--- AWSTemplateFormatVersion: '2010-09-09' Description: This template creates EC2 instances on AWS. **WARNING** This template creates EC2 instances and related resources. You will be billed for the AWS resources used if you create a stack from this template. Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Environment Configuration Parameters: - EnvironmentSize - VpcId - Subnets - SecurityGroups - Label: default: Amazon EC2 Configuration Parameters: - KeyPairName - StackPrefix - IamInstanceProfile - Label: default: Workload Configuration Parameters: - ProxyServer - PuppetServerFQDN - PuppetServerIP - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix ParameterLabels: EnvironmentSize: default: Environment Size VpcId: default: VPC ID Subnets: default: Private Subnet ID(s) SecurityGroups: default: Security Group ID(s) KeyPairName: default: Key Pair Name StackPrefix: default: Stack Name Prefix ProxyServer: default: Proxy Server URL IamInstanceProfile: default: IAM Instance Profile PuppetServerFQDN: default: Puppet Server FQDN PuppetServerIP: default: Puppet Server IP QSS3BucketName: default: Quick Start S3 bucket QSS3KeyPrefix: default: Quick Start S3 key prefix Parameters: EnvironmentSize: Type: String Default: Small AllowedValues: - Small - Medium - Large Description: Select Environment Size (S,M,L) VpcId: Type: AWS::EC2::VPC::Id Description: VpcId of your existing Virtual Private Cloud (VPC) ConstraintDescription: must be the VPC Id of an existing Virtual Private Cloud. Subnets: Type: List Description: The list of SubnetIds in your Virtual Private Cloud (VPC) ConstraintDescription: must be a list of at least two existing subnets associated with at least two different availability zones. They should be residing in the selected Virtual Private Cloud. SecurityGroups: Type: List Description: The list of SecurityGroupIds in your Virtual Private Cloud (VPC) ConstraintDescription: must be the SecurityGroup Ids of an existing Virtual Private Cloud. KeyPairName: Description: The EC2 Key Pair to allow SSH access to the instances Type: AWS::EC2::KeyPair::KeyName ConstraintDescription: must be the name of an existing EC2 KeyPair. StackPrefix: Type: String MinLength: "1" MaxLength: "20" AllowedPattern: "[a-zA-Z0-9]*" Description: The prefix to all the associated resources in the stack Default: Simphony ProxyServer: Type: String Default: "http://192.168.50.197:3128" PuppetServerIP: Type: String Description: Puppet Server IP address Default: "10.10.0.230" PuppetServerFQDN: Type: String Description: Puppet Server FQDN Default: "puppet.skillnetaws.com" IamInstanceProfile: Type: String Default: simphony_instance_profile Description: must be the IAM Instance Profile of an existing Virtual Private Cloud. QSS3BucketName: AllowedPattern: "^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$" ConstraintDescription: "Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-)." Default: aws-quickstart Description: "S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-)." Type: String QSS3BucketRegion: Default: 'us-east-1' Description: The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value. Type: String QSS3KeyPrefix: AllowedPattern: "^[0-9a-zA-Z-/]*$" ConstraintDescription: "Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/)." Default: quickstart-skillnet-simphony/ Description: "S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/)." Type: String Mappings: RegionMap: us-east-1: "Win12AMI" : "ami-025dee5de86eaa5dd" ap-northeast-1: "Win12AMI" : "ami-01dd0ab03ce83f2bd" ap-northeast-2: "Win12AMI" : "ami-0b6301886abfaf152" ap-south-1: "Win12AMI" : "ami-0e3a60b3671d4f426" ap-southeast-1: "Win12AMI" : "ami-0c6bf1d8c19b17b0c" ap-southeast-2: "Win12AMI" : "ami-08203b2fe3d016151" ca-central-1: "Win12AMI" : "ami-03662f5fdab34a79b" eu-central-1: "Win12AMI" : "ami-056e6905559e5ae5b" eu-north-1: "Win12AMI" : "ami-0a95a55db30f2dc58" eu-west-1: "Win12AMI" : "ami-0ae214d3fbbd81827" eu-west-2: "Win12AMI" : "ami-0bc237d1e18c6c53d" eu-west-3: "Win12AMI" : "ami-0e8897f22e93639a0" sa-east-1: "Win12AMI" : "ami-0d6ff5ada92ff8591" us-east-2: "Win12AMI" : "ami-0ec62a1f6d0b54a86" us-west-1: "Win12AMI" : "ami-04ef5a39a63e1b171" us-west-2: "Win12AMI" : "ami-03d552f93c332d96b" InstanceSize: Small: "EC2" : "c5.large" "MinSize" : "1" "MaxSize" : "1" "DesireSize" : "1" "EbsRootVolumeSize" : "100" "EbsVolumeSize" : "100" Medium: "EC2" : "c5.xlarge" "MinSize" : "1" "MaxSize" : "1" "DesireSize" : "1" "EbsRootVolumeSize" : "150" "EbsVolumeSize" : "150" Large: "EC2" : "c5.2xlarge" "MinSize" : "1" "MaxSize" : "1" "DesireSize" : "1" "EbsRootVolumeSize" : "200" "EbsVolumeSize" : "200" Resources: SimphonyAppServerLaunchConfig: Type: AWS::AutoScaling::LaunchConfiguration Properties: KeyName: !Ref KeyPairName InstanceType: !FindInMap [InstanceSize, !Ref EnvironmentSize, EC2] ImageId: !FindInMap [RegionMap, !Ref "AWS::Region", Win12AMI] IamInstanceProfile: !Ref IamInstanceProfile BlockDeviceMappings: - DeviceName: /dev/sda1 Ebs: VolumeSize: !FindInMap [InstanceSize, !Ref EnvironmentSize, EbsRootVolumeSize] VolumeType: "gp2" - DeviceName: /dev/sda2 Ebs: VolumeSize: !FindInMap [InstanceSize, !Ref EnvironmentSize, EbsVolumeSize] VolumeType: "gp2" SecurityGroups: Ref: SecurityGroups UserData: Fn::Base64: !Sub | Start-Sleep -Seconds 120 # Setup firewall rules for puppet agent/server communication New-NetFirewallRule -DisplayName Simphony -Direction Inbound -Action Allow -Protocol tcp -Enabled True -LocalPort 8140,8080-8088,1433 New-NetFirewallRule -DisplayName Simphony -Direction Outbound -Action Allow -Protocol tcp -Enabled True -LocalPort 8140,8080-8088,1433 # Add hostname dns and alias in C:\Windows\System32\drivers\etc\hosts ac -Encoding UTF8 "$($env:windir)/system32/Drivers/etc/hosts" "${PuppetServerIP} ${PuppetServerFQDN} puppet" # Download puppet agent installar mkdir c:/software Read-S3Object -BucketName "${QSS3BucketName}" -Key "${QSS3KeyPrefix}scripts/puppet-agent-5.5.8-x64.msi" -File c:/software/puppet-agent.msi Start-Sleep -Seconds 120 # Turn on Data Execution Prevention (DEP) Start-Sleep -Seconds 300 bcdedit.exe /set "{current}" nx AlwaysOn shutdown -r SimphonyAppServerGroup: Type: AWS::AutoScaling::AutoScalingGroup Properties: VPCZoneIdentifier: Ref: Subnets LaunchConfigurationName: Ref: SimphonyAppServerLaunchConfig MinSize: !FindInMap [InstanceSize, !Ref EnvironmentSize, MinSize] MaxSize: !FindInMap [InstanceSize, !Ref EnvironmentSize, MaxSize] DesiredCapacity: !FindInMap [InstanceSize, !Ref EnvironmentSize, DesireSize] Tags: - Key: Name PropagateAtLaunch: true Value: !Join [ " - ", [ !Ref StackPrefix, "App Server" ] ] - Key: LCM_TAG PropagateAtLaunch: true Value: SIM