroup' - "/g\" cloudwatch_logs.stub\n" - "qs_cloudwatch_install || qs_error\n" - "# CFN Debug Logs\n" - "qs_cloudwatch_tracklog /var/log/messages\n" - "qs_cloudwatch_tracklog /var/log/cloud-init.log\n" - "qs_cloudwatch_tracklog /var/log/cloud-init-output.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-init.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-init-cmd.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-wire.log\n" - "qs_cloudwatch_tracklog /tmp/bootstrap.log\n" - "qs_cloudwatch_tracklog /tmp/dbexecConf.log\n" - "qs_cloudwatch_tracklog /tmp/dbrunInstaller.log\n" - "qs_cloudwatch_tracklog /tmp/dbsetup.log\n" - "qs_cloudwatch_tracklog /tmp/download.log\n" - "qs_cloudwatch_tracklog /tmp/oracleexec.log\n" - "qs_cloudwatch_tracklog /tmp/osb.log\n" - "qs_cloudwatch_tracklog /tmp/rmanbackup.log\n" - "qs_cloudwatch_tracklog /tmp/status.log\n" - !Ref 'AWS::NoValue' - "cd /tmp \n" - "export PATH=$PATH:/usr/local/bin\n" - "cd /etc/yum.repos.d \n" - '' - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - repo - " \n" - S3URI=https:// - !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref 'QSS3BucketName' - . - !If - GovCloudCondition - s3-us-gov-west-1. - s3. - !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref 'QSS3BucketRegion' - .amazonaws.com/ - !Ref 'QSS3KeyPrefix' - "\n" - "NODE_CONF=${!S3URI}scripts/node.conf_stub\n" - "pip install awscli\n" - "cd /etc/yum.repos.d \n" - "yum install -y zip\n" - "yum install -y unzip\n" - '/usr/bin/cfn-init -v ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource PrimaryInstance ' - ' --region ' - !Ref 'AWS::Region' - "\n" - "/tmp/bootstrap.sh --params_file /tmp/orcl-setup.txt --primary &>> /tmp/bootstrap.log\n" - '/usr/bin/cfn-signal -e $? ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource PrimaryInstance ' - ' --region ' - !Ref 'AWS::Region' - "\n" Tags: - Key: Name Value: !Ref 'DatabaseName' CreationPolicy: ResourceSignal: Timeout: PT120M PrimaryInstanceNetworkInterface: Type: AWS::EC2::NetworkInterface Properties: Description: PrimaryInstanceNetworkInterface GroupSet: - !Ref 'OracleServerSecurityGroup' - !Ref 'OracleServersSecurityGroup' PrivateIpAddresses: - PrivateIpAddress: !Ref 'PrimaryIPAddress' Primary: true SourceDestCheck: true SubnetId: !Ref 'PrivateSubnet1ID' Tags: - Key: Name Value: PrimaryInstanceNetworkInterface - Key: Interface Value: eth0 StandbyInstance: Type: AWS::EC2::Instance Condition: CreateStandby DependsOn: PrimaryInstance Metadata: AWS::CloudFormation::Init: config: files: /tmp/orcl-setup.txt: content: !Join - '' - - !Sub - | QuickStartS3URL|${QuickStartS3URL} QSS3BucketName|${QSS3BucketName} QSS3BucketRegion|${QSS3BucketRegion} QSS3KeyPrefix|${QSS3KeyPrefix} InstallBucketName|${InstallBucketName}/${InstallBucketPrefix} DatabasePass|${DatabasePass} AsmPass|${AsmPass} CharacterSet|${CharacterSet} DatabasePort|${DatabasePort} DatabaseName|${DatabaseName} StandbyName|${StandbyName} PrimaryIPAddress|${PrimaryIPAddress} StandbyIPAddress|${StandbyIPAddress} OSBInstall|${OSBInstall} OSBBName|${OSBBucketName} OSBKey|${OSBKey} OSBSecret|${OSBSecret} OSBOTN|${OSBOTN} OracleVersion|${OracleVersion} OSBPass|${OSBPass} - QuickStartS3URL: !If - GovCloudCondition - 'https://s3-us-gov-west-1.amazonaws.com' - 'https://s3.amazonaws.com' - Code| - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - Code - "\n" - SGA| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - sga - "\n" - SHMALL| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - shmall - "\n" - SHMMAX| - !FindInMap - AWSInstanceType2Value - !Ref 'OracleInstanceType' - shmmax - "\n" mode: '000440' owner: root group: root /tmp/rmanbackup.cmd: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/rmanbackup-sb.cmd' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/db-config-sb.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config-sb.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/db-config-sb122.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config-sb122.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/dbsetup-sb.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/dbsetup-sb.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/osb.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/osb.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds /tmp/dbcheck.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/dbcheck.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/dbbroker.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/dbbroker.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/dbsetup.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/dbsetup.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/start.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/start.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/start2.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/start2.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/stop.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/stop.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/post-duplicate.sql: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/post-duplicate.sql' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/rman.cmd: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/rman.cmd' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/rman2.cmd: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/rman2.cmd' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000777' owner: root group: root authentication: S3AccessCreds /tmp/oracleexec-sb.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/oracleexec-sb.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds /tmp/listener_stdb.ora: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/listener_stdb.ora' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000666' owner: root group: root authentication: S3AccessCreds /tmp/db-post.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-post.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/db-config.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/db-config122.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/db-config122.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/asm-config.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/asm-config.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/grid-setup.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/grid-setup.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/grid-setup122.rsp: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/grid-setup122.rsp' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000644' owner: root group: root authentication: S3AccessCreds /tmp/bootstrap.sh: source: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}scripts/bootstrap.sh' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] mode: '000550' owner: root group: root authentication: S3AccessCreds AWS::CloudFormation::Authentication: S3AccessCreds: type: S3 buckets: - !Ref 'InstallBucketName' - !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] roleName: !Ref 'InstanceRoleOrcl' Properties: EbsOptimized: !If - EBSOptimizableInstance - true - !Ref 'AWS::NoValue' IamInstanceProfile: !Ref 'InstanceProfileOrcl' ImageId: !FindInMap - AWSAMIRegionMap - !Ref 'AWS::Region' - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - Code InstanceType: !Ref 'OracleInstanceType' KeyName: !Ref 'KeyPairName' NetworkInterfaces: - NetworkInterfaceId: !Ref 'StandbyInstanceNetworkInterface' DeviceIndex: '0' BlockDeviceMappings: - DeviceName: /dev/xvda Ebs: VolumeSize: 20 VolumeType: gp2 - DeviceName: /dev/xvdb Ebs: VolumeSize: 50 VolumeType: gp2 - DeviceName: /dev/xvdc Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdd Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvde Ebs: VolumeSize: !Ref 'EBSReco' VolumeType: !Ref 'RecoVolumeType' Iops: !If - EBSRecoIOPS - !Ref 'RecoIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdf Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdg Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdh Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdi Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdj Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdk Ebs: VolumeSize: !Ref 'EBSData' VolumeType: !Ref 'DataVolumeType' Iops: !If - EBSDataIOPS - !Ref 'DataIOPS' - !Ref 'AWS::NoValue' - DeviceName: /dev/xvdx Ebs: VolumeSize: 25 VolumeType: gp2 UserData: !Base64 Fn::Join: - '' - - "#!/bin/bash \n" - "echo '[Cloning: Load QuickStart Common Utils]'\n" - "yum install -y git\n" - "until git clone --single-branch -b develop https://github.com/aws-quickstart/quickstart-linux-utilities.git\ \ ; do echo \"Retring\";done\n" - "cd quickstart-linux-utilities\n" - "source quickstart-cfn-tools.source\n" - "echo '[Loaded: Load QuickStart Common Utils]'\n" - "echo '[Update Operating System]'\n" - "qs_update-os || qs_error\n" - "qs_bootstrap_pip || qs_error\n" - "pip install pystache==0.5.4\n" - "qs_aws-cfn-bootstrap || qs_error\n" - !If - CWL - !Join - '' - - "# Set Log Group Name (TODO: create qs_cloudwatch_loggroup_set)\n" - sed -i "s/__LOGGROUP__/\/aws-quick-start\/ - !Ref 'LogGroup' - "/g\" cloudwatch_logs.stub\n" - "qs_cloudwatch_install || qs_error\n" - "# CFN Debug Logs\n" - "qs_cloudwatch_tracklog /var/log/messages\n" - "qs_cloudwatch_tracklog /var/log/cloud-init.log\n" - "qs_cloudwatch_tracklog /var/log/cloud-init-output.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-init.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-init-cmd.log\n" - "qs_cloudwatch_tracklog /var/log/cfn-wire.log\n" - "qs_cloudwatch_tracklog /tmp/bootstrap.log\n" - "qs_cloudwatch_tracklog /tmp/dbexecConf.log\n" - "qs_cloudwatch_tracklog /tmp/dbrunInstaller.log\n" - "qs_cloudwatch_tracklog /tmp/dbsetup.log\n" - "qs_cloudwatch_tracklog /tmp/download.log\n" - "qs_cloudwatch_tracklog /tmp/oracleexec.log\n" - "qs_cloudwatch_tracklog /tmp/osb.log\n" - "qs_cloudwatch_tracklog /tmp/rmanbackup.log\n" - "qs_cloudwatch_tracklog /tmp/status.log\n" - !Ref 'AWS::NoValue' - "cd /etc/yum.repos.d \n" - '' - !FindInMap - OracleAMINameMap - !Ref 'OracleAMIOS' - repo - " \n" - S3URI=https:// - !Ref 'QSS3BucketName' - . - !If - GovCloudCondition - s3-us-gov-west-1 - s3 - .amazonaws.com/ - !Ref 'QSS3KeyPrefix' - "\n" - "NODE_CONF=${!S3URI}scripts/node.conf_stub\n" - "pip install awscli\n" - "cd /tmp \n" - "export PATH=$PATH:/usr/local/bin\n" - "yum install -y zip\n" - "yum install -y unzip\n" - '/usr/bin/cfn-init -v ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource StandbyInstance ' - ' --region ' - !Ref 'AWS::Region' - "\n" - "/tmp/bootstrap.sh --params_file /tmp/orcl-setup.txt --standby &>> /tmp/bootstrap.log\n" - '/usr/bin/cfn-signal -e $? ' - ' --stack ' - !Ref 'AWS::StackName' - ' --resource StandbyInstance ' - ' --region ' - !Ref 'AWS::Region' - "\n" Tags: - Key: Name Value: !Ref 'StandbyName' CreationPolicy: ResourceSignal: Timeout: PT120M StandbyInstanceNetworkInterface: Type: AWS::EC2::NetworkInterface Condition: CreateStandby Properties: Description: StandbyInstanceNetworkInterface GroupSet: - !Ref 'OracleServerSecurityGroup' - !Ref 'OracleServersSecurityGroup' PrivateIpAddresses: - PrivateIpAddress: !Ref 'StandbyIPAddress' Primary: true SourceDestCheck: true SubnetId: !Ref 'PrivateSubnet2ID' Tags: - Key: Name Value: StandbyInstanceNetworkInterface - Key: Interface Value: eth0 Outputs: PrivateDNSName: Value: !Join - '' - - !Ref 'DatabaseName' - . - !Ref 'DomainName' Description: Private DNS to access your Database instance inside your VPC PrimaryInstanceID: Value: !Ref 'PrimaryInstance' Description: Instance ID of Primary Oracle instance VPCID: Value: !Ref 'VPCID' Description: VPC ID PrimaryPrivateIPAddress: Value: !Join - ' ' - - IP address - !GetAtt 'PrimaryInstanceNetworkInterface.PrimaryPrivateIpAddress' - on subnet - !Ref 'PrivateSubnet1ID' Description: Primary Instance private IP address StandbyPrivateIPAddress: Condition: CreateStandby Value: !Join - ' ' - - IP address - !GetAtt 'StandbyInstanceNetworkInterface.PrimaryPrivateIpAddress' - on subnet - !Ref 'PrivateSubnet2ID' Description: Standby Instance private IP address DatabaseName: Value: !Ref 'DatabaseName' Description: Database Name StandbyInstanceID: Condition: CreateStandby Value: !Ref 'StandbyInstance' Description: Instance ID of Standby Oracle instance OracleInstanceType: Value: !Ref 'OracleInstanceType' Description: Instance Type KeyPairName: Value: !Ref 'KeyPairName' Description: Key pair for the instances OracleServerAccessSecurityGroup: Value: !Ref 'OracleServerAccessSecurityGroup' Description: Security group that gives access to Oracle databases