zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 00:06:55 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
a4223d6eea707b10cc4124a3a0f4f5eb0e103e3c
JFrog-Cloud-Installers/Amazon/artifactory7/v7174/submodules/quickstart-linux-bastion/templates/linux-bastion-master.template
Vinay Aggarwal c0dc59a972 Checking in code for rt 7.17.4 version
2021-04-01 21:15:28 -07:00

300 lines
11 KiB
Plaintext
Raw Blame History

AWSTemplateFormatVersion: 2010-09-09
Description: LinuxBastion+VPC Jul,30,2020 (qs-1qup6ra9p) (Please do not remove)
Metadata:
LICENSE: Apache License, Version 2.0
'AWS::CloudFormation::Interface':
ParameterGroups:
- Label:
default: Network configuration
Parameters:
- AvailabilityZones
- VPCCIDR
- PrivateSubnet1CIDR
- PrivateSubnet2CIDR
- PublicSubnet1CIDR
- PublicSubnet2CIDR
- RemoteAccessCIDR
- VPCTenancy
- Label:
default: Amazon EC2 configuration
Parameters:
- KeyPairName
- BastionAMIOS
- BastionInstanceType
- Label:
default: Linux bastion configuration
Parameters:
- NumBastionHosts
- BastionHostName
- BastionTenancy
- EnableBanner
- BastionBanner
- EnableTCPForwarding
- EnableX11Forwarding
- Label:
default: AWS Quick Start configuration
Parameters:
- QSS3BucketName
- QSS3KeyPrefix
- QSS3BucketRegion
ParameterLabels:
AvailabilityZones:
default: Availability Zones
BastionAMIOS:
default: Bastion AMI operating system
BastionHostName:
default: Bastion Host Name
BastionTenancy:
default: Bastion tenancy
BastionBanner:
default: Banner text
BastionInstanceType:
default: Bastion instance type
QSS3BucketRegion:
default: Quick Start S3 bucket region
EnableBanner:
default: Bastion banner
EnableTCPForwarding:
default: TCP forwarding
EnableX11Forwarding:
default: X11 forwarding
KeyPairName:
default: Key pair name
NumBastionHosts:
default: Number of bastion hosts
PrivateSubnet1CIDR:
default: Private subnet 1 CIDR
PrivateSubnet2CIDR:
default: Private subnet 2 CIDR
PublicSubnet1CIDR:
default: Public subnet 1 CIDR
PublicSubnet2CIDR:
default: Public subnet 2 CIDR
VPCTenancy:
default: VPC tenancy
QSS3BucketName:
default: Quick Start S3 bucket name
QSS3KeyPrefix:
default: Quick Start S3 key prefix
RemoteAccessCIDR:
default: Allowed bastion external access CIDR
VPCCIDR:
default: VPC CIDR
cfn-lint: { config: { ignore_checks: [E9007] } }
Parameters:
AvailabilityZones:
Description: 'List of Availability Zones to use for the subnets in the VPC. Note: ( The logical order is preserved and only 2 AZs are used for this deployment.'
Type: 'List<AWS::EC2::AvailabilityZone::Name>'
BastionAMIOS:
AllowedValues:
- Amazon-Linux2-HVM
- CentOS-7-HVM
- Ubuntu-Server-20.04-LTS-HVM
- SUSE-SLES-15-HVM
Default: Amazon-Linux2-HVM
Description: The Linux distribution for the AMI to be used for the bastion instances.
Type: String
BastionHostName:
Default: 'LinuxBastion'
Description: The value used for the name tag of the bastion host
Type: String
BastionBanner:
Default: ""
Description: Banner text to display upon login.
Type: String
BastionTenancy:
Description: 'VPC tenancy to launch the bastion in. Options: ''dedicated'' or ''default'''
Type: String
Default: default
AllowedValues:
- dedicated
- default
BastionInstanceType:
Description: Amazon EC2 instance type for the bastion instances.
Type: String
Default: t2.micro
AllowedValues:
- t2.nano
- t2.micro
- t2.small
- t2.medium
- t2.large
- t3.micro
- t3.small
- t3.medium
- t3.large
- t3.xlarge
- t3.2xlarge
- m3.large
- m3.xlarge
- m3.2xlarge
- m4.large
- m4.xlarge
- m4.2xlarge
- m4.4xlarge
EnableBanner:
AllowedValues:
- 'true'
- 'false'
Default: 'false'
Description: To include a banner to be displayed when connecting via SSH to the
bastion, choose true.
Type: String
EnableTCPForwarding:
Type: String
Description: To enable TCP forwarding, choose true.
Default: 'false'
AllowedValues:
- 'true'
- 'false'
EnableX11Forwarding:
Type: String
Description: To enable X11 forwarding, choose true.
Default: 'false'
AllowedValues:
- 'true'
- 'false'
KeyPairName:
Description: Name of an existing public/private key pair, which allows you to securely connect to your instance
after it launches.
Type: 'AWS::EC2::KeyPair::KeyName'
NumBastionHosts:
AllowedValues:
- '1'
- '2'
- '3'
- '4'
Default: '1'
Description: The number of bastion hosts to create. The maximum number is four.
Type: String
PrivateSubnet1CIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Description: CIDR block for private subnet 1 located in Availability Zone 1.
Type: String
PrivateSubnet2CIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Description: CIDR block for private subnet 2 located in Availability Zone 2.
Type: String
PublicSubnet1CIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.128.0/20
Description: CIDR Block for the public DMZ subnet 1 located in Availability Zone 1.
Type: String
PublicSubnet2CIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.144.0/20
Description: CIDR Block for the public DMZ subnet 2 located in Availability Zone 2.
Type: String
VPCTenancy:
AllowedValues:
- default
- dedicated
Default: default
Description: The allowed tenancy of instances launched into the VPC.
Type: String
QSS3BucketName:
AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$
ConstraintDescription: Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-).
Default: aws-quickstart
Description: S3 bucket name for the Quick Start assets. Quick Start bucket name can
include numbers, lowercase letters, uppercase letters, and hyphens (-). It
cannot start or end with a hyphen (-).
Type: String
QSS3KeyPrefix:
AllowedPattern: ^([0-9a-zA-Z-.]+/)*$
ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), dots (.) and forward slash (/). The prefix should end with a forward slash (/).
Default: quickstart-linux-bastion/
Description: S3 key prefix for the Quick Start assets. Quick Start key prefix can
include numbers, lowercase letters, uppercase letters, hyphens (-), dots
(.) and forward slash (/) and it should end with a forward slash (/).
Type: String
QSS3BucketRegion:
Default: 'us-east-1'
Description: The AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. When using your own bucket, you must specify this value.
Type: String
RemoteAccessCIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/x
Description: Allowed CIDR block for external SSH access to the bastions
Type: String
VPCCIDR:
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Description: CIDR Block for the VPC.
Type: String
Conditions:
UsingDefaultBucket: !Equals
- !Ref QSS3BucketName
- 'aws-quickstart'
Resources:
VPCStack:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Sub
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template
- S3Bucket: !If
- UsingDefaultBucket
- !Sub 'aws-quickstart-${AWS::Region}'
- !Ref 'QSS3BucketName'
S3Region: !If
- UsingDefaultBucket
- !Ref 'AWS::Region'
- !Ref 'QSS3BucketRegion'
Parameters:
AvailabilityZones: !Join
- ','
- !Ref AvailabilityZones
KeyPairName: !Ref KeyPairName
NumberOfAZs: '2'
PrivateSubnet1ACIDR: !Ref PrivateSubnet1CIDR
PrivateSubnet2ACIDR: !Ref PrivateSubnet2CIDR
PublicSubnet1CIDR: !Ref PublicSubnet1CIDR
PublicSubnet2CIDR: !Ref PublicSubnet2CIDR
VPCCIDR: !Ref VPCCIDR
VPCTenancy: !Ref VPCTenancy
BastionStack:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Sub
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/linux-bastion.template
- S3Bucket: !If
- UsingDefaultBucket
- !Sub 'aws-quickstart-${AWS::Region}'
- !Ref 'QSS3BucketName'
S3Region: !If
- UsingDefaultBucket
- !Ref 'AWS::Region'
- !Ref 'QSS3BucketRegion'
Parameters:
BastionAMIOS: !Ref BastionAMIOS
BastionHostName: !Ref BastionHostName
BastionBanner: !Ref BastionBanner
BastionInstanceType: !Ref BastionInstanceType
BastionTenancy: !Ref BastionTenancy
EnableBanner: !Ref EnableBanner
EnableTCPForwarding: !Ref EnableTCPForwarding
EnableX11Forwarding: !Ref EnableX11Forwarding
KeyPairName: !Ref KeyPairName
NumBastionHosts: !Ref NumBastionHosts
PublicSubnet1ID: !GetAtt
- VPCStack
- Outputs.PublicSubnet1ID
PublicSubnet2ID: !GetAtt
- VPCStack
- Outputs.PublicSubnet2ID
QSS3BucketRegion: !Ref QSS3BucketRegion
QSS3BucketName: !Ref QSS3BucketName
QSS3KeyPrefix: !Ref QSS3KeyPrefix
RemoteAccessCIDR: !Ref RemoteAccessCIDR
VPCID: !GetAtt
- VPCStack
- Outputs.VPCID
Reference in New Issue View Git Blame Copy Permalink