├── .cfnlintrc ├── .gitignore ├── .gitmodules ├── .taskcat.yml ├── .taskcat_atlassian.yml ├── CODEOWNERS ├── LICENSE.txt ├── NOTICE.txt ├── README.md ├── ci ├── params │ ├── aurora │ │ ├── quickstart-jira-dc-aurora-params.json │ │ └── taskcat.yml │ ├── dbVersions │ │ ├── quickstart-jira-aurora-10.json │ │ ├── quickstart-jira-aurora-11.json │ │ ├── quickstart-jira-aurora-9.json │ │ ├── quickstart-jira-postgres-10.json │ │ ├── quickstart-jira-postgres-11.json │ │ ├── quickstart-jira-postgres-9.json │ │ └── taskcat.yml │ ├── default │ │ ├── quickstart-jira-default-params.json │ │ └── taskcat.yml │ ├── no-bastion │ │ ├── quickstart-jira-no-bastion-params.json │ │ └── taskcat.yml │ └── ssl-and-dns │ │ ├── quickstart-jira-ci-params.json │ │ └── taskcat.yml ├── quickstart-jira-dc-params.json └── taskcat.yml ├── ct └── custom-control-tower-configuration │ └── manifest.yaml ├── docs ├── generated │ ├── parameters │ │ ├── index.adoc │ │ ├── quickstart-jira-dc-with-vpc.template.adoc │ │ └── quickstart-jira-dc.template.adoc │ ├── regions │ │ └── index.adoc │ └── services │ │ ├── index.adoc │ │ └── metadata.adoc ├── images │ ├── aurora-diagram.png │ ├── aws-quickstart-graphic.png │ ├── cfn_outputs.png │ ├── crowd-architecture-diagram.png │ ├── jira-architecture.png │ ├── qs-internal-directory.png │ ├── qs-jira-step10-view-cluster-nodes.png │ ├── qs-jira-step11-two-nodes-clustered.png │ ├── qs-jira-step2-setup-app-properties.png │ ├── qs-jira-step3-licensing.png │ ├── qs-jira-step4-setup-admin-account.png │ ├── qs-jira-step5-setup-email-notifications.png │ ├── qs-jira-step6-choose-language.png │ ├── qs-jira-step7-choose-avatar.png │ └── qs-jira-step9-view-system-info.png └── partner_editable │ ├── _clone_quickstart.adoc │ ├── _config_application.adoc │ ├── _qs_deploy_links.adoc │ ├── _settings.adoc │ ├── additional_info.adoc │ ├── architecture.adoc │ ├── deploy_steps.adoc │ ├── deployment_options.adoc │ ├── faq_troubleshooting.adoc │ ├── licenses.adoc │ ├── overview_target_and_usage.adoc │ ├── planning_the_deployment.adoc │ ├── pre-reqs.adoc │ ├── product_description.adoc │ ├── regions.adoc │ ├── service_limits.adoc │ ├── specialized_knowledge.adoc │ └── test_deployment.adoc └── templates ├── quickstart-jira-dc-with-vpc.template.yaml └── quickstart-jira-dc.template.yaml /.cfnlintrc: -------------------------------------------------------------------------------- 1 | templates: 2 | - templates/* 3 | 4 | # Used by cfn-lint GitHub Action 5 | ignore_checks: 6 | # W4002: As the resource "metadata" section contains reference to a "NoEcho" parameter DBMasterUserPassword, CloudFormation will display the parameter value in plaintext 7 | - W4002 8 | # E3012: Property Resources/EFSCname/Properties/TTL should be of type Long 9 | - E3012 10 | # E1001: Top level template section tests is not valid 11 | - E1001 12 | # E9101: Checks that text is welcoming and inclusive as per Amazon Open Source Code of Conduct https://aws.github.io/code-of-conduct 13 | - E9101 14 | # W9006: Parameter Group name contains spelling error(s) 15 | # W9006: Parameter Group name is not sentence case 16 | # W9006: Parameter Label is not sentence case 17 | # W9006: Parameter Label contains spelling error(s) 18 | - W9006 19 | # W9003 Parameter is not in a ParameterGroup 20 | - W9003 21 | # EIAMPolicyWildcardResource: IAM policy should not allow * resource; This method in this in this policy support granular permissions 22 | - EIAMPolicyWildcardResource 23 | # EFSFilesystemEncryptionEnabled: EFS Encryption is disabled by default 24 | - EFSFilesystemEncryptionEnabled 25 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /taskcat_outputs 2 | *~ 3 | *.bak 4 | /.idea 5 | \#*\# 6 | -------------------------------------------------------------------------------- /.gitmodules: -------------------------------------------------------------------------------- 1 | [submodule "submodules/quickstart-atlassian-services"] 2 | path = submodules/quickstart-atlassian-services 3 | url = https://github.com/aws-quickstart/quickstart-atlassian-services.git 4 | branch = main 5 | [submodule "docs/boilerplate"] 6 | path = docs/boilerplate 7 | url = https://github.com/aws-quickstart/quickstart-documentation-base-common.git 8 | branch = main 9 | -------------------------------------------------------------------------------- /.taskcat.yml: -------------------------------------------------------------------------------- 1 | project: 2 | name: quickstart-atlassian-jira 3 | owner: quickstart-eng@amazon.com 4 | package_lambda: false 5 | s3_regional_buckets: true 6 | regions: 7 | - us-east-1 8 | s3_bucket: '' 9 | tests: 10 | jira: 11 | parameters: 12 | AccessCIDR: 10.0.0.0/16 13 | AvailabilityZones: $[taskcat_genaz_2] 14 | CustomDnsName: qsjiraci.awsqs.com 15 | DBMasterUserPassword: f925dO1ry_ 16 | DBMultiAZ: 'false' 17 | DBPassword: f925dO1ry_ 18 | DBStorage: '100' 19 | DBStorageType: Provisioned IOPS 20 | KeyPairName: replaced-by-taskcat-override-file 21 | QSS3BucketName: $[taskcat_autobucket] 22 | QSS3KeyPrefix: quickstart-atlassian-jira/ 23 | regions: 24 | - us-east-1 25 | s3_bucket: '' 26 | template: templates/quickstart-jira-dc-with-vpc.template.yaml 27 | -------------------------------------------------------------------------------- /.taskcat_atlassian.yml: -------------------------------------------------------------------------------- 1 | project: 2 | name: quickstart-atlassian-jira 3 | owner: quickstart-eng@amazon.com 4 | package_lambda: false 5 | s3_regional_buckets: true 6 | auth: 7 | us-east-1: tests 8 | regions: 9 | - us-east-1 10 | tests: 11 | jira: 12 | template: 'templates/quickstart-jira-dc.template.yaml' 13 | parameters: 14 | InternetFacingLoadBalancer: 'true' 15 | DBMasterUserPassword: 'f925dO1ry_' 16 | DBMultiAZ: 'false' 17 | DBPassword: 'f925dO1ry_' 18 | DBStorage: '100' 19 | DBStorageType: 'Provisioned IOPS' 20 | CidrBlock: '0.0.0.0/0' 21 | QSS3BucketName: $[taskcat_autobucket] 22 | QSS3KeyPrefix: 'quickstart-atlassian-jira/' 23 | ClusterNodeInstanceType: 't3.medium' 24 | DBInstanceClass: 'db.t3.medium' 25 | BastionHostRequired: 'false' 26 | DeploymentAutomationBranch: 'master' 27 | -------------------------------------------------------------------------------- /CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @tonynv @aws-quickstart/aws_quickstart_team 2 | -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "{}" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright {yyyy} {name of copyright owner} 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. 202 | 203 | -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- 1 | Copyright 2016-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with the License. A copy of the License is located at 4 | 5 | http://aws.amazon.com/apache2.0/ 6 | 7 | or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. 8 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # quickstart-atlassian-jira 2 | ## Deprecation Notice 3 | 4 | :x: This repository is subject to deprecation in Q4 2024. For more details, [please review this announcement](https://github.com/aws-ia/.announcements/issues/1). 5 | 6 | ## This repository has been deprecated in favor of https://github.com/aws-ia/cfn-ps-atlassian-jira. 7 | ***We will archive this repository and keep it publicly available until May 1, 2024.*** 8 | -------------------------------------------------------------------------------- /ci/params/aurora/quickstart-jira-dc-aurora-params.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "InternetFacingLoadBalancer", 4 | "ParameterValue": "true" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "f925dO1ry_" 9 | }, 10 | { 11 | "ParameterKey": "DBPassword", 12 | "ParameterValue": "f925dO1ry_" 13 | }, 14 | { 15 | "ParameterKey": "QSS3BucketName", 16 | "ParameterValue": "$[taskcat_autobucket]" 17 | }, 18 | { 19 | "ParameterKey": "QSS3KeyPrefix", 20 | "ParameterValue": "quickstart-atlassian-jira/" 21 | }, 22 | { 23 | "ParameterKey": "CidrBlock", 24 | "ParameterValue": "0.0.0.0/0" 25 | }, 26 | { 27 | "ParameterKey": "DBEngine", 28 | "ParameterValue": "Amazon Aurora PostgreSQL" 29 | }, 30 | { 31 | "ParameterKey": "DBInstanceClass", 32 | "ParameterValue": "db.r5.large" 33 | }, 34 | { 35 | "ParameterKey": "ClusterNodeInstanceType", 36 | "ParameterValue": "t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "BastionHostRequired", 40 | "ParameterValue": "false" 41 | }, 42 | { 43 | "ParameterKey": "DeploymentAutomationBranch", 44 | "ParameterValue": "master" 45 | } 46 | ] 47 | -------------------------------------------------------------------------------- /ci/params/aurora/taskcat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | global: 3 | marketplace-ami: false 4 | owner: dc-deployments-syd@atlassian.com 5 | qsname: quickstart-atlassian-jira 6 | regions: 7 | - us-east-1 8 | reporting: true 9 | 10 | tests: 11 | jira: 12 | parameter_input: params/aurora/quickstart-jira-dc-aurora-params.json 13 | template_file: quickstart-jira-dc.template.yaml 14 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-aurora-10.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "10" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "Amazon Aurora PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-aurora-11.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "11" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "Amazon Aurora PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-aurora-9.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "9" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "Amazon Aurora PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.r5.large" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-postgres-10.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "10" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-postgres-11.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "11" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/quickstart-jira-postgres-9.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "DBMultiAZ", 4 | "ParameterValue": "false" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "$[taskcat_genpass_8S]" 9 | }, 10 | { 11 | "ParameterKey": "CidrBlock", 12 | "ParameterValue": "0.0.0.0/0" 13 | }, 14 | { 15 | "ParameterKey": "DBEngineVersion", 16 | "ParameterValue": "9" 17 | }, 18 | { 19 | "ParameterKey": "DBEngine", 20 | "ParameterValue": "PostgreSQL" 21 | }, 22 | { 23 | "ParameterKey": "DBIops", 24 | "ParameterValue": "1000" 25 | }, 26 | { 27 | "ParameterKey": "DBPassword", 28 | "ParameterValue": "$[taskcat_genpass_8S]" 29 | }, 30 | { 31 | "ParameterKey": "ClusterNodeInstanceType", 32 | "ParameterValue": "t3.medium" 33 | }, 34 | { 35 | "ParameterKey": "DBInstanceClass", 36 | "ParameterValue": "db.t3.medium" 37 | }, 38 | { 39 | "ParameterKey": "QSS3BucketName", 40 | "ParameterValue": "$[taskcat_autobucket]" 41 | }, 42 | { 43 | "ParameterKey": "QSS3KeyPrefix", 44 | "ParameterValue": "quickstart-atlassian-jira/" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | } 50 | ] 51 | -------------------------------------------------------------------------------- /ci/params/dbVersions/taskcat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | global: 3 | qsname: quickstart-atlassian-jira 4 | owner: quickstart-eng@amazon.com 5 | marketplace-ami: false 6 | reporting: true 7 | regions: 8 | - ap-northeast-1 9 | - ap-northeast-2 10 | - ap-south-1 11 | - ap-southeast-1 12 | - ap-southeast-2 13 | - eu-central-1 14 | - eu-west-1 15 | - sa-east-1 16 | - us-east-1 17 | - us-east-2 18 | - us-west-1 19 | - us-west-2 20 | 21 | tests: 22 | JIRA-aurora-9: 23 | template_file: quickstart-jira-dc.template.yaml 24 | parameter_input: params/dbVersions/quickstart-jira-aurora-9.json 25 | regions: 26 | - us-east-1 27 | 28 | JIRA-aurora-10: 29 | template_file: quickstart-jira-dc.template.yaml 30 | parameter_input: params/dbVersions/quickstart-jira-aurora-10.json 31 | regions: 32 | - us-east-1 33 | 34 | JIRA-aurora-11: 35 | template_file: quickstart-jira-dc.template.yaml 36 | parameter_input: params/dbVersions/quickstart-jira-aurora-11.json 37 | regions: 38 | - us-east-1 39 | 40 | JIRA-postgres-9: 41 | template_file: quickstart-jira-dc.template.yaml 42 | parameter_input: params/dbVersions/quickstart-jira-postgres-9.json 43 | regions: 44 | - us-east-1 45 | 46 | JIRA-postgres-10: 47 | template_file: quickstart-jira-dc.template.yaml 48 | parameter_input: params/dbVersions/quickstart-jira-postgres-10.json 49 | regions: 50 | - us-east-1 51 | 52 | JIRA-postgres-11: 53 | template_file: quickstart-jira-dc.template.yaml 54 | parameter_input: params/dbVersions/quickstart-jira-postgres-11.json 55 | regions: 56 | - us-east-1 57 | 58 | -------------------------------------------------------------------------------- /ci/params/default/quickstart-jira-default-params.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "InternetFacingLoadBalancer", 4 | "ParameterValue": "true" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "f925dO1ry_" 9 | }, 10 | { 11 | "ParameterKey": "DBMultiAZ", 12 | "ParameterValue": "false" 13 | }, 14 | { 15 | "ParameterKey": "DBPassword", 16 | "ParameterValue": "f925dO1ry_" 17 | }, 18 | { 19 | "ParameterKey": "DBStorage", 20 | "ParameterValue": "100" 21 | }, 22 | { 23 | "ParameterKey": "DBStorageType", 24 | "ParameterValue": "Provisioned IOPS" 25 | }, 26 | { 27 | "ParameterKey": "CidrBlock", 28 | "ParameterValue": "0.0.0.0/0" 29 | }, 30 | { 31 | "ParameterKey": "QSS3BucketName", 32 | "ParameterValue": "$[taskcat_autobucket]" 33 | }, 34 | { 35 | "ParameterKey": "QSS3KeyPrefix", 36 | "ParameterValue": "quickstart-atlassian-jira/" 37 | }, 38 | { 39 | "ParameterKey": "ClusterNodeInstanceType", 40 | "ParameterValue": "t3.medium" 41 | }, 42 | { 43 | "ParameterKey": "DBInstanceClass", 44 | "ParameterValue": "db.t3.medium" 45 | }, 46 | { 47 | "ParameterKey": "BastionHostRequired", 48 | "ParameterValue": "false" 49 | }, 50 | { 51 | "ParameterKey": "DeploymentAutomationBranch", 52 | "ParameterValue": "master" 53 | } 54 | ] 55 | -------------------------------------------------------------------------------- /ci/params/default/taskcat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | global: 3 | marketplace-ami: false 4 | owner: dc-deployments-syd@atlassian.com 5 | qsname: quickstart-atlassian-jira 6 | regions: 7 | - us-east-1 8 | reporting: true 9 | 10 | tests: 11 | jira: 12 | parameter_input: params/default/quickstart-jira-default-params.json 13 | template_file: quickstart-jira-dc.template.yaml 14 | -------------------------------------------------------------------------------- /ci/params/no-bastion/quickstart-jira-no-bastion-params.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "AvailabilityZones", 4 | "ParameterValue": "$[taskcat_genaz_2]" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "f925dO1ry_" 9 | }, 10 | { 11 | "ParameterKey": "DBMultiAZ", 12 | "ParameterValue": "false" 13 | }, 14 | { 15 | "ParameterKey": "DBPassword", 16 | "ParameterValue": "f925dO1ry_" 17 | }, 18 | { 19 | "ParameterKey": "DBStorage", 20 | "ParameterValue": "100" 21 | }, 22 | { 23 | "ParameterKey": "DBStorageType", 24 | "ParameterValue": "Provisioned IOPS" 25 | }, 26 | { 27 | "ParameterKey": "CustomDnsName", 28 | "ParameterValue": "qsjiraci.awsqs.com" 29 | }, 30 | { 31 | "ParameterKey":"QSS3BucketName", 32 | "ParameterValue":"$[taskcat_autobucket]" 33 | }, 34 | { 35 | "ParameterKey":"QSS3KeyPrefix", 36 | "ParameterValue":"quickstart-atlassian-jira/" 37 | }, 38 | { 39 | "ParameterKey":"AccessCIDR", 40 | "ParameterValue":"10.0.0.0/16" 41 | }, 42 | { 43 | "ParameterKey": "BastionHostRequired", 44 | "ParameterValue": "false" 45 | } 46 | ] 47 | -------------------------------------------------------------------------------- /ci/params/no-bastion/taskcat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | global: 3 | marketplace-ami: false 4 | owner: dc-deployments-syd@atlassian.com 5 | qsname: quickstart-atlassian-jira 6 | regions: 7 | - us-east-1 8 | reporting: true 9 | 10 | tests: 11 | jira: 12 | parameter_input: params/no-bastion/quickstart-jira-no-bastion-params.json 13 | template_file: quickstart-jira-dc-with-vpc.template.yaml -------------------------------------------------------------------------------- /ci/params/ssl-and-dns/quickstart-jira-ci-params.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "InternetFacingLoadBalancer", 4 | "ParameterValue": "true" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "f925dO1ry_" 9 | }, 10 | { 11 | "ParameterKey": "DBMultiAZ", 12 | "ParameterValue": "false" 13 | }, 14 | { 15 | "ParameterKey": "DBPassword", 16 | "ParameterValue": "f925dO1ry_" 17 | }, 18 | { 19 | "ParameterKey": "DBStorage", 20 | "ParameterValue": "100" 21 | }, 22 | { 23 | "ParameterKey": "DBStorageType", 24 | "ParameterValue": "Provisioned IOPS" 25 | }, 26 | { 27 | "ParameterKey": "CidrBlock", 28 | "ParameterValue": "0.0.0.0/0" 29 | }, 30 | { 31 | "ParameterKey": "CustomDnsName", 32 | "ParameterValue": "replaced-by-taskcat-override-file" 33 | }, 34 | { 35 | "ParameterKey": "SSLCertificateARN", 36 | "ParameterValue": "replaced-by-taskcat-override-file" 37 | }, 38 | { 39 | "ParameterKey": "ClusterNodeInstanceType", 40 | "ParameterValue": "t3.medium" 41 | }, 42 | { 43 | "ParameterKey": "DBInstanceClass", 44 | "ParameterValue": "db.t3.medium" 45 | }, 46 | { 47 | "ParameterKey": "QSS3BucketName", 48 | "ParameterValue": "$[taskcat_autobucket]" 49 | }, 50 | { 51 | "ParameterKey": "QSS3KeyPrefix", 52 | "ParameterValue": "quickstart-atlassian-jira/" 53 | }, 54 | { 55 | "ParameterKey": "BastionHostRequired", 56 | "ParameterValue": "false" 57 | }, 58 | { 59 | "ParameterKey": "DeploymentAutomationBranch", 60 | "ParameterValue": "master" 61 | } 62 | ] 63 | -------------------------------------------------------------------------------- /ci/params/ssl-and-dns/taskcat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | global: 3 | marketplace-ami: false 4 | owner: dc-deployments-syd@atlassian.com 5 | qsname: quickstart-atlassian-jira 6 | regions: 7 | - us-east-1 8 | reporting: true 9 | 10 | tests: 11 | jira: 12 | parameter_input: params/ssl-and-dns/quickstart-jira-ci-params.json 13 | template_file: quickstart-jira-dc.template.yaml 14 | -------------------------------------------------------------------------------- /ci/quickstart-jira-dc-params.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "ParameterKey": "AvailabilityZones", 4 | "ParameterValue": "$[taskcat_genaz_2]" 5 | }, 6 | { 7 | "ParameterKey": "DBMasterUserPassword", 8 | "ParameterValue": "f925dO1ry_" 9 | }, 10 | { 11 | "ParameterKey": "DBMultiAZ", 12 | "ParameterValue": "false" 13 | }, 14 | { 15 | "ParameterKey": "DBPassword", 16 | "ParameterValue": "f925dO1ry_" 17 | }, 18 | { 19 | "ParameterKey": "DBStorage", 20 | "ParameterValue": "100" 21 | }, 22 | { 23 | "ParameterKey": "DBStorageType", 24 | "ParameterValue": "Provisioned IOPS" 25 | }, 26 | { 27 | "ParameterKey": "CustomDnsName", 28 | "ParameterValue": "qsjiraci.awsqs.com" 29 | }, 30 | { 31 | "ParameterKey":"QSS3BucketName", 32 | "ParameterValue":"$[taskcat_autobucket]" 33 | }, 34 | { 35 | "ParameterKey":"QSS3KeyPrefix", 36 | "ParameterValue":"quickstart-atlassian-jira/" 37 | }, 38 | { 39 | "ParameterKey":"AccessCIDR", 40 | "ParameterValue":"10.0.0.0/16" 41 | }, 42 | { 43 | "ParameterKey": "BastionHostRequired", 44 | "ParameterValue": "false" 45 | } 46 | ] 47 | -------------------------------------------------------------------------------- /ci/taskcat.yml: -------------------------------------------------------------------------------- 1 | global: 2 | owner: quickstart-eng@amazon.com 3 | qsname: quickstart-atlassian-jira 4 | regions: 5 | - us-east-1 6 | 7 | tests: 8 | jira: 9 | parameter_input: quickstart-jira-dc-params.json 10 | template_file: quickstart-jira-dc-with-vpc.template.yaml 11 | -------------------------------------------------------------------------------- /ct/custom-control-tower-configuration/manifest.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | region: us-east-1 3 | version: 2021-03-15 4 | resources: 5 | - name: qs-jira-1 6 | resource_file: s3://aws-quickstart/quickstart-atlassian-jira/templates/quickstart-jira-dc-with-vpc.template.yaml 7 | parameters: 8 | - parameter_key: AvailabilityZones 9 | parameter_value: us-east-1a, us-east-1b 10 | - parameter_key: DBMasterUserPassword 11 | parameter_value: _get_ssm_secure_string_/qs/genericpw/8ANS 12 | - parameter_key: DBMultiAZ 13 | parameter_value: "false" 14 | - parameter_key: DBPassword 15 | parameter_value: _get_ssm_secure_string_/qs/genericpw/8ANS 16 | - parameter_key: DBStorage 17 | parameter_value: "100" 18 | - parameter_key: DBStorageType 19 | parameter_value: Provisioned IOPS 20 | - parameter_key: CustomDnsName 21 | parameter_value: qsjiraci.awsqs.com 22 | - parameter_key: QSS3BucketName 23 | parameter_value: aws-quickstart 24 | - parameter_key: QSS3KeyPrefix 25 | parameter_value: quickstart-atlassian-jira/ 26 | - parameter_key: AccessCIDR 27 | parameter_value: 10.0.0.0/16 28 | - parameter_key: KeyPairName 29 | parameter_value: aws-qs-tc-all 30 | - parameter_key: BastionHostRequired 31 | parameter_value: "false" 32 | deploy_method: stack_set 33 | deployment_targets: 34 | organizational_units: 35 | - Workloads 36 | regions: 37 | - us-east-1 38 | -------------------------------------------------------------------------------- /docs/generated/parameters/index.adoc: -------------------------------------------------------------------------------- 1 | 2 | === Launch into an existing VPC 3 | include::quickstart-jira-dc.template.adoc[] 4 | 5 | === Launch into a new VPC 6 | include::quickstart-jira-dc-with-vpc.template.adoc[] 7 | -------------------------------------------------------------------------------- /docs/generated/parameters/quickstart-jira-dc-with-vpc.template.adoc: -------------------------------------------------------------------------------- 1 | 2 | .Jira setup 3 | [width="100%",cols="16%,11%,73%",options="header",] 4 | |=== 5 | |Parameter label (name) |Default value|Description|Jira Product * 6 | (`JiraProduct`)|`Software`|The Jira product to install. If "All" is selected, Jira Software and Jira Service Management will be installed. A Jira Service Management license is required in "Applications" admin menu after configuring Jira Software.|Version * 7 | (`JiraVersion`)|`8.13.3`|The version of Jira Software or Jira Service Management to install. If choosing Jira All, pick the version of Jira Software and the latest compatible version of Jira Service Management will be selected automatically. Find valid versions at https://confluence.atlassian.com/x/TVlNLg (Jira Software), https://confluence.atlassian.com/x/jh9-Lg (Jira Service Management), or https://confluence.atlassian.com/x/XM2EO (Long Term Support releases). 8 | |=== 9 | .Cluster nodes 10 | [width="100%",cols="16%,11%,73%",options="header",] 11 | |=== 12 | |Parameter label (name) |Default value|Description|Enable CloudWatch integration 13 | (`CloudWatchIntegration`)|`Metrics and Logs`|Enables CloudWatch metrics with or without log gathering. If cost is an issue, you can disable this altogether.|Cluster node instance type 14 | (`ClusterNodeInstanceType`)|`c5.xlarge`|Instance type for the cluster application nodes.|Maximum number of cluster nodes 15 | (`ClusterNodeMax`)|`1`|Maximum number of nodes in the cluster.|Minimum number of cluster nodes 16 | (`ClusterNodeMin`)|`1`|Set to 1 for new deployment. Can be updated post launch.|Cluster node instance volume size 17 | (`ClusterNodeVolumeSize`)|`50`|Size of cluster node root volume in Gb (note - size based upon Application indexes x 4)|Deployment Automation Git Repository URL 18 | (`DeploymentAutomationRepository`)|`https://bitbucket.org/atlassian/dc-deployments-automation.git`|The deployment automation repository to use for per-node initialization. Leave this as default unless you have customizations.|Deployment Automation Branch 19 | (`DeploymentAutomationBranch`)|`master`|The deployment automation repository branch to pull from.|The Ansible playbook to invoke to initialize the instance 20 | (`DeploymentAutomationPlaybook`)|`aws_jira_dc_node.yml`|The Ansible playbook to invoke to initialise the Jira node on first start.|SSH keyname to use with the repository 21 | (`DeploymentAutomationKeyName`)|`**__Blank string__**`|Named Key Pair name to use with this repository. The key should be imported into the SSM parameter store. (Optional)|Custom command-line parameters for Ansible 22 | (`DeploymentAutomationCustomParams`)|`**__Blank string__**`|Additional command-line options for the `ansible-playbook` command. See https://bitbucket.org/atlassian/dc-deployments-automation/src/master/README.md for more information about overriding parameters. (Optional) 23 | |=== 24 | .Database 25 | [width="100%",cols="16%,11%,73%",options="header",] 26 | |=== 27 | |Parameter label (name) |Default value|Description|The database engine to deploy with 28 | (`DBEngine`)|`PostgreSQL`|Database Engine to use for the application. PostgreSQL or Amazon Aurora PostgreSQL|The database engine version to use 29 | (`DBEngineVersion`)|`11`|The database engine version to use; we'll install a suitable minor version for your chosen engine. Make sure that the Jira version you're installing supports the database engine selected. Check https://confluence.atlassian.com/x/bqr1Nw to verify this.|Database instance class 30 | (`DBInstanceClass`)|`db.m5.large`|RDS instance type (must be r family if using Aurora).|RDS Provisioned IOPS 31 | (`DBIops`)|`1000`|Must be in the range of 1000 - 30000 and a multiple of 1000. This value is only used with Provisioned IOPS. Note: The ratio of IOPS per allocated-storage must be between 3.00 and 10.00 (not used for Aurora).|Master (admin) password * 32 | (`DBMasterUserPassword`)|`**__Requires input__**`|Password for the master ('postgres') account. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % &|Enable RDS Multi-AZ deployment 33 | (`DBMultiAZ`)|`true`|Whether to provision a multi-AZ RDS instance.|Application user database password * 34 | (`DBPassword`)|`**__Requires input__**`|Database password used by Jira. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &|Database storage 35 | (`DBStorage`)|`200`|Database allocated storage size, in gigabytes (GB). If you choose Provisioned IOPS, storage should be between 100 and 6144 (not used for Aurora).|Database encryption 36 | (`DBStorageEncrypted`)|`false`|Whether or not to encrypt the database|Database storage type 37 | (`DBStorageType`)|`General Purpose (SSD)`|Database storage type (not used for Aurora). 38 | |=== 39 | .Bastion host provisioning 40 | [width="100%",cols="16%,11%,73%",options="header",] 41 | |=== 42 | |Parameter label (name) |Default value|Description|Deploy Bastion host 43 | (`BastionHostRequired`)|`true`|Whether to provision a Bastion host instance. If 'true', then you need to provide an EC2 Key Pair (otherwise, you won't be able to use the Bastion host to access Jira instances).|SSH Key Pair Name 44 | (`KeyPairName`)|`**__Blank string__**`|Public/private EC2 Key Pairs to allow you to securely access the Bastion host 45 | |=== 46 | .Networking 47 | [width="100%",cols="16%,11%,73%",options="header",] 48 | |=== 49 | |Parameter label (name) |Default value|Description|Trusted IP range 50 | (`AccessCIDR`)|`**__Requires input__**`|CIDR Block allowed to access the Atlassian product. This should be set to a trusted IP range; if you want to give public access use '0.0.0.0/0'.|Availability Zones 51 | (`AvailabilityZones`)|`**__Requires input__**`|List of Availability Zones to use for the subnets in the VPC. Note: You must specify 2 AZs here; if more are specified only the first 2 will be used.|Make instance internet facing 52 | (`InternetFacingLoadBalancer`)|`true`|Controls whether the load balancer should be visible to the internet (true) or only within the VPC (false).|AZ1 private IP address block 53 | (`PrivateSubnet1CIDR`)|`10.0.0.0/19`|CIDR block for private subnet 1 located in Availability Zone 1.|AZ2 private IP address block 54 | (`PrivateSubnet2CIDR`)|`10.0.32.0/19`|CIDR block for private subnet 2 located in Availability Zone 2.|AZ1 public IP address block 55 | (`PublicSubnet1CIDR`)|`10.0.128.0/20`|CIDR Block for the public DMZ subnet 1 located in Availability Zone 1|AZ2 public IP address block 56 | (`PublicSubnet2CIDR`)|`10.0.144.0/20`|CIDR Block for the public DMZ subnet 2 located in Availability Zone 2|SSL Certificate ARN 57 | (`SSLCertificateARN`)|`**__Blank string__**`|Amazon Resource Name (ARN) of your SSL certificate. Supplying this will automatically enable HTTPS on the product and load balancer, configured to use the corresponding certificate. If you want to use your own certificate that you generated outside of Amazon, you need to first import it to AWS Certificate Manager. After a successful import, you'll receive the ARN. If you want to create a certificate with AWS Certificate Manager (ACM certificate), you will receive the ARN after it's successfully created.|IP address block for the VPC 58 | (`VPCCIDR`)|`10.0.0.0/16`|CIDR Block for the VPC 59 | |=== 60 | .DNS (Optional) 61 | [width="100%",cols="16%,11%,73%",options="header",] 62 | |=== 63 | |Parameter label (name) |Default value|Description|Existing DNS name 64 | (`CustomDnsName`)|`**__Blank string__**`|Use custom existing DNS name for your Data Center instance. This will take precedence over HostedZone. Please note: you must own the domain and configure it to point at the load balancer.|Route 53 Hosted Zone 65 | (`HostedZone`)|`**__Blank string__**`|The domain name of the Route53 PRIVATE Hosted Zone in which to create cnames 66 | |=== 67 | .Application Tuning (Optional) 68 | [width="100%",cols="16%,11%,73%",options="header",] 69 | |=== 70 | |Parameter label (name) |Default value|Description|Tomcat Context Path 71 | (`TomcatContextPath`)|`**__Blank string__**`|The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. If used, must include leading "/"|Catalina options 72 | (`CatalinaOpts`)|`**__Blank string__**`|Pass in any additional jvm options to tune Catalina|JVM Heap Size Override 73 | (`JvmHeapOverride`)|`**__Blank string__**`|Override the default amount of memory to allocate to the JVM for your instance type - set size in meg or gig e.g. 1024m or 1g|DB Pool Maximum Size 74 | (`DBPoolMaxSize`)|`20`|The maximum number of database connections that can be opened at any time|DB Pool Minimum Size 75 | (`DBPoolMinSize`)|`20`|The minimum number of idle database connections that are kept open at any time|DB Maximum Idle 76 | (`DBMaxIdle`)|`20`|The maximum number of database connections that are allowed to remain idle in the pool|DB Maximum Wait 77 | (`DBMaxWaitMillis`)|`10000`|The length of time (in milliseconds) that Jira is allowed to wait for a database connection to become available (while there are no free ones available in the pool), before returning an error|DB Minimum Evictable Idle Time 78 | (`DBMinEvictableIdleTimeMillis`)|`180000`|The minimum amount of time an object may sit idle in the database connection pool before it is eligible for eviction by the idle object eviction|DB Minimum Idle Connections 79 | (`DBMinIdle`)|`10`|The minimum number of idle database connections that are kept open at any time|DB Remove Abandoned? 80 | (`DBRemoveAbandoned`)|`true`|Flag to remove abandoned database connections if they exceed the Removed Abandoned Timeout|DB Remove Abandoned Timeout 81 | (`DBRemoveAbandonedTimeout`)|`60`|The length of time (in seconds) that a database connection can be idle before it is considered abandoned|DB Test On Borrow? 82 | (`DBTestOnBorrow`)|`false`|Tests if the database connection is valid when it is borrowed from the database connection pool by Jira|DB Test While Idle? 83 | (`DBTestWhileIdle`)|`true`|Periodically tests if the database connection is valid when it is idle|DB Time Between Eviction Runs 84 | (`DBTimeBetweenEvictionRunsMillis`)|`60000`|The number of milliseconds to sleep between runs of the idle object eviction thread. When non-positive, no idle object eviction thread will be run|Enable App to Process Email 85 | (`MailEnabled`)|`true`|Enable mail processing and sending|Tomcat Accept Count 86 | (`TomcatAcceptCount`)|`10`|The maximum queue length for incoming connection requests when all possible request processing threads are in use|Tomcat Default Connector Port 87 | (`TomcatDefaultConnectorPort`)|`8080`|The port on which to serve the application|Tomcat Enable DNS Lookups 88 | (`TomcatEnableLookups`)|`false`|Set to true if you want calls to request.getRemoteHost() to perform DNS lookups in order to return the actual host name of the remote client|Tomcat Maximum Threads 89 | (`TomcatMaxThreads`)|`200`|The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled|Tomcat Minimum Spare Threads 90 | (`TomcatMinSpareThreads`)|`10`|The minimum number of threads always kept running|Tomcat Protocol 91 | (`TomcatProtocol`)|`HTTP/1.1`|Sets the protocol to handle incoming traffic|Tomcat Redirect Port 92 | (`TomcatRedirectPort`)|`8443`|The port number for Catalina to use when automatically redirecting a non-SSL connector actioning a redirect to a SSL URI 93 | |=== 94 | .AWS Quick Start Configuration 95 | [width="100%",cols="16%,11%,73%",options="header",] 96 | |=== 97 | |Parameter label (name) |Default value|Description|Quick Start S3 Bucket Name 98 | (`QSS3BucketName`)|`aws-quickstart`|S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-).|Quick Start S3 Key Prefix 99 | (`QSS3KeyPrefix`)|`quickstart-atlassian-jira/`|S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).|ASI identifier 100 | (`ExportPrefix`)|`ATL-`|Identifier used in all variables (VPCID, SubnetIDs, KeyName) exported from this deployment's Atlassian Standard Infrastructure. Use different identifiers if you're deploying multiple Atlassian Standard Infrastructures in the same AWS region. 101 | |=== -------------------------------------------------------------------------------- /docs/generated/parameters/quickstart-jira-dc.template.adoc: -------------------------------------------------------------------------------- 1 | 2 | .Jira setup 3 | [width="100%",cols="16%,11%,73%",options="header",] 4 | |=== 5 | |Parameter label (name) |Default value|Description|Jira Product * 6 | (`JiraProduct`)|`Software`|The Jira product to install. If "All" is selected, Jira Software and Jira Service Management will be installed. A Jira Service Management license is required in "Applications" admin menu after configuring Jira Software.|Version * 7 | (`JiraVersion`)|`8.13.3`|The version of Jira Software or Jira Service Management to install. If choosing Jira All, pick the version of Jira Software and the latest compatible version of Jira Service Management will be selected automatically. Find valid versions at https://confluence.atlassian.com/x/TVlNLg (Jira Software), https://confluence.atlassian.com/x/jh9-Lg (Jira Service Management), or https://confluence.atlassian.com/x/XM2EO (Long Term Support releases). 8 | |=== 9 | .Cluster nodes 10 | [width="100%",cols="16%,11%,73%",options="header",] 11 | |=== 12 | |Parameter label (name) |Default value|Description|Enable CloudWatch integration 13 | (`CloudWatchIntegration`)|`Metrics and Logs`|Enables CloudWatch metrics with or without log gathering. If cost is an issue, you can disable this altogether.|Cluster node instance type 14 | (`ClusterNodeInstanceType`)|`c5.xlarge`|Instance type for the cluster application nodes.|Maximum number of cluster nodes 15 | (`ClusterNodeMax`)|`1`|Maximum number of nodes in the cluster.|Minimum number of cluster nodes 16 | (`ClusterNodeMin`)|`1`|Set to 1 for new deployment. Can be updated post launch.|Cluster node instance volume size 17 | (`ClusterNodeVolumeSize`)|`50`|Size of cluster node root volume in Gb (note - size based upon Application indexes x 4)|Deployment Automation Git Repository URL 18 | (`DeploymentAutomationRepository`)|`https://bitbucket.org/atlassian/dc-deployments-automation.git`|The deployment automation repository to use for per-node initialization. Leave this as default unless you have customizations.|Deployment Automation Branch 19 | (`DeploymentAutomationBranch`)|`master`|The deployment automation repository branch to pull from.|The Ansible playbook to invoke to initialize the instance 20 | (`DeploymentAutomationPlaybook`)|`aws_jira_dc_node.yml`|The Ansible playbook to invoke to initialize the Jira node on first start.|Custom command-line parameters for Ansible 21 | (`DeploymentAutomationCustomParams`)|`**__Blank string__**`|Additional command-line options for the `ansible-playbook` command. See https://bitbucket.org/atlassian/dc-deployments-automation/src/master/README.md for more information about overriding parameters. (Optional)|SSH keyname to use with the repository 22 | (`DeploymentAutomationKeyName`)|`**__Blank string__**`|Named Key Pair name to use with this repository. The key should be imported into the SSM parameter store. (Optional) 23 | |=== 24 | .Database 25 | [width="100%",cols="16%,11%,73%",options="header",] 26 | |=== 27 | |Parameter label (name) |Default value|Description|The database engine to deploy with 28 | (`DBEngine`)|`PostgreSQL`|Database Engine to use for the application. PostgreSQL or Amazon Aurora PostgreSQL|The database engine version to use 29 | (`DBEngineVersion`)|`11`|The database engine version to use; we'll install a suitable minor version for your chosen engine. Make sure that the Jira version you're installing supports the database engine selected. Check https://confluence.atlassian.com/x/bqr1Nw to verify this.|Database instance class 30 | (`DBInstanceClass`)|`db.m5.large`|RDS instance type (must be r family if using Aurora).|RDS Provisioned IOPS 31 | (`DBIops`)|`1000`|Must be in the range of 1000 - 30000 and a multiple of 1000. This value is only used with Provisioned IOPS. Note: The ratio of IOPS per allocated-storage must be between 3.00 and 10.00 (not used for Aurora).|Master (admin) password * 32 | (`DBMasterUserPassword`)|`**__Requires input__**`|Password for the master ('postgres') account. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % &|Enable RDS Multi-AZ deployment 33 | (`DBMultiAZ`)|`true`|Whether to provision a multi-AZ RDS instance.|Application user database password * 34 | (`DBPassword`)|`**__Requires input__**`|Database password used by Jira. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &|Database storage 35 | (`DBStorage`)|`200`|Database allocated storage size, in gigabytes (GB). If you choose Provisioned IOPS, storage should be between 100 and 6144 (not used for Aurora).|Database encryption 36 | (`DBStorageEncrypted`)|`false`|Whether or not to encrypt the database|Database storage type 37 | (`DBStorageType`)|`General Purpose (SSD)`|Database storage type (not used for Aurora). 38 | |=== 39 | .Bastion host utilization 40 | [width="100%",cols="16%,11%,73%",options="header",] 41 | |=== 42 | |Parameter label (name) |Default value|Description|Use Bastion host 43 | (`BastionHostRequired`)|`true`|Whether to grant access to Jira EC2 instances through the ASI's Bastion host (if it exists). If 'true', remember to provide an EC2 Key Pair. If your ASI does not have a Bastion host, set this to 'false'.|SSH Key Pair Name 44 | (`KeyPairName`)|`**__Blank string__**`|Public/private EC2 Key Pairs to allow you to securely access the Bastion host 45 | |=== 46 | .Networking 47 | [width="100%",cols="16%,11%,73%",options="header",] 48 | |=== 49 | |Parameter label (name) |Default value|Description|Make instance internet facing 50 | (`InternetFacingLoadBalancer`)|`true`|Controls whether the load balancer should be visible to the internet (true) or only within the VPC (false).|Permitted IP range 51 | (`CidrBlock`)|`**__Requires input__**`|CIDR Block allowed to access the Atlassian product. This should be set to a trusted IP range; if you want to give public access use '0.0.0.0/0'.|SSL Certificate ARN 52 | (`SSLCertificateARN`)|`**__Blank string__**`|Amazon Resource Name (ARN) of your SSL certificate. Supplying this will automatically enable HTTPS on the product and load balancer, configured to use the corresponding certificate. If you want to use your own certificate that you generated outside of Amazon, you need to first import it to AWS Certificate Manager. After a successful import, you'll receive the ARN. If you want to create a certificate with AWS Certificate Manager (ACM certificate), you will receive the ARN after it's successfully created. 53 | |=== 54 | .DNS (Optional) 55 | [width="100%",cols="16%,11%,73%",options="header",] 56 | |=== 57 | |Parameter label (name) |Default value|Description|Existing DNS name 58 | (`CustomDnsName`)|`**__Blank string__**`|Use custom existing DNS name for your Data Center instance. This will take precedence over HostedZone. Please note: you must own the domain and configure it to point at the load balancer.|Route 53 Hosted Zone 59 | (`HostedZone`)|`**__Blank string__**`|The domain name of the Route53 PRIVATE Hosted Zone in which to create cnames 60 | |=== 61 | .Application Tuning (Optional) 62 | [width="100%",cols="16%,11%,73%",options="header",] 63 | |=== 64 | |Parameter label (name) |Default value|Description|Tomcat Context Path 65 | (`TomcatContextPath`)|`**__Blank string__**`|The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. If used, must include leading "/"|Catalina options 66 | (`CatalinaOpts`)|`**__Blank string__**`|Pass in any additional jvm options to tune Catalina|JVM Heap Size Override 67 | (`JvmHeapOverride`)|`**__Blank string__**`|Override the default amount of memory to allocate to the JVM for your instance type - set size in meg or gig e.g. 1024m or 1g|DB Pool Maximum Size 68 | (`DBPoolMaxSize`)|`20`|The maximum number of database connections that can be opened at any time|DB Pool Minimum Size 69 | (`DBPoolMinSize`)|`20`|The minimum number of idle database connections that are kept open at any time|DB Maximum Idle 70 | (`DBMaxIdle`)|`20`|The maximum number of database connections that are allowed to remain idle in the pool|DB Maximum Wait 71 | (`DBMaxWaitMillis`)|`10000`|The length of time (in milliseconds) that Jira is allowed to wait for a database connection to become available (while there are no free ones available in the pool), before returning an error|DB Minimum Evictable Idle Time 72 | (`DBMinEvictableIdleTimeMillis`)|`180000`|The minimum amount of time an object may sit idle in the database connection pool before it is eligible for eviction by the idle object eviction|DB Minimum Idle Connections 73 | (`DBMinIdle`)|`10`|The minimum number of idle database connections that are kept open at any time|DB Remove Abandoned? 74 | (`DBRemoveAbandoned`)|`true`|Flag to remove abandoned database connections if they exceed the Removed Abandoned Timeout|DB Remove Abandoned Timeout 75 | (`DBRemoveAbandonedTimeout`)|`60`|The length of time (in seconds) that a database connection can be idle before it is considered abandoned|DB Test On Borrow? 76 | (`DBTestOnBorrow`)|`false`|Tests if the database connection is valid when it is borrowed from the database connection pool by Jira|DB Test While Idle? 77 | (`DBTestWhileIdle`)|`true`|Periodically tests if the database connection is valid when it is idle|DB Time Between Eviction Runs 78 | (`DBTimeBetweenEvictionRunsMillis`)|`60000`|The number of milliseconds to sleep between runs of the idle object eviction thread. When non-positive, no idle object eviction thread will be run|Enable App to Process Email 79 | (`MailEnabled`)|`true`|Enable mail processing and sending|Tomcat Accept Count 80 | (`TomcatAcceptCount`)|`10`|The maximum queue length for incoming connection requests when all possible request processing threads are in use|Tomcat Connection Timeout 81 | (`TomcatConnectionTimeout`)|`20000`|The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented|Tomcat Default Connector Port 82 | (`TomcatDefaultConnectorPort`)|`8080`|The port on which to serve the application|Tomcat Enable DNS Lookups 83 | (`TomcatEnableLookups`)|`false`|Set to true if you want calls to request.getRemoteHost() to perform DNS lookups in order to return the actual host name of the remote client|Tomcat Maximum Threads 84 | (`TomcatMaxThreads`)|`200`|The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled|Tomcat Minimum Spare Threads 85 | (`TomcatMinSpareThreads`)|`10`|The minimum number of threads always kept running|Tomcat Protocol 86 | (`TomcatProtocol`)|`HTTP/1.1`|Sets the protocol to handle incoming traffic|Tomcat Redirect Port 87 | (`TomcatRedirectPort`)|`8443`|The port number for Catalina to use when automatically redirecting a non-SSL connector actioning a redirect to a SSL URI 88 | |=== 89 | .AWS Quick Start Configuration 90 | [width="100%",cols="16%,11%,73%",options="header",] 91 | |=== 92 | |Parameter label (name) |Default value|Description|Quick Start S3 Bucket Name 93 | (`QSS3BucketName`)|`aws-quickstart`|S3 bucket name for the Quick Start assets. Quick Start bucket name can include numbers, lowercase letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen (-).|Quick Start S3 Key Prefix 94 | (`QSS3KeyPrefix`)|`quickstart-atlassian-jira/`|S3 key prefix for the Quick Start assets. Quick Start key prefix can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/).|ASI identifier 95 | (`ExportPrefix`)|`ATL-`|Each Atlassian Standard Infrastructure (ASI) uses a unique identifier. If you have multiple ASIs within the same AWS region, use this field to specify where to deploy Jira. 96 | |=== -------------------------------------------------------------------------------- /docs/generated/regions/index.adoc: -------------------------------------------------------------------------------- 1 | // placeholder 2 | -------------------------------------------------------------------------------- /docs/generated/services/index.adoc: -------------------------------------------------------------------------------- 1 | // placeholder 2 | -------------------------------------------------------------------------------- /docs/generated/services/metadata.adoc: -------------------------------------------------------------------------------- 1 | // placeholder 2 | -------------------------------------------------------------------------------- /docs/images/aurora-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/aurora-diagram.png -------------------------------------------------------------------------------- /docs/images/aws-quickstart-graphic.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/aws-quickstart-graphic.png -------------------------------------------------------------------------------- /docs/images/cfn_outputs.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/cfn_outputs.png -------------------------------------------------------------------------------- /docs/images/crowd-architecture-diagram.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/crowd-architecture-diagram.png -------------------------------------------------------------------------------- /docs/images/jira-architecture.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/jira-architecture.png -------------------------------------------------------------------------------- /docs/images/qs-internal-directory.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-internal-directory.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step10-view-cluster-nodes.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step10-view-cluster-nodes.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step11-two-nodes-clustered.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step11-two-nodes-clustered.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step2-setup-app-properties.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step2-setup-app-properties.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step3-licensing.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step3-licensing.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step4-setup-admin-account.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step4-setup-admin-account.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step5-setup-email-notifications.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step5-setup-email-notifications.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step6-choose-language.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step6-choose-language.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step7-choose-avatar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step7-choose-avatar.png -------------------------------------------------------------------------------- /docs/images/qs-jira-step9-view-system-info.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-quickstart/quickstart-atlassian-jira/842c5b195ef2ae5f7b167682d9ab152dc31a51b7/docs/images/qs-jira-step9-view-system-info.png -------------------------------------------------------------------------------- /docs/partner_editable/_clone_quickstart.adoc: -------------------------------------------------------------------------------- 1 | . Clone a local copy of the Quick Start templates (including all of its submodules). From the command line, run: 2 | + 3 | ---- 4 | git clone --recurse-submodules https://github.com/aws-quickstart/quickstart-atlassian-jira.git 5 | ---- 6 | . Install and set up the https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html[AWS Command Line Interface (CLI)] so that you can create an S3 bucket and upload content to it. 7 | . Create an S3 bucket in your Region: 8 | + 9 | ---- 10 | aws s3 mb s3:// --region 11 | ---- 12 | . Choose which Quick Start template to use: 13 | ** quickstart-jira-dc-with-vpc.template.yaml: Use this template for deploying {partner-product-short-name} into a new ASI (end-to-end deployment). 14 | + 15 | ** quickstart-jira-dc.template.yaml: Use this template for deploying {partner-product-short-name} into an existing ASI. 16 | . In both templates, the `QSS3BucketName` default value is set to `aws-quickstart`. Replace this value with the name of the bucket you created earlier (``). 17 | . Return to the parent directory of your local clone of the Quick Start templates. From there, upload all the files in your local clone to your S3 bucket: 18 | + 19 | ---- 20 | aws s3 cp quickstart-atlassian-jira s3:// --recursive --acl public-read 21 | ---- 22 | -------------------------------------------------------------------------------- /docs/partner_editable/_config_application.adoc: -------------------------------------------------------------------------------- 1 | . Choose the URL that is displayed in the *Outputs* tab of the AWS CloudFormation stack to go to the {partner-product-short-name} configuration page. 2 | + 3 | IMPORTANT: If you get an https://confluence.atlassian.com/kb/network-and-connectivity-troubleshooting-guide-720405335.html[HTTP Error 503] response when you access the URL, it means that {partner-product-short-name} is still loading. This is expected, and you should wait a couple of minutes before trying again. 4 | . On the *Setup application properties* page, enter a title for your Jira application deployment, choose the *Mode* you want, leave the base URL unchanged, and then choose *Next*. 5 | + 6 | .Setting up properties 7 | image::../images/qs-jira-step2-setup-app-properties.png[width=640] 8 | . On the *Specify your license key* page, enter a valid Jira Software or Service Management Data Center license key. If you don’t have a valid license for the Jira application you’ve selected to deploy, choose *generate a Jira trial license* and sign up for an evaluation Data Center license. 9 | + 10 | .Jira licensing 11 | image::../images/qs-jira-step3-licensing.png[width=640] 12 | . To set up the Jira application, you need to create an Administrator account and password. The Administrator account has full access to all data in Jira, so we highly recommend that you choose a strong password for this account. Enter the Administrator’s user details in the setup screen (Figure 5), and then choose *Next*. 13 | + 14 | .Setting up properties 15 | image::../images/qs-jira-step4-setup-admin-account.png[width=640] 16 | . On the *Set up email notifications* page, choose *Later*, and then choose *Finish*. 17 | + 18 | .Email notifications page 19 | image::../images/qs-jira-step5-setup-email-notifications.png[width=640] 20 | . In the first *Welcome to Jira* page, choose a language and then choose *Continue*. 21 | + 22 | .Choosing a language 23 | image::../images/qs-jira-step6-choose-language.png[width=640] 24 | . In the second *Welcome to Jira* page, choose an avatar for your profile, if you wish, and then choose *Next*. 25 | + 26 | .Choosing an avatar 27 | image::../images/qs-jira-step7-choose-avatar.png[width=640] 28 | . On the next *Welcome* page, choose *Create sample project*, and enter a name for the project. 29 | . Choose *Settings* (the gear icon in the upper right), and then choose *System*. You should see a page similar to the one below. 30 | + 31 | .Viewing systemm info 32 | image::../images/qs-jira-step9-view-system-info.png[width=640] 33 | . Scroll down to the *Cluster Nodes* section. You should see your current node in the *Active* state. 34 | + 35 | .Viewing cluster nodes 36 | image::../images/qs-jira-step10-view-cluster-nodes.png[width=640] 37 | -------------------------------------------------------------------------------- /docs/partner_editable/_qs_deploy_links.adoc: -------------------------------------------------------------------------------- 1 | [cols=",] 2 | |=== 3 | |https://fwd.aws/WNMAy[Deploy {partner-product-short-name} into a new ASI (end-to-end deployment)^] 4 | |https://fwd.aws/8gBER[Deploy {partner-product-short-name} into an existing ASI^] 5 | |=== 6 | -------------------------------------------------------------------------------- /docs/partner_editable/_settings.adoc: -------------------------------------------------------------------------------- 1 | :quickstart-project-name: quickstart-atlassian-jira 2 | :partner-product-name: Jira Data Center 3 | :partner-product-short-name: Jira 4 | :partner-company-name: Atlassian 5 | :vpc-name: Atlassian Standard Infrastructure 6 | :doc-month: October 7 | :doc-year: 2020 8 | :partner-contributors: Adam Brokes, Ben Partridge, Carlos Corredor, Chris Szmajda, Don Domingo, Dylan Rathbone, Felix Haehnel, Steve Smith, Varun Arbatti 9 | :quickstart-contributors: Tony Vattathil - Principal Solutions Architect, AWS 10 | :deployment_time: 30-60 minutes 11 | :default_deployment_region: us-east-2 12 | // Uncomment these two attributes if you are leveraging 13 | // - an AWS Marketplace listing. 14 | // Additional content will be auto-generated based on these attributes. 15 | // :marketplace_subscription: 16 | // :marketplace_listing_url: https://example.com/ 17 | // Uncomment the following attribute if you are deploying AWS Control Tower. 18 | :control_tower: 19 | -------------------------------------------------------------------------------- /docs/partner_editable/additional_info.adoc: -------------------------------------------------------------------------------- 1 | == Configuring {partner-product-short-name} 2 | 3 | The following procedure helps you set up your new {partner-product-short-name} deployment. 4 | 5 | include::./_config_application.adoc[] 6 | 7 | === Adding nodes to the {partner-product-short-name} cluster 8 | 9 | By default, your Quick Start deployment starts with a single {partner-product-short-name} node (Auto Scaling group of `min=1` and `max=1`). When you're ready to add nodes to your cluster, perform the following steps: 10 | 11 | . Sign in to the AWS Management Console, use the Region selector in the navigation bar to choose the AWS Region for your deployment, and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation/. 12 | . Choose the {partner-product-short-name} stack. From the *Actions* list, choose *Update Stack*. 13 | . On the *Select Template* page, leave *Use current template* selected, and then choose *Next*. 14 | . On the *Specify Details* page, in the *{partner-product-short-name} Setup* section of *Parameters*, enter the number of cluster nodes in *Minimum number of cluster nodes* and *Maximum number of cluster nodes*, and then click through to update the stack. This step sets a static number of nodes in your cluster. 15 | . After the stack finishes updating, verify the number of nodes in your {partner-product-short-name} cluster. Choose *Clustering* again from the administration console sidebar. The following example shows a cluster that is scaled up to three instances. 16 | + 17 | .Clustering (multiple nodes) 18 | image::../images/qs-jira-step11-two-nodes-clustered.png[] 19 | 20 | 21 | // == Best practices for using {partner-product-name} on AWS 22 | // Provide post-deployment best practices for using the technology on AWS, including considerations such as migrating data, backups, ensuring high performance, high availability, etc. Link to software documentation for detailed information. 23 | 24 | // _Add any best practices for using the software._ 25 | 26 | // == Security 27 | // Provide post-deployment best practices for using the technology on AWS, including considerations such as migrating data, backups, ensuring high performance, high availability, etc. Link to software documentation for detailed information. 28 | 29 | // _Add any security-related information._ 30 | 31 | // == Other useful information 32 | //Provide any other information of interest to users, especially focusing on areas where AWS or cloud usage differs from on-premises usage. 33 | 34 | // _Add any other details that will help the customer use the software on AWS._ 35 | -------------------------------------------------------------------------------- /docs/partner_editable/architecture.adoc: -------------------------------------------------------------------------------- 1 | Deploying this Quick Start for a new https://aws.amazon.com/quickstart/architecture/atlassian-standard-infrastructure/[{vpc-name} (ASI)] with default parameters builds the following {partner-product-short-name} environment in the AWS Cloud. 2 | 3 | // Replace this example diagram with your own. Send us your source PowerPoint file. Be sure to follow our guidelines here : http://(we should include these points on our contributors giude) 4 | [#architecture1] 5 | .Quick Start architecture for {partner-product-short-name} on AWS 6 | image::../images/jira-architecture-diagram.png[Architecture,width=640] 7 | 8 | As shown in Figure 1, the Quick Start sets up the following: 9 | 10 | * A highly available architecture that spans two Availability Zones. 11 | * In the public subnets: 12 | ** A network address translation (NAT) gateway to allow outbound internet access for resources in the private subnets. 13 | ** A bastion host that enables secure access to {partner-product-short-name} without exposing it to the internet. For more information, see https://docs.aws.amazon.com/quickstart/latest/linux-bastion/architecture.html#bastion-hosts[Bastion Hosts]). You can choose not to provision a bastion host if you prefer to access {partner-product-short-name} nodes through the https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager.html[AWS Systems Manager]. 14 | * In the private subnets: 15 | ** Amazon Elastic File System (Amazon EFS) to store artifacts such as attachments, avatars, icons, import and export files, and plug-ins in a common location that can be accessed by all {partner-product-short-name} nodes. 16 | ** Amazon Relational Database Service (Amazon RDS) for PostgreSQL in a high-availability (Multi-AZ) configuration, which mitigates failover if the master node fails. You can choose Amazon Aurora PostgreSQL instead. 17 | * Amazon Elastic Compute Cloud (Amazon EC2) Auto Scaling groups for scaling the bastion hosts in the public subnets and the {partner-product-short-name} nodes in the private subnets. The instances are based on Amazon Linux, a Linux server operating system from AWS, and use an Atlassian-provided Amazon Machine Image (AMI). 18 | * An Application Load Balancer, which works both as a load balancer and a Secure Sockets Layer (SSL) termination reverse proxy. 19 | * Amazon CloudWatch for basic monitoring of all application and database nodes in your deployment. By default, CloudWatch collects and stores logs from each monitored node. Amazon CloudWatch is an optional component. 20 | 21 | === Auto Scaling groups in this Quick Start 22 | 23 | This Quick Start uses https://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroup.html[Auto Scaling groups] to statically control the number of its nodes. Don't use Auto Scaling to dynamically scale the size of your cluster. Adding an application node to the cluster usually takes more than 20 minutes, which isn't fast enough to address sudden load spikes. 24 | 25 | If you can identify periods of high and low loads, you can schedule the application node cluster to scale accordingly. For more information, see https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html[Scheduled Scaling for Amazon EC2 Auto Scaling]. 26 | 27 | To study trends in your organization's load, be sure to monitor the performance of your deployment. 28 | 29 | === Amazon Aurora database for high availability 30 | 31 | The Quick Start also allows you to deploy {partner-product-name} with an Amazon Aurora clustered database (instead of RDS). 32 | 33 | You can also use this Quick Start to deploy {partner-product-name} with an Aurora clustered database that’s compatible with PostgreSQL. The cluster configuration is illustrated in Figure 2. It features a primary database writer that replicates to two database readers in a different Availability Zone. If the writer fails, Aurora promotes one of the readers to take its place with no downtime. For more information, see https://aws.amazon.com/rds/aurora/postgresql-features/[Amazon Aurora Features: PostgreSQLCompatible Edition]. 34 | 35 | The Aurora configuration with a single database writer and two readers is designed to provide high availability without degrading performance. 36 | 37 | [#aurora] 38 | .Amazon Aurora reader/writer configuration 39 | image::../images/aurora-diagram.png[Amazon Aurora,width=640] 40 | 41 | Amazon Aurora is supported on Jira Software Data Center 8.4, Jira Service Management 4.4, and all later versions of both. 42 | -------------------------------------------------------------------------------- /docs/partner_editable/deploy_steps.adoc: -------------------------------------------------------------------------------- 1 | === Launching from a cloned Quick Start (recommended for production) 2 | 3 | The fastest way to deploy {partner-product-short-name} with this Quick Start is directly through its AWS Quick Start interface. However, when you deploy {partner-product-short-name} this way, any updates that are made to the Quick Start templates propagate directly to your production deployment. These updates sometimes involve adding or removing parameters, which could introduce unexpected changes or break your deployment. 4 | 5 | As a best practice, instead of deploying directly through the AWS Quick Start interface, clone the {partner-product-short-name} Quick Start templates to a custom Amazon Simple Storage Service (Amazon S3) bucket. Then, launch the templates directly from the S3 bucket. This practice lets you control when to apply the latest changes to your environment. 6 | 7 | include::./_clone_quickstart.adoc[] 8 | 9 | After everything is uploaded, you can deploy your production stack from your S3 bucket. 10 | 11 | . Sign in to your AWS account on the https://console.aws.amazon.com/console/home[AWS Console]. 12 | . Check the AWS Region displayed in the upper-right corner of the navigation bar, and change it if necessary. This Region is where {partner-product-short-name} is built. The template is launched in the `us-east-2` Region by default. 13 | . Go to *CloudFormation* > *Create Stack*. When specifying a template, paste in the Object URL of the Quick Start template that you are using for the deployment. Choose *Next* to start configuring your deployment. 14 | . On the *Specify stack* details page, change the stack name, if needed. Review the parameters for the template, and provide values for parameters that require input. For all other parameters, review the default settings and customize them as necessary. For details about each setting, refer to the section matching your deployment type: 15 | 16 | - <> (if you're deploying an ASI with {partner-product-short-name}) 17 | - <> (if you're deploying {partner-product-short-name} into a new ASI) 18 | -------------------------------------------------------------------------------- /docs/partner_editable/deployment_options.adoc: -------------------------------------------------------------------------------- 1 | // There are generally two deployment options. If additional are required, add them here 2 | 3 | This Quick Start includes two AWS CloudFormation templates. The first template builds the {vpc-name} (ASI), which is a virtual private cloud (VPC) that contains the components required by all {partner-company-name} applications, and then provisions {partner-product-short-name} into this ASI. The second template provisions {partner-product-short-name} in an existing ASI. 4 | 5 | Using these templates, the Quick Start provides two deployment options: 6 | 7 | * *Deploy {partner-product-name} into a new ASI (end-to-end deployment)*. Choose this option if you’re a new user. This option builds the https://aws.amazon.com/quickstart/architecture/atlassian-standard-infrastructure/[Atlassian Standard Infrastructure (ASI)], which is a VPC that consists of the subnets, NAT gateways, security groups, and other infrastructure components required by all Atlassian applications. It then deploys {partner-product-short-name} into this new VPC. 8 | 9 | * *Deploy {partner-product-name} into an existing ASI*. This option provisions {partner-product-short-name} in an existing ASI, and also offers more customizable parameters. Choose this option if you’ve already deployed the ASI separately by using the https://fwd.aws/xYyYy[ASI Quick Start], or by deploying another Atlassian product from a Quick Start (https://fwd.aws/Wz3Qb[Jira Software/Service Desk Data Center], https://aws.amazon.com/quickstart/architecture/confluence/[Confluence Data Center], https://fwd.aws/BBeJW[Bitbucket Data Center], or https://fwd.aws/QXEDE[Crowd Data Center]). 10 | 11 | The Quick Start provides separate templates for these options. It also lets you configure Classless Inter-Domain Routing (CIDR) blocks, instance types, and {partner-product-short-name} settings, as discussed later in this guide. 12 | -------------------------------------------------------------------------------- /docs/partner_editable/faq_troubleshooting.adoc: -------------------------------------------------------------------------------- 1 | // Add any tips or answers to anticipated questions. This could include the following troubleshooting information. If you don’t have any other Q&A to add, change “FAQ” to “Troubleshooting.” 2 | 3 | // == FAQ 4 | == Troubleshooting 5 | 6 | *Q.* I encountered a *CREATE_FAILED* error when I launched the Quick Start. 7 | 8 | *A.* If AWS CloudFormation fails to create the stack, relaunch the template with *Rollback on failure* set to *Disabled*. (This setting is under *Advanced* in the AWS CloudFormation console on the *Options* page.) With this setting, the stack’s state is retained and the instance is left running, so you can troubleshoot the issue. (Review the log files in `/var/log/atl.log` and `/var/log/cfn-init.log`.) 9 | // If you’re deploying on Linux instances, provide the location for log files on Linux, or omit this sentence. 10 | 11 | IMPORTANT: When you set *Rollback on failure* to *Disabled*, you continue to incur AWS charges for this stack. Ensure that you delete the stack when you finish troubleshooting. 12 | 13 | For additional information, see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html[Troubleshooting AWS CloudFormation] on the AWS website. 14 | 15 | *Q.* I encountered a size limitation error when I deployed the AWS CloudFormation templates. 16 | 17 | *A.* Launch the Quick Start templates from the links in this guide or from another S3 bucket. If you deploy the templates from a local copy on your computer or from a location other than an S3 bucket, you might encounter template size limitations. For more information about AWS CloudFormation quotas, see the http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html[AWS documentation]. 18 | 19 | 20 | // == Troubleshooting 21 | 22 | // 23 | -------------------------------------------------------------------------------- /docs/partner_editable/licenses.adoc: -------------------------------------------------------------------------------- 1 | // Include details about the license and how they can sign up. If no license is required, clarify that. 2 | 3 | //These two paragraphs provide an example of the details you can provide. Provide links as appropriate. 4 | 5 | This Quick Start deploys a cluster-ready infrastructure for either Jira Software Data Center or Jira Service Management Data Center. A license for either one is required. See the https://www.atlassian.com/software/jira/pricing?tab=self-managed[Atlassian pricing page] for licensing information. 6 | 7 | //Example content below: 8 | 9 | // _This Quick Start requires a license for {partner-product-name}. To use the Quick Start in your production environment, sign up for a license at . When you launch the Quick Start, place the license key in an S3 bucket and specify its location._ 10 | 11 | // _If you don’t have a license, the Quick Start deploys with a trial license. The trial license gives you days of free usage in a non-production environment. After this time, you can upgrade to a production license by following the instructions at ._ 12 | 13 | // Or, if the deployment uses an AMI, update this paragraph. If it doesn’t, remove the paragraph. 14 | // _The Quick Start requires a subscription to the Amazon Machine Image (AMI) for {partner-product-name}, which is available from https://aws.amazon.com/marketplace/[AWS Marketplace]. Additional pricing, terms, and conditions may apply. For instructions, see link:#step-2.-subscribe-to-the-software-ami[step 2] in the deployment section._ 15 | -------------------------------------------------------------------------------- /docs/partner_editable/overview_target_and_usage.adoc: -------------------------------------------------------------------------------- 1 | // Replace the content in <> 2 | // Identify your target audience and explain how/why they would use this Quick Start. 3 | //Avoid borrowing text from third-party websites (copying text from AWS service documentation is fine). Also, avoid marketing-speak, focusing instead on the technical aspect. 4 | 5 | This Quick Start is for users who want to deploy {partner-product-name} in a supported configuration in the AWS Cloud, following AWS and Atlassian best practices. 6 | 7 | This Quick Start uses the https://fwd.aws/xYyYy[Atlassian Standard Infrastructure] (ASI) as a foundation. You can choose to build a new ASI for your deployment or deploy {partner-product-short-name} into your existing ASI. You can also deploy Confluence, Bitbucket, and Crowd Data Center within the same ASI. 8 | -------------------------------------------------------------------------------- /docs/partner_editable/planning_the_deployment.adoc: -------------------------------------------------------------------------------- 1 | === Prerequisites 2 | _Prerequisites, such as Marketplace AMI subscription go here_ 3 | 4 | === Specialized Knowledge 5 | WARNING: This Quick Start assumes familiarity with . 6 | This deployment guide also requires a moderate level of familiarity with 7 | AWS services. If you’re new to AWS, visit the 8 | https://aws.amazon.com/getting-started/[Getting Started Resource Center] 9 | and the https://aws.amazon.com/training/[AWS Training and Certification 10 | website]. These sites provide materials for learning how to design, 11 | deploy, and operate your infrastructure and applications on the AWS 12 | Cloud. 13 | -------------------------------------------------------------------------------- /docs/partner_editable/pre-reqs.adoc: -------------------------------------------------------------------------------- 1 | // If no preperation is required, remove all content from here 2 | 3 | // ==== Prepare your AWS account 4 | // _Describe any setup required in the AWS account prior to template launch_ 5 | 6 | // ==== Prepare your {partner-company-name} account 7 | // _Describe any setup required in the partner portal/account prior to template launch_ 8 | -------------------------------------------------------------------------------- /docs/partner_editable/product_description.adoc: -------------------------------------------------------------------------------- 1 | // Replace the content in <> 2 | // Briefly describe the software. Use consistent and clear branding. 3 | // Include the benefits of using the software on AWS, and provide details on usage scenarios. 4 | 5 | This Quick Start deploys two Jira solutions from Atlassian: 6 | 7 | * Jira Software Data Center is a software development tool used by agile teams. It helps development teams create and estimate projects, build a sprint backlog, identify team commitments and velocity, visualize team activity, and report on progress. For more information, see the https://confluence.atlassian.com/jirasoftwareserver/jira-software-overview-938845024.html[Jira Software documentation] on the Atlassian website. 8 | 9 | * Jira Service Management Data Center provides IT service management software with high availability and performance at scale on AWS. Jira Service Management is easy to use, simple to set up, and has everything you need for IT support and customer service. Teams can link Jira Service Management tickets to Jira Software issues and keep development and IT connected for fast issue resolution. Jira Service Management Data Center is a self-hosted solution that provides high availability and disaster recovery, so no service request goes unresolved. For more information, see the https://confluence.atlassian.com/servicedeskserver/getting-started-with-jira-service-desk-939926015.html[Jira Service Desk documentation] on the Atlassian website. 10 | 11 | Throughout this guide, we refer to either solution as {partner-product-short-name} or {partner-product-short-name}. 12 | 13 | Please know that we may share who uses AWS Quick Starts with the AWS partner that collaborated with AWS on the content of the Quick Start. 14 | -------------------------------------------------------------------------------- /docs/partner_editable/regions.adoc: -------------------------------------------------------------------------------- 1 | // https://confluence.atlassian.com/display/ENTERPRISE/_supported_aws_regions 2 | // - _us-east-1 (N. Virginia)_ (EXAMPLE) 3 | // - _us-east-2 (Ohio)_ (EXAMPLE) 4 | 5 | * Americas 6 | ** _us-east-1 (Northern Virginia)_ 7 | ** _us-east-2 (Ohio)_ 8 | ** _us-west-1 (Northern California)_ 9 | ** _us-west-2 (Oregon)_ 10 | ** _ca-central-1 (Montreal)_ 11 | * Europe/Middle East/Africa 12 | ** _eu-west-1 (Ireland)_ 13 | ** _eu-central-1 (Frankfurt)_ 14 | ** _eu-west-2 (London)_ 15 | ** _eu-west-3 (Paris)_ 16 | * Asia Pacific 17 | ** _ap-southeast-1 (Singapore)_ 18 | ** _ap-northeast-1 (Tokyo)_ 19 | ** _ap-southeast-2 (Sydney)_ 20 | ** _ap-northeast-2 (Seoul)_ 21 | ** _ap-south-1 (Mumbai)_ 22 | 23 | This list was last updated on June 20, 2019. 24 | 25 | The services offered in each region change from time to time. If your preferred region isn't on this list, check the https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/[Regional Product Services] table to see if it already supports EFS. 26 | 27 | [WARNING] 28 | 29 | Even though you can deploy our Data Center products on https://aws.amazon.com/govcloud-us/[AWS GovCloud], we don’t test or verify our AWS Quick Starts on the AWS GovCloud environment and can’t provide any support. 30 | -------------------------------------------------------------------------------- /docs/partner_editable/service_limits.adoc: -------------------------------------------------------------------------------- 1 | // Replace the in each row to specify the number of resources used in this deployment. Remove the rows for resources that aren’t used. 2 | 3 | |=== 4 | |Resource |This deployment uses 5 | |VPC (https://aws.amazon.com/quickstart/architecture/atlassian-standard-infrastructure/[ASI]) | 1 6 | |Auto Scaling groups | 1 (2 if a Bastion Host is provisioned) 7 | |Application Load Balancers | 1 8 | |Elastic IP addresses | _variable based on user configuration_ 9 | |AWS Identity and Access Management (IAM) security groups | _variable based on user configuration_ 10 | |IAM roles | _variable based on user configuration_ 11 | |EC2 instances | _variable based on user configuration_ 12 | |=== 13 | 14 | // |=== 15 | // |Resource |This deployment uses 16 | // |https://aws.amazon.com/quickstart/architecture/atlassian-standard-infrastructure/[ASI] | 1 17 | // |Elastic IP addresses | ??? 18 | // |AWS Identity and Access Management (IAM) security groups | ??? 19 | // |IAM roles | ??? 20 | // |Auto Scaling groups | 1 21 | // |Application Load Balancers | 1 22 | // |Network Load Balancers | ??? 23 | // |EC2 instances | _variable_ 24 | // |=== 25 | -------------------------------------------------------------------------------- /docs/partner_editable/specialized_knowledge.adoc: -------------------------------------------------------------------------------- 1 | // Replace the content in <> 2 | // Describe or link to specific knowledge requirements; for example: “familiarity with basic concepts in the areas of networking, database operations, and data encryption” or “familiarity with .” 3 | 4 | This Quick Start assumes familiarity with managing {partner-company-name} {partner-product-short-name}. Refer to the latest Atlassian documentation for https://confluence.atlassian.com/jirasoftwareserver/getting-started-with-jira-software-938845026.html[Jira Software] or https://confluence.atlassian.com/servicedeskserver/getting-started-with-jira-service-desk-939926015.html[Jira Service Management] for more information. 5 | -------------------------------------------------------------------------------- /docs/partner_editable/test_deployment.adoc: -------------------------------------------------------------------------------- 1 | // Add steps as necessary for accessing the software, post-configuration, and testing. Don’t include full usage instructions for your software, but add links to your product documentation for that information. 2 | -------------------------------------------------------------------------------- /templates/quickstart-jira-dc-with-vpc.template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # Bring up diffs between this file and the BitbucketDataCenter.template.yaml, ConfluenceDataCenter.template.yaml, and CrowdDataCenter.template.yaml 3 | # As a rule, we should work to minimize our diffs between these files as best we can, so that future changes are easy to make across all supported CloudFormation templates. 4 | # Using YAML as our file format will allow us to put a block comment at the top of the file saying exactly this. 5 | AWSTemplateFormatVersion: 2010-09-09 6 | Description: 'Atlassian Jira Data Center with VPC. (qs-1qup6ra30)' 7 | 8 | Metadata: 9 | QuickStartDocumentation: 10 | EntrypointName: "Launch into a new VPC" 11 | AWS::CloudFormation::Interface: 12 | ParameterGroups: 13 | - Label: 14 | default: Jira setup 15 | Parameters: 16 | - JiraProduct 17 | - JiraVersion 18 | - Label: 19 | default: Cluster nodes 20 | Parameters: 21 | - CloudWatchIntegration 22 | - ClusterNodeInstanceType 23 | - ClusterNodeMax 24 | - ClusterNodeMin 25 | - ClusterNodeVolumeSize 26 | - DeploymentAutomationRepository 27 | - DeploymentAutomationBranch 28 | - DeploymentAutomationPlaybook 29 | - DeploymentAutomationKeyName 30 | - DeploymentAutomationCustomParams 31 | - Label: 32 | default: Database 33 | Parameters: 34 | - DBEngine 35 | - DBEngineVersion 36 | - DBInstanceClass 37 | - DBIops 38 | - DBMasterUserPassword 39 | - DBMultiAZ 40 | - DBPassword 41 | - DBStorage 42 | - DBStorageEncrypted 43 | - DBStorageType 44 | - Label: 45 | default: Bastion host provisioning 46 | Parameters: 47 | - BastionHostRequired 48 | - KeyPairName 49 | - Label: 50 | default: Networking 51 | Parameters: 52 | - AccessCIDR 53 | - AvailabilityZones 54 | - InternetFacingLoadBalancer 55 | - PrivateSubnet1CIDR 56 | - PrivateSubnet2CIDR 57 | - PublicSubnet1CIDR 58 | - PublicSubnet2CIDR 59 | - SSLCertificateARN 60 | - VPCCIDR 61 | - Label: 62 | default: DNS (Optional) 63 | Parameters: 64 | - CustomDnsName 65 | - HostedZone 66 | - Label: 67 | default: Application Tuning (Optional) 68 | Parameters: 69 | - TomcatContextPath 70 | - CatalinaOpts 71 | - JvmHeapOverride 72 | - DBPoolMaxSize 73 | - DBPoolMinSize 74 | - DBMaxIdle 75 | - DBMaxWaitMillis 76 | - DBMinEvictableIdleTimeMillis 77 | - DBMinIdle 78 | - DBRemoveAbandoned 79 | - DBRemoveAbandonedTimeout 80 | - DBTestOnBorrow 81 | - DBTestWhileIdle 82 | - DBTimeBetweenEvictionRunsMillis 83 | - MailEnabled 84 | - TomcatAcceptCount 85 | - TomcatDefaultConnectorPort 86 | - TomcatEnableLookups 87 | - TomcatMaxThreads 88 | - TomcatMinSpareThreads 89 | - TomcatProtocol 90 | - TomcatRedirectPort 91 | - Label: 92 | default: AWS Quick Start Configuration 93 | Parameters: 94 | - QSS3BucketName 95 | - QSS3KeyPrefix 96 | - ExportPrefix 97 | 98 | ParameterLabels: 99 | AccessCIDR: 100 | default: Trusted IP range 101 | AvailabilityZones: 102 | default: Availability Zones 103 | CatalinaOpts: 104 | default: Catalina options 105 | CloudWatchIntegration: 106 | default: Enable CloudWatch integration 107 | ClusterNodeMax: 108 | default: Maximum number of cluster nodes 109 | ClusterNodeMin: 110 | default: Minimum number of cluster nodes 111 | ClusterNodeInstanceType: 112 | default: Cluster node instance type 113 | ClusterNodeVolumeSize: 114 | default: Cluster node instance volume size 115 | CustomDnsName: 116 | default: Existing DNS name 117 | DBEngine: 118 | default: The database engine to deploy with 119 | DBEngineVersion: 120 | default: The database engine version to use 121 | DBInstanceClass: 122 | default: Database instance class 123 | DBIops: 124 | default: RDS Provisioned IOPS 125 | DBMasterUserPassword: 126 | default: Master (admin) password * 127 | DBMaxIdle: 128 | default: DB Maximum Idle 129 | DBMaxWaitMillis: 130 | default: DB Maximum Wait 131 | DBMinEvictableIdleTimeMillis: 132 | default: DB Minimum Evictable Idle Time 133 | DBMinIdle: 134 | default: DB Minimum Idle Connections 135 | DBMultiAZ: 136 | default: Enable RDS Multi-AZ deployment 137 | DBPassword: 138 | default: Application user database password * 139 | DBPoolMaxSize: 140 | default: DB Pool Maximum Size 141 | DBPoolMinSize: 142 | default: DB Pool Minimum Size 143 | DBRemoveAbandoned: 144 | default: DB Remove Abandoned? 145 | DBRemoveAbandonedTimeout: 146 | default: DB Remove Abandoned Timeout 147 | DBStorage: 148 | default: Database storage 149 | DBStorageEncrypted: 150 | default: Database encryption 151 | DBStorageType: 152 | default: Database storage type 153 | DBTestOnBorrow: 154 | default: DB Test On Borrow? 155 | DBTestWhileIdle: 156 | default: DB Test While Idle? 157 | DBTimeBetweenEvictionRunsMillis: 158 | default: DB Time Between Eviction Runs 159 | DeploymentAutomationRepository: 160 | default: Deployment Automation Git Repository URL 161 | DeploymentAutomationBranch: 162 | default: Deployment Automation Branch 163 | DeploymentAutomationPlaybook: 164 | default: The Ansible playbook to invoke to initialize the instance 165 | DeploymentAutomationKeyName: 166 | default: SSH keyname to use with the repository 167 | DeploymentAutomationCustomParams: 168 | default: Custom command-line parameters for Ansible 169 | ExportPrefix: 170 | default: ASI identifier 171 | HostedZone: 172 | default: Route 53 Hosted Zone 173 | InternetFacingLoadBalancer: 174 | default: Make instance internet facing 175 | JiraProduct: 176 | default: Jira Product * 177 | JiraVersion: 178 | default: Version * 179 | JvmHeapOverride: 180 | default: JVM Heap Size Override 181 | BastionHostRequired: 182 | default: Deploy Bastion host 183 | KeyPairName: 184 | default: SSH Key Pair Name 185 | MailEnabled: 186 | default: Enable App to Process Email 187 | PrivateSubnet1CIDR: 188 | default: AZ1 private IP address block 189 | PrivateSubnet2CIDR: 190 | default: AZ2 private IP address block 191 | PublicSubnet1CIDR: 192 | default: AZ1 public IP address block 193 | PublicSubnet2CIDR: 194 | default: AZ2 public IP address block 195 | SSLCertificateARN: 196 | default: SSL Certificate ARN 197 | TomcatAcceptCount: 198 | default: Tomcat Accept Count 199 | TomcatContextPath: 200 | default: Tomcat Context Path 201 | TomcatDefaultConnectorPort: 202 | default: Tomcat Default Connector Port 203 | TomcatEnableLookups: 204 | default: Tomcat Enable DNS Lookups 205 | TomcatMaxThreads: 206 | default: Tomcat Maximum Threads 207 | TomcatMinSpareThreads: 208 | default: Tomcat Minimum Spare Threads 209 | TomcatProtocol: 210 | default: Tomcat Protocol 211 | TomcatRedirectPort: 212 | default: Tomcat Redirect Port 213 | 214 | QSS3BucketName: 215 | default: Quick Start S3 Bucket Name 216 | QSS3KeyPrefix: 217 | default: Quick Start S3 Key Prefix 218 | 219 | VPCCIDR: 220 | default: IP address block for the VPC 221 | 222 | Parameters: 223 | # Jira DC template parameters 224 | CatalinaOpts: 225 | Default: '' 226 | Description: Pass in any additional jvm options to tune Catalina. 227 | Type: String 228 | CloudWatchIntegration: 229 | Default: "Metrics and Logs" 230 | Type: String 231 | Description: "Enables CloudWatch metrics with or without log gathering. If cost is an issue, you can disable this altogether." 232 | AllowedValues: ["Off", "Metrics Only", "Metrics and Logs"] 233 | ConstraintDescription: "Must be 'Off', 'Metrics Only', or 'Metrics and Logs'" 234 | ClusterNodeInstanceType: 235 | Default: c5.xlarge 236 | AllowedValues: 237 | - c4.large 238 | - c4.xlarge 239 | - c4.2xlarge 240 | - c4.4xlarge 241 | - c4.8xlarge 242 | - c5.large 243 | - c5.xlarge 244 | - c5.2xlarge 245 | - c5.4xlarge 246 | - c5.9xlarge 247 | - c5.18xlarge 248 | - c5d.large 249 | - c5d.xlarge 250 | - c5d.2xlarge 251 | - c5d.4xlarge 252 | - c5d.9xlarge 253 | - c5d.18xlarge 254 | - d2.xlarge 255 | - d2.2xlarge 256 | - d2.4xlarge 257 | - d2.8xlarge 258 | - h1.2xlarge 259 | - h1.4xlarge 260 | - h1.8xlarge 261 | - h1.16xlarge 262 | - i3.large 263 | - i3.xlarge 264 | - i3.2xlarge 265 | - i3.4xlarge 266 | - i3.8xlarge 267 | - i3.16xlarge 268 | - i3.metal 269 | - m4.large 270 | - m4.xlarge 271 | - m4.2xlarge 272 | - m4.4xlarge 273 | - m4.10xlarge 274 | - m4.16xlarge 275 | - m5.large 276 | - m5.xlarge 277 | - m5.2xlarge 278 | - m5.4xlarge 279 | - m5.12xlarge 280 | - m5.24xlarge 281 | - m5d.large 282 | - m5d.xlarge 283 | - m5d.2xlarge 284 | - m5d.4xlarge 285 | - m5d.12xlarge 286 | - m5d.24xlarge 287 | - r4.large 288 | - r4.xlarge 289 | - r4.2xlarge 290 | - r4.4xlarge 291 | - r4.8xlarge 292 | - r4.16xlarge 293 | - r5.large 294 | - r5.xlarge 295 | - r5.2xlarge 296 | - r5.4xlarge 297 | - r5.12xlarge 298 | - r5.24xlarge 299 | - r5d.large 300 | - r5d.xlarge 301 | - r5d.2xlarge 302 | - r5d.4xlarge 303 | - r5d.12xlarge 304 | - r5d.24xlarge 305 | - t2.medium 306 | - t2.large 307 | - t2.xlarge 308 | - t2.2xlarge 309 | - t3.medium 310 | - t3.large 311 | - t3.xlarge 312 | - t3.2xlarge 313 | - x1.16xlarge 314 | - x1.32xlarge 315 | - x1e.xlarge 316 | - x1e.2xlarge 317 | - x1e.4xlarge 318 | - x1e.8xlarge 319 | - x1e.16xlarge 320 | - x1e.32xlarge 321 | - z1d.large 322 | - z1d.xlarge 323 | - z1d.2xlarge 324 | - z1d.3xlarge 325 | - z1d.6xlarge 326 | - z1d.12xlarge 327 | ConstraintDescription: Must be an EC2 instance type from the selection list 328 | Description: Instance type for the cluster application nodes. 329 | Type: String 330 | ClusterNodeMax: 331 | Description: Maximum number of nodes in the cluster. 332 | Default: 1 333 | Type: Number 334 | ClusterNodeMin: 335 | Default: 1 336 | Description: Set to 1 for new deployment. Can be updated post launch. 337 | Type: Number 338 | ClusterNodeVolumeSize: 339 | Default: 50 340 | Description: Size of cluster node root volume in Gb (note - size based upon Application indexes x 4). 341 | Type: Number 342 | CustomDnsName: 343 | Default: "" 344 | Description: 'Use custom existing DNS name for your Data Center instance. This will take precedence over HostedZone. Please note: you must own the domain and configure it to point at the load balancer.' 345 | Type: String 346 | DBEngine: 347 | Default: 'PostgreSQL' 348 | Description: 'Database Engine to use for the application. PostgreSQL or Amazon Aurora PostgreSQL.' 349 | AllowedValues: 350 | - 'PostgreSQL' 351 | - 'Amazon Aurora PostgreSQL' 352 | ConstraintDescription: Must be 'Amazon Aurora PostgreSQL' or 'PostgreSQL'. 353 | Type: String 354 | DBEngineVersion: 355 | Default: 12 356 | AllowedValues: 357 | - 12 358 | - 11 359 | - 10 360 | - 9 361 | Description: "The database engine version to use; we'll install a suitable minor version for your chosen engine. Make sure that the Jira version you're installing supports the database engine selected. Check https://confluence.atlassian.com/x/bqr1Nw to verify this. (Warning: Amazon RDS for PostgreSQL 9.6 will reach end of life on January 31st, 2022. Deployments after this date should not be made using this version. If you wish to upgrade to a major version from 9 see: https://confluence.atlassian.com/x/1IRlQQ)" 362 | Type: String 363 | DBInstanceClass: 364 | Default: db.m5.large 365 | AllowedValues: 366 | - db.m5.large 367 | - db.m5.xlarge 368 | - db.m5.2xlarge 369 | - db.m5.4xlarge 370 | - db.m5.12xlarge 371 | - db.m5.24xlarge 372 | - db.r5.large 373 | - db.r5.xlarge 374 | - db.r5.2xlarge 375 | - db.r5.4xlarge 376 | - db.r5.12xlarge 377 | - db.r5.24xlarge 378 | - db.r4.large 379 | - db.r4.xlarge 380 | - db.r4.2xlarge 381 | - db.r4.4xlarge 382 | - db.r4.8xlarge 383 | - db.r4.16xlarge 384 | - db.m4.large 385 | - db.m4.xlarge 386 | - db.m4.2xlarge 387 | - db.m4.4xlarge 388 | - db.m4.10xlarge 389 | - db.m4.16xlarge 390 | - db.t3.medium 391 | - db.t3.large 392 | - db.t3.xlarge 393 | - db.t3.2xlarge 394 | - db.t2.medium 395 | - db.t2.large 396 | - db.t2.xlarge 397 | - db.t2.2xlarge 398 | ConstraintDescription: Must be a valid RDS instance class, from the selection list 399 | Description: RDS instance type (must be r family if using Aurora). 400 | Type: String 401 | DBIops: 402 | Default: 1000 403 | ConstraintDescription: 'Must be in the range 1000 - 30000' 404 | Description: 'Must be in the range of 1000 - 30000 and a multiple of 1000. This value is only used with Provisioned IOPS. Note: The ratio of IOPS per allocated-storage must be between 3.00 and 10.00 (not used for Aurora).' 405 | MaxValue: 30000 406 | MinValue: 1000 407 | Type: Number 408 | DBMasterUserPassword: 409 | AllowedPattern: >- 410 | ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9])(?!.*[@/"']).*$ 411 | ConstraintDescription: >- 412 | Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % & 413 | Description: "Password for the master ('postgres') account. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % &" 414 | NoEcho: True 415 | MaxLength: 128 416 | MinLength: 8 417 | Type: String 418 | DBMaxIdle: 419 | Default: 20 420 | Description: The maximum number of database connections that are allowed to remain idle in the pool. 421 | Type: Number 422 | DBMaxWaitMillis: 423 | Default: 10000 424 | Description: The length of time (in milliseconds) that Jira is allowed to wait for a database connection to become available (while there are no free ones available in the pool), before returning an error. 425 | Type: Number 426 | DBMinEvictableIdleTimeMillis: 427 | Default: 180000 428 | Description: The minimum amount of time an object may sit idle in the database connection pool before it is eligible for eviction by the idle object eviction. 429 | Type: Number 430 | DBMinIdle: 431 | Default: 10 432 | Description: The minimum number of idle database connections that are kept open at any time. 433 | Type: Number 434 | DBMultiAZ: 435 | Description: Whether to provision a multi-AZ RDS instance. 436 | Default: "true" 437 | AllowedValues: 438 | - "true" 439 | - "false" 440 | ConstraintDescription: Must be 'true' or 'false'. 441 | Type: String 442 | DBPassword: 443 | AllowedPattern: '(?=^.{6,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*' 444 | ConstraintDescription: 'Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &' 445 | Description: "Database password used by Jira. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &" 446 | MinLength: 8 447 | MaxLength: 128 448 | NoEcho: true 449 | Type: String 450 | DBPoolMaxSize: 451 | Default: 20 452 | Description: The maximum number of database connections that can be opened at any time. 453 | Type: Number 454 | DBPoolMinSize: 455 | Default: 20 456 | Description: The minimum number of idle database connections that are kept open at any time. 457 | Type: Number 458 | DBRemoveAbandoned: 459 | Default: "true" 460 | AllowedValues: 461 | - "true" 462 | - "false" 463 | Description: Flag to remove abandoned database connections if they exceed the Removed Abandoned Timeout. 464 | Type: String 465 | DBRemoveAbandonedTimeout: 466 | Default: 60 467 | Description: The length of time (in seconds) that a database connection can be idle before it is considered abandoned. 468 | Type: String 469 | DBStorage: 470 | Default: 200 471 | Description: Database allocated storage size, in gigabytes (GB). If you choose Provisioned IOPS, storage should be between 100 and 6144 (not used for Aurora). 472 | Type: Number 473 | DBStorageEncrypted: 474 | Default: "false" 475 | AllowedValues: 476 | - "true" 477 | - "false" 478 | Description: Whether or not to encrypt the database. 479 | Type: String 480 | DBStorageType: 481 | Default: General Purpose (SSD) 482 | AllowedValues: 483 | - General Purpose (SSD) 484 | - Provisioned IOPS 485 | ConstraintDescription: Must be 'General Purpose (SSD)' or 'Provisioned IOPS'. 486 | Description: Database storage type (not used for Aurora). 487 | Type: String 488 | DBTestOnBorrow: 489 | Default: "false" 490 | AllowedValues: 491 | - "true" 492 | - "false" 493 | Description: Tests if the database connection is valid when it is borrowed from the database connection pool by Jira. 494 | Type: String 495 | DBTestWhileIdle: 496 | Default: "true" 497 | AllowedValues: 498 | - "true" 499 | - "false" 500 | Description: Periodically tests if the database connection is valid when it is idle. 501 | Type: String 502 | DBTimeBetweenEvictionRunsMillis: 503 | Default: 60000 504 | Description: The number of milliseconds to sleep between runs of the idle object eviction thread. When non-positive, no idle object eviction thread will be run. 505 | Type: Number 506 | DeploymentAutomationRepository: 507 | Default: "https://bitbucket.org/atlassian/dc-deployments-automation.git" 508 | Type: String 509 | Description: The deployment automation repository to use for per-node initialization. Leave this as default unless you have customizations. 510 | DeploymentAutomationBranch: 511 | Default: "master" 512 | Type: String 513 | Description: The deployment automation repository branch to pull from. 514 | DeploymentAutomationPlaybook: 515 | Default: "aws_jira_dc_node.yml" 516 | Type: String 517 | Description: The Ansible playbook to invoke to initialise the Jira node on first start. 518 | DeploymentAutomationCustomParams: 519 | Default: "" 520 | Type: String 521 | Description: Additional command-line options for the `ansible-playbook` command. See https://bitbucket.org/atlassian/dc-deployments-automation/src/master/README.md for more information about overriding parameters. (Optional) 522 | DeploymentAutomationKeyName: 523 | Default: "" 524 | Type: String 525 | Description: Named Key Pair name to use with this repository. The key should be imported into the SSM parameter store. (Optional) 526 | ExportPrefix: 527 | Default: 'ATL-' 528 | Description: 529 | Identifier used in all variables (VPCID, SubnetIDs, KeyName) exported from this deployment's Atlassian Standard Infrastructure. Use different identifiers if you're deploying multiple Atlassian Standard Infrastructures in the same AWS region. 530 | Type: String 531 | HostedZone: 532 | Default: '' 533 | ConstraintDescription: Must be the name of an existing Route53 Hosted Zone. 534 | Description: The domain name of the Route53 PRIVATE Hosted Zone in which to create cnames. 535 | Type: String 536 | JiraProduct: 537 | Default: Software 538 | Description: The Jira product to install. If "All" is selected, Jira Software and Jira Service Management will be installed. A Jira Service Management license is required in "Applications" admin menu after configuring Jira Software. 539 | Type: String 540 | ConstraintDescription: 'Must be "Core", "Software", "ServiceManagement", or "All".' 541 | AllowedValues: 542 | - Core 543 | - Software 544 | - ServiceManagement 545 | - All 546 | JiraVersion: 547 | Default: "8.20.6" 548 | AllowedPattern: '(\d+\.\d+\.\d+(-?.*))|(latest)' 549 | ConstraintDescription: Must be a valid version number or 'latest'; for example, 8.14.0 for Jira Software, or 4.14.0 for Jira Service Management. 550 | Description: The version of Jira Software or Jira Service Management to install. If choosing Jira All, pick the version of Jira Software and the latest compatible version of Jira Service Management will be selected automatically. Find valid versions at https://confluence.atlassian.com/x/TVlNLg (Jira Software), https://confluence.atlassian.com/x/jh9-Lg (Jira Service Management), or https://confluence.atlassian.com/x/XM2EO (Long Term Support releases). 551 | Type: String 552 | JvmHeapOverride: 553 | Default: '' 554 | Description: Override the default amount of memory to allocate to the JVM for your instance type - set size in meg or gig e.g. 1024m or 1g. 555 | Type: String 556 | InternetFacingLoadBalancer: 557 | Default: "true" 558 | AllowedValues: ["true", "false"] 559 | ConstraintDescription: Must be 'true' or 'false'. 560 | Description: Controls whether the load balancer should be visible to the internet (true) or only within the VPC (false). 561 | Type: String 562 | BastionHostRequired: 563 | Default: "true" 564 | AllowedValues: 565 | - "true" 566 | - "false" 567 | Description: Whether to provision a Bastion host instance. If 'true', then you need to provide an EC2 Key Pair (otherwise, you won't be able to use the Bastion host to access Jira instances). 568 | Type: String 569 | KeyPairName: 570 | ConstraintDescription: Must be the name of an existing EC2 Key Pair. Note the supplied value must not include the file extension. 571 | Description: Public/private EC2 Key Pairs (without file extension) to allow you to securely access the Bastion host. 572 | Type: String 573 | Default: '' 574 | MailEnabled: 575 | AllowedValues: 576 | - "true" 577 | - "false" 578 | ConstraintDescription: Must be 'true' or 'false'. 579 | Default: "true" 580 | Description: Enable mail processing and sending. 581 | Type: String 582 | SSLCertificateARN: 583 | Default: '' 584 | Description: "Amazon Resource Name (ARN) of your SSL certificate. Supplying this will automatically enable HTTPS on the product and load balancer, configured to use the corresponding certificate. If you want to use your own certificate that you generated outside of Amazon, you need to first import it to AWS Certificate Manager. After a successful import, you'll receive the ARN. If you want to create a certificate with AWS Certificate Manager (ACM certificate), you will receive the ARN after it's successfully created." 585 | MinLength: 0 586 | MaxLength: 90 587 | Type: String 588 | TomcatAcceptCount: 589 | Default: 10 590 | Description: The maximum queue length for incoming connection requests when all possible request processing threads are in use. 591 | Type: Number 592 | TomcatContextPath: 593 | Default: '' 594 | AllowedPattern: '^(\/[A-z_\-0-9\.]+)?$' 595 | Description: The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. If used, must include leading "/" 596 | Type: String 597 | TomcatDefaultConnectorPort: 598 | Default: 8080 599 | Description: The port on which to serve the application. 600 | Type: Number 601 | TomcatEnableLookups: 602 | Default: "false" 603 | AllowedValues: 604 | - "true" 605 | - "false" 606 | Description: Set to true if you want calls to request.getRemoteHost() to perform DNS lookups in order to return the actual host name of the remote client. 607 | Type: String 608 | TomcatMaxThreads: 609 | Default: 200 610 | Description: The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. 611 | Type: Number 612 | TomcatMinSpareThreads: 613 | Default: 10 614 | Description: The minimum number of threads always kept running. 615 | Type: Number 616 | TomcatProtocol: 617 | Default: 'HTTP/1.1' 618 | Description: Sets the protocol to handle incoming traffic. 619 | Type: String 620 | TomcatRedirectPort: 621 | Default: 8443 622 | Description: The port number for Catalina to use when automatically redirecting a non-SSL connector actioning a redirect to a SSL URI. 623 | Type: Number 624 | 625 | # VPC parameters 626 | AccessCIDR: 627 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 628 | Description: CIDR Block allowed to access the Atlassian product. This should be set to a trusted IP range; if you want to give public access use '0.0.0.0/0'. 629 | Type: String 630 | AvailabilityZones: 631 | Description: 'List of Availability Zones to use for the subnets in the VPC. Note: You must specify 2 AZs here; 632 | if more are specified only the first 2 will be used.' 633 | Type: List 634 | PrivateSubnet1CIDR: 635 | Default: 10.0.0.0/19 636 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 637 | Description: CIDR block for private subnet 1 located in Availability Zone 1. 638 | Type: String 639 | PrivateSubnet2CIDR: 640 | Default: 10.0.32.0/19 641 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 642 | Description: CIDR block for private subnet 2 located in Availability Zone 2. 643 | Type: String 644 | PublicSubnet1CIDR: 645 | Default: 10.0.128.0/20 646 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 647 | Description: CIDR Block for the public DMZ subnet 1 located in Availability Zone 1. 648 | Type: String 649 | PublicSubnet2CIDR: 650 | Default: 10.0.144.0/20 651 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 652 | Description: CIDR Block for the public DMZ subnet 2 located in Availability Zone 2. 653 | Type: String 654 | QSS3BucketName: 655 | Default: 'aws-quickstart' 656 | AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ 657 | ConstraintDescription: Quick Start bucket name can include numbers, lowercase 658 | letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen 659 | (-). 660 | Description: S3 bucket name for the Quick Start assets. Quick Start bucket name 661 | can include numbers, lowercase letters, uppercase letters, and hyphens (-). 662 | It cannot start or end with a hyphen (-). 663 | Type: String 664 | QSS3KeyPrefix: 665 | Default: 'quickstart-atlassian-jira/' 666 | AllowedPattern: ^[0-9a-zA-Z-/]*$ 667 | ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, 668 | uppercase letters, hyphens (-), and forward slash (/). 669 | Description: S3 key prefix for the Quick Start assets. Quick Start key prefix 670 | can include numbers, lowercase letters, uppercase letters, hyphens (-), and 671 | forward slash (/). 672 | Type: String 673 | VPCCIDR: 674 | Default: 10.0.0.0/16 675 | AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$ 676 | Description: CIDR Block for the VPC. 677 | Type: String 678 | 679 | Conditions: 680 | UseDatabaseEncryption: 681 | !Equals [!Ref DBStorageEncrypted, true] 682 | GovCloudCondition: 683 | !Equals [!Ref 'AWS::Region', 'us-gov-west-1'] 684 | KeyProvided: 685 | !Not [!Equals [!Ref KeyPairName, '']] 686 | ProvisionBastion: !And 687 | - !Equals [!Ref BastionHostRequired, true] 688 | - !Condition KeyProvided 689 | 690 | Resources: 691 | VPCStack: 692 | Type: AWS::CloudFormation::Stack 693 | Properties: 694 | TemplateURL: !Sub 695 | - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-atlassian-services/templates/quickstart-vpc-for-atlassian-services.yaml 696 | - QSS3Region: !If 697 | - GovCloudCondition 698 | - s3-us-gov-west-1 699 | - s3 700 | Parameters: 701 | AccessCIDR: !Ref 'AccessCIDR' 702 | AvailabilityZones: !Join 703 | - ',' 704 | - !Ref 'AvailabilityZones' 705 | ExportPrefix: !Ref 'ExportPrefix' 706 | KeyPairName: !Ref 'KeyPairName' 707 | PrivateSubnet1CIDR: !Ref 'PrivateSubnet1CIDR' 708 | PrivateSubnet2CIDR: !Ref 'PrivateSubnet2CIDR' 709 | PublicSubnet1CIDR: !Ref 'PublicSubnet1CIDR' 710 | PublicSubnet2CIDR: !Ref 'PublicSubnet2CIDR' 711 | VPCCIDR: !Ref 'VPCCIDR' 712 | BastionHostRequired: !Ref 'BastionHostRequired' 713 | 714 | JiraDCStack: 715 | DependsOn: VPCStack 716 | Type: AWS::CloudFormation::Stack 717 | Properties: 718 | TemplateURL: !Sub 719 | - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}templates/quickstart-jira-dc.template.yaml 720 | - QSS3Region: !If ["GovCloudCondition", "s3-us-gov-west-1", "s3"] 721 | Parameters: 722 | CatalinaOpts: !Ref 'CatalinaOpts' 723 | CidrBlock: !Ref 'AccessCIDR' 724 | CloudWatchIntegration: !Ref 'CloudWatchIntegration' 725 | ClusterNodeInstanceType: !Ref 'ClusterNodeInstanceType' 726 | ClusterNodeMax: !Ref 'ClusterNodeMax' 727 | ClusterNodeMin: !Ref 'ClusterNodeMin' 728 | ClusterNodeVolumeSize: !Ref 'ClusterNodeVolumeSize' 729 | CustomDnsName: !Ref 'CustomDnsName' 730 | DBEngine: !Ref DBEngine 731 | DBEngineVersion: !Ref DBEngineVersion 732 | DBInstanceClass: !Ref 'DBInstanceClass' 733 | DBIops: !Ref 'DBIops' 734 | DBMasterUserPassword: !Ref 'DBMasterUserPassword' 735 | DBMaxIdle: !Ref 'DBMaxIdle' 736 | DBMaxWaitMillis: !Ref 'DBMaxWaitMillis' 737 | DBMinEvictableIdleTimeMillis: !Ref 'DBMinEvictableIdleTimeMillis' 738 | DBMinIdle: !Ref 'DBMinIdle' 739 | DBMultiAZ: !Ref 'DBMultiAZ' 740 | DBPassword: !Ref 'DBPassword' 741 | DBPoolMaxSize: !Ref 'DBPoolMaxSize' 742 | DBPoolMinSize: !Ref 'DBPoolMinSize' 743 | DBRemoveAbandoned: !Ref 'DBRemoveAbandoned' 744 | DBRemoveAbandonedTimeout: !Ref 'DBRemoveAbandonedTimeout' 745 | DBStorage: !Ref 'DBStorage' 746 | DBStorageEncrypted: !Ref 'DBStorageEncrypted' 747 | DBStorageType: !Ref 'DBStorageType' 748 | DBTestOnBorrow: !Ref 'DBTestOnBorrow' 749 | DBTestWhileIdle: !Ref 'DBTestWhileIdle' 750 | DBTimeBetweenEvictionRunsMillis: !Ref 'DBTimeBetweenEvictionRunsMillis' 751 | DeploymentAutomationRepository: !Ref 'DeploymentAutomationRepository' 752 | DeploymentAutomationBranch: !Ref 'DeploymentAutomationBranch' 753 | DeploymentAutomationKeyName: !Ref 'DeploymentAutomationKeyName' 754 | DeploymentAutomationPlaybook: !Ref 'DeploymentAutomationPlaybook' 755 | DeploymentAutomationCustomParams: !Ref 'DeploymentAutomationCustomParams' 756 | ExportPrefix: !Ref 'ExportPrefix' 757 | HostedZone: !Ref 'HostedZone' 758 | InternetFacingLoadBalancer: !Ref 'InternetFacingLoadBalancer' 759 | JiraProduct: !Ref 'JiraProduct' 760 | JiraVersion: !Ref 'JiraVersion' 761 | JvmHeapOverride: !Ref 'JvmHeapOverride' 762 | KeyPairName: !Ref 'KeyPairName' 763 | MailEnabled: !Ref 'MailEnabled' 764 | QSS3BucketName: !Ref 'QSS3BucketName' 765 | QSS3KeyPrefix: !Ref 'QSS3KeyPrefix' 766 | SSLCertificateARN: !Ref 'SSLCertificateARN' 767 | TomcatAcceptCount: !Ref 'TomcatAcceptCount' 768 | TomcatContextPath: !Ref 'TomcatContextPath' 769 | TomcatDefaultConnectorPort: !Ref 'TomcatDefaultConnectorPort' 770 | TomcatEnableLookups: !Ref 'TomcatEnableLookups' 771 | TomcatMaxThreads: !Ref 'TomcatMaxThreads' 772 | TomcatMinSpareThreads: !Ref 'TomcatMinSpareThreads' 773 | TomcatProtocol: !Ref 'TomcatProtocol' 774 | TomcatRedirectPort: !Ref 'TomcatRedirectPort' 775 | BastionHostRequired: !Ref 'BastionHostRequired' 776 | 777 | Outputs: 778 | ServiceURL: 779 | Description: The URL to access this Atlassian service 780 | Value: !GetAtt 'JiraDCStack.Outputs.ServiceURL' 781 | LoadBalancerURL: 782 | Description: The Load Balancer URL 783 | Value: !GetAtt 'JiraDCStack.Outputs.LoadBalancerURL' 784 | BastionIP: 785 | Condition: ProvisionBastion 786 | Description: Bastion node IP (use as a jumpbox to connect to the nodes) 787 | Value: !GetAtt 'VPCStack.Outputs.BastionPubIp' 788 | SGname: 789 | Description: The name of the SecurityGroup 790 | Value: !GetAtt 'JiraDCStack.Outputs.SGname' 791 | DBEndpointAddress: 792 | Description: The Database Connection String 793 | Value: !GetAtt 'JiraDCStack.Outputs.DBEndpointAddress' 794 | DBEncryptionKey: 795 | Condition: UseDatabaseEncryption 796 | Description: The alias of the encryption key created for RDS 797 | Value: !GetAtt 'JiraDCStack.Outputs.DBEncryptionKey' 798 | EFSCname: 799 | Description: The cname of the EFS 800 | Value: !GetAtt 'JiraDCStack.Outputs.EFSCname' 801 | -------------------------------------------------------------------------------- /templates/quickstart-jira-dc.template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | AWSTemplateFormatVersion: 2010-09-09 3 | Description: 'Atlassian Jira Data Center. (qs-1qup6ra3c)' 4 | Metadata: 5 | QuickStartDocumentation: 6 | EntrypointName: "Launch into an existing VPC" 7 | AWS::CloudFormation::Interface: 8 | ParameterGroups: 9 | - Label: 10 | default: Jira setup 11 | Parameters: 12 | - JiraProduct 13 | - JiraVersion 14 | - Label: 15 | default: Cluster nodes 16 | Parameters: 17 | - CloudWatchIntegration 18 | - ClusterNodeInstanceType 19 | - ClusterNodeMax 20 | - ClusterNodeMin 21 | - ClusterNodeVolumeSize 22 | - DeploymentAutomationRepository 23 | - DeploymentAutomationBranch 24 | - DeploymentAutomationPlaybook 25 | - DeploymentAutomationCustomParams 26 | - DeploymentAutomationKeyName 27 | - Label: 28 | default: Database 29 | Parameters: 30 | - DBEngine 31 | - DBEngineVersion 32 | - DBInstanceClass 33 | - DBIops 34 | - DBMasterUserPassword 35 | - DBMultiAZ 36 | - DBPassword 37 | - DBStorage 38 | - DBStorageEncrypted 39 | - DBStorageType 40 | - Label: 41 | default: Bastion host utilization 42 | Parameters: 43 | - BastionHostRequired 44 | - KeyPairName 45 | - Label: 46 | default: Networking 47 | Parameters: 48 | - InternetFacingLoadBalancer 49 | - CidrBlock 50 | - SSLCertificateARN 51 | - Label: 52 | default: DNS (Optional) 53 | Parameters: 54 | - CustomDnsName 55 | - HostedZone 56 | - Label: 57 | default: Application Tuning (Optional) 58 | Parameters: 59 | - TomcatContextPath 60 | - CatalinaOpts 61 | - JvmHeapOverride 62 | - DBPoolMaxSize 63 | - DBPoolMinSize 64 | - DBMaxIdle 65 | - DBMaxWaitMillis 66 | - DBMinEvictableIdleTimeMillis 67 | - DBMinIdle 68 | - DBRemoveAbandoned 69 | - DBRemoveAbandonedTimeout 70 | - DBTestOnBorrow 71 | - DBTestWhileIdle 72 | - DBTimeBetweenEvictionRunsMillis 73 | - MailEnabled 74 | - TomcatAcceptCount 75 | - TomcatConnectionTimeout 76 | - TomcatDefaultConnectorPort 77 | - TomcatEnableLookups 78 | - TomcatMaxThreads 79 | - TomcatMinSpareThreads 80 | - TomcatProtocol 81 | - TomcatRedirectPort 82 | - Label: 83 | default: AWS Quick Start Configuration 84 | Parameters: 85 | - QSS3BucketName 86 | - QSS3KeyPrefix 87 | - ExportPrefix 88 | 89 | ParameterLabels: 90 | CatalinaOpts: 91 | default: Catalina options 92 | CidrBlock: 93 | default: Permitted IP range 94 | CloudWatchIntegration: 95 | default: Enable CloudWatch integration 96 | ClusterNodeMax: 97 | default: Maximum number of cluster nodes 98 | ClusterNodeMin: 99 | default: Minimum number of cluster nodes 100 | ClusterNodeInstanceType: 101 | default: Cluster node instance type 102 | ClusterNodeVolumeSize: 103 | default: Cluster node instance volume size 104 | CustomDnsName: 105 | default: Existing DNS name 106 | DBEngine: 107 | default: The database engine to deploy with 108 | DBEngineVersion: 109 | default: The database engine version to use 110 | DBInstanceClass: 111 | default: Database instance class 112 | DBIops: 113 | default: RDS Provisioned IOPS 114 | DBMasterUserPassword: 115 | default: Master (admin) password * 116 | DBMaxIdle: 117 | default: DB Maximum Idle 118 | DBMaxWaitMillis: 119 | default: DB Maximum Wait 120 | DBMinEvictableIdleTimeMillis: 121 | default: DB Minimum Evictable Idle Time 122 | DBMinIdle: 123 | default: DB Minimum Idle Connections 124 | DBMultiAZ: 125 | default: Enable RDS Multi-AZ deployment 126 | DBPassword: 127 | default: Application user database password * 128 | DBPoolMaxSize: 129 | default: DB Pool Maximum Size 130 | DBPoolMinSize: 131 | default: DB Pool Minimum Size 132 | DBRemoveAbandoned: 133 | default: DB Remove Abandoned? 134 | DBRemoveAbandonedTimeout: 135 | default: DB Remove Abandoned Timeout 136 | DBStorage: 137 | default: Database storage 138 | DBStorageEncrypted: 139 | default: Database encryption 140 | DBStorageType: 141 | default: Database storage type 142 | DBTestOnBorrow: 143 | default: DB Test On Borrow? 144 | DBTestWhileIdle: 145 | default: DB Test While Idle? 146 | DBTimeBetweenEvictionRunsMillis: 147 | default: DB Time Between Eviction Runs 148 | DeploymentAutomationRepository: 149 | default: Deployment Automation Git Repository URL 150 | DeploymentAutomationBranch: 151 | default: Deployment Automation Branch 152 | DeploymentAutomationPlaybook: 153 | default: The Ansible playbook to invoke to initialize the instance 154 | DeploymentAutomationKeyName: 155 | default: SSH keyname to use with the repository 156 | DeploymentAutomationCustomParams: 157 | default: Custom command-line parameters for Ansible 158 | ExportPrefix: 159 | default: ASI identifier 160 | HostedZone: 161 | default: Route 53 Hosted Zone 162 | InternetFacingLoadBalancer: 163 | default: Make instance internet facing 164 | JiraProduct: 165 | default: Jira Product * 166 | JiraVersion: 167 | default: Version * 168 | JvmHeapOverride: 169 | default: JVM Heap Size Override 170 | BastionHostRequired: 171 | default: Use Bastion host 172 | KeyPairName: 173 | default: SSH Key Pair Name 174 | MailEnabled: 175 | default: Enable App to Process Email 176 | SSLCertificateARN: 177 | default: SSL Certificate ARN 178 | TomcatAcceptCount: 179 | default: Tomcat Accept Count 180 | TomcatConnectionTimeout: 181 | default: Tomcat Connection Timeout 182 | TomcatContextPath: 183 | default: Tomcat Context Path 184 | TomcatDefaultConnectorPort: 185 | default: Tomcat Default Connector Port 186 | TomcatEnableLookups: 187 | default: Tomcat Enable DNS Lookups 188 | TomcatMaxThreads: 189 | default: Tomcat Maximum Threads 190 | TomcatMinSpareThreads: 191 | default: Tomcat Minimum Spare Threads 192 | TomcatProtocol: 193 | default: Tomcat Protocol 194 | TomcatRedirectPort: 195 | default: Tomcat Redirect Port 196 | QSS3BucketName: 197 | default: Quick Start S3 Bucket Name 198 | QSS3KeyPrefix: 199 | default: Quick Start S3 Key Prefix 200 | 201 | Parameters: 202 | CatalinaOpts: 203 | Default: '' 204 | Description: Pass in any additional jvm options to tune Catalina. 205 | Type: String 206 | CidrBlock: 207 | AllowedPattern: '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})/(\d{1,2})' 208 | ConstraintDescription: Must be a valid IP CIDR range of the form x.x.x.x/x. 209 | Description: CIDR Block allowed to access the Atlassian product. This should be set to a trusted IP range; if you want to give public access use '0.0.0.0/0'. 210 | Type: String 211 | MinLength: 9 212 | MaxLength: 18 213 | CloudWatchIntegration: 214 | Default: "Metrics and Logs" 215 | Type: String 216 | Description: "Enables CloudWatch metrics with or without log gathering. If cost is an issue, you can disable this altogether." 217 | AllowedValues: ["Off", "Metrics Only", "Metrics and Logs"] 218 | ConstraintDescription: "Must be 'Off', 'Metrics Only', or 'Metrics and Logs'" 219 | ClusterNodeInstanceType: 220 | Default: c5.xlarge 221 | AllowedValues: 222 | - c4.large 223 | - c4.xlarge 224 | - c4.2xlarge 225 | - c4.4xlarge 226 | - c4.8xlarge 227 | - c5.large 228 | - c5.xlarge 229 | - c5.2xlarge 230 | - c5.4xlarge 231 | - c5.9xlarge 232 | - c5.18xlarge 233 | - c5d.large 234 | - c5d.xlarge 235 | - c5d.2xlarge 236 | - c5d.4xlarge 237 | - c5d.9xlarge 238 | - c5d.18xlarge 239 | - d2.xlarge 240 | - d2.2xlarge 241 | - d2.4xlarge 242 | - d2.8xlarge 243 | - h1.2xlarge 244 | - h1.4xlarge 245 | - h1.8xlarge 246 | - h1.16xlarge 247 | - i3.large 248 | - i3.xlarge 249 | - i3.2xlarge 250 | - i3.4xlarge 251 | - i3.8xlarge 252 | - i3.16xlarge 253 | - i3.metal 254 | - m4.large 255 | - m4.xlarge 256 | - m4.2xlarge 257 | - m4.4xlarge 258 | - m4.10xlarge 259 | - m4.16xlarge 260 | - m5.large 261 | - m5.xlarge 262 | - m5.2xlarge 263 | - m5.4xlarge