zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 06:06:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #187 from jfrog/v72710-aws-modules

Browse Source 
Updated RT and Xray version and republished modules
This commit is contained in:
Giridharan Ramasamy
2021-12-13 18:00:34 +05:30
committed by GitHub
parent 7e20908b1e 5db36fbe8b
commit a7324c7585
3 changed files with 268 additions and 226 deletions
Download Patch File Download Diff File Expand all files Collapse all files

351
Amazon/cloudformation-modules/JFrog__Artifactory__ExistingVpc__MODULE/fragments/jfrog-artifactory-ec2-existing-vpc.template.yaml
View File

@@ -1,8 +1,8 @@
AWSTemplateFormatVersion: '2010-09-09' AWSTemplateFormatVersion: "2010-09-09"
Description: 'JFrog Artifactory Quick Start Deployment into an Existing VPC (qs-1q037efj0)' Description: "JFrog Artifactory Quick Start Deployment into an Existing VPC (qs-1q037efj0)"
Parameters: Parameters:
LogicalId : LogicalId:
Description : Logical Id of the MODULE Description: Logical Id of the MODULE
Type: String Type: String
AvailabilityZone1: AvailabilityZone1:
Description: Availability Zone 1 to use for the subnets in the VPC. Two Description: Availability Zone 1 to use for the subnets in the VPC. Two
@@ -57,7 +57,8 @@ Parameters:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String Type: String
RemoteAccessCidr: RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH. Description:
Remote CIDR range that allows you to connect to the bastion instance by using SSH.
We recommend that you set this value to a trusted IP range. We recommend that you set this value to a trusted IP range.
For example, you might want to grant specific ranges inside your corporate network SSH access. For example, you might want to grant specific ranges inside your corporate network SSH access.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
@@ -95,7 +96,8 @@ Parameters:
Default: 10 Default: 10
Type: Number Type: Number
BastionEnableTcpForwarding: BastionEnableTcpForwarding:
Description: Choose whether to enable TCPForwarding via the bootstrapping of the bastion instance Description:
Choose whether to enable TCPForwarding via the bootstrapping of the bastion instance
or not. or not.
AllowedValues: AllowedValues:
- "true" - "true"
@@ -103,7 +105,8 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
BastionEnableX11Forwarding: BastionEnableX11Forwarding:
Description: Choose true to enable X11 via the bootstrapping of the bastion host. Description:
Choose true to enable X11 via the bootstrapping of the bastion host.
Setting this value to true will enable X Windows over SSH. Setting this value to true will enable X Windows over SSH.
X11 forwarding can be useful, but it is also a security risk, so it's recommended X11 forwarding can be useful, but it is also a security risk, so it's recommended
that you keep the default (false) setting. that you keep the default (false) setting.
@@ -124,14 +127,15 @@ Parameters:
NumBastionHosts: NumBastionHosts:
Description: Number of bastion instances to create. Description: Number of bastion instances to create.
AllowedValues: AllowedValues:
- '1' - "1"
- '2' - "2"
- '3' - "3"
- '4' - "4"
Default: '1' Default: "1"
Type: String Type: String
VolumeSize: VolumeSize:
Description: Size in gigabytes of the available storage (min 10GB); the Quick Start will create an Description:
Size in gigabytes of the available storage (min 10GB); the Quick Start will create an
Amazon Elastic Block Store (Amazon EBS) volumes of this size. Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200 Default: 200
Type: Number Type: Number
@@ -192,20 +196,21 @@ Parameters:
Default: JFrog-Artifactory-Enterprise Default: JFrog-Artifactory-Enterprise
Type: String Type: String
ArtifactoryVersion: ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start. Description:
Version of Artifactory that you want to deploy into the Quick Start.
See the release notes to select the version you want to deploy at See the release notes to select the version you want to deploy at
https://www.jfrog.com/confluence/display/RTF/Release+Notes. https://www.jfrog.com/confluence/display/RTF/Release+Notes.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Artifactory releases ConstraintDescription: A version that matches X.X.X per Artifactory releases
Default: 7.21.5 Default: 7.27.10
Type: String Type: String
SmLicenseName: SmLicenseName:
Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses.
Default: '' Default: ""
Type: String Type: String
SmCertName: SmCertName:
Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key. Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key.
Default: '' Default: ""
Type: String Type: String
ArtifactoryServerName: ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate. Description: Name of your Artifactory server. Ensure that this matches your certificate.
@@ -213,19 +218,21 @@ Parameters:
MasterKey: MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'. Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$ AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1' MinLength: "1"
MaxLength: '64' MaxLength: "64"
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters. ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
ExtraJavaOptions: ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory Description:
Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware. system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings. Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC Default: -Xss256k -XX:+UseG1GC
Type: String Type: String
DefaultJavaMemSettings: DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM. Description:
Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing. If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False ConstraintDescription: True or False
AllowedValues: AllowedValues:
@@ -234,12 +241,13 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
DatabaseName: DatabaseName:
Description: Name of your database instance. The name must be unique across all instances Description:
Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive, owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance"). but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1' MinLength: "1"
MaxLength: '60' MaxLength: "60"
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter. ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb Default: artdb
Type: String Type: String
@@ -251,8 +259,8 @@ Parameters:
Type: String Type: String
DatabaseUser: DatabaseUser:
Description: Login ID for the master user of your database instance. Description: Login ID for the master user of your database instance.
MinLength: '1' MinLength: "1"
MaxLength: '16' MaxLength: "16"
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter. ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: artifactory Default: artifactory
@@ -260,12 +268,12 @@ Parameters:
DatabasePassword: DatabasePassword:
Description: Password for the Artifactory database user. Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$ AllowedPattern: ^[^ \\']+$
MinLength: '8' MinLength: "8"
MaxLength: '12' MaxLength: "12"
ConstraintDescription: Must be at least 8 and no more than ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and 12 characters containing letters and (minimum 1 capital letter), numbers and
symbols. symbols.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
DatabaseInstance: DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start. Description: Size of the database to be deployed as part of the Quick Start.
