AWSTemplateFormatVersion: '2010-09-09' Description: This main template creates a VPC infrastructure for a multi-AZ deployment of a StarWind VSAN on AWS. It deploys a VPC and 3 StarWind VSAN EC2 instances. Two nodes and a witness. **WARNING** This template creates EC2 instances and related resources. You will be billed for the AWS resources used if you create a stack from this template. (qs-1sgqsed1u) Metadata: cfn-lint: config: ignore_checks: - W9006 - W9901 QuickStartDocumentation: EntrypointName: "Parameters for deploying into a new VPC" Order: "1" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: VPC configuration Parameters: - AvailabilityZones - VPCCIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - PublicSubnet3CIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PrivateSubnet3CIDR - Label: default: Microsoft Remote Desktop Gateway configuration Parameters: - RDGWCIDR - AdminPassword - Label: default: Amazon EC2 configuration Parameters: - WorkloadInstanceType - SWVSANAMIOS - SWVSANStorageVolumeSize - KeyPairName - Node1NetBiosName - Node2NetBiosName - WitnessNodeNetBiosName - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3BucketRegion - QSS3KeyPrefix ParameterLabels: AvailabilityZones: default: Availability Zones VPCCIDR: default: VPC CIDR PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR PrivateSubnet3CIDR: default: Private subnet 3 CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR PublicSubnet3CIDR: default: Public subnet 3 CIDR QSS3BucketName: default: Quick Start S3 bucket name QSS3BucketRegion: default: Quick Start S3 bucket Region QSS3KeyPrefix: default: Quick Start S3 key prefix WorkloadInstanceType: default: Workload servers instance type SWVSANAMIOS: default: Workload servers OS version SWVSANStorageVolumeSize: default: Secondary EBS volume size KeyPairName: default: Key-pair name AdminPassword: default: Administrator password RDGWCIDR: default: RD Gateway external-access CIDR Node1NetBiosName: default: Node 1 NetBIOS name Node2NetBiosName: default: Node 2 NetBIOS name WitnessNodeNetBiosName: default: Witness node NetBIOS name Parameters: AvailabilityZones: Description: Availability Zones to use for the subnets in the VPC. Three Availability Zones are used for this deployment, and the logical order of your selections is preserved. Type: List VPCCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/16 Description: CIDR block for the VPC. Type: String PublicSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.128.0/20 Description: CIDR block for the perimeter network located in Availability Zone 1. Type: String PublicSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.144.0/20 Description: CIDR block for the perimeter network located in Availability Zone 2. Type: String PublicSubnet3CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.160.0/20 Description: CIDR block for the perimeter network located in Availability Zone 3. Type: String PrivateSubnet1CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/19 Description: CIDR block for the private subnet located in Availability Zone 1. Type: String PrivateSubnet2CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.32.0/19 Description: CIDR block for the private subnet located in Availability Zone 2. Type: String PrivateSubnet3CIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.64.0/19 Description: CIDR block for the private subnet located in Availability Zone 3. Type: String AdminPassword: Description: Password for the administrative account. Must be at least 8 characters containing letters, numbers, and symbols. Type: String MinLength: '8' MaxLength: '32' AllowedPattern: (?=^.{6,255}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* NoEcho: 'true' RDGWCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Description: Allowed CIDR block for external access to the Remote Desktop Gateways. Type: String QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: The Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String QSS3BucketRegion: Default: 'us-east-1' Description: 'AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html.' Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: The Quick Start S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). The prefix should end with a forward slash (/). Default: quickstart-starwind-vsan/ Description: S3 key prefix that is used to simulate a folder for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End with a forward slash. See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String WorkloadInstanceType: AllowedValues: - c5.12xlarge - c5.18xlarge - c5.24xlarge - c5.2xlarge - c5.4xlarge - c5.9xlarge - c5.metal - c5d.18xlarge - c5d.2xlarge - c5d.4xlarge - c5d.9xlarge - c5n.18xlarge - c5n.2xlarge - c5n.4xlarge - c5n.9xlarge - c5n.metal - d2.2xlarge - d2.4xlarge - d2.8xlarge - f1.16xlarge - g2.2xlarge - g2.8xlarge - g3.16xlarge - g3.4xlarge - g3.8xlarge - g4dn.12xlarge - g4dn.16xlarge - g4dn.2xlarge - g4dn.4xlarge - g4dn.8xlarge - h1.16xlarge - h1.2xlarge - h1.4xlarge - h1.8xlarge - hs1.8xlarge - i2.2xlarge - i2.4xlarge - i2.8xlarge - i3.16xlarge - i3.2xlarge - i3.4xlarge - i3.8xlarge - i3.metal - i3en.12xlarge - i3en.24xlarge - i3en.2xlarge - i3en.3xlarge - i3en.6xlarge - i3en.large - i3en.metal - i3en.xlarge - m5.12xlarge - m5.16xlarge - m5.24xlarge - m5.2xlarge - m5.xlarge - m5.4xlarge - m5.8xlarge - m5.metal - m5a.12xlarge - m5a.16xlarge - m5a.24xlarge - m5a.2xlarge - m5a.4xlarge - m5a.8xlarge - m5ad.12xlarge - m5ad.24xlarge - m5ad.2xlarge - m5ad.4xlarge - m5d.12xlarge - m5d.16xlarge - m5d.24xlarge - m5d.2xlarge - m5d.4xlarge - m5d.8xlarge - m5d.metal - m5dn.12xlarge - m5dn.16xlarge - m5dn.24xlarge - m5dn.2xlarge - m5dn.4xlarge - m5dn.8xlarge - m5n.12xlarge - m5n.16xlarge - m5n.24xlarge - m5n.2xlarge - m5n.4xlarge - m5n.8xlarge - p2.16xlarge - p2.8xlarge - p3.16xlarge - p3.2xlarge - p3.8xlarge - p3dn.24xlarge - r5.12xlarge - r5.16xlarge - r5.24xlarge - r5.2xlarge - r5.4xlarge - r5.8xlarge - r5.metal - r5a.12xlarge - r5a.16xlarge - r5a.24xlarge - r5a.2xlarge - r5a.4xlarge - r5a.8xlarge - r5ad.12xlarge - r5ad.24xlarge - r5ad.2xlarge - r5ad.4xlarge - r5d.12xlarge - r5d.16xlarge - r5d.24xlarge - r5d.2xlarge - r5d.4xlarge - r5d.8xlarge - r5d.metal - r5dn.12xlarge - r5dn.16xlarge - r5dn.24xlarge - r5dn.2xlarge - r5dn.4xlarge - r5dn.8xlarge - r5n.12xlarge - r5n.16xlarge - r5n.24xlarge - r5n.2xlarge - r5n.4xlarge - r5n.8xlarge - t3.2xlarge - t3a.2xlarge - x1.16xlarge - x1.32xlarge - x1e.16xlarge - x1e.2xlarge - x1e.32xlarge - x1e.4xlarge - x1e.8xlarge - z1d.12xlarge - z1d.2xlarge - z1d.3xlarge - z1d.6xlarge - z1d.metal ConstraintDescription: Must contain a valid instance type. Default: m5.xlarge Description: Type of EC2 instance for the workload instances. Type: String SWVSANAMIOS: Type: String Description: Operating system version of the StarWind instances to be created. Default: WindowsServer2019 AllowedValues: - WindowsServer2019 - WindowsServer2016 SWVSANStorageVolumeSize: Type: Number Default: 100 ConstraintDescription: Must be between 1 GB and 16,000 GB (16 TB). MinValue: 1 MaxValue: 16000 Description: Size (in GB) for StarWind VSAN virtualized storage. KeyPairName: Description: Name of an existing EC2 key pair. The instance will launch with this key pair. Type: AWS::EC2::KeyPair::KeyName Node1NetBiosName: AllowedPattern: '[a-zA-Z0-9\-]+' Default: "SWVSANNODE1" Description: "NetBIOS name of storage node 1 (up to 15 characters)." MaxLength: '15' MinLength: '1' Type: "String" Node2NetBiosName: AllowedPattern: '[a-zA-Z0-9\-]+' Default: "SWVSANNODE2" Description: "NetBIOS name of storage node 2 (up to 15 characters)." MaxLength: '15' MinLength: '1' Type: "String" WitnessNodeNetBiosName: AllowedPattern: '[a-zA-Z0-9\-]+' Default: "SWVSANWIT" Description: "NetBIOS name of witness node (up to 15 characters)." MaxLength: '15' MinLength: '1' Type: "String" Conditions: UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: AvailabilityZones: Fn::Join: - ',' - Ref: AvailabilityZones NumberOfAZs: '3' VPCCIDR: Ref: VPCCIDR PublicSubnet1CIDR: Ref: PublicSubnet1CIDR PublicSubnet2CIDR: Ref: PublicSubnet2CIDR PublicSubnet3CIDR: Ref: PublicSubnet3CIDR PrivateSubnet1ACIDR: Ref: PrivateSubnet1CIDR PrivateSubnet2ACIDR: Ref: PrivateSubnet2CIDR PrivateSubnet3ACIDR: Ref: PrivateSubnet3CIDR RDGStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-microsoft-rdgateway/templates/rdgw-standalone.template' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: VPCID: !GetAtt VPCStack.Outputs.VPCID PublicSubnet1ID: !GetAtt VPCStack.Outputs.PublicSubnet1ID PublicSubnet2ID: !GetAtt VPCStack.Outputs.PublicSubnet2ID RDGWCIDR: Ref: RDGWCIDR KeyPairName: Ref: KeyPairName AdminPassword: Ref: AdminPassword QSS3BucketName: Ref: QSS3BucketName QSS3BucketRegion: Ref: QSS3BucketRegion QSS3KeyPrefix: !Sub '${QSS3KeyPrefix}submodules/quickstart-microsoft-rdgateway/' WorkloadStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/swvsan-entrypoint-existing-vpc.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: VPCID: !GetAtt VPCStack.Outputs.VPCID PrivateSubnetAID: !GetAtt VPCStack.Outputs.PrivateSubnet1AID PrivateSubnetBID: !GetAtt VPCStack.Outputs.PrivateSubnet2AID PrivateSubnetCID: !GetAtt VPCStack.Outputs.PrivateSubnet3AID RDPSGID: !GetAtt RDGStack.Outputs.RemoteDesktopGatewaySGID QSS3BucketName: Ref: QSS3BucketName QSS3BucketRegion: Ref: QSS3BucketRegion QSS3KeyPrefix: Ref: QSS3KeyPrefix WorkloadInstanceType: Ref: WorkloadInstanceType SWVSANAMIOS: !Ref SWVSANAMIOS SWVSANStorageVolumeSize: Ref: SWVSANStorageVolumeSize KeyPairName: Ref: KeyPairName Node1NetBiosName: !Ref Node1NetBiosName Node2NetBiosName: !Ref Node2NetBiosName WitnessNodeNetBiosName: !Ref WitnessNodeNetBiosName Outputs: RDPURL: Description: Elastic Load Balancing (ELB) DNS name to connect to RD Gateway Value: !GetAtt RDGStack.Outputs.RDPURL RDPUser: Description: RD Gateway administrator user Value: StackAdmin StorageNode1ManagementIP: Description: Management IP address of storage node 1 Value: !GetAtt WorkloadStack.Outputs.StorageNode1ManagementIP StorageNode1IscsiIP: Description: iSCSI IP address of storage node 1 Value: !GetAtt WorkloadStack.Outputs.StorageNode1IscsiIP StorageNode1SyncronizationIP: Description: Synchronization IP address of storage node 1 Value: !GetAtt WorkloadStack.Outputs.StorageNode1SyncronizationIP StorageNode2ManagementIP: Description: Management IP address of storage node 2 Value: !GetAtt WorkloadStack.Outputs.StorageNode2ManagementIP StorageNode2IscsiIP: Description: iSCSI IP address of storage node 2 Value: !GetAtt WorkloadStack.Outputs.StorageNode2IscsiIP StorageNode2SyncronizationIP: Description: Syncronization IP address of storage node 2 Value: !GetAtt WorkloadStack.Outputs.StorageNode2SyncronizationIP WitnessNodeManagementIP: Description: Management IP address of witness node Value: !GetAtt WorkloadStack.Outputs.WitnessNodeManagementIP