-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloud-controller-with-new-vpc.yaml
141 lines (137 loc) · 5.64 KB
/
cloud-controller-with-new-vpc.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
AWSTemplateFormatVersion: "2010-09-09"
Description: This template deploys a fully fledged new VPC, an AutoScalingGroup, LoadBalancer, TargetGroup, and a Bitrise Cloud Controller instance.
The Cloud Controller instance is placed within a private subnet. The LoadBalancer's only purpose is to provide health checks, it serves no traffic.
Parameters:
EnvironmentName:
Description: An environment name that is prefixed to resource names
Type: String
VpcCIDR:
Description: Please enter the IP range (CIDR notation) for this VPC
Type: String
AllowedPattern: .+
Default: 10.192.0.0/16
PublicSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
Type: String
AllowedPattern: .+
Default: 10.192.0.0/20
PublicSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
Type: String
AllowedPattern: .+
Default: 10.192.16.0/20
PrivateSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
Type: String
AllowedPattern: .+
Default: 10.192.32.0/20
PrivateSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
Type: String
AllowedPattern: .+
Default: 10.192.64.0/20
BitriseControllerToken:
Description: Please provide the token you received at Controller creation.
Type: String
AllowedPattern: .+
NoEcho: true
BitriseWorkspaceID:
Description: Please provide your Bitrise Workspace ID.
Type: String
AllowedPattern: .+
ControllerSshKey:
Description: Please provide a keypair name you would like to use for the Controller.
Type: AWS::EC2::KeyPair::KeyName
ConstraintDescription: must be the name of an existing EC2 KeyPair.
ControllerLogRetentionInDays:
Description: Please provide the Controller log retention in days.
Type: Number
Default: 7
ControllerLogGroupClass:
Description: Please provide a CloudWatch Log Class for Controller logs.
Type: String
AllowedValues: ["STANDARD", "INFREQUENT_ACCESS"]
Default: "INFREQUENT_ACCESS"
CreateBitriseAgentLogs:
Description: Whether to create the Bitrise Agent Logs nested stack
Type: String
AllowedValues:
- "true"
- "false"
Default: "false"
BitriseAgentLogRetentionInDays:
Description: Please provide the Bitrise agent log retention in days.
Type: Number
Default: 7
BitriseAgentLogsGroupClass:
Description: Please provide a CloudWatch Log Class for Controller logs.
Type: String
AllowedValues: [ "STANDARD", "INFREQUENT_ACCESS" ]
Default: "INFREQUENT_ACCESS"
Conditions:
ShouldCreateBitriseAgentLogs: !Equals [ !Ref CreateBitriseAgentLogs, "true" ]
Resources:
NewVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/vpc/vpc.yaml"
Parameters:
EnvironmentName: !Ref EnvironmentName
VpcCIDR: !Ref VpcCIDR
PublicSubnet1CIDR: !Ref PublicSubnet1CIDR
PublicSubnet2CIDR: !Ref PublicSubnet2CIDR
PrivateSubnet1CIDR: !Ref PrivateSubnet1CIDR
PrivateSubnet2CIDR: !Ref PrivateSubnet2CIDR
BitriseControllerTokenSecret:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/secretmanager/secretmanager.yaml"
Parameters:
BitriseControllerToken: !Ref BitriseControllerToken
BitriseWorkspaceID: !Ref BitriseWorkspaceID
BitriseControllerLogs:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/logs/logs.yaml"
Parameters:
LogRetentionInDays: !Ref ControllerLogRetentionInDays
LogGroupClass: !Ref ControllerLogGroupClass
LogGroupName: !Join ["-", ["bitrise-controller-logs", !GetAtt NewVpcStack.Outputs.VpcArn]]
LogStreamName: "controller-agent"
LogOutputExportNamePrefix: "BitriseController"
BitriseAgentLogs:
Type: AWS::CloudFormation::Stack
Condition: ShouldCreateBitriseAgentLogs
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/logs/logs.yaml"
Parameters:
LogRetentionInDays: !Ref BitriseAgentLogRetentionInDays
LogGroupClass: !Ref BitriseAgentLogsGroupClass
LogGroupName: "bitrise-agent-log"
LogOutputExportNamePrefix: "BitriseAgentLogs"
BitriseInstanceRoles:
Type: AWS::CloudFormation::Stack
DependsOn: [BitriseControllerTokenSecret, BitriseControllerLogs]
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/iam/roles.yaml"
BitriseAgentLogsInstanceRoles:
Type: AWS::CloudFormation::Stack
Condition: ShouldCreateBitriseAgentLogs
DependsOn: [ BitriseAgentLogs ]
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/iam/agent-roles.yaml"
BitriseSecurityGroups:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/asg/security-group.yaml"
Parameters:
VPCID: !GetAtt NewVpcStack.Outputs.VpcArn
VpcCidrBlock: !Ref VpcCIDR
BitriseAutoscalingGroup:
Type: AWS::CloudFormation::Stack
DependsOn: [NewVpcStack, BitriseInstanceRoles, BitriseControllerTokenSecret, BitriseSecurityGroups]
Properties:
TemplateURL: "https://bitrise-cloudformation-templates.s3.amazonaws.com/asg/asg.yaml"
Parameters:
ControllerSshKey: !Ref ControllerSshKey
Outputs: {}