AWSTemplateFormatVersion: '2010-09-09' Description: 'Existing VPC deployment: single-node Tableau Server running on Windows or Amazon Linux 2. (qs-1puphiil4)' Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: 'AWS environment and machine configuration' Parameters: - VPCID - PrivateSubnet1ID - PublicSubnet1ID - PublicSubnet2ID - Route53HostedZone - Route53DomainName - TableauServerSubDomainName - InstanceType - OS - KeyPairName - SourceCIDR - TableauS3BucketName - Label: default: Secrets Parameters: - TableauServerAdminUser - TableauServerAdminPassword - TsmUsername - TsmPassword - LicenseKey - Label: default: Registration Parameters: - AcceptEULA - RegFirstName - RegLastName - RegEmail - RegCompany - RegTitle - RegDepartment - RegIndustry - RegPhone - RegCity - RegState - RegZip - RegCountry - RegCompanyEmployees - RegOptIn - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion ParameterLabels: PrivateSubnet1ID: default: Private subnet 1 ID PublicSubnet1ID: default: Public subnet 1 ID PublicSubnet2ID: default: Public subnet 2 ID VPCID: default: VPC ID QSS3BucketName: default: Quick Start S3 Bucket Name QSS3KeyPrefix: default: Quick Start S3 Key Prefix QSS3BucketRegion: default: Quick Start S3 bucket region Route53HostedZone: default: Hosted Zone Route53DomainName: default: Domain name for your hosted zone TableauServerSubDomainName: default: Tableau Server subdomain TableauS3BucketName: default: Name of S3 bucket for Tableau Server files InstanceType: default: EC2 instance type for Tableau Server OS: default: Operating System for Tableau Server KeyPairName: default: Key Pair for EC2 SourceCIDR: default: CIDR block for ingress rules TableauServerAdminPassword: default: Tableau Server administrator password TableauServerAdminUser: default: Tableau Server administrator username TsmUsername: default: Tableau Services Manager (TSM) administrator username TsmPassword: default: Tableau Services Manager (TSM) administrator password LicenseKey: default: Tableau Activation Key AcceptEULA: default: Accept Tableau End User License Agreement RegCity: default: City RegCompany: default: Company RegCountry: default: Country RegDepartment: default: Department RegEmail: default: Email Address RegFirstName: default: First Name RegIndustry: default: Industry RegLastName: default: Last Name RegPhone: default: Phone RegState: default: State RegTitle: default: Title RegZip: default: Zip/Postal Code RegCompanyEmployees: default: 5 RegOptIn: default: true Parameters: Route53HostedZone: Description: Hosted Zone from Route53 Type: AWS::Route53::HostedZone::Id Route53DomainName: Default: example.com Description: Domain name for your Route53 Hosted Zone Type: String TableauServerSubDomainName: Default: tableau MaxLength: '25' Description: Sub domain name for your Tableau server deployment Type: String TableauS3BucketName: Default: '' Description: S3 bucket to Tableau Server files Type: String InstanceType: AllowedValues: - m6i.4xlarge - m6i.8xlarge - m6i.12xlarge - m5.4xlarge - m5.8xlarge - m5.12xlarge ConstraintDescription: must be a valid EC2 instance type. Default: m5.8xlarge Description: Amazon EC2 instance type Type: String TsmUsername: AllowedPattern: ^(?!(tableau|tsmagent|admin|root)$)[A-Za-z0-9]+$ Description: Tableau Services Manager (TSM) administrator username (cannot be 'tableau' or 'tsmagent' or 'admin' or 'root') MaxLength: '30' Type: String TsmPassword: Description: Tableau Services Manager (TSM) administrator password MinLength: '6' NoEcho: 'true' Type: String RegCompanyEmployees: Description: Company Size Type: String RegOptIn: Description: Opt in to receive marketing communications (true/false) Type: String OS: AllowedValues: - 'Linux' - 'Windows' Default: 'Linux' Description: Operating System on which Tableau Server will be deployed Type: String AcceptEULA: AllowedPattern: 'yes' AllowedValues: - 'yes' - 'no' Description: 'View the EULA at the Link: https://www.tableau.com/eula' Type: String KeyPairName: ConstraintDescription: must be the name of an existing EC2 KeyPair. Description: Name of an existing EC2 KeyPair to enable SSH access to the instances Type: AWS::EC2::KeyPair::KeyName PrivateSubnet1ID: Description: ID of private subnet 1 in Availability Zone 1 for Tableau Server (for example, subnet-a0246dcd). Type: AWS::EC2::Subnet::Id PublicSubnet1ID: Description: ID of public subnet 1 in Availability Zone 1 for the ELB load balancer (for example, subnet-9bc642ac). Type: AWS::EC2::Subnet::Id PublicSubnet2ID: Description: ID of public subnet 2 in Availability Zone 2 for the ELB load balancer (for example, subnet-e3246d8e). Type: AWS::EC2::Subnet::Id QSS3BucketName: AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart Description: S3 bucket name for the Quick Start assets. This string can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Type: String QSS3KeyPrefix: AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: quickstart-tableau-server/ Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Type: String QSS3BucketRegion: Default: 'us-east-1' Description: "The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value." Type: String RegCity: Description: City Type: String RegCompany: Description: Company Type: String RegCountry: Description: Country Type: String RegDepartment: Description: Department Type: String RegEmail: Description: Email MinLength: '1' Type: String RegFirstName: Description: First Name MinLength: '1' Type: String RegIndustry: Description: Industry Type: String RegLastName: Description: Last Name MinLength: '1' Type: String RegPhone: Description: Phone Type: String RegState: Description: State Type: String RegTitle: Description: Title Type: String RegZip: Description: ZIP/Postal Code Type: String SourceCIDR: AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x Description: The CIDR address from which you will connect to the instance Type: String TableauServerAdminPassword: Description: The password of the initial administrator for Tableau Server MinLength: '1' NoEcho: 'true' Type: String TableauServerAdminUser: Description: The name of the initial administrator for Tableau Server MinLength: '1' Type: String LicenseKey: Description: License Key (leave blank for trial) Type: String VPCID: Description: VPC to use for deployment Type: AWS::EC2::VPC::Id Conditions: InfaOnWindows: !Equals - !Ref 'OS' - Windows UsingDefaultBucket: !Equals [!Ref QSS3BucketName, 'aws-quickstart'] Resources: Infrastructure: Type: AWS::CloudFormation::Stack Properties: TemplateURL: Fn::Sub: - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/tableau-server-infrastructure.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: VPCID: !Ref VPCID PublicSubnet1ID: !Ref PublicSubnet1ID PublicSubnet2ID: !Ref PublicSubnet2ID Route53HostedZone: !Ref 'Route53HostedZone' Route53DomainName: !Ref 'Route53DomainName' TableauS3BucketName: !Ref 'TableauS3BucketName' SourceCIDR: !Ref 'SourceCIDR' TableauServerSubdomain: !Ref TableauServerSubDomainName TsmSubdomain: !Sub '${TableauServerSubDomainName}-tsm' QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' TableauServer: Type: AWS::CloudFormation::Stack Properties: TemplateURL: Fn::Sub: - 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/tableau-server-${TableauOS}.template.yaml' - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] TableauOS: !If [InfaOnWindows, 'windows', 'linux'] Parameters: AcceptEULA: !Ref 'AcceptEULA' InstanceType: !Ref 'InstanceType' KeyPairName: !Ref 'KeyPairName' S3BucketName: !GetAtt Infrastructure.Outputs.TableauS3Bucket TableauServerHostname: Fn::Sub: - '${prefix}.${Route53DomainName}' - prefix: !Ref TableauServerSubDomainName SecurityGroup: !GetAtt Infrastructure.Outputs.SecurityGroup IamInstanceProfile: !GetAtt Infrastructure.Outputs.IamInstanceProfile TableauIAMRole: !GetAtt Infrastructure.Outputs.TableauIAMRole PublicSubnetId: !Ref PrivateSubnet1ID TableauServerTargetGroupArn: !GetAtt Infrastructure.Outputs.TableauServerTargetGroupArn TsmTargetGroupArn: !GetAtt Infrastructure.Outputs.TsmTargetGroupArn TableauServerAdminPassword: !Ref 'TableauServerAdminPassword' TableauServerAdminUser: !Ref 'TableauServerAdminUser' LicenseKey: !Ref 'LicenseKey' TsmUsername: !Ref 'TsmUsername' TsmPassword: !Ref 'TsmPassword' RegCity: !Ref 'RegCity' RegCompany: !Ref 'RegCompany' RegCountry: !Ref 'RegCountry' RegDepartment: !Ref 'RegDepartment' RegEmail: !Ref 'RegEmail' RegFirstName: !Ref 'RegFirstName' RegIndustry: !Ref 'RegIndustry' RegLastName: !Ref 'RegLastName' RegPhone: !Ref 'RegPhone' RegState: !Ref 'RegState' RegTitle: !Ref 'RegTitle' RegZip: !Ref 'RegZip' RegCompanyEmployees: !Ref 'RegCompanyEmployees' RegOptIn: !Ref 'RegOptIn' TableauServerLogGroup: !GetAtt Infrastructure.Outputs.TableauServerLogGroup QSS3BucketName: !Ref 'QSS3BucketName' QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' QSS3BucketRegion: !Ref 'QSS3BucketRegion' Outputs: TableauServerUrl: Description: URL of your Tableau Server Value: Fn::Sub: - "${p1}.${Route53DomainName}" - p1: !Ref TableauServerSubDomainName TableauServerTsmUrl: Description: Tableau Server TSM URL (Load Balancer) Value: Fn::Sub: - "${p1}-tsm.${Route53DomainName}" - p1: !Ref TableauServerSubDomainName SecurityGroup: Description: Security Group ARN Value: !GetAtt Infrastructure.Outputs.SecurityGroup TableauServerTargetGroupArn: Description: Tableau Server ALB TG Value: !GetAtt Infrastructure.Outputs.TableauServerTargetGroupArn TsmTargetGroupArn: Description: TSM UI ALB TG Value: !GetAtt Infrastructure.Outputs.TsmTargetGroupArn