Skip to content
Snippets Groups Projects
Commit 7a799d8b authored by baldwinlouie's avatar baldwinlouie Committed by Yas Naoi
Browse files

Issue #3119075 by baldwinlouie, yas: Fix CFn nested templates so long resource...

Issue #3119075 by baldwinlouie, yas: Fix CFn nested templates so long resource name/ids do not error out
parent f6eb81d3
No related branches found
No related tags found
No related merge requests found
...@@ -66,4 +66,4 @@ Outputs: ...@@ -66,4 +66,4 @@ Outputs:
Value: !GetAtt ElastiCacheCluster.ConfigurationEndpoint.Address Value: !GetAtt ElastiCacheCluster.ConfigurationEndpoint.Address
ElastiCachePort: ElastiCachePort:
Description: ElastiCache port Description: ElastiCache port
Value: 11211 Value: 11211
\ No newline at end of file
AWSTemplateFormatVersion: 2010-09-09 AWSTemplateFormatVersion: 2010-09-09
Description: 'Cloud Orchestrator RDS' Description: 'Cloud Orchestrator RDS'
Parameters: Parameters:
StackPrefix:
Type: String
Description: >-
A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1'
MaxLength: '20'
AllowedPattern: '[a-zA-Z0-9\\-]*'
MySQLUserName: MySQLUserName:
Description: >- Description: >-
Username for the RDS. Must be between 5 and 16 characters and only contain Username for the RDS. Must be between 5 and 16 characters and only contain
...@@ -102,7 +112,9 @@ Resources: ...@@ -102,7 +112,9 @@ Resources:
- !GetAZs - !GetAZs
Ref: 'AWS::Region' Ref: 'AWS::Region'
BackupRetentionPeriod: 2 BackupRetentionPeriod: 2
DBInstanceIdentifier: !Sub '${AWS::StackName}-Drupal-RDS' DBInstanceIdentifier: !Sub
- "${StackPrefix}-Drupal-RDS"
- StackPrefix: !Ref StackPrefix
DBInstanceClass: !Ref RDSInstanceType DBInstanceClass: !Ref RDSInstanceType
DBName: !Ref DatabaseName DBName: !Ref DatabaseName
DBSubnetGroupName: !Ref DbSubnetGroup DBSubnetGroupName: !Ref DbSubnetGroup
...@@ -120,7 +132,9 @@ Resources: ...@@ -120,7 +132,9 @@ Resources:
- !Ref SubnetSecurityGroup - !Ref SubnetSecurityGroup
Outputs: Outputs:
RDSInstanceName: RDSInstanceName:
Value: !Sub '${AWS::StackName}-Drupal-RDS' Value: !Sub
- "${StackPrefix}-Drupal-RDS"
- StackPrefix: !Ref StackPrefix
DatabaseName: DatabaseName:
Value: !Ref DatabaseName Value: !Ref DatabaseName
MySQLUserName: MySQLUserName:
...@@ -130,4 +144,4 @@ Outputs: ...@@ -130,4 +144,4 @@ Outputs:
DatabaseEndpointAddress: DatabaseEndpointAddress:
Value: !GetAtt RDS.Endpoint.Address Value: !GetAtt RDS.Endpoint.Address
DatabasePort: DatabasePort:
Value: !GetAtt RDS.Endpoint.Port Value: !GetAtt RDS.Endpoint.Port
\ No newline at end of file
...@@ -51,6 +51,16 @@ Mappings: ...@@ -51,6 +51,16 @@ Mappings:
sa-east-1: sa-east-1:
AMI: ami-0cb1ddea3786f6c0d AMI: ami-0cb1ddea3786f6c0d
Parameters: Parameters:
StackPrefix:
Type: String
Description: >-
A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1'
MaxLength: '20'
AllowedPattern: '[a-zA-Z0-9\\-]*'
IAMInstanceProfile: IAMInstanceProfile:
Description: IAM Instance Profile Name Description: IAM Instance Profile Name
Type: String Type: String
...@@ -356,10 +366,14 @@ Resources: ...@@ -356,10 +366,14 @@ Resources:
- Key: Application - Key: Application
Value: !Ref 'AWS::StackName' Value: !Ref 'AWS::StackName'
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Drupal Instance' Value: !Sub
- '${StackPrefix} Drupal Instance'
- StackPrefix: !Ref StackPrefix
Outputs: Outputs:
EC2InstanceName: EC2InstanceName:
Value: !Sub '${AWS::StackName} Drupal Instance' Value: !Sub
- '${StackPrefix} Drupal Instance'
- StackPrefix: !Ref StackPrefix
DrupalUrl: DrupalUrl:
Value: Value:
!Sub !Sub
......
...@@ -7,56 +7,23 @@ ...@@ -7,56 +7,23 @@
AWSTemplateFormatVersion: 2010-09-09 AWSTemplateFormatVersion: 2010-09-09
Description: 'Cloud Orchestrator Group, Role, InstanceProfile and Policy' Description: 'Cloud Orchestrator Group, Role, InstanceProfile and Policy'
Parameters: Parameters:
GroupName: StackPrefix:
Type: String
Description: >-
The name of the group to create. Can only contain alphanumeric characters and these
special characters [\w+=,.@-]+
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
RoleName:
Type: String
Description: >-
A name for the IAM role. Must be between 1 and 128 characters and only contain
alphanumeric characters and these special characters [\w+=,.@-]+
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
InstanceProfileName:
Type: String
Description: >-
The name of the instance profile to create. Must be between 1 and 128 characters and only contain
alphanumeric characters and these special characters [\w+=,.@-]+
MinLength: '1'
MaxLength: '128'
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
PolicyName:
Type: String Type: String
Description: >- Description: >-
The name of the policy document. Must be between 1 and 128 characters and only contain A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
alphanumeric characters and these special characters [\w+=,.@-]+ ${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1' MinLength: '1'
MaxLength: '128' MaxLength: '20'
AllowedPattern: '^([\w+=,.@-]+)*$' AllowedPattern: '[a-zA-Z0-9\\-]*'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
Resources: Resources:
CloudOrchestratorGroup: CloudOrchestratorGroup:
Type: AWS::IAM::Group Type: AWS::IAM::Group
Properties: Properties:
GroupName: GroupName: !Sub
!Join - "${AWS::Region}-${StackPrefix}-Group"
- '-' - StackPrefix: !Ref StackPrefix
- - !Ref AWS::Region
- !Ref GroupName
CloudOrchestratorRole: CloudOrchestratorRole:
Type: AWS::IAM::Role Type: AWS::IAM::Role
Properties: Properties:
...@@ -70,18 +37,24 @@ Resources: ...@@ -70,18 +37,24 @@ Resources:
Action: Action:
- 'sts:AssumeRole' - 'sts:AssumeRole'
Description: Cloud Orchestrator Role Description: Cloud Orchestrator Role
RoleName: !Ref RoleName RoleName: !Sub
- "${AWS::Region}-${StackPrefix}-Role"
- StackPrefix: !Ref StackPrefix
CloudOrchestratorInstanceProfile: CloudOrchestratorInstanceProfile:
Type: AWS::IAM::InstanceProfile Type: AWS::IAM::InstanceProfile
Properties: Properties:
InstanceProfileName: !Ref InstanceProfileName InstanceProfileName: !Sub
- "${StackPrefix}-InstanceProfile"
- StackPrefix: !Ref StackPrefix
Path: / Path: /
Roles: Roles:
- !Ref CloudOrchestratorRole - !Ref CloudOrchestratorRole
CloudOrchestratorPolicy: CloudOrchestratorPolicy:
Type: AWS::IAM::Policy Type: AWS::IAM::Policy
Properties: Properties:
PolicyName: !Ref PolicyName PolicyName: !Sub
- "${StackPrefix}-Policy"
- StackPrefix: !Ref StackPrefix
Groups: Groups:
- !Ref CloudOrchestratorGroup - !Ref CloudOrchestratorGroup
Roles: Roles:
...@@ -205,4 +178,4 @@ Outputs: ...@@ -205,4 +178,4 @@ Outputs:
By assigning this role, you do not need to specify Access key ID and Access key Secret By assigning this role, you do not need to specify Access key ID and Access key Secret
when adding an AWS Cloud Region. when adding an AWS Cloud Region.
RoleName: RoleName:
Value: !Ref CloudOrchestratorRole Value: !Ref CloudOrchestratorRole
\ No newline at end of file
...@@ -8,6 +8,17 @@ Mappings: ...@@ -8,6 +8,17 @@ Mappings:
CidrBlock: 10.0.1.0/24 CidrBlock: 10.0.1.0/24
PrivateSubnet2: PrivateSubnet2:
CidrBlock: 10.0.2.0/24 CidrBlock: 10.0.2.0/24
Parameters:
StackPrefix:
Type: String
Description: >-
A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1'
MaxLength: '20'
AllowedPattern: '[a-zA-Z0-9\\-]*'
Resources: Resources:
VPC: VPC:
Type: AWS::EC2::VPC Type: AWS::EC2::VPC
...@@ -16,15 +27,17 @@ Resources: ...@@ -16,15 +27,17 @@ Resources:
EnableDnsHostnames: true EnableDnsHostnames: true
Tags: Tags:
- Key: Name - Key: Name
Value: Value: !Sub
!Sub '${AWS::StackName} VPC' - '${StackPrefix} VPC'
- StackPrefix: !Ref StackPrefix
InternetGateway: InternetGateway:
Type: AWS::EC2::InternetGateway Type: AWS::EC2::InternetGateway
Properties: Properties:
Tags: Tags:
- Key: Name - Key: Name
Value: Value: !Sub
!Sub '${AWS::StackName} Internet Gateway' - '${StackPrefix} Internet Gateway'
- StackPrefix: !Ref StackPrefix
AttachGateway: AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment Type: AWS::EC2::VPCGatewayAttachment
Properties: Properties:
...@@ -43,7 +56,9 @@ Resources: ...@@ -43,7 +56,9 @@ Resources:
- !GetAZs '' - !GetAZs ''
Tags: Tags:
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Public Subnet 1' Value: !Sub
- '${StackPrefix} Public Subnet 1'
- StackPrefix: !Ref StackPrefix
PrivateSubnet1: PrivateSubnet1:
Type: AWS::EC2::Subnet Type: AWS::EC2::Subnet
Properties: Properties:
...@@ -57,7 +72,9 @@ Resources: ...@@ -57,7 +72,9 @@ Resources:
- !GetAZs '' - !GetAZs ''
Tags: Tags:
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Private Subnet 1' Value: !Sub
- '${StackPrefix} Private Subnet 1'
- StackPrefix: !Ref StackPrefix
PrivateSubnet2: PrivateSubnet2:
Type: AWS::EC2::Subnet Type: AWS::EC2::Subnet
Properties: Properties:
...@@ -71,14 +88,18 @@ Resources: ...@@ -71,14 +88,18 @@ Resources:
- !GetAZs '' - !GetAZs ''
Tags: Tags:
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Private Subnet 2' Value: !Sub
- '${StackPrefix} Private Subnet 2'
- StackPrefix: !Ref StackPrefix
PublicRouteTable: PublicRouteTable:
Type: AWS::EC2::RouteTable Type: AWS::EC2::RouteTable
Properties: Properties:
VpcId: !Ref VPC VpcId: !Ref VPC
Tags: Tags:
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Public Route Table' Value: !Sub
- '${StackPrefix} Public Route Table'
- StackPrefix: !Ref StackPrefix
PublicRoute: PublicRoute:
Type: AWS::EC2::Route Type: AWS::EC2::Route
Properties: Properties:
...@@ -96,7 +117,9 @@ Resources: ...@@ -96,7 +117,9 @@ Resources:
VpcId: !Ref VPC VpcId: !Ref VPC
Tags: Tags:
- Key: Name - Key: Name
Value: !Sub '${AWS::StackName} Private Route Table' Value: !Sub
- '${StackPrefix} Private Route Table'
- StackPrefix: !Ref StackPrefix
PrivateSubnetRouteTableAssociation1: PrivateSubnetRouteTableAssociation1:
Type: AWS::EC2::SubnetRouteTableAssociation Type: AWS::EC2::SubnetRouteTableAssociation
Properties: Properties:
...@@ -110,8 +133,9 @@ Resources: ...@@ -110,8 +133,9 @@ Resources:
DbSubnetGroup: DbSubnetGroup:
Type: AWS::RDS::DBSubnetGroup Type: AWS::RDS::DBSubnetGroup
Properties: Properties:
DBSubnetGroupDescription: DBSubnetGroupDescription: !Sub
!Sub 'RDS Subnet Group for ${AWS::StackName}' - 'RDS Subnet Group for ${StackPrefix}'
- StackPrefix: !Ref StackPrefix
SubnetIds: SubnetIds:
- Ref: PrivateSubnet1 - Ref: PrivateSubnet1
- Ref: PrivateSubnet2 - Ref: PrivateSubnet2
...@@ -127,4 +151,4 @@ Outputs: ...@@ -127,4 +151,4 @@ Outputs:
PrivateSubnet2: PrivateSubnet2:
Value: !Ref PrivateSubnet2 Value: !Ref PrivateSubnet2
DbSubnetGroup: DbSubnetGroup:
Value: !Ref DbSubnetGroup Value: !Ref DbSubnetGroup
\ No newline at end of file
...@@ -9,6 +9,16 @@ Mappings: ...@@ -9,6 +9,16 @@ Mappings:
PrivateSubnet2: PrivateSubnet2:
CidrBlock: 10.0.2.0/24 CidrBlock: 10.0.2.0/24
Parameters: Parameters:
StackPrefix:
Type: String
Description: >-
A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1'
MaxLength: '20'
AllowedPattern: '[a-zA-Z0-9\\-]*'
VPC: VPC:
Description: VPC Id Description: VPC Id
Type: String Type: String
...@@ -16,8 +26,9 @@ Resources: ...@@ -16,8 +26,9 @@ Resources:
EC2SecurityGroup: EC2SecurityGroup:
Type: AWS::EC2::SecurityGroup Type: AWS::EC2::SecurityGroup
Properties: Properties:
GroupName: GroupName: !Sub
!Sub '${AWS::StackName} Public Security Group' - '${StackPrefix} Public Security Group'
- StackPrefix: !Ref StackPrefix
GroupDescription: "SSH and HTTP traffic in, all traffic out." GroupDescription: "SSH and HTTP traffic in, all traffic out."
VpcId: !Ref VPC VpcId: !Ref VPC
SecurityGroupIngress: SecurityGroupIngress:
...@@ -36,7 +47,7 @@ Resources: ...@@ -36,7 +47,7 @@ Resources:
Type: AWS::EC2::SecurityGroup Type: AWS::EC2::SecurityGroup
Properties: Properties:
GroupName: GroupName:
!Sub '${AWS::StackName} Subnet Private Security Group' !Sub '${StackPrefix} Subnet Private Security Group'
GroupDescription: "Internal Security Group for DB and ElastiCache" GroupDescription: "Internal Security Group for DB and ElastiCache"
VpcId: !Ref VPC VpcId: !Ref VPC
SecurityGroupIngress: SecurityGroupIngress:
...@@ -63,4 +74,4 @@ Outputs: ...@@ -63,4 +74,4 @@ Outputs:
Value: !Ref EC2SecurityGroup Value: !Ref EC2SecurityGroup
SubnetSecurityGroup: SubnetSecurityGroup:
Description: 'Subnet Security Group ID' Description: 'Subnet Security Group ID'
Value: !Ref SubnetSecurityGroup Value: !Ref SubnetSecurityGroup
\ No newline at end of file
...@@ -3,6 +3,10 @@ Description: 'Cloud Orchestrator Master Template' ...@@ -3,6 +3,10 @@ Description: 'Cloud Orchestrator Master Template'
Metadata: Metadata:
'AWS::CloudFormation::Interface': 'AWS::CloudFormation::Interface':
ParameterGroups: ParameterGroups:
- Label:
- default: Stack Prefix
Parameters:
- StackPrefix
- Label: - Label:
default: Amazon IAM Configuration default: Amazon IAM Configuration
Parameters: Parameters:
...@@ -36,6 +40,8 @@ Metadata: ...@@ -36,6 +40,8 @@ Metadata:
- DrupalEmail - DrupalEmail
- CloudOrchestratorVersion - CloudOrchestratorVersion
ParameterLabels: ParameterLabels:
StackPrefix:
default: Stack Prefix
GroupName: GroupName:
default: Group Name default: Group Name
RoleName: RoleName:
...@@ -69,46 +75,16 @@ Metadata: ...@@ -69,46 +75,16 @@ Metadata:
CacheNodeCount: CacheNodeCount:
default: Number of ElasticCache nodes in the cluster default: Number of ElasticCache nodes in the cluster
Parameters: Parameters:
GroupName: StackPrefix:
Type: String
Description: >-
The name of the group to create. Can only contain alphanumeric characters and these
special characters [\w+=,.@-]+
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
RoleName:
Type: String
Description: >-
A name for the IAM role. Must be between 1 and 128 characters and only contain
alphanumeric characters and these special characters [\w+=,.@-]+
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
InstanceProfileName:
Type: String Type: String
Description: >- Description: >-
The name of the instance profile to create. Must be between 1 and 128 characters and only contain A prefix to append to resource names/IDs. For example, ${StackPrefix}-IAM-Role,
alphanumeric characters and these special characters [\w+=,.@-]+ ${StackPrefix}-Drupal-RDS for RDS DB Identifier.
Must be between 1 and 20 characters and only contain alphanumeric characters
and hyphens.
MinLength: '1' MinLength: '1'
MaxLength: '128' MaxLength: '20'
AllowedPattern: '^([\w+=,.@-]+)*$' AllowedPattern: '[a-zA-Z0-9\\-]*'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
PolicyName:
Type: String
Description: >-
The name of the policy document. Must be between 1 and 128 characters and only contain
alphanumeric characters and these special characters [\w+=,.@-]+
MinLength: '1'
MaxLength: '128'
AllowedPattern: '^([\w+=,.@-]+)*$'
ConstraintDescription: >-
Must be a string of characters consisting of upper and lowercase alphanumeric characters with no spaces.
You can also include any of the following characters: _+=,.@-
KeyName: KeyName:
Description: Name of an existing EC2 key pair to SSH access into the EC2 instance. Description: Name of an existing EC2 key pair to SSH access into the EC2 instance.
Type: 'AWS::EC2::KeyPair::KeyName' Type: 'AWS::EC2::KeyPair::KeyName'
...@@ -341,25 +317,26 @@ Resources: ...@@ -341,25 +317,26 @@ Resources:
Properties: Properties:
TemplateURL: iam/template.yaml TemplateURL: iam/template.yaml
Parameters: Parameters:
GroupName: !Ref GroupName StackPrefix: !Ref StackPrefix
RoleName: !Ref RoleName
InstanceProfileName: !Ref InstanceProfileName
PolicyName: !Ref PolicyName
Networking: Networking:
Type: AWS::CloudFormation::Stack Type: AWS::CloudFormation::Stack
Properties: Properties:
TemplateURL: networking/template.yaml TemplateURL: networking/template.yaml
Parameters:
StackPrefix: !Ref StackPrefix
Security: Security:
Type: AWS::CloudFormation::Stack Type: AWS::CloudFormation::Stack
Properties: Properties:
TemplateURL: security/template.yaml TemplateURL: security/template.yaml
Parameters: Parameters:
StackPrefix: !Ref StackPrefix
VPC: !GetAtt Networking.Outputs.VPC VPC: !GetAtt Networking.Outputs.VPC
Database: Database:
Type: AWS::CloudFormation::Stack Type: AWS::CloudFormation::Stack
Properties: Properties:
TemplateURL: database/template.yaml TemplateURL: database/template.yaml
Parameters: Parameters:
StackPrefix: !Ref StackPrefix
MySQLUserName: !Ref MySQLUserName MySQLUserName: !Ref MySQLUserName
MySQLPassword: !Ref MySQLPassword MySQLPassword: !Ref MySQLPassword
DatabaseName: !Ref DatabaseName DatabaseName: !Ref DatabaseName
...@@ -382,6 +359,7 @@ Resources: ...@@ -382,6 +359,7 @@ Resources:
Properties: Properties:
TemplateURL: ec2/template.yaml TemplateURL: ec2/template.yaml
Parameters: Parameters:
StackPrefix: !Ref StackPrefix
IAMInstanceProfile: !GetAtt IamRole.Outputs.InstanceProfileName IAMInstanceProfile: !GetAtt IamRole.Outputs.InstanceProfileName
InstanceType: !Ref InstanceType InstanceType: !Ref InstanceType
KeyName: !Ref KeyName KeyName: !Ref KeyName
...@@ -448,4 +426,3 @@ Outputs: ...@@ -448,4 +426,3 @@ Outputs:
Assign this instance profile to an EC2 instance that is running Cloud Orchestrator. Assign this instance profile to an EC2 instance that is running Cloud Orchestrator.
By assigning this role, you do not need to specify Access key ID and Access key Secret By assigning this role, you do not need to specify Access key ID and Access key Secret
when adding an AWS Cloud Region. when adding an AWS Cloud Region.
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment