AWSTemplateFormatVersion: '2010-09-09' Description: >- This template deploys two or three Windows Server Failover Clustering (WSFC) nodes with SQL Server and DataKeeper replication software. This template also deploys the required Active Directory architecture as deployed by the Active Directory Domain Services on AWS Quick Start. **WARNING** This template creates Amazon EC2 Windows instance and related resources. You will be billed for the AWS resources used if you create a stack from this template. (qs-1qup6ral8) Metadata: cfn-lint: config: ignore_checks: - W9006 QuickStartDocumentation: EntrypointName: Parameters for deploying into a new VPC Order: "1" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - AvailabilityZones - ThirdAZ - VPCCIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PrivateSubnet3CIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - PublicSubnet3CIDR - Label: default: Amazon EC2 configuration Parameters: - KeyPairName - Label: default: Active Directory configuration Parameters: - ADScenarioType - DomainDNSName - DomainNetBIOSName - DomainAdminPassword - Label: default: (Optional) Self-managed Active Directory configuration Parameters: - DomainAdminUser - ADServer1InstanceType - ADServer1NetBIOSName - ADServer1PrivateIP - ADServer2InstanceType - ADServer2NetBIOSName - ADServer2PrivateIP - Label: default: Remote Desktop Gateway (RD Gateway) configuration Parameters: - RDGWCIDR - NumberOfRDGWHosts - RDGWInstanceType - Label: default: Replication configuration Parameters: - AMIType - SIOSLicenseKeyFtpURL - SQLServerVersion - SQLServiceAccount - SQLServiceAccountPassword - Volume1Size - Volume1Type - Volume1Iops - Label: default: Failover-cluster configuration Parameters: - ClusterNodeOSServerVersion - WSFCNode1InstanceType - WSFCNode1NetBIOSName - WSFCNode1PrivateIP1 - WSFCNode1PrivateIP2 - WSFCNode1PrivateIP3 - WSFCNode2InstanceType - WSFCNode2NetBIOSName - WSFCNode2PrivateIP1 - WSFCNode2PrivateIP2 - WSFCNode2PrivateIP3 - WSFCNode3InstanceType - WSFCNode3NetBIOSName - WSFCNode3PrivateIP1 - WSFCNode3PrivateIP2 - WSFCNode3PrivateIP3 - WSFCWitnessNetBIOSName - WSFCWitnessInstanceType - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: ADScenarioType: default: Active Directory scenario type ADServer1InstanceType: default: Domain controller 1 instance type ADServer1NetBIOSName: default: Domain controller 1 NetBIOS name ADServer1PrivateIP: default: Domain controller 1 private IP address ADServer2InstanceType: default: Domain controller 2 instance type ADServer2NetBIOSName: default: Domain controller 2 NetBIOS name ADServer2PrivateIP: default: Domain controller 2 private IP address AMIType: default: AMI type AvailabilityZones: default: Availability Zones ClusterNodeOSServerVersion: default: Cluster-node Windows Server OS version DomainAdminPassword: default: Domain administrator password DomainAdminUser: default: Domain administrator user name DomainDNSName: default: Domain DNS name DomainNetBIOSName: default: Domain NetBIOS name KeyPairName: default: Key-pair name NumberOfRDGWHosts: default: Number of RD Gateway hosts PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR PrivateSubnet3CIDR: default: Private subnet 3 CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR PublicSubnet3CIDR: default: Public subnet 3 CIDR QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket Region QSS3KeyPrefix: default: Quick Start S3 key prefix SIOSLicenseKeyFtpURL: default: SIOS DataKeeper license key FTP URL SQLServerVersion: default: SQL Server version SQLServiceAccount: default: Service account name SQLServiceAccountPassword: default: Service account password ThirdAZ: default: Third Availability Zone Volume1Iops: default: Data volume IOPS Volume1Size: default: Data volume size Volume1Type: default: Data volume type RDGWInstanceType: default: RD Gateway instance type RDGWCIDR: default: RD Gateway external access CIDR VPCCIDR: default: VPC CIDR WSFCNode1InstanceType: default: WSFC node 1 instance type WSFCNode1NetBIOSName: default: WSFC node 1 NetBIOS name WSFCNode1PrivateIP1: default: WSFC node 1 private IP address 1 WSFCNode1PrivateIP2: default: WSFC