AWSTemplateFormatVersion: 2010-09-09 Description: AWS CloudFormation Template to build a Liquibase Pro project with AWS CodePipeline in AWS. (qs-1smgd1p7g) Metadata: QuickStartDocumentation: EntrypointName: Launch into a new VPC Order: 1 LintSpellExclude: - Liquibase SentenceCaseExclude: - Pro - Production - Staging - Test LICENSE: Apache License, Version 2.0 AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Network configuration Parameters: - AvailabilityZones - VPCCIDR - PrivateSubnet1CIDR - PrivateSubnet2CIDR - PublicSubnet1CIDR - PublicSubnet2CIDR - VPCTenancy - Label: default: Project configuration Parameters: - ProjectName - CodePipelineS3BucketName - Label: default: Liquibase configuration Parameters: - LiquibaseProKey - Label: default: Database configuration Parameters: - DatabaseUsernameTest - DatabasePasswordTest - DatabaseUsernameStage - DatabasePasswordStage - DatabaseUsernameProd - DatabasePasswordProd - DatabaseInstanceClass - DatabaseEngineVersion - DatabasePort - DatabaseStorageType - DatabaseAllocatedStorage - DatabaseBackupRetentionPeriod - Label: default: AWS Quick Start configuration Parameters: - QSS3BucketName - QSS3KeyPrefix - QSS3BucketRegion - Label: default: Automated testing configuration Parameters: - IsAutomatedTest ParameterLabels: AvailabilityZones: default: Availability Zones CodePipelineS3BucketName: default: S3 bucket for storing artifacts DatabaseUsernameStage: default: Database username for Staging DatabasePasswordStage: default: Database password for Staging DatabaseUsernameTest: default: Database username for Test DatabasePasswordTest: default: Database password for Test DatabaseUsernameProd: default: Database username for Production DatabasePasswordProd: default: Database password for Production DatabaseInstanceClass: default: Database instance class DatabaseEngineVersion: default: Database engine version DatabasePort: default: Database TCP listening port DatabaseStorageType: default: Database storage type DatabaseAllocatedStorage: default: Database allocated storage DatabaseBackupRetentionPeriod: default: Database backup retention period LiquibaseProKey: default: Liquibase Pro key ProjectName: default: Project name PrivateSubnet1CIDR: default: Private subnet 1 CIDR PrivateSubnet2CIDR: default: Private subnet 2 CIDR PublicSubnet1CIDR: default: Public subnet 1 CIDR PublicSubnet2CIDR: default: Public subnet 2 CIDR VPCCIDR: default: VPC CIDR VPCTenancy: default: VPC tenancy QSS3BucketRegion: default: Quick Start S3 bucket Region QSS3BucketName: default: Quick Start S3 bucket name QSS3KeyPrefix: default: Quick Start S3 key prefix IsAutomatedTest: default: Is this an automated test? Parameters: AvailabilityZones: Description: >- List of Availability Zones to use for the subnets in the VPC. (Must choose at least 2). Type: List LiquibaseProKey: Description: >- Enter your Liquibase Pro key here. If you don't have one, visit https://download.liquibase.org/liquibase-pro-trial-request-form/ to start a free trial. Type: String NoEcho: true DatabaseUsernameProd: Description: Database username for Production. Type: String MinLength: 1 MaxLength: 16 AllowedPattern: ^[a-zA-Z][a-zA-Z0-9]*$ ConstraintDescription: >- 1 to 16 alphanumeric characters. First character must be a letter. Default: postgres DatabasePasswordProd: Description: Database password for Production. Type: String MinLength: 8 MaxLength: 128 AllowedPattern: ^[^/'\"@]+$ ConstraintDescription: >- 8 to 128 printable ASCII characters. Can''t contain any of the following: slash (/), single quote (''), double quote ("), or at sign (@). NoEcho: true DatabaseUsernameStage: Description: Database username for Staging. Type: String MinLength: 1 MaxLength: 16 AllowedPattern: ^[a-zA-Z][a-zA-Z0-9]*$ ConstraintDescription: >- 1 to 16 alphanumeric characters. First character must be a letter. Default: postgres DatabasePasswordStage: Description: Database password for Staging. Type: String MinLength: 8 MaxLength: 128 AllowedPattern: ^[^/'\"@]+$ ConstraintDescription: >- 8 to 128 printable ASCII characters. Can''t contain any of the following: slash (/), single quote (''), double quote ("), or at sign (@). NoEcho: true DatabaseUsernameTest: Description: Database username for Test. Type: String MinLength: 1 MaxLength: 16 AllowedPattern: ^[a-zA-Z][a-zA-Z0-9]*$ ConstraintDescription: >- 1 to 16 alphanumeric characters. First character must be a letter. Default: postgres DatabasePasswordTest: Description: Database password for Test. Type: String MinLength: 8 MaxLength: 128 AllowedPattern: ^[^/'\"@]+$ ConstraintDescription: >- 8 to 128 printable ASCII characters. Can't contain any of the following: slash (/), single quote (''), double quote ("), or at sign (@). NoEcho: true DatabaseInstanceClass: Description: Database instance class. Type: String Default: db.t3.micro DatabaseEngineVersion: Description: Database engine version. Type: String Default: 12.11 DatabasePort: Description: Database TCP listening port. Type: Number MinValue: 1150 MaxValue: 65535 Default: 5432 DatabaseStorageType: Description: Database storage type. Type: String Default: gp2 DatabaseAllocatedStorage: Description: Database allocated storage. Type: Number MinValue: 20 MaxValue: 65536 Default: 20 DatabaseBackupRetentionPeriod: Description: Database backup retention period. Type: Number Default: 7 ProjectName: Description: Project name used in resource names and descriptions. Type: String MinLength: 1 MaxLength: 48 AllowedPattern: ^[a-z][a-z0-9-]*$ ConstraintDescription: >- 1 to 48 lowercase alphanumeric characters and hyphens (-). First character must be a letter. Default: liquibase-pro-sample PrivateSubnet1CIDR: Description: >- CIDR block for private subnet 1, located in Availability Zone 1. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: >- CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/19 PrivateSubnet2CIDR: Description: >- CIDR block for private subnet 2, located in Availability Zone 2. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: >- CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.32.0/19 PublicSubnet1CIDR: Description: >- CIDR block for the public DMZ subnet 1, located in Availability Zone 1. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: >- CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.128.0/20 PublicSubnet2CIDR: Description: CIDR block for the public DMZ subnet 2, located in Availability Zone 2. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: >- CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.144.0/20 VPCCIDR: Description: CIDR block for the VPC. Type: String AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$ ConstraintDescription: >- CIDR block parameter must be in the form x.x.x.x/16-28 Default: 10.0.0.0/16 VPCTenancy: Description: The allowed tenancy of instances launched into the VPC. Type: String AllowedValues: - default - dedicated Default: default QSS3BucketName: Description: Name of the S3 bucket for your copy of the Quick Start assets. Keep the default name unless you are customizing the template. Changing the name updates code references to point to a new Quick Start location. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String MinLength: 3 MaxLength: 63 AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ ConstraintDescription: The Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-). Default: aws-quickstart QSS3KeyPrefix: Description: S3 key prefix that is used to simulate a directory for your copy of the Quick Start assets. Keep the default prefix unless you are customizing the template. Changing this prefix updates code references to point to a new Quick Start location. This prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). End with a forward slash. See https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html and https://aws-quickstart.github.io/option1.html. Type: String AllowedPattern: ^([0-9a-zA-Z-.]+/)*$ ConstraintDescription: The Quick Start S3 key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slashes (/). Default: quickstart-liquibase-pro/ QSS3BucketRegion: Description: >- AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. Keep the default Region unless you are customizing the template. Changing this Region updates code references to point to a new Quick Start location. When using your own bucket, specify the Region. See https://aws-quickstart.github.io/option1.html. Type: String Default: us-east-1 IsAutomatedTest: Description: >- Choose yes for automated CI/CD testing to skip deployment of the AWS CodePipeline pipeline and dependent Amazon CloudWatch event rule. This was implemented because 1/ the pipeline includes stages that require manual approval, and 2/ the AWS CodeBuild stages build containers with elastic network interfaces (ENIs) attached to the CodeBuildSecurityGroup resource. As of 2022-03-31, when this type of CodeBuild job is interrupted, the ENI is orphaned while still attached to the security group, which will cause stack deletion to fail. Type: String AllowedValues: - 'yes' - 'no' Default: 'no' CodePipelineS3BucketName: Description: >- Name of the S3 bucket to store artifacts from CodePipeline. If you leave this parameter empty, a new bucket will be created for you via CloudFormation. If using a CloudFormation-generated bucket, the contents of the bucket must be deleted prior to deleting the stack. This name can include numbers, lowercase letters, uppercase letters, and hyphens, but do not start or end with a hyphen (-). See https://aws-quickstart.github.io/option1.html. Type: String Default: "" Conditions: UsingDefaultBucket: !Equals [!Ref QSS3BucketName, aws-quickstart] IsCodePipelineS3BuckeEmpty: !Equals [!Ref "CodePipelineS3BucketName", ""] Resources: VPCStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template.yaml - S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] S3Region: !If [UsingDefaultBucket, !Ref AWS::Region, !Ref QSS3BucketRegion] Parameters: AvailabilityZones: !Join [',', !Ref AvailabilityZones] NumberOfAZs: 2 PrivateSubnet1ACIDR: !Ref PrivateSubnet1CIDR PrivateSubnet2ACIDR: !Ref PrivateSubnet2CIDR PublicSubnet1CIDR: !Ref PublicSubnet1CIDR PublicSubnet2CIDR: !Ref PublicSubnet2CIDR VPCCIDR: !Ref VPCCIDR VPCTenancy: !Ref VPCTenancy LiquibaseProStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: !Sub - https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}templates/liquibase-pro.template.yaml - S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName] S3Region: !If [UsingDefaultBucket, !Ref AWS::Region, !Ref QSS3BucketRegion] Parameters: LiquibaseProKey: !Ref LiquibaseProKey DatabaseUsernameProd: !Ref DatabaseUsernameProd DatabasePasswordProd: !Ref DatabasePasswordProd DatabaseUsernameStage: !Ref DatabaseUsernameStage DatabasePasswordStage: !Ref DatabasePasswordStage DatabaseUsernameTest: !Ref DatabaseUsernameTest DatabasePasswordTest: !Ref DatabasePasswordTest DatabaseInstanceClass: !Ref DatabaseInstanceClass DatabaseEngineVersion: !Ref DatabaseEngineVersion DatabasePort: !Ref DatabasePort DatabaseStorageType: !Ref DatabaseStorageType DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage DatabaseBackupRetentionPeriod: !Ref DatabaseBackupRetentionPeriod ProjectName: !Ref ProjectName CodePipelineS3BucketName: !Ref CodePipelineS3BucketName QSS3BucketName: !Ref QSS3BucketName VPCID: !GetAtt VPCStack.Outputs.VPCID PrivateSubnet01: !GetAtt VPCStack.Outputs.PrivateSubnet1AID PrivateSubnet02: !GetAtt VPCStack.Outputs.PrivateSubnet2AID IsAutomatedTest: !Ref IsAutomatedTest Outputs: Postdeployment: Description: See the deployment guide for post-deployment steps. Value: https://aws-quickstart.github.io/quickstart-liquibase-pro/#_postdeployment_steps