AWSTemplateFormatVersion: 2010-09-09 Description: >- This template creates a Multi-AZ, multi-subnet VPC infrastructure with UIPath Orchestrator deployed in private Subnets, with an ALB behind a Route53 in public subnets. (qs-1r2g41245) Metadata: QuickStartDocumentation: EntrypointName: Launch into an existing VPC Order: "1" 'AWS::CloudFormation::Interface': ParameterGroups: - Label: default: Network configuration Parameters: - BastionIngressCIDR - VPCCIDR - VPCID - PublicSubnetIDs - PrivateSubnetIDs - Label: default: UiPath Orchestrator instance configuration Parameters: - KeyPairName - InstanceType - Label: default: AWS Storage Gateway configuration Parameters: - GatewayName - GatewayTimezone - Label: default: DNS or SSL Configuration Parameters: - UiPathFQDN - HostedZoneID - Label: default: High Availability add-on Configuration Parameters: - HAAUser - HAAPassword - HAPort - HAALicense - Label: default: RDS Database Configuration Parameters: - RDSDBName - RDSAllocatedStorage - RDSMaxAllocatedStorage - RDSUsername - RDSPassword - Label: default: UiPath Orchestrator server configuration Parameters: - OrchestratorVersion - OrchestratorInstanceCount - OrchestratorLicense - OrchestratorPassword - Label: default: Quick Start S3 bucket configuration Parameters: - QSS3BucketName - QSS3KeyPrefix ParameterLabels: BastionIngressCIDR: default: Bastion Ingress CIDR VPCCIDR: default: VPC CIDR VPCID: default: VPC ID PublicSubnetIDs: default: VPC CIDR PrivateSubnetIDs: default: VPC CIDR KeyPairName: default: Instance key pair InstanceType: default: Instance type GatewayName: default: Storage gateway name UiPathFQDN: default: Hosting FQDN HostedZoneID: default: Route 53 hosted zone ID HAAUser: default: High-availability add-on user name HAAPassword: default: High-availability add-on password HAPort: default: High-availability add-on port HAALicense: default: High-availability add-on license key RDSDBName: default: RDS database name RDSAllocatedStorage: default: RDS allocated storage RDSMaxAllocatedStorage: default: Maximum allocated storage RDSUsername: default: RDS DB user name RDSPassword: default: RDS DB Password OrchestratorVersion: default: UiPath Orchestrator version OrchestratorInstanceCount: default: Number of UiPath Orchestrator instances OrchestratorLicense: default: UiPath Orchestrator license key OrchestratorPassword: default: UiPath Orchestrator password QSS3BucketName: default: Template-hosting S3 bucket QSS3KeyPrefix: default: Template folder Parameters: VPCCIDR: AllowedPattern: '^([0-9]{1,3}\.){2}([0]{1}.)[0]{1}(\/[16]{2})$' ConstraintDescription: Must be in format x.x.0.0/16. Default: 10.0.0.0/16 Description: VPC CIDR block, in format x.x.0.0/16. Type: String BastionIngressCIDR: AllowedPattern: '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|1[0-9]|2[0-9]|3[0-2]))$' ConstraintDescription: Must be in format x.x.x.x/y. Description: CIDR block Ingress for the Bastion Instance Type: String VPCID: Type: 'AWS::EC2::VPC::Id' Description: VPC ID PublicSubnetIDs: Description: List of public subnet IDs. Type: 'List' PrivateSubnetIDs: Description: List of private subnet IDs. Type: 'List' KeyPairName: Description: Existing key pair to connect to virtual machine (VM) instances. Type: 'AWS::EC2::KeyPair::KeyName' InstanceType: AllowedValues: - a1.xlarge - a1.2xlarge - a1.4xlarge - t2.xlarge - m4.xlarge - m4.2xlarge - m4.4xlarge - m4.10xlarge - c4.xlarge - c4.2xlarge - c4.4xlarge - c4.8xlarge - r4.xlarge - r4.2xlarge - r4.4xlarge - r4.8xlarge ConstraintDescription: Must be a valid Amazon EC2 instance type from the list. Default: m4.xlarge Description: EC2 instance type Type: String GatewayName: Description: Name of S3 File Storage Gateway. Type: String Default: uipathgateway AllowedPattern: '^[a-zA-Z]*$' ConstraintDescription: >- Gateway name can only contain *a–z* and *A–Z*. It cannot be left blank. GatewayTimezone: Description: File gateway time zone. Type: String AllowedValues: - Africa/Abidjan - Africa/Accra - Africa/Addis_Ababa - Africa/Algiers - Africa/Asmara - Africa/Asmera - Africa/Bamako - Africa/Bangui - Africa/Banjul - Africa/Bissau - Africa/Blantyre - Africa/Brazzaville - Africa/Bujumbura - Africa/Cairo - Africa/Casablanca - Africa/Ceuta - Africa/Conakry - Africa/Dakar - Africa/Dar_es_Salaam - Africa/Djibouti - Africa/Douala - Africa/El_Aaiun - Africa/Freetown - Africa/Gaborone - Africa/Harare - Africa/Johannesburg - Africa/Juba - Africa/Kampala - Africa/Khartoum - Africa/Kigali - Africa/Kinshasa - Africa/Lagos - Africa/Libreville - Africa/Lome - Africa/Luanda - Africa/Lubumbashi - Africa/Lusaka - Africa/Malabo - Africa/Maputo - Africa/Maseru - Africa/Mbabane - Africa/Mogadishu - Africa/Monrovia - Africa/Nairobi - Africa/Ndjamena - Africa/Niamey - Africa/Nouakchott - Africa/Ouagadougou - Africa/Porto-Novo - Africa/Sao_Tome - Africa/Timbuktu - Africa/Tripoli - Africa/Tunis - Africa/Windhoek - America/Adak - America/Anchorage - America/Anguilla - America/Antigua - America/Araguaina - America/Argentina/Buenos_Aires - America/Argentina/Catamarca - America/Argentina/ComodRivadavia - America/Argentina/Cordoba - America/Argentina/Jujuy - America/Argentina/La_Rioja - America/Argentina/Mendoza - America/Argentina/Rio_Gallegos - America/Argentina/Salta - America/Argentina/San_Juan - America/Argentina/San_Luis - America/Argentina/Tucuman - America/Argentina/Ushuaia - America/Aruba - America/Asuncion - America/Atikokan - America/Atka - America/Bahia - America/Bahia_Banderas - America/Barbados - America/Belem - America/Belize - America/Blanc-Sablon - America/Boa_Vista - America/Bogota - America/Boise - America/Buenos_Aires - America/Cambridge_Bay - America/Campo_Grande - America/Cancun - America/Caracas - America/Catamarca - America/Cayenne - America/Cayman - America/Chicago - America/Chihuahua - America/Coral_Harbour - America/Cordoba - America/Costa_Rica - America/Creston - America/Cuiaba - America/Curacao - America/Danmarkshavn - America/Dawson - America/Dawson_Creek - America/Denver - America/Detroit - America/Dominica - America/Edmonton - America/Eirunepe - America/El_Salvador - America/Ensenada - America/Fort_Wayne - America/Fortaleza - America/Glace_Bay - America/Godthab - America/Goose_Bay - America/Grand_Turk - America/Grenada - America/Guadeloupe - America/Guatemala - America/Guayaquil - America/Guyana - America/Halifax - America/Havana - America/Hermosillo - America/Indiana/Indianapolis - America/Indiana/Knox - America/Indiana/Marengo - America/Indiana/Petersburg - America/Indiana/Tell_City - America/Indiana/Vevay - America/Indiana/Vincennes - America/Indiana/Winamac - America/Indianapolis - America/Inuvik - America/Iqaluit - America/Jamaica - America/Jujuy - America/Juneau - America/Kentucky/Louisville - America/Kentucky/Monticello - America/Knox_IN - America/Kralendijk - America/La_Paz - America/Lima - America/Los_Angeles - America/Louisville - America/Lower_Princes - America/Maceio - America/Managua - America/Manaus - America/Marigot - America/Martinique - America/Matamoros - America/Mazatlan - America/Mendoza - America/Menominee - America/Merida - America/Metlakatla - America/Mexico_City - America/Miquelon - America/Moncton - America/Monterrey - America/Montevideo - America/Montreal - America/Montserrat - America/Nassau - America/New_York - America/Nipigon - America/Nome - America/Noronha - America/North_Dakota/Beulah - America/North_Dakota/Center - America/North_Dakota/New_Salem - America/Ojinaga - America/Panama - America/Pangnirtung - America/Paramaribo - America/Phoenix - America/Port_of_Spain - America/Port-au-Prince - America/Porto_Acre - America/Porto_Velho - America/Puerto_Rico - America/Rainy_River - America/Rankin_Inlet - America/Recife - America/Regina - America/Resolute - America/Rio_Branco - America/Rosario - America/Santa_Isabel - America/Santarem - America/Santiago - America/Santo_Domingo - America/Sao_Paulo - America/Scoresbysund - America/Shiprock - America/Sitka - America/St_Barthelemy - America/St_Johns - America/St_Kitts - America/St_Lucia - America/St_Thomas - America/St_Vincent - America/Swift_Current - America/Tegucigalpa - America/Thule - America/Thunder_Bay - America/Tijuana - America/Toronto - America/Tortola - America/Vancouver - America/Virgin - America/Whitehorse - America/Winnipeg - America/Yakutat - America/Yellowknife - Antarctica/Casey - Antarctica/Davis - Antarctica/DumontDUrville - Antarctica/Macquarie - Antarctica/Mawson - Antarctica/McMurdo - Antarctica/Palmer - Antarctica/Rothera - Antarctica/South_Pole - Antarctica/Syowa - Antarctica/Vostok - Arctic/Longyearbyen - Asia/Aden - Asia/Almaty - Asia/Amman - Asia/Anadyr - Asia/Aqtau - Asia/Aqtobe - Asia/Ashgabat - Asia/Ashkhabad - Asia/Baghdad - Asia/Bahrain - Asia/Baku - Asia/Bangkok - Asia/Beirut - Asia/Bishkek - Asia/Brunei - Asia/Calcutta - Asia/Choibalsan - Asia/Chongqing - Asia/Chungking - Asia/Colombo - Asia/Dacca - Asia/Damascus - Asia/Dhaka - Asia/Dili - Asia/Dubai - Asia/Dushanbe - Asia/Gaza - Asia/Harbin - Asia/Hebron - Asia/Ho_Chi_Minh - Asia/Hong_Kong - Asia/Hovd - Asia/Irkutsk - Asia/Istanbul - Asia/Jakarta - Asia/Jayapura - Asia/Jerusalem - Asia/Kabul - Asia/Kamchatka - Asia/Karachi - Asia/Kashgar - Asia/Kathmandu - Asia/Katmandu - Asia/Khandyga - Asia/Kolkata - Asia/Krasnoyarsk - Asia/Kuala_Lumpur - Asia/Kuching - Asia/Kuwait - Asia/Macao - Asia/Macau - Asia/Magadan - Asia/Makassar - Asia/Manila - Asia/Muscat - Asia/Nicosia - Asia/Novokuznetsk - Asia/Novosibirsk - Asia/Omsk - Asia/Oral - Asia/Phnom_Penh - Asia/Pontianak - Asia/Pyongyang - Asia/Qatar - Asia/Qyzylorda - Asia/Rangoon - Asia/Riyadh - Asia/Saigon - Asia/Sakhalin - Asia/Samarkand - Asia/Seoul - Asia/Shanghai - Asia/Singapore - Asia/Taipei - Asia/Tashkent - Asia/Tbilisi - Asia/Tehran - Asia/Tel_Aviv - Asia/Thimbu - Asia/Thimphu - Asia/Tokyo - Asia/Ujung_Pandang - Asia/Ulaanbaatar - Asia/Ulan_Bator - Asia/Urumqi - Asia/Ust-Nera - Asia/Vientiane - Asia/Vladivostok - Asia/Yakutsk - Asia/Yekaterinburg - Asia/Yerevan - Atlantic/Azores - Atlantic/Bermuda - Atlantic/Canary - Atlantic/Cape_Verde - Atlantic/Faeroe - Atlantic/Faroe - Atlantic/Jan_Mayen - Atlantic/Madeira - Atlantic/Reykjavik - Atlantic/South_Georgia - Atlantic/St_Helena - Atlantic/Stanley - Australia/ACT - Australia/Adelaide - Australia/Brisbane - Australia/Broken_Hill - Australia/Canberra - Australia/Currie - Australia/Darwin - Australia/Eucla - Australia/Hobart - Australia/LHI - Australia/Lindeman - Australia/Lord_Howe - Australia/Melbourne - Australia/North - Australia/NSW - Australia/Perth - Australia/Queensland - Australia/South - Australia/Sydney - Australia/Tasmania - Australia/Victoria - Australia/West - Australia/Yancowinna - Brazil/Acre - Brazil/DeNoronha - Brazil/East - Brazil/West - Canada/Atlantic - Canada/Central - Canada/Eastern - Canada/Mountain - Canada/Newfoundland - Canada/Pacific - Canada/Saskatchewan - Canada/Yukon - CET - Chile/Continental - Chile/EasterIsland - CST6CDT - Cuba - EET - Egypt - Eire - EST - EST5EDT - Etc/GMT - Etc/GMT+0 - Etc/GMT+1 - Etc/GMT+10 - Etc/GMT+11 - Etc/GMT+12 - Etc/GMT+2 - Etc/GMT+3 - Etc/GMT+4 - Etc/GMT+5 - Etc/GMT+6 - Etc/GMT+7 - Etc/GMT+8 - Etc/GMT+9 - Etc/GMT0 - Etc/GMT-0 - Etc/GMT-1 - Etc/GMT-10 - Etc/GMT-11 - Etc/GMT-12 - Etc/GMT-13 - Etc/GMT-14 - Etc/GMT-2 - Etc/GMT-3 - Etc/GMT-4 - Etc/GMT-5 - Etc/GMT-6 - Etc/GMT-7 - Etc/GMT-8 - Etc/GMT-9 - Etc/Greenwich - Etc/UCT - Etc/Universal - Etc/UTC - Etc/Zulu - Europe/Amsterdam - Europe/Andorra - Europe/Athens - Europe/Belfast - Europe/Belgrade - Europe/Berlin - Europe/Bratislava - Europe/Brussels - Europe/Bucharest - Europe/Budapest - Europe/Busingen - Europe/Chisinau - Europe/Copenhagen - Europe/Dublin - Europe/Gibraltar - Europe/Guernsey - Europe/Helsinki - Europe/Isle_of_Man - Europe/Istanbul - Europe/Jersey - Europe/Kaliningrad - Europe/Kiev - Europe/Lisbon - Europe/Ljubljana - Europe/London - Europe/Luxembourg - Europe/Madrid - Europe/Malta - Europe/Mariehamn - Europe/Minsk - Europe/Monaco - Europe/Moscow - Europe/Nicosia - Europe/Oslo - Europe/Paris - Europe/Podgorica - Europe/Prague - Europe/Riga - Europe/Rome - Europe/Samara - Europe/San_Marino - Europe/Sarajevo - Europe/Simferopol - Europe/Skopje - Europe/Sofia - Europe/Stockholm - Europe/Tallinn - Europe/Tirane - Europe/Tiraspol - Europe/Uzhgorod - Europe/Vaduz - Europe/Vatican - Europe/Vienna - Europe/Vilnius - Europe/Volgograd - Europe/Warsaw - Europe/Zagreb - Europe/Zaporozhye - Europe/Zurich - GB - GB-Eire - GMT - GMT+0 - GMT0 - GMT-0 - Greenwich - Hongkong - HST - Iceland - Indian/Antananarivo - Indian/Chagos - Indian/Christmas - Indian/Cocos - Indian/Comoro - Indian/Kerguelen - Indian/Mahe - Indian/Maldives - Indian/Mauritius - Indian/Mayotte - Indian/Reunion - Iran - Israel - Jamaica - Japan - Kwajalein - Libya - MET - Mexico/BajaNorte - Mexico/BajaSur - Mexico/General - MST - MST7MDT - Navajo - NZ - NZ-CHAT - Pacific/Apia - Pacific/Auckland - Pacific/Chatham - Pacific/Chuuk - Pacific/Easter - Pacific/Efate - Pacific/Enderbury - Pacific/Fakaofo - Pacific/Fiji - Pacific/Funafuti - Pacific/Galapagos - Pacific/Gambier - Pacific/Guadalcanal - Pacific/Guam - Pacific/Honolulu - Pacific/Johnston - Pacific/Kiritimati - Pacific/Kosrae - Pacific/Kwajalein - Pacific/Majuro - Pacific/Marquesas - Pacific/Midway - Pacific/Nauru - Pacific/Niue - Pacific/Norfolk - Pacific/Noumea - Pacific/Pago_Pago - Pacific/Palau - Pacific/Pitcairn - Pacific/Pohnpei - Pacific/Ponape - Pacific/Port_Moresby - Pacific/Rarotonga - Pacific/Saipan - Pacific/Samoa - Pacific/Tahiti - Pacific/Tarawa - Pacific/Tongatapu - Pacific/Truk - Pacific/Wake - Pacific/Wallis - Pacific/Yap - Poland - Portugal - PRC - PST8PDT - ROK - Singapore - Turkey - UCT - Universal - US/Alaska - US/Aleutian - US/Arizona - US/Central - US/Eastern - US/East-Indiana - US/Hawaii - US/Indiana-Starke - US/Michigan - US/Mountain - US/Pacific - US/Samoa - UTC - WET - W-SU - Zulu Default: US/Eastern UiPathFQDN: Description: Fully qualified domain name (FQDN) to which UiPath Orchestrator is installed. Type: String HostedZoneID: Description: The Route 53 hosted zone ID. Type: AWS::Route53::HostedZone::Id HAAUser: Description: High-aailability add-on user name. Must be a valid email address. Type: String AllowedPattern: '^([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})$' ConstraintDescription: Must be a valid email address. HAAPassword: Description: High-availability add-on password. Type: String NoEcho: 'true' MinLength: '6' MaxLength: '124' AllowedPattern: >- (?=^.{6,124}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* ConstraintDescription: >- High Availability add-on password must contain more than six characters and include at least one uppercase letter. HAPort: Description: High-availability add-on port. Type: String Default: 10000 AllowedValues: - 10000 HAALicense: Description: High-availability add-on license key. Default: '' Type: String RDSDBName: Description: UIPath database name. Type: String Default: uipathdb AllowedPattern: '^[a-zA-Z]*$' ConstraintDescription: >- UIPath database name can only contain characters *a–z* and *A–Z*. It cannot be left blank. RDSAllocatedStorage: Description: RDS DB instance storage amount. Type: String Default: '200' AllowedPattern: '^(?:[1-9]\d{0,3}|1[0-5]\d{3}|16[0-2]\d{2}|163[0-7]\d|1638[0-4])$' ConstraintDescription: RDS DB instance storage amount should be less or equal to 16,384 GB. RDSMaxAllocatedStorage: Description: Maximum storage threshold. The limit to which the DB instance can be autoscaled. Type: Number Default: '1000' MaxValue: '16384' ConstraintDescription: Should be less than or equal to RDS allocated storage. RDSUsername: Description: RDS DB username. Type: String AllowedPattern: '^[0-9a-zA-Z]*$' ConstraintDescription: RDS DB username cannot be left blank. RDSPassword: Description: RDS DB password. Type: String NoEcho: 'true' MinLength: '8' AllowedPattern: '^(?=.*[0-9]+.*)(?=.*[a-zA-Z]+.*)[0-9a-zA-Z]{8,}$' ConstraintDescription: >- RDS DB password must contain a minimum of eight characters and include at least one letter and one number. OrchestratorVersion: Description: UIPath Orchestrator version. Type: String Default: 22.10.0 AllowedValues: - 22.10.0 ConstraintDescription: UIPath Orchestrator version can only contain characters *0–9* and *.* (period). OrchestratorInstanceCount: Description: Number of UiPath Orchestrator instances (1–20). Type: String Default: '2' AllowedPattern: '^(?:[1-9]|0[1-9]|1[0-9]|20)$' ConstraintDescription: Number of UiPath Orchestrator instances can be 1–20. OrchestratorLicense: Description: UiPath Orchestrator license key or trial key. Default: '' Type: String OrchestratorPassword: Description: UiPath Orchestrator administrator password. Type: String NoEcho: 'true' MinLength: '6' MaxLength: '124' AllowedPattern: >- (?=^.{6,124}$)((?=.*\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.* ConstraintDescription: >- UiPath Orchestrator administrator password must contain more than six characters and include at least one uppercase letter. QSS3BucketName: AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' ConstraintDescription: >- Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String Default: aws-quickstart QSS3BucketRegion: Default: us-east-1 Description: >- AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html. Type: String AllowedPattern: (us(-gov)?|ap|ca|cn|eu|sa)-(central|(north|south)?(east|west)?)-\d ConstraintDescription: Must be a valid AWS Region code. QSS3KeyPrefix: AllowedPattern: '^[0-9a-zA-Z-/]*/$' ConstraintDescription: >- The Quick Start S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). Default: quickstart-uipath-orchestrator/ Description: >- S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String Conditions: UsingDefaultBucket: !Equals - !Ref QSS3BucketName - aws-quickstart Resources: FindAmiLambdaRole: Type: 'AWS::IAM::Role' Properties: Description: >- IAM Role to be assumed by Lambda functions which find AMI ids AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - lambda.amazonaws.com Action: - 'sts:AssumeRole' Path: / Policies: - PolicyName: root PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - 'ec2:DescribeImages' Resource: '*' - Effect: Allow Action: - 'logs:CreateLogGroup' - 'logs:CreateLogStream' - 'logs:PutLogEvents' Resource: !Sub arn:${AWS::Partition}:logs:*:*:* - Effect: Allow Action: - 'xray:PutTraceSegments' Resource: '*' FindAMIFunction: Type: 'AWS::Lambda::Function' Properties: Description: Finds a matching AMI Id Handler: index.handler Role: !GetAtt FindAmiLambdaRole.Arn Code: ZipFile: !Join - |+ - - import boto3 - import json - import cfnresponse - 'def getRootDevice(imageId, regionName):' - ' rootDeviceName = ''''' - ' ec2 = boto3.client(''ec2'', regionName)' - ' images = ec2.describe_images(' - ' ExecutableUsers=[''all''],' - ' Filters=[' - ' { ''Name'': ''image-id'', ''Values'': [imageId] }' - ' ]' - ' )[''Images'']' - ' if len(images) > 0:' - ' rootDeviceName = images[0][''RootDeviceName'']' - ' print(regionName, imageId, rootDeviceName)' - ' return rootDeviceName' - 'def create(properties, physical_id):' - ' regionName = properties[''RegionName'']' - ' imageName = properties[''ImageName'']' - ' architecture = properties[''Architecture'']' - ' virtualizationType = properties[''VirtualizationType'']' - ' owners = properties[''Owners'']' - ' imageId = ''''' - ' ec2 = boto3.client(''ec2'', regionName)' - ' images = ec2.describe_images(' - ' ExecutableUsers=[''all''],' - ' Filters=[' - ' { ''Name'': ''name'', ''Values'': [imageName] },' - ' { ''Name'': ''state'', ''Values'': [''available''] },' - ' { ''Name'': ''architecture'', ''Values'': [architecture] },' - ' { ''Name'': ''virtualization-type'', ''Values'': [virtualizationType] }' - ' ],' - ' Owners=[owners]' - ' )[''Images'']' - ' if len(images) > 0:' - ' imageId = images[0][''ImageId'']' - ' rootDeviceName = images[0][''RootDeviceName'']' - ' print(regionName, imageId)' - ' returnAttribute = {}' - ' returnAttribute[''ImageId''] = imageId' - ' returnAttribute[''RootDeviceName''] = rootDeviceName' - ' returnAttribute[''Action''] = ''CREATE''' - ' return cfnresponse.SUCCESS, imageId, returnAttribute' - 'def update(properties, physical_id):' - ' imageId = physical_id' - ' returnAttribute = {}' - ' returnAttribute[''ImageId''] = imageId' - ' returnAttribute[''RootDeviceName''] = getRootDevice(imageId, properties[''RegionName''])' - ' returnAttribute[''Action''] = ''UPDATE''' - ' return cfnresponse.SUCCESS, imageId, returnAttribute' - 'def delete(properties, physical_id):' - ' imageId = physical_id' - ' returnAttribute = {}' - ' returnAttribute[''ImageId''] = imageId' - ' returnAttribute[''Action''] = ''DELETE''' - ' return cfnresponse.SUCCESS, imageId, returnAttribute' - 'def handler(event, context):' - ' print(''Received event: '' + json.dumps(event))' - ' status = cfnresponse.FAILED' - ' new_physical_id = None' - ' returnAttribute = {}' - ' try:' - ' properties = event.get(''ResourceProperties'')' - ' physical_id = event.get(''PhysicalResourceId'')' - ' status, new_physical_id, returnAttribute = {' - ' ''Create'': create,' - ' ''Update'': update,' - ' ''Delete'': delete' - ' }.get(event[''RequestType''], lambda x, y: (cfnresponse.FAILED, None))(properties, physical_id)' - ' except Exception as e:' - ' print(''Exception: '' + str(e))' - ' status = cfnresponse.FAILED' - ' finally:' - ' cfnresponse.send(event, context, status, returnAttribute, new_physical_id)' Runtime: python3.9 Timeout: 30 TracingConfig: Mode: Active StorageStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - >- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/storage.template.yaml - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName S3Region: !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref QSS3BucketRegion Parameters: SubnetId: !Select [0, !Ref PrivateSubnetIDs] KeyPairName: !Ref KeyPairName GatewayName: !Ref GatewayName GatewayTimezone: !Ref GatewayTimezone VPCID: !Ref VPCID VPCCIDR: !Ref VPCCIDR RoutingStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - >- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/routing.template.yaml - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName S3Region: !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref QSS3BucketRegion Parameters: VPCID: !Ref VPCID VPCCIDR: !Ref VPCCIDR SubnetIDs: !Join [",", !Ref PublicSubnetIDs] Fqdn: !Ref UiPathFQDN HostedZoneID: !Ref HostedZoneID SSLCertificateArn: !GetAtt ConfigureSSLStack.Outputs.ACMCertificate HAStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - >- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/ha.template.yaml - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName S3Region: !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref QSS3BucketRegion Parameters: VPCID: !Ref VPCID VPCCIDR: !Ref VPCCIDR SubnetIDs: !Join [",", !Ref PrivateSubnetIDs] KeyPairName: !Ref KeyPairName HAAUser: !Ref HAAUser HAAPassword: !Ref HAAPassword HAALicense: !Ref HAALicense FindAMIFunctionArn: !GetAtt - FindAMIFunction - Arn QSS3BucketName: !Ref QSS3BucketName DatabaseStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - >- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/database.template.yaml - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName S3Region: !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref QSS3BucketRegion Parameters: VPCID: !Ref VPCID VPCCIDR: !Ref VPCCIDR SubnetIDs: !Join [",", !Ref PrivateSubnetIDs] RDSDBName: !Ref RDSDBName RDSAllocatedStorage: !Ref RDSAllocatedStorage RDSMaxAllocatedStorage: !Ref RDSMaxAllocatedStorage RDSUsername: !Ref RDSUsername RDSPassword: !Ref RDSPassword ServerStack: Type: 'AWS::CloudFormation::Stack' Properties: TemplateURL: !Sub - >- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/server.template.yaml - S3Bucket: !If - UsingDefaultBucket - !Sub '${QSS3BucketName}-${AWS::Region}' - !Ref QSS3BucketName S3Region: !If - UsingDefaultBucket - !Ref 'AWS::Region' - !Ref QSS3BucketRegion Parameters: VPCID: !Ref VPCID VPCCIDR: !Ref VPCCIDR PrivateSubnetIDs: !Join [",", !Ref PrivateSubnetIDs] PublicSubnetIDs: !Join [",", !Ref PublicSubnetIDs] TargetGroupARN: !GetAtt - RoutingStack - Outputs.TargetGroupARN KeyPairName: !Ref KeyPairName InstanceType: !Ref InstanceType FindAMIFunctionArn: !GetAtt - FindAMIFunction - Arn OrchestratorVersion: !Ref OrchestratorVersion OrchestratorInstanceCount: !Ref OrchestratorInstanceCount OrchestratorLicense: !Ref OrchestratorLicense OrchestratorPassword: !Ref OrchestratorPassword DatabaseServerName: !GetAtt - DatabaseStack - Outputs.RDSDBInstanceEndpointAddress DatabaseName: !Ref RDSDBName DatabaseUsername: !Ref RDSUsername DatabasePassword: !Ref RDSPassword NugetStorageBucketName: !GetAtt - StorageStack - Outputs.NugetStorageBucketName NugetStorageBucketArn: !GetAtt - StorageStack - Outputs.NugetStorageBucketArn GatewayPrivateIP: !GetAtt - StorageStack - Outputs.GatewayVMPrivateIP1 HAMainPrivateIP: !GetAtt - HAStack - Outputs.HAMainPrivateIP HASecondary1PrivateIP: !GetAtt - HAStack - Outputs.HASecondary1PrivateIP HASecondary2PrivateIP: !GetAtt - HAStack - Outputs.HASecondary2PrivateIP HAPort: !Ref HAPort HAAPassword: !Ref HAAPassword QSS3BucketName: !Ref QSS3BucketName QSS3BucketRegion: !Ref QSS3BucketRegion QSS3KeyPrefix: !Ref QSS3KeyPrefix Fqdn: !Ref UiPathFQDN BastionIngressCIDR: !Ref BastionIngressCIDR ConfigureSSLStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - "https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-acm-certificate/templates/quickstart-aws-acm-certificate.template.yml" - S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion] S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] Parameters: QSS3BucketName: !Ref QSS3BucketName QSS3BucketRegion: !Ref QSS3BucketRegion QSS3KeyPrefix: !Sub "${QSS3KeyPrefix}submodules/quickstart-aws-acm-certificate/" DomainName: !Ref UiPathFQDN HostedZoneID: !Ref HostedZoneID Outputs: FQDNLoadBalancer: Description: UiPath Orchestrator login page. Value: !Ref UiPathFQDN BastionHost: Description: Bastion host Public IP address. Value: !GetAtt - ServerStack - Outputs.BastionHostPublicIP HaaNodesIPs: Description: High Availability Add-on IP addresses. Value: !Join - ',' - - !GetAtt - HAStack - Outputs.HAMainPrivateIP - !GetAtt - HAStack - Outputs.HASecondary1PrivateIP - !GetAtt - HAStack - Outputs.HASecondary2PrivateIP NugetStorageS3Bucket: Description: S3 bucket with UiPath Orchestrator NuGet packages. Value: !GetAtt - StorageStack - Outputs.NugetStorageBucketName Postdeployment: Description: See the deployment guide for post-deployment steps. Value: https://aws.amazon.com/quickstart/?quickstart-all.sort-by=item.additionalFields.sortDate&quickstart-all.sort-order=desc&awsm.page-quickstart-all=5