node 1 private IP address 2 WSFCNode1PrivateIP3: default: WSFC node 1 private IP address 3 WSFCNode2InstanceType: default: WSFC node 2 instance type WSFCNode2NetBIOSName: default: WSFC node 2 NetBIOS name WSFCNode2PrivateIP1: default: WSFC node 2 private IP address 1 WSFCNode2PrivateIP2: default: WSFC node 2 private IP address 2 WSFCNode2PrivateIP3: default: WSFC node 2 private IP address 3 WSFCNode3InstanceType: default: WSFC node 3 instance type WSFCNode3NetBIOSName: default: WSFC node 3 NetBIOS name WSFCNode3PrivateIP1: default: WSFC node 3 private IP address 1 WSFCNode3PrivateIP2: default: WSFC node 3 private IP address 2 WSFCNode3PrivateIP3: default: WSFC node 3 private IP address 3 WSFCWitnessNetBIOSName: default: WSFC witness NetBIOS name WSFCWitnessInstanceType: default: WSFC witness instance type Parameters: ADScenarioType: AllowedValues: - AWS Directory Service for Microsoft AD (Enterprise Edition) - AWS Directory Service for Microsoft AD (Standard Edition) - Microsoft AD on Amazon EC2 Default: AWS Directory Service for Microsoft AD (Standard Edition) Description: Type of Active Directory Domain Services (AD DS) deployment to use. Type: String ADServer1InstanceType: AllowedValues: - t2.large - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge Default: t2.large Description: Amazon EC2 instance type for the first Active Directory instance. Type: String ADServer1NetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: DC1 Description: NetBIOS name of the first Active Directory server (up to 15 characters). MaxLength: '15' MinLength: '1' Type: String ADServer1PrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.10 Description: Fixed private IP address for the first Active Directory server, located in Availability Zone 1. Type: String ADServer2InstanceType: AllowedValues: - t2.large - m3.large - m3.xlarge - m3.2xlarge - m4.large - m4.xlarge - m4.2xlarge - m4.4xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge Default: t2.large Description: Amazon EC2 instance type for the second Active Directory instance. Type: String ADServer2NetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: DC2 Description: NetBIOS name of the second Active Directory server (up to 15 characters). MaxLength: '15' MinLength: '1' Type: String ADServer2PrivateIP: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.10 Description: Fixed private IP address for the second Active Directory, server located in Availability Zone 2. Type: String AMIType: AllowedValues: - PAYG - BYOL Default: PAYG Description: AMI type for the SIOS DataKeeper license. Type: String AvailabilityZones: Description: Availability Zones to use for the subnets in the VPC. You must provide at least two Availability Zones. If the ThirdAZ parameter is specified, you must also provide a third Availability Zone. Type: List ClusterNodeOSServerVersion: AllowedValues: - WS2012R2 - WS2016 - WS2019 Default: WS2019 Description: Version of Windows Server OS for cluster nodes. Type: String DomainAdminPassword: AllowedPattern: (?=^.{6,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* Description: Password for the domain administrator user. Must be at least 8 characters containing letters, numbers, and symbols. MaxLength: '32' MinLength: '8' NoEcho: 'true' Type: String DomainAdminUser: AllowedPattern: '[a-zA-Z0-9]*' Default: admin Description: User name for the domain administrator account. This is separate from the default administrator account. MaxLength: '25' MinLength: '5' Type: String DomainDNSName: AllowedPattern: '[a-zA-Z0-9]+\..