AWSTemplateFormatVersion: '2010-09-09' Description: 'JFrog Artifactory Quick Start Deployment into an Existing VPC (qs-1q037efj0)' Metadata: QuickStartDocumentation: EntrypointName: "Launch into an existing VPC" AWS::CloudFormation::Interface: ParameterGroups: - Label: default: AWS Quick Start configuration Parameters: - QsS3BucketName - QsS3KeyPrefix - QsS3BucketRegion - Label: default: Essential configuration Parameters: - KeyPairName - DatabasePassword - Label: default: Network configuration Parameters: - VpcId - PublicSubnet1Id - PublicSubnet2Id - PrivateSubnet1Id - PrivateSubnet2Id - PrivateSubnet1Cidr - PrivateSubnet2Cidr - Label: default: Security configuration Parameters: - AccessCidr - RemoteAccessCidr - Label: default: Amazon EC2 configuration Parameters: - VolumeSize - InstanceType - Label: default: JFrog Artifactory configuration Parameters: - ArtifactoryVersion - SmLicenseName - SmCertName - ArtifactoryServerName - MasterKey - Label: default: Amazon RDS configuration Parameters: - DatabaseInstance - DatabaseAllocatedStorage - DatabasePreferredAz - Label: default: JFrog Xray Configuration Parameters: - InstallXray - XrayVersion - XrayInstanceType ParameterLabels: QsS3BucketName: default: Quick Start S3 bucket name QsS3KeyPrefix: default: Quick Start S3 key prefix QsS3BucketRegion: default: Quick Start S3 bucket region KeyPairName: default: SSH key name VpcId: default: VPC ID PublicSubnet1Id: default: Public subnet 1 ID PublicSubnet2Id: default: Public subnet 2 ID PrivateSubnet1Id: default: Private subnet 1 ID PrivateSubnet2Id: default: Private subnet 2 ID PrivateSubnet1Cidr: default: Private subnet 1 CIDR PrivateSubnet2Cidr: default: Private subnet 2 CIDR AccessCidr: default: Permitted IP range RemoteAccessCidr: default: Remote access CIDR VolumeSize: default: EBS root volume size InstanceType: default: EC2 instance type ArtifactoryVersion: default: Artifactory version SmLicenseName: default: Artifactory licenses secret name SmCertName: default: Artifactory certificate secret name ArtifactoryServerName: default: Artifactory server name MasterKey: default: Master server key DatabasePassword: default: Database password DatabaseInstance: default: Database instance type DatabaseAllocatedStorage: default: Database allocated storage DatabasePreferredAz: default: Database preferred Availability Zone InstallXray: default: Install JFrog Xray XrayVersion: default: Version of Xray to install XrayInstanceType: default: Xray instance type Parameters: QsS3BucketName: Description: S3 bucket name for the Quick Start assets. This string can include numbers, lowercase letters, and hyphens (-). It cannot start or end with a hyphen (-). AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$ ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: jfrog-aws Type: String QsS3KeyPrefix: Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). AllowedPattern: ^[0-9a-zA-Z-/]*$ ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). Default: artifactory7/latest/ Type: String QsS3BucketRegion: Default: 'us-east-1' Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value. Type: String KeyPairName: Description: Name of an existing key pair, which allows you to connect securely to your instance after it launches. This is the key pair you created in your preferred Region. Type: AWS::EC2::KeyPair::KeyName VpcId: Description: ID of your existing VPC (e.g., vpc-0343606e). Type: "AWS::EC2::VPC::Id" PublicSubnet1Id: Description: ID of the public subnet 1 in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab). Type: "AWS::EC2::Subnet::Id" PublicSubnet2Id: Description: ID of the public subnet 2 in Availability Zone 1 of your existing VPC (e.g., subnet-z0376dab). Type: "AWS::EC2::Subnet::Id" PrivateSubnet1Id: Description: ID of the private subnet 1 in Availability Zone 1 of your existing VPC (e.g., subnet-a29c3d84). Type: "AWS::EC2::Subnet::Id" PrivateSubnet2Id: Description: ID of the private subnet 2 in Availability Zone 1 of your existing VPC (e.g., subnet-a29c3d84). Type: "AWS::EC2::Subnet::Id" PrivateSubnet1Cidr: Description: CIDR of the private subnet 1 in Availability Zone 1 of your existing VPC (e.g., 10.0.0.0/19). AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.128.0/20 Type: String PrivateSubnet2Cidr: Description: CIDR of the private subnet 2 in Availability Zone 1 of your existing VPC (e.g., 10.0.0.0/19). AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.144.0/20 Type: String AccessCidr: Description: CIDR IP range that is permitted to access Artifactory. We recommend that you set this value to a trusted IP range. For example, you might want to grant only your corporate network access to the software. AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Default: 0.0.0.0/0 Type: String RemoteAccessCidr: Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH. It is recommended that you set this value to a trusted IP range. For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol. AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ Type: String VolumeSize: Description: Size in gigabytes of the available storage (min 10GB); the Quick Start will create an Amazon Elastic Block Store (Amazon EBS) volumes of this size. Default: 100 Type: Number InstanceType: Description: EC2 type for the Artifactory instances. AllowedValues: - m5.large - m5.xlarge - m5.2xlarge - m5.4xlarge - m5.8xlarge - m5.12xlarge - m5.16xlarge - m5.24xlarge - m5.metal - m5d.large - m5d.xlarge - m5d.2xlarge - m5d.4xlarge - m5d.8xlarge - m5d.12xlarge - m5d.16xlarge - m5d.24xlarge - m5d.metal - m5a.large - m5a.xlarge - m5a.2xlarge - m5a.4xlarge - m5a.8xlarge - m5a.12xlarge - m5a.16xlarge - m5a.24xlarge ConstraintDescription: Must contain valid instance type. Default: m5.xlarge Type: String ArtifactoryVersion: Description: Version of Artifactory that you want to deploy into the Quick Start. To select the correct version, see the release notes at https://www.jfrog.com/confluence/display/RTF/Release+Notes. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Artifactory releases. Default: 7.17.5 Type: String SmLicenseName: Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses. Default: '' Type: String SmCertName: Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key. Default: '' Type: String ArtifactoryServerName: Description: Name of your Artifactory server. Ensure that this matches your certificate. Default: 'artifactory' Type: String MasterKey: Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'. AllowedPattern: ^[a-zA-Z0-9]+$ MinLength: '1' MaxLength: '64' ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters. NoEcho: 'true' Default: 'FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF' Type: String DatabasePassword: Description: Password for the Artifactory database user. AllowedPattern: ^[^ \\']+$ MinLength: '8' MaxLength: '12' ConstraintDescription: Must be at least 8 and no more than 12 characters containing letters and (minimum 1 capital letter), numbers and symbols. NoEcho: 'true' Type: String DatabaseInstance: Description: Size of the database to be deployed as part of the Quick Start. AllowedValues: - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.10xlarge - db.m5.16xlarge - db.m5.large - db.m5.xlarge - db.m5.2xlarge - db.m5.4xlarge - db.m5.12xlarge - db.m5.24xlarge ConstraintDescription: Must be a valid database Instance Type. Default: db.m5.large Type: String DatabaseAllocatedStorage: Description: Size in gigabytes of the available storage for the database instance. MinValue: 5 MaxValue: 1024 Default: 10 Type: Number DatabasePreferredAz: Description: Preferred availability zone for Amazon RDS primary instance Default: us-west-2a Type: AWS::EC2::AvailabilityZone::Name InstallXray: Description: Choose true to install JFrog Xray instance(s). ConstraintDescription: True or False AllowedValues: - "true" - "false" Default: "false" Type: String XrayVersion: Description: The version of Xray that you want to deploy into the Quick Start. AllowedPattern: ^(([0-9]|[1-9][0-9])\.){2}([1-9][0-9]|[0-9])$ ConstraintDescription: A version that matches X.X.X per Xray releases. Default: 3.22.1 Type: String XrayInstanceType: Description: The EC2 instance type for the Xray instances. AllowedValues: - c5.2xlarge - c5.4xlarge ConstraintDescription: Must contain valid instance type. Default: c5.2xlarge Type: String Conditions: UsingDefaultBucket: !Equals [!Ref QsS3BucketName, 'aws-quickstart'] Resources: ArtifactoryExistingVpcStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-existing-vpc.template.yaml - S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName'] S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion'] Parameters: AvailabilityZones: !Join [',', [!Ref DatabasePreferredAz]] KeyPairName: !Ref KeyPairName ProvisionBastionHost: "Enabled" AccessCidr: !Ref AccessCidr RemoteAccessCidr: !Ref RemoteAccessCidr ArtifactoryProduct: 'JFrog-Artifactory-Pro' ArtifactoryVersion: !Ref ArtifactoryVersion VolumeSize: !Ref VolumeSize InstanceType: !Ref InstanceType NumberOfSecondary: 0 SmLicenseName: !Ref SmLicenseName SmCertName: !Ref SmCertName ArtifactoryServerName: !Ref ArtifactoryServerName MasterKey: !Ref MasterKey DatabasePassword: !Ref DatabasePassword DatabaseInstance: !Ref DatabaseInstance DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage DatabasePreferredAz: !Ref DatabasePreferredAz MultiAzDatabase: false QsS3BucketName: !Ref QsS3BucketName QsS3KeyPrefix: !Ref QsS3KeyPrefix QsS3BucketRegion: !Ref QsS3BucketRegion InstallXray: !Ref InstallXray XrayVersion: !Ref XrayVersion XrayInstanceType: !Ref XrayInstanceType XrayDatabasePassword: !Ref DatabasePassword VpcId: !Ref VpcId PublicSubnet1Id: !Ref PublicSubnet1Id PublicSubnet2Id: !Ref PublicSubnet2Id PrivateSubnet1Id: !Ref PrivateSubnet1Id PrivateSubnet2Id: !Ref PrivateSubnet2Id PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr Outputs: ArtifactoryUrl: Description: URL of the ELB to access Artifactory Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.ArtifactoryUrl}