@@ -302,25 +310,29 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
QsS3BucketName: QsS3BucketName:
Description: S3 bucket name for the Quick Start assets. This string can include Description:
S3 bucket name for the Quick Start assets. This string can include
numbers, lowercase letters, and hyphens (-). It cannot start numbers, lowercase letters, and hyphens (-). It cannot start
or end with a hyphen (-). or end with a hyphen (-).
AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$ AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$
ConstraintDescription: Quick Start bucket name can include numbers, lowercase ConstraintDescription:
Quick Start bucket name can include numbers, lowercase
letters, and hyphens (-). It cannot start or end with a hyphen (-). letters, and hyphens (-). It cannot start or end with a hyphen (-).
Default: aws-quickstart Default: aws-quickstart
Type: String Type: String
QsS3KeyPrefix: QsS3KeyPrefix:
Description: S3 key prefix for the Quick Start assets. Quick Start key prefix Description:
S3 key prefix for the Quick Start assets. Quick Start key prefix
can include numbers, lowercase letters, uppercase letters, hyphens (-), and can include numbers, lowercase letters, uppercase letters, hyphens (-), and
forward slash (/). forward slash (/).
AllowedPattern: ^[0-9a-zA-Z-/]*$ AllowedPattern: ^[0-9a-zA-Z-/]*$
ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, ConstraintDescription:
Quick Start key prefix can include numbers, lowercase letters,
uppercase letters, hyphens (-), and forward slash (/). uppercase letters, hyphens (-), and forward slash (/).
Default: quickstart-jfrog-artifactory/ Default: quickstart-jfrog-artifactory/
Type: String Type: String
QsS3BucketRegion: QsS3BucketRegion:
Default: 'us-east-1' Default: "us-east-1"
Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value. Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value.
Type: String Type: String
InstallXray: InstallXray:
@@ -335,7 +347,7 @@ Parameters:
Description: The version of Xray that you want to deploy into the Quick Start. Description: The version of Xray that you want to deploy into the Quick Start.
AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$
ConstraintDescription: A version that matches X.X.X per Xray releases. ConstraintDescription: A version that matches X.X.X per Xray releases.
Default: 3.27.3 Default: 3.35.0
Type: String Type: String
XrayNumberOfInstances: XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your Description: The number of Xray instances servers to complete your
@@ -355,8 +367,8 @@ Parameters:
Type: String Type: String
XrayDatabaseUser: XrayDatabaseUser:
Description: The login ID for the Xray database user. Description: The login ID for the Xray database user.
MinLength: '1' MinLength: "1"
MaxLength: '16' MaxLength: "16"
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter. ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray Default: xray
@@ -364,23 +376,24 @@ Parameters:
XrayDatabasePassword: XrayDatabasePassword:
Description: The password for the Xray database user. Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$ AllowedPattern: ^[^ \\']+$
MinLength: '8' MinLength: "8"
MaxLength: '12' MaxLength: "12"
ConstraintDescription: Must be at least 8 and no more than ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and 12 characters containing letters and (minimum 1 capital letter), numbers and
symbols. symbols.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
Conditions: Conditions:
EnableBastion: !Equals [!Ref 'EnableBastion', "true"] EnableBastion: !Equals [!Ref "EnableBastion", "true"]
IsArtifactory: !Not [!Equals [!Ref ArtifactoryProduct, "JFrog-Container-Registry"]] IsArtifactory:
HasSecondaryNodes: !Not [!Equals [!Ref NumberOfSecondary, '0']] !Not [!Equals [!Ref ArtifactoryProduct, "JFrog-Container-Registry"]]
HasSecondaryNodes: !Not [!Equals [!Ref NumberOfSecondary, "0"]]
DefaultJava: !Equals [!Ref DefaultJavaMemSettings, "true"] DefaultJava: !Equals [!Ref DefaultJavaMemSettings, "true"]
UsingDefaultBucket: !Equals [!Ref QsS3BucketName, 'aws-quickstart'] UsingDefaultBucket: !Equals [!Ref QsS3BucketName, "aws-quickstart"]
EnableXray: !Equals [!Ref InstallXray, 'true'] EnableXray: !Equals [!Ref InstallXray, "true"]
SmCertNameNotExists: !Equals [!Ref 'SmCertName', ''] SmCertNameNotExists: !Equals [!Ref "SmCertName", ""]
SmCertNameExists: !Not [!Equals [!Ref 'SmCertName', '']] SmCertNameExists: !Not [!Equals [!Ref "SmCertName", ""]]
Mappings: Mappings:
DatabaseMap: DatabaseMap:
@@ -533,18 +546,19 @@ Resources:
BastionStack: BastionStack:
Condition: EnableBastion Condition: EnableBastion
Type: JFrog::Linux::Bastion::MODULE Type: JFrog::Linux::Bastion::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
LogicalId : !Sub ${LogicalId}BastionStack LogicalId: !Sub ${LogicalId}BastionStack
VPCID: !Ref VpcId VPCID: !Ref VpcId
PublicSubnet1Id: !Ref PublicSubnet1Id PublicSubnet1Id: !Ref PublicSubnet1Id
PublicSubnet2Id: !Ref PublicSubnet2Id PublicSubnet2Id: !Ref PublicSubnet2Id
KeyPairName: !Ref KeyPairName KeyPairName: !Ref KeyPairName
QSS3BucketName: !Ref QsS3BucketName QSS3BucketName: !Ref QsS3BucketName
QSS3KeyPrefix: !Sub '${QsS3KeyPrefix}submodules/quickstart-linux-bastion/' QSS3KeyPrefix: !Sub "${QsS3KeyPrefix}submodules/quickstart-linux-bastion/"
QSS3BucketRegion: !Ref QsS3BucketRegion QSS3BucketRegion: !Ref QsS3BucketRegion
RemoteAccessCIDR: !Ref RemoteAccessCidr RemoteAccessCIDR: !Ref RemoteAccessCidr
BastionInstanceType: !Ref BastionInstanceType BastionInstanceType: !Ref BastionInstanceType
@@ -555,10 +569,11 @@ Resources:
NumBastionHosts: !Ref NumBastionHosts NumBastionHosts: !Ref NumBastionHosts
ArtifactoryCoreInfraStack: ArtifactoryCoreInfraStack:
Type: JFrog::Artifactory::Core::MODULE Type: JFrog::Artifactory::Core::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
AvailabilityZone1: !Ref AvailabilityZone1 AvailabilityZone1: !Ref AvailabilityZone1
AvailabilityZone2: !Ref AvailabilityZone2 AvailabilityZone2: !Ref AvailabilityZone2
@@ -566,7 +581,7 @@ Resources:
VpcCidr: !Ref VpcCidr VpcCidr: !Ref VpcCidr
PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr
PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr
PrivateSubnet3Cidr: !Ref PrivateSubnet2Cidr # This should end up in no new rule but required for EKS PrivateSubnet3Cidr: !Ref PrivateSubnet2Cidr # This should end up in no new rule but required for EKS
PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id PrivateSubnet2Id: !Ref PrivateSubnet2Id
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
@@ -585,7 +600,7 @@ Resources:
Properties: Properties:
IpAddressType: ipv4 IpAddressType: ipv4
Scheme: !Ref ELBScheme Scheme: !Ref ELBScheme
Subnets: Subnets:
- !Ref PublicSubnet1Id - !Ref PublicSubnet1Id
- !Ref PublicSubnet2Id - !Ref PublicSubnet2Id
Type: network Type: network
@@ -643,7 +658,7 @@ Resources:
IpAddressType: ipv4 IpAddressType: ipv4
# Name: ArtifactoryInternal-ELB # Name: ArtifactoryInternal-ELB
Scheme: internal Scheme: internal
Subnets: Subnets:
- !Ref PrivateSubnet1Id - !Ref PrivateSubnet1Id
- !Ref PrivateSubnet2Id - !Ref PrivateSubnet2Id
Type: network Type: network
@@ -718,14 +733,14 @@ Resources:
AssumeRolePolicyDocument: AssumeRolePolicyDocument:
Statement: Statement:
- Action: - Action:
- 'sts:AssumeRole' - "sts:AssumeRole"
Principal: Principal:
Service: Service:
- ec2.amazonaws.com - ec2.amazonaws.com
Effect: Allow Effect: Allow
Version: 2012-10-17 Version: 2012-10-17
ManagedPolicyArns: ManagedPolicyArns:
- !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM' - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
Policies: Policies:
- PolicyName: "JFrogAMI-policy" - PolicyName: "JFrogAMI-policy"
PolicyDocument: PolicyDocument:
@@ -746,7 +761,7 @@ Resources:
- "s3:ListObject" - "s3:ListObject"
- "s3:ListBucket" - "s3:ListBucket"
Resource: "*" Resource: "*"
- PolicyName: 'CloudWatch-policy' - PolicyName: "CloudWatch-policy"
PolicyDocument: PolicyDocument:
Version: "2012-10-17" Version: "2012-10-17"
Statement: Statement:
@@ -761,7 +776,7 @@ Resources:
Action: Action:
- "s3:GetObject" - "s3:GetObject"
Resource: "*" Resource: "*"
- PolicyName: 'SecretsMaanger-policy' - PolicyName: "SecretsMaanger-policy"
PolicyDocument: PolicyDocument:
Version: "2012-10-17" Version: "2012-10-17"
Statement: Statement:
@@ -778,16 +793,17 @@ Resources:
Path: / Path: /
ArtifactoryPrimary: ArtifactoryPrimary:
Type: JFrog::Artifactory::EC2Instance::MODULE Type: JFrog::Artifactory::EC2Instance::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
LogicalId : !Sub ${LogicalId}ArtifactoryPrimary LogicalId: !Sub ${LogicalId}ArtifactoryPrimary
PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id PrivateSubnet2Id: !Ref PrivateSubnet2Id
MinScalingNodes: '1' # Always have 1 PrimaryNode MinScalingNodes: "1" # Always have 1 PrimaryNode
MaxScalingNodes: '1' # Always have 1 PrimaryNode MaxScalingNodes: "1" # Always have 1 PrimaryNode
DeploymentTag: !If [IsArtifactory, "ArtifactoryPrimary", "JcrPrimary"] DeploymentTag: !If [IsArtifactory, "ArtifactoryPrimary", "JcrPrimary"]
HostRole: !Ref ArtifactoryHostRole HostRole: !Ref ArtifactoryHostRole
QsS3BucketName: !Ref QsS3BucketName QsS3BucketName: !Ref QsS3BucketName
@@ -796,47 +812,49 @@ Resources:
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}
- S3Bucket: !If - S3Bucket: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Sub 'aws-quickstart-${AWS::Region}' - !Sub "aws-quickstart-${AWS::Region}"
- !Ref 'QsS3BucketName' - !Ref "QsS3BucketName"
S3Region: !If S3Region: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Ref 'AWS::Region' - !Ref "AWS::Region"
- !Ref 'QsS3BucketRegion' - !Ref "QsS3BucketRegion"
ArtifactoryProduct: !Ref ArtifactoryProduct ArtifactoryProduct: !Ref ArtifactoryProduct
ArtifactoryLicensesSecretName: !Ref SmLicenseName ArtifactoryLicensesSecretName: !Ref SmLicenseName
ArtifactoryServerName: !Ref ArtifactoryServerName ArtifactoryServerName: !Ref ArtifactoryServerName
SmCertName: !Ref SmCertName SmCertName: !Ref SmCertName
ArtifactoryS3Bucket: !Ref ArtifactoryCoreInfraStack.ArtifactoryS3Bucket ArtifactoryS3Bucket: !Ref ArtifactoryCoreInfraStack.ArtifactoryS3Bucket
DatabaseUrl: !Sub DatabaseUrl: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}" - "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- { - {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name], DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps], extraDatabaseOps:
} !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver] DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabasePlugin: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] DatabasePlugin: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
DatabasePluginUrl: !Sub DatabasePluginUrl: !Sub
- "${MainURL}${PluginVersion}" - "${MainURL}${PluginVersion}"
- { - {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL], MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] PluginVersion:
} !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin],
}
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name] DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUser: !Ref DatabaseUser DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword DatabasePassword: !Ref DatabasePassword
ArtifactoryPrimary: true ArtifactoryPrimary: true
MasterKey: !Ref MasterKey MasterKey: !Ref MasterKey
ExtraJavaOptions: !If ExtraJavaOptions: !If
- DefaultJava - DefaultJava
- !Sub - !Sub
- "-Xms${min}g -Xmx${max}g" - "-Xms${min}g -Xmx${max}g"
- { - {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min], min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max] max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max],
} }
- !Ref ExtraJavaOptions - !Ref ExtraJavaOptions
ArtifactoryVersion: !Ref ArtifactoryVersion ArtifactoryVersion: !Ref ArtifactoryVersion
KeyPairName: !Ref KeyPairName KeyPairName: !Ref KeyPairName
HostProfile: !Ref ArtifactoryHostProfile HostProfile: !Ref ArtifactoryHostProfile
@@ -852,12 +870,13 @@ Resources:
Condition: HasSecondaryNodes Condition: HasSecondaryNodes
#DependsOn: ArtifactoryPrimary #DependsOn: ArtifactoryPrimary
Type: JFrog::Artifactory::EC2Instance::MODULE Type: JFrog::Artifactory::EC2Instance::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
LogicalId : !Sub ${LogicalId}ArtifactorySecondary LogicalId: !Sub ${LogicalId}ArtifactorySecondary
PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id PrivateSubnet2Id: !Ref PrivateSubnet2Id
MinScalingNodes: !Ref NumberOfSecondary MinScalingNodes: !Ref NumberOfSecondary
@@ -870,35 +889,37 @@ Resources:
SmCertName: !Ref SmCertName SmCertName: !Ref SmCertName
ArtifactoryS3Bucket: !Ref ArtifactoryCoreInfraStack.ArtifactoryS3Bucket ArtifactoryS3Bucket: !Ref ArtifactoryCoreInfraStack.ArtifactoryS3Bucket
DatabaseUrl: !Sub DatabaseUrl: !Sub
- "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}" - "jdbc:${DatabaseType}://${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}${extraDatabaseOps}"
- { - {
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name], DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name],
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
extraDatabaseOps: !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps], extraDatabaseOps:
} !FindInMap [DatabaseMap, !Ref DatabaseEngine, extraDatabaseOps],
}
DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver] DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabasePlugin: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] DatabasePlugin: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin]
DatabasePluginUrl: !Sub DatabasePluginUrl: !Sub
- "${MainURL}${PluginVersion}" - "${MainURL}${PluginVersion}"
- { - {
MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL], MainURL: !FindInMap [DatabaseMap, !Ref DatabaseEngine, PluginURL],
PluginVersion: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin] PluginVersion:
} !FindInMap [DatabaseMap, !Ref DatabaseEngine, Plugin],
}
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name] DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUser: !Ref DatabaseUser DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword DatabasePassword: !Ref DatabasePassword
ArtifactoryPrimary: false ArtifactoryPrimary: false
MasterKey: !Ref MasterKey MasterKey: !Ref MasterKey
ExtraJavaOptions: !If ExtraJavaOptions: !If
- DefaultJava - DefaultJava
- !Sub - !Sub
- "-Xms${min}g -Xmx${max}g" - "-Xms${min}g -Xmx${max}g"
- { - {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min], min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max] max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max],
} }
- !Ref ExtraJavaOptions - !Ref ExtraJavaOptions
ArtifactoryVersion: !Ref ArtifactoryVersion ArtifactoryVersion: !Ref ArtifactoryVersion
KeyPairName: !Ref KeyPairName KeyPairName: !Ref KeyPairName
HostProfile: !Ref ArtifactoryHostProfile HostProfile: !Ref ArtifactoryHostProfile
@@ -915,12 +936,12 @@ Resources:
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}
- S3Bucket: !If - S3Bucket: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Sub 'aws-quickstart-${AWS::Region}' - !Sub "aws-quickstart-${AWS::Region}"
- !Ref 'QsS3BucketName' - !Ref "QsS3BucketName"
S3Region: !If S3Region: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Ref 'AWS::Region' - !Ref "AWS::Region"
- !Ref 'QsS3BucketRegion' - !Ref "QsS3BucketRegion"
XrayHostRole: XrayHostRole:
Condition: EnableXray Condition: EnableXray
Type: AWS::IAM::Role Type: AWS::IAM::Role
@@ -929,14 +950,14 @@ Resources:
AssumeRolePolicyDocument: AssumeRolePolicyDocument:
Statement: Statement:
- Action: - Action:
- 'sts:AssumeRole' - "sts:AssumeRole"
Principal: Principal:
Service: Service:
- ec2.amazonaws.com - ec2.amazonaws.com
Effect: Allow Effect: Allow
Version: 2012-10-17 Version: 2012-10-17
ManagedPolicyArns: ManagedPolicyArns:
- !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM' - !Sub "arn:${AWS::Partition}:iam::aws:policy/service-role/AmazonEC2RoleforSSM"
Policies: Policies:
- PolicyName: "JFrogAMI-policy" - PolicyName: "JFrogAMI-policy"
PolicyDocument: PolicyDocument:
@@ -957,7 +978,7 @@ Resources:
- "s3:ListObject" - "s3:ListObject"
- "s3:ListBucket" - "s3:ListBucket"
Resource: "*" Resource: "*"
- PolicyName: 'CloudWatch-policy' - PolicyName: "CloudWatch-policy"
PolicyDocument: PolicyDocument:
Version: "2012-10-17" Version: "2012-10-17"
Statement: Statement:
@@ -984,18 +1005,19 @@ Resources:
Condition: EnableXray Condition: EnableXray
# DependsOn: ArtifactoryPrimary # DependsOn: ArtifactoryPrimary
Type: JFrog::Xray::EC2Instance::MODULE Type: JFrog::Xray::EC2Instance::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
LogicalId : !Sub ${LogicalId}XrayExistingVpcStack LogicalId: !Sub ${LogicalId}XrayExistingVpcStack
PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet1Id: !Ref PrivateSubnet1Id
PrivateSubnet2Id: !Ref PrivateSubnet2Id PrivateSubnet2Id: !Ref PrivateSubnet2Id
KeyPairName: !Ref KeyPairName KeyPairName: !Ref KeyPairName
MinScalingNodes: !Ref XrayNumberOfInstances MinScalingNodes: !Ref XrayNumberOfInstances
MaxScalingNodes: !Ref XrayNumberOfInstances MaxScalingNodes: !Ref XrayNumberOfInstances
DeploymentTag: 'xray' DeploymentTag: "xray"
ArtifactoryProduct: !Ref ArtifactoryProduct ArtifactoryProduct: !Ref ArtifactoryProduct
QsS3BucketName: !Ref QsS3BucketName QsS3BucketName: !Ref QsS3BucketName
QsS3KeyPrefix: !Ref QsS3KeyPrefix QsS3KeyPrefix: !Ref QsS3KeyPrefix
@@ -1003,12 +1025,12 @@ Resources:
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix} - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}
- S3Bucket: !If - S3Bucket: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Sub 'aws-quickstart-${AWS::Region}' - !Sub "aws-quickstart-${AWS::Region}"
- !Ref 'QsS3BucketName' - !Ref "QsS3BucketName"
S3Region: !If S3Region: !If
- UsingDefaultBucket - UsingDefaultBucket
- !Ref 'AWS::Region' - !Ref "AWS::Region"
- !Ref 'QsS3BucketRegion' - !Ref "QsS3BucketRegion"
DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver] DatabaseDriver: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Driver]
DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name] DatabaseType: !FindInMap [DatabaseMap, !Ref DatabaseEngine, Name]
DatabaseUser: !Ref DatabaseUser DatabaseUser: !Ref DatabaseUser
@@ -1017,34 +1039,39 @@ Resources:
SecurityGroups: !Ref ArtifactoryEc2Sg SecurityGroups: !Ref ArtifactoryEc2Sg
VolumeSize: !Ref VolumeSize VolumeSize: !Ref VolumeSize
ExtraJavaOptions: !Sub ExtraJavaOptions: !Sub
- "-Xms${min}g -Xmx${max}g" - "-Xms${min}g -Xmx${max}g"
- { - {
min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min], min: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Min],
max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max] max: !FindInMap [JavaOptionstoInstance, !Ref InstanceType, Max],
} }
XrayInstanceType: !Ref XrayInstanceType XrayInstanceType: !Ref XrayInstanceType
JfrogInternalUrl: !Sub "http://${ArtifactoryInternalElb.DNSName}" JfrogInternalUrl: !Sub "http://${ArtifactoryInternalElb.DNSName}"
XrayDatabaseUser: !Ref XrayDatabaseUser XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword XrayDatabasePassword: !Ref XrayDatabasePassword
XrayMasterDatabaseUrl: !Sub XrayMasterDatabaseUrl: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable" - "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- { - {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
} }
XrayDatabaseUrl: !Sub XrayDatabaseUrl: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable" - "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- { - {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
} }
XrayVersion: !Ref XrayVersion XrayVersion: !Ref XrayVersion
XrayHostRole: !Ref XrayHostRole XrayHostRole: !Ref XrayHostRole
XrayHostProfile: !Ref XrayHostProfile XrayHostProfile: !Ref XrayHostProfile
Outputs: Outputs:
ArtifactoryUrl: ArtifactoryUrl:
Description: URL of the ELB to access Artifactory Description: URL of the ELB to access Artifactory
Value: !If [SmCertNameExists, !Sub "https://${ArtifactoryElb.DNSName}", !Sub "http://${ArtifactoryElb.DNSName}"] Value:
!If [
SmCertNameExists,
!Sub "https://${ArtifactoryElb.DNSName}",
!Sub "http://${ArtifactoryElb.DNSName}",
]
ArtifactoryInternalUrl: ArtifactoryInternalUrl:
Description: URL of the internal ELB to access Artifactory Description: URL of the internal ELB to access Artifactory
Value: !Sub "http://${ArtifactoryInternalElb.DNSName}" Value: !Sub "http://${ArtifactoryInternalElb.DNSName}"
@@ -1059,8 +1086,8 @@ Outputs:
Value: !Sub Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable" - "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- { - {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
} }
ArtifactoryTargetGroup: ArtifactoryTargetGroup:
Description: Artifactory target group Description: Artifactory target group
@@ -1081,14 +1108,14 @@ Outputs:
Value: !Sub Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable" - "${ArtifactoryDatabaseEndpointAddress}:${port}/${DatabaseName}?sslmode=disable"
- { - {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
} }
XrayDatabaseUrl: XrayDatabaseUrl:
Description: Database driver Description: Database driver
Value: !Sub Value: !Sub
- "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable" - "${ArtifactoryDatabaseEndpointAddress}:${port}/xraydb?sslmode=disable"
- { - {
ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address, ArtifactoryDatabaseEndpointAddress: !GetAtt ArtifactoryCoreInfraStack.ArtifactoryDatabase.Endpoint.Address,
port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port], port: !FindInMap [DatabaseMap, !Ref DatabaseEngine, port],
} }

126
Amazon/cloudformation-modules/JFrog__Artifactory__NewVpc__MODULE/fragments/jfrog-artifactory-ec2-master.template.yaml
View File

@@ -1,8 +1,8 @@
AWSTemplateFormatVersion: '2010-09-09' AWSTemplateFormatVersion: "2010-09-09"
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)' Description: "JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)"
Parameters: Parameters:
LogicalId : LogicalId:
Description : Logical Id of the MODULE Description: Logical Id of the MODULE
Type: String Type: String
EnableBastion: EnableBastion:
Description: If set to true, a bastion host will be created. Description: If set to true, a bastion host will be created.
@@ -43,14 +43,16 @@ Parameters:
Default: 10.0.32.0/19 Default: 10.0.32.0/19
Type: String Type: String
PublicSubnet1Cidr: PublicSubnet1Cidr:
Description: CIDR block for the public (DMZ) subnet 1 located in Availability Description:
CIDR block for the public (DMZ) subnet 1 located in Availability
Zone 1. Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.128.0/20 Default: 10.0.128.0/20
Type: String Type: String
PublicSubnet2Cidr: PublicSubnet2Cidr:
Description: CIDR block for the public (DMZ) subnet 2 located in Availability Description:
CIDR block for the public (DMZ) subnet 2 located in Availability
Zone 2. Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
@@ -63,7 +65,8 @@ Parameters:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String Type: String
RemoteAccessCidr: RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH. Description:
Remote CIDR range that allows you to connect to the bastion instance by using SSH.
It is recommended that you set this value to a trusted IP range. It is recommended that you set this value to a trusted IP range.
For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol. For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
@@ -87,7 +90,8 @@ Parameters:
Default: 10 Default: 10
Type: Number Type: Number
BastionEnableTcpForwarding: BastionEnableTcpForwarding:
Description: Choose whether to enable TCP forwarding via bootstrapping of the bastion Description:
Choose whether to enable TCP forwarding via bootstrapping of the bastion
instance. instance.
AllowedValues: AllowedValues:
- "true" - "true"
@@ -95,7 +99,8 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
BastionEnableX11Forwarding: BastionEnableX11Forwarding:
Description: Choose true to enable X11 via bootstrapping of the bastion host. Description:
Choose true to enable X11 via bootstrapping of the bastion host.
Setting this value to true enables X Windows over SSH. Setting this value to true enables X Windows over SSH.
X11 forwarding can be useful, but it is also a security risk, so it's recommended X11 forwarding can be useful, but it is also a security risk, so it's recommended
that you keep the default (false) setting. that you keep the default (false) setting.
@@ -116,14 +121,15 @@ Parameters:
NumBastionHosts: NumBastionHosts:
Description: Number of bastion instances to create. Description: Number of bastion instances to create.
AllowedValues: AllowedValues:
- '1' - "1"
- '2' - "2"
- '3' - "3"
- '4' - "4"
Default: '1' Default: "1"
Type: String Type: String
VolumeSize: VolumeSize:
Description: Size in gigabytes of available storage (min 10GB). The Quick Start creates an Description:
Size in gigabytes of available storage (min 10GB). The Quick Start creates an
Amazon Elastic Block Store (Amazon EBS) volumes of this size. Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200 Default: 200
Type: Number Type: Number
@@ -184,18 +190,19 @@ Parameters:
Default: JFrog-Artifactory-Enterprise Default: JFrog-Artifactory-Enterprise
Type: String Type: String
ArtifactoryVersion: ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start. Description:
Version of Artifactory that you want to deploy into the Quick Start.
To select the correct version, see the release notes at To select the correct version, see the release notes at
https://www.jfrog.com/confluence/display/RTF/Release+Notes. https://www.jfrog.com/confluence/display/RTF/Release+Notes.
Default: 7.21.5 Default: 7.27.10
Type: String Type: String
SmLicenseName: SmLicenseName:
Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses.
Default: '' Default: ""
Type: String Type: String
SmCertName: SmCertName:
Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key. Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key.
Default: '' Default: ""
Type: String Type: String
ArtifactoryServerName: ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate. Description: Name of your Artifactory server. Ensure that this matches your certificate.
@@ -203,19 +210,21 @@ Parameters:
MasterKey: MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'. Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$ AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1' MinLength: "1"
MaxLength: '64' MaxLength: "64"
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters. ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
ExtraJavaOptions: ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory Description:
Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware. system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings. Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC Default: -Xss256k -XX:+UseG1GC
Type: String Type: String
DefaultJavaMemSettings: DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM. Description:
Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing. If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False ConstraintDescription: True or False
AllowedValues: AllowedValues:
@@ -224,12 +233,13 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
DatabaseName: DatabaseName:
Description: Name of your database instance. The name must be unique across all instances Description:
Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive, owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance"). but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1' MinLength: "1"
MaxLength: '60' MaxLength: "60"
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter. ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb Default: artdb
Type: String Type: String
@@ -241,8 +251,8 @@ Parameters:
Type: String Type: String
DatabaseUser: DatabaseUser:
Description: Login ID for the master user of your database instance. Description: Login ID for the master user of your database instance.
MinLength: '1' MinLength: "1"
MaxLength: '16' MaxLength: "16"
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter. ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter.
Default: artifactory Default: artifactory
@@ -250,12 +260,12 @@ Parameters:
DatabasePassword: DatabasePassword:
Description: Password for the Artifactory database user. Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$ AllowedPattern: ^[^ \\']+$
MinLength: '8' MinLength: "8"
MaxLength: '12' MaxLength: "12"
ConstraintDescription: Must be at least 8 and no more than ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and 12 characters containing letters and (minimum 1 capital letter), numbers and
symbols. symbols.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
DatabaseInstance: DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start. Description: Size of the database to be deployed as part of the Quick Start.
@@ -283,7 +293,7 @@ Parameters:
DatabasePreferredAz: DatabasePreferredAz:
Description: Preferred availability zone for Amazon RDS primary instance Description: Preferred availability zone for Amazon RDS primary instance
Type: String Type: String
Default: '' Default: ""
MultiAzDatabase: MultiAzDatabase:
Description: Choose false to create an Amazon RDS instance in a single Availability Zone. Description: Choose false to create an Amazon RDS instance in a single Availability Zone.
ConstraintDescription: True or False ConstraintDescription: True or False
@@ -293,25 +303,29 @@ Parameters:
Default: "true" Default: "true"
Type: String Type: String
QsS3BucketName: QsS3BucketName:
Description: S3 bucket name for the Quick Start assets. This string can include Description:
S3 bucket name for the Quick Start assets. This string can include
numbers, lowercase letters, and hyphens (-). It cannot start numbers, lowercase letters, and hyphens (-). It cannot start
or end with a hyphen (-). or end with a hyphen (-).
AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$ AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$
ConstraintDescription: Quick Start bucket name can include numbers, lowercase ConstraintDescription:
Quick Start bucket name can include numbers, lowercase
letters, and hyphens (-). It cannot start or end with a hyphen (-). letters, and hyphens (-). It cannot start or end with a hyphen (-).
Default: aws-quickstart Default: aws-quickstart
Type: String Type: String
QsS3KeyPrefix: QsS3KeyPrefix:
Description: S3 key prefix for the Quick Start assets. Quick Start key prefix Description:
S3 key prefix for the Quick Start assets. Quick Start key prefix
can include numbers, lowercase letters, uppercase letters, hyphens (-), and can include numbers, lowercase letters, uppercase letters, hyphens (-), and
forward slash (/). forward slash (/).
AllowedPattern: ^[0-9a-zA-Z-/]*$ AllowedPattern: ^[0-9a-zA-Z-/]*$
ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, ConstraintDescription:
Quick Start key prefix can include numbers, lowercase letters,
uppercase letters, hyphens (-), and forward slash (/). uppercase letters, hyphens (-), and forward slash (/).
Default: quickstart-jfrog-artifactory/ Default: quickstart-jfrog-artifactory/
Type: String Type: String
QsS3BucketRegion: QsS3BucketRegion:
Default: 'us-east-1' Default: "us-east-1"
Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value. Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value.
Type: String Type: String
InstallXray: InstallXray:
@@ -324,7 +338,7 @@ Parameters:
Type: String Type: String
XrayVersion: XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start. Description: The version of Xray that you want to deploy into the Quick Start.
Default: 3.27.3 Default: 3.35.0
Type: String Type: String
XrayNumberOfInstances: XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your Description: The number of Xray instances servers to complete your
@@ -344,8 +358,8 @@ Parameters:
Type: String Type: String
XrayDatabaseUser: XrayDatabaseUser:
Description: The login ID for the Xray database user. Description: The login ID for the Xray database user.
MinLength: '1' MinLength: "1"
MaxLength: '16' MaxLength: "16"
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$ AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter. ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray Default: xray
@@ -353,25 +367,26 @@ Parameters:
XrayDatabasePassword: XrayDatabasePassword:
Description: The password for the Xray database user. Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$ AllowedPattern: ^[^ \\']+$
MinLength: '8' MinLength: "8"
MaxLength: '12' MaxLength: "12"
ConstraintDescription: Must be at least 8 and no more than ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and 12 characters containing letters and (minimum 1 capital letter), numbers and
symbols. symbols.
NoEcho: 'true' NoEcho: "true"
Type: String Type: String
Resources: Resources:
ArtifactoryVpcStack: ArtifactoryVpcStack:
Type: JFrog::Vpc::MultiAz::MODULE Type: JFrog::Vpc::MultiAz::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
AvailabilityZone1: !Ref AvailabilityZone1 AvailabilityZone1: !Ref AvailabilityZone1
AvailabilityZone2: !Ref AvailabilityZone2 AvailabilityZone2: !Ref AvailabilityZone2
NumberOfAZs: '2' NumberOfAZs: "2"
PrivateSubnet1ACIDR: !Ref PrivateSubnet1Cidr PrivateSubnet1ACIDR: !Ref PrivateSubnet1Cidr
PrivateSubnet2ACIDR: !Ref PrivateSubnet2Cidr PrivateSubnet2ACIDR: !Ref PrivateSubnet2Cidr
PublicSubnet1CIDR: !Ref PublicSubnet1Cidr PublicSubnet1CIDR: !Ref PublicSubnet1Cidr
@@ -379,12 +394,13 @@ Resources:
VPCCIDR: !Ref VpcCidr VPCCIDR: !Ref VpcCidr
ArtifactoryExistingVpcStack: ArtifactoryExistingVpcStack:
Type: JFrog::Artifactory::ExistingVpc::MODULE Type: JFrog::Artifactory::ExistingVpc::MODULE
Metadata: { Metadata:
PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522", {
SupportedMajorVersions: [1] PublisherId: "06ff50c2e47f57b381f874871d9fac41796c9522",
} SupportedMajorVersions: [1],
}
Properties: Properties:
LogicalId : !Sub ${LogicalId}ArtifactoryExistingVpcStack LogicalId: !Sub ${LogicalId}ArtifactoryExistingVpcStack
AvailabilityZone1: !Ref AvailabilityZone1 AvailabilityZone1: !Ref AvailabilityZone1
AvailabilityZone2: !Ref AvailabilityZone2 AvailabilityZone2: !Ref AvailabilityZone2
KeyPairName: !Ref KeyPairName KeyPairName: !Ref KeyPairName
@@ -433,4 +449,4 @@ Resources:
XrayNumberOfInstances: !Ref XrayNumberOfInstances XrayNumberOfInstances: !Ref XrayNumberOfInstances
XrayInstanceType: !Ref XrayInstanceType XrayInstanceType: !Ref XrayInstanceType
XrayDatabaseUser: !Ref XrayDatabaseUser XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword XrayDatabasePassword: !Ref XrayDatabasePassword

17
Amazon/cloudformation-modules/test-cfts/submit.sh
View File

@@ -15,39 +15,38 @@ trap 'echo "\"${last_command}\" command filed with exit code $?."' EXIT
regions=( us-east-1 us-east-2 us-west-1 us-west-2 sa-east-1 ca-central-1 eu-central-1 eu-west-1 eu-west-2 eu-west-3 eu-north-1 ap-northeast-3 ap-northeast-2 ap-northeast-1 ap-south-1 ap-southeast-1 ap-southeast-2 ) regions=( us-east-1 us-east-2 us-west-1 us-west-2 sa-east-1 ca-central-1 eu-central-1 eu-west-1 eu-west-2 eu-west-3 eu-north-1 ap-northeast-3 ap-northeast-2 ap-northeast-1 ap-south-1 ap-southeast-1 ap-southeast-2 )
folders=( JFrog__Artifactory__ExistingVpc__MODULE JFrog__Artifactory__NewVpc__MODULE ) folders=( JFrog__Artifactory__ExistingVpc__MODULE JFrog__Artifactory__NewVpc__MODULE )
modules=( JFrog::Artifactory::ExistingVpc::MODULE JFrog::Artifactory::NewVpc::MODULE ) modules=( JFrog::Artifactory::ExistingVpc::MODULE JFrog::Artifactory::NewVpc::MODULE )
PROFILE=seller
for i in "${!regions[@]}"; do for i in "${!regions[@]}"; do
export REGION="${regions[$i]}" export REGION="${regions[$i]}"
for j in "${!folders[@]}"; do for j in "${!folders[@]}"; do
export FOLDER="${folders[$j]}" export FOLDER="${folders[$j]}"
export MODULE="${modules[$j]}" export MODULE="${modules[$j]}"
export VERSION=$( aws cloudformation list-type-versions --profile $PROFILE --type MODULE --type-name $MODULE --region $REGION | jq .TypeVersionSummaries[-1].VersionId | tr -d "\"") export VERSION=$( aws cloudformation list-type-versions --type MODULE --type-name $MODULE --region $REGION | jq '.TypeVersionSummaries[-1].VersionId' | tr -d "\"")
printf "1. start : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" printf "1. start : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION"
cd /mnt/c/ddrive/projects/JFrog-Cloud-Installers/Amazon/cloudformation-modules/$FOLDER cd Amazon/cloudformation-modules/$FOLDER
printf "2. submitting : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" printf "2. submitting : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION"
cfn submit --set-default --region $REGION cfn submit --set-default --region $REGION
export VERSION=$( aws cloudformation list-type-versions --profile $PROFILE --type MODULE --type-name $MODULE --region $REGION | jq .TypeVersionSummaries[-1].VersionId | tr -d "\"") export VERSION=$( aws cloudformation list-type-versions --type MODULE --type-name $MODULE --region $REGION | jq '.TypeVersionSummaries[-1].VersionId' | tr -d "\"")
printf "3. submit done : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" printf "3. submit done : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION"
ARN=$(echo arn:aws:cloudformation:$REGION:595206835686:type/module/$MODULE | sed 's/::/-/g') ARN=$(echo arn:aws:cloudformation:$REGION:595206835686:type/module/$MODULE | sed 's/::/-/g')
printf "4. starting test: %s:%s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" "$ARN" printf "4. starting test: %s:%s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" "$ARN"
aws Uno test-type --profile $PROFILE --region $REGION --type MODULE --arn $ARN # --public-version-number OPTIONAL_READ_NOTE_ABOVE echo $(aws cloudformation test-type --region $REGION --type MODULE --arn $ARN) # --public-version-number OPTIONAL_READ_NOTE_ABOVE
typeTestStatus="" typeTestStatus=""
while [ "$typeTestStatus" != "\"PASSED\"" ] while [ "$typeTestStatus" != "\"PASSED\"" ]
do do
# aws Uno describe-type --profile $PROFILE --region $REGION --type MODULE --arn $ARN/$VERSION typeTestStatus=$(aws cloudformation describe-type --type MODULE --region $REGION --arn $ARN/$VERSION | jq '.TypeTestsStatus')
typeTestStatus=$(aws Uno describe-type --profile $PROFILE --type MODULE --region $REGION --arn $ARN/$VERSION | jq .TypeTestsStatus)
echo "typeTestStatus : $typeTestStatus" echo "typeTestStatus : $typeTestStatus"
sleep 5 sleep 5
done done
printf "5. publishing : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" printf "5. publishing : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION"
aws Uno publish-type --profile $PROFILE --region $REGION --type MODULE --arn $ARN # --public-version-number OPTIONAL_READ_NOTE_ABOVE echo $(aws cloudformation publish-type --region $REGION --type MODULE --arn $ARN) # --public-version-number OPTIONAL_READ_NOTE_ABOVE
printf "6. published : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION" printf "6. published : %s:%s:%s\n" "$REGION" "$MODULE" "$VERSION"
cd ../../..
done done
done done