+' Default: datakeeper.local Description: Fully qualified domain name (FQDN) of the forest root domain (e.g., example.com). MaxLength: '25' MinLength: '3' Type: String DomainNetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: DATAKEEPER Description: NetBIOS name of the domain for users of earlier versions of Windows (up to 15 characters). MaxLength: '15' MinLength: '1' Type: String KeyPairName: Description: Public-private key pairs allow you to securely connect to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName NumberOfRDGWHosts: AllowedValues: - '0' - '1' - '2' - '3' - '4' Default: '1' Description: Enter the number of RD Gateway hosts to create. Type: String PrivateSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.0.0/19 Description: CIDR block for private subnet 1, located in Availability Zone 1. Type: String PrivateSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.32.0/19 Description: CIDR block for private subnet 2, located in Availability Zone 2. Type: String PrivateSubnet3CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Default: 10.0.64.0/19 Description: (Optional) CIDR block for optional private subnet 3, located in Availability Zone 3. Type: String PublicSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.128.0/20 Description: CIDR block for the public DMZ subnet 1, located in Availability Zone 1. Type: String PublicSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.144.0/20 Description: CIDR block for the public DMZ subnet 2, located in Availability Zone 2. Type: String PublicSubnet3CIDR: Default: 10.0.160.0/20 Description: (Optional) CIDR block for the optional public subnet 3, located in Availability Zone 3. Type: String QSS3BucketName: AllowedPattern: ^[0-9a-z]+([0-9a-z-\.]*[0-9a-z])*$ ConstraintDescription: >- The S3 bucket name can include numbers, lowercase letters, and hyphens (-), but it cannot start or end with a hyphen. Default: aws-quickstart Description: >- Name of the S3 bucket for your copy of the deployment assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new location. MinLength: 3 MaxLength: 63 Type: String QSS3BucketRegion: Default: 'us-east-1' Description: >- AWS Region where the S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing the Region updates code references to point to a new location. When using your own bucket, specify the Region. Type: String QSS3KeyPrefix: AllowedPattern: ^([0-9a-zA-Z!-_\.\*'\(\)/]+/)*$ ConstraintDescription: >- The S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), underscores (_), periods (.), asterisks (*), single quotes ('), open parenthesis ((), close parenthesis ()), and forward slashes (/). End the prefix with a forward slash. Default: quickstart-sios-datakeeper/ Description: >- S3 key prefix that is used to simulate a folder for your copy of the deployment assets. Keep the default prefix unless you are customizing the template. Changing the prefix updates code references to point to a new location. Type: String RDGWCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x. Description: Allowed CIDR block for external access to the RD Gateway. Type: String RDGWInstanceType: AllowedValues: - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - t3.xlarge - t3.2xlarge - t3a.micro - t3a.small - t3a.medium - t3a.large - t3a.xlarge - t3a.2xlarge - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5a.large - m5a.xlarge - m5a.2xlarge Default: t3.micro Description: Amazon EC2 instance type for the RD Gateway instance. Type: String SIOSLicenseKeyFtpURL: Default: '' Description: URL used to obtain license key for SIOS DataKeeper. Type: String SQLServerVersion: AllowedValues: - None - '2016' - '2017' Default: '2017' Description: Version of MS SQL Server to install. Choose "None" if you don't want to install SQL Server. Type: String SQLServiceAccount: AllowedPattern: '[a-zA-Z0-9]*' Default: sqlsa Description: User name for the SQL Server service account. This account is a domain user. MaxLength: '25' MinLength: '5' Type: String SQLServiceAccountPassword: AllowedPattern: (?=^(?![\s\S]))|(?=^.{6,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* Default: '' Description: Password for the SQL Server account. Must be at least 8 characters containing letters, numbers, and symbols. Keep blank if you don't want to install SQL Server. MaxLength: '32' MinLength: '0' NoEcho: 'true' Type: String ThirdAZ: AllowedValues: - none - witness - full Default: none Description: Choose "full" or "witness" to enable a deployment with three Availability Zones. The third zone can be used for the witness, or it can be a full WSFC cluster node. Type: String VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28. Default: 10.0.0.0/16 Description: CIDR block for the VPC. Type: String Volume1Iops: Default: '1000' Description: IOPS for the SQL data drive. (Used only when data volume type is io1.) MaxValue: '20000' MinValue: '100' Type: Number Volume1Size: Default: '100' Description: Volume size (in GiB) for the SQL data drive. MaxValue: '16000' MinValue: '100' Type: Number Volume1Type: AllowedValues: - gp2 - io1 Default: gp2 Description: Volume type for the SQL data drive. Type: String WSFCNode1InstanceType: AllowedValues: - m3.xlarge - m3.2xlarge - c3.xlarge - c3.2xlarge - c3.4xlarge - g2.2xlarge - r3.xlarge - r3.2xlarge - r3.4xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - h1.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - x1.16xlarge - x1.32xlarge - x1e.xlarge - x1e.2xlarge - x1e.4xlarge - x1e.8xlarge - x1e.16xlarge - x1e.32xlarge ConstraintDescription: Only EBS-optimized instance types are allowed. Default: i3.xlarge Description: Amazon EC2 instance type for the first WSFC node. If you're concerned about performance, SIOS recommends r3.xlarge or larger. Type: String WSFCNode1NetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: WSFCNode1 Description: NetBIOS name of the first WSFC node (up to 15 characters). MaxLength: '15' MinLength: '1' Type: String WSFCNode1PrivateIP1: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.100 Description: Primary private address for the first WSFC node located in Availability Zone 1 Type: String WSFCNode1PrivateIP2: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.101 Description: Secondary private IP address for WSFC cluster on first WSFC node. Type: String WSFCNode1PrivateIP3: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.0.102 Description: Third private IP address for SQL Server network name on first WSFC node. Type: String WSFCNode2InstanceType: AllowedValues: - m3.xlarge - m3.2xlarge - c3.xlarge - c3.2xlarge - c3.4xlarge - g2.2xlarge - r3.xlarge - r3.2xlarge - r3.4xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - h1.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - x1.16xlarge - x1.32xlarge - x1e.xlarge - x1e.2xlarge - x1e.4xlarge - x1e.8xlarge - x1e.16xlarge - x1e.32xlarge ConstraintDescription: Only EBS-optimized instance types are allowed. Default: i3.xlarge Description: Amazon EC2 instance type for the second WSFC node. If you're concerned about performance, SIOS recommends r3.xlarge or larger. Type: String WSFCNode2NetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: WSFCNode2 Description: NetBIOS name of the second WSFC node (up to 15 characters). MaxLength: '15' MinLength: '1' Type: String WSFCNode2PrivateIP1: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.100 Description: Primary private IP address for the second WSFC node located in Availability Zone 2. Type: String WSFCNode2PrivateIP2: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.101 Description: Secondary private IP address for WSFC cluster on second WSFC node. Type: String WSFCNode2PrivateIP3: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.32.102 Description: Third private IP address for SQL Server network name on second WSFC node. Type: String WSFCNode3InstanceType: AllowedValues: - m3.xlarge - m3.2xlarge - c3.xlarge - c3.2xlarge - c3.4xlarge - g2.2xlarge - r3.xlarge - r3.2xlarge - r3.4xlarge - d2.xlarge - d2.2xlarge - d2.4xlarge - d2.8xlarge - i2.xlarge - i2.2xlarge - i2.4xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - h1.16xlarge - i3.large - i3.xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.16xlarge - x1.16xlarge - x1.32xlarge - x1e.xlarge - x1e.2xlarge - x1e.4xlarge - x1e.8xlarge - x1e.16xlarge - x1e.32xlarge Default: i3.xlarge Description: (Optional) Amazon EC2 instance type for the third WSFC node. Full cluster nodes must be EBS-optimized types, but a file-share-witness host can be any available instance type. If you're concerned about performance, SIOS recommends r3.xlarge or larger. Type: String WSFCNode3NetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: WSFCNode3 Description: (Optional when ThirdAZ is set to "full") NetBIOS name of the second WSFC node (up to 15 characters) MaxLength: 15 MinLength: 1 Type: String WSFCNode3PrivateIP1: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.64.100 Description: (Optional when ThirdAZ is set to "witness" or "full") Primary private IP address for the second WSFC node, located in Availability Zone 2. Type: String WSFCNode3PrivateIP2: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.64.101 Description: (Optional when ThirdAZ is set to "full") Secondary private IP address for the WSFC cluster on the third WSFC node. Type: String WSFCNode3PrivateIP3: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$ Default: 10.0.64.102 Description: (Optional when ThirdAZ is set to "full") Third private IP address for the SQL Server network name on the third WSFC node. Type: String WSFCWitnessNetBIOSName: AllowedPattern: '[a-zA-Z0-9]+' Default: WSFCWitness Description: (Optional when ThirdAZ is set to "witness") NetBIOS name of the second WSFC node (up to 15 characters). MaxLength: 15 MinLength: 1 Type: String WSFCWitnessInstanceType: AllowedValues: - t2.micro - t2.small - t2.medium - t2.large - t3.micro - t3.small - t3.medium - t3.large - m4.large - m5.large Default: t3.micro Description: Amazon EC2 instance type for a WSFC file-share-witness node. Type: String Mappings: AWSLatestAMIMap: LATEST: WS2012R2: /aws/service/ami-windows-latest/Windows_Server-2012-R2_RTM-English-64Bit-Base WS2016: /aws/service/ami-windows-latest/Windows_Server-2016-English-Full-Base WS2019: /aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base Conditions: IsTwoAz: !Equals [!Ref ThirdAZ, none] UseAWSDirectoryServiceEE: !Equals - !Ref 'ADScenarioType' - AWS Directory Service for Microsoft AD (Enterprise Edition) UseSelfManagedAD: !Equals - !Ref 'ADScenarioType' - Microsoft AD on Amazon EC2 UseAWSManagedAD: !Not [Condition: UseSelfManagedAD] UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] IncludeRDGW: !Not - !Equals - !Ref NumberOfRDGWHosts - '0' Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: Fn::Sub: - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If - UsingDefaultBucket - !Ref AWS::Region - !Ref QSS3BucketRegion S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName Parameters: AvailabilityZones: !Join - ',' - !Ref 'AvailabilityZones' NumberOfAZs: !If - IsTwoAz - '2' - '3' PrivateSubnet1ACIDR: !Ref 'PrivateSubnet1CIDR' PrivateSubnet2ACIDR: !Ref 'PrivateSubnet2CIDR' PrivateSubnet3ACIDR: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'PrivateSubnet3CIDR' PublicSubnet1CIDR: !Ref 'PublicSubnet1CIDR' PublicSubnet2CIDR: !Ref 'PublicSubnet2CIDR' PublicSubnet3CIDR: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'PublicSubnet3CIDR' VPCCIDR: !Ref 'VPCCIDR' ADStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}${QSADTemplate} - QSADTemplate: !If - UseAWSManagedAD - submodules/quickstart-microsoft-activedirectory/templates/ad-3.template - templates/ad.template.yaml S3Region: !If - UsingDefaultBucket - !Ref AWS::Region - !Ref QSS3BucketRegion S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName Parameters: !If - UseSelfManagedAD - ADServer1InstanceType: !Ref 'ADServer1InstanceType' ADServer1NetBIOSName: !Ref 'ADServer1NetBIOSName' ADServer1PrivateIP: !Ref 'ADServer1PrivateIP' ADServer2InstanceType: !Ref 'ADServer2InstanceType' ADServer2NetBIOSName: !Ref 'ADServer2NetBIOSName' ADServer2PrivateIP: !Ref 'ADServer2PrivateIP' DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' QSS3BucketName: !Ref 'QSS3BucketName' QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Sub '${QSS3KeyPrefix}' VPCCIDR: !Ref 'VPCCIDR' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' - ADEdition: !If - UseAWSDirectoryServiceEE - Enterprise - Standard DomainAdminPassword: !Ref 'DomainAdminPassword' DomainDNSName: !Ref 'DomainDNSName' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' MgmtServer: 'false' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' QSS3BucketName: !Ref 'QSS3BucketName' QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Sub '${QSS3KeyPrefix}submodules/quickstart-microsoft-activedirectory/' VPCCIDR: !Ref 'VPCCIDR' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' RDGWStack: Condition: IncludeRDGW Type: AWS::CloudFormation::Stack Properties: TemplateURL: Fn::Sub: - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-microsoft-rdgateway/templates/rdgw-domain.template' - S3Region: !If - UsingDefaultBucket - !Ref AWS::Region - !Ref QSS3BucketRegion S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName Parameters: DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !If - UseAWSManagedAD - admin - !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainMemberSGID: !GetAtt 'ADStack.Outputs.DomainMemberSGID' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' NumberOfRDGWHosts: !Ref 'NumberOfRDGWHosts' PublicSubnet1ID: !GetAtt 'VPCStack.Outputs.PublicSubnet1ID' PublicSubnet2ID: !GetAtt 'VPCStack.Outputs.PublicSubnet2ID' QSS3BucketName: !Ref 'QSS3BucketName' QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Sub '${QSS3KeyPrefix}submodules/quickstart-microsoft-rdgateway/' RDGWInstanceType: !Ref 'RDGWInstanceType' RDGWCIDR: !Ref 'RDGWCIDR' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' SIOSStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/sios-datakeeper.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: ActiveDirectoryId: !If - UseAWSManagedAD - !GetAtt 'ADStack.Outputs.DirectoryID' - !Ref 'AWS::NoValue' ADServer1PrivateIP: !If - UseAWSManagedAD - !GetAtt 'ADStack.Outputs.ADServer1PrivateIP' - !Ref 'ADServer1PrivateIP' ADServer2PrivateIP: !If - UseAWSManagedAD - !GetAtt 'ADStack.Outputs.ADServer2PrivateIP' - !Ref 'ADServer2PrivateIP' ADServer1NetBIOSName: !Ref 'ADServer1NetBIOSName' ADServer2NetBIOSName: !Ref 'ADServer2NetBIOSName' AMIType: !Ref 'AMIType' DomainAdminPassword: !Ref 'DomainAdminPassword' DomainAdminUser: !Ref 'DomainAdminUser' DomainDNSName: !Ref 'DomainDNSName' DomainMemberSGID: !GetAtt 'ADStack.Outputs.DomainMemberSGID' DomainNetBIOSName: !Ref 'DomainNetBIOSName' KeyPairName: !Ref 'KeyPairName' OSVersion: !Ref 'ClusterNodeOSServerVersion' SQLServerVersion: !Ref 'SQLServerVersion' SQLServiceAccount: !Ref 'SQLServiceAccount' SQLServiceAccountPassword: !Ref 'SQLServiceAccountPassword' Volume1Iops: !Ref 'Volume1Iops' Volume1Size: !Ref 'Volume1Size' Volume1Type: !Ref 'Volume1Type' VPCID: !GetAtt 'VPCStack.Outputs.VPCID' VPCCIDR: !If - UseAWSManagedAD - !Ref 'VPCCIDR' - !Ref 'AWS::NoValue' PrivateSubnet1CIDR: !GetAtt 'VPCStack.Outputs.PrivateSubnet1ACIDR' WSFCNode1InstanceType: !Ref 'WSFCNode1InstanceType' WSFCNode1NetBIOSName: !Ref 'WSFCNode1NetBIOSName' WSFCNode1PrivateIP1: !Ref 'WSFCNode1PrivateIP1' WSFCNode1PrivateIP2: !Ref 'WSFCNode1PrivateIP2' WSFCNode1PrivateIP3: !Ref 'WSFCNode1PrivateIP3' PrivateSubnet1ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID' PrivateSubnet2CIDR: !GetAtt 'VPCStack.Outputs.PrivateSubnet2ACIDR' WSFCNode2InstanceType: !Ref 'WSFCNode2InstanceType' WSFCNode2NetBIOSName: !Ref 'WSFCNode2NetBIOSName' WSFCNode2PrivateIP1: !Ref 'WSFCNode2PrivateIP1' WSFCNode2PrivateIP2: !Ref 'WSFCNode2PrivateIP2' WSFCNode2PrivateIP3: !Ref 'WSFCNode2PrivateIP3' PrivateSubnet2ID: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID' ThirdAZ: !Ref 'ThirdAZ' WSFCNode3InstanceType: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCNode3InstanceType' PrivateSubnet3CIDR: !If - IsTwoAz - !Ref 'AWS::NoValue' - !GetAtt 'VPCStack.Outputs.PrivateSubnet3ACIDR' PrivateSubnet3ID: !If - IsTwoAz - !Ref 'AWS::NoValue' - !GetAtt 'VPCStack.Outputs.PrivateSubnet3AID' WSFCNode3NetBIOSName: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCNode3NetBIOSName' WSFCWitnessAmiId: !FindInMap - AWSLatestAMIMap - LATEST - !Ref ClusterNodeOSServerVersion WSFCNode3PrivateIP1: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCNode3PrivateIP1' WSFCNode3PrivateIP2: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCNode3PrivateIP2' WSFCNode3PrivateIP3: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCNode3PrivateIP3' WSFCWitnessNetBIOSName: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCWitnessNetBIOSName' WSFCWitnessInstanceType: !If - IsTwoAz - !Ref 'AWS::NoValue' - !Ref 'WSFCWitnessInstanceType' SIOSLicenseKeyFtpURL: !Ref 'SIOSLicenseKeyFtpURL' QSS3BucketName: !Ref 'QSS3BucketName' QSS3BucketRegion: !Ref 'QSS3BucketRegion' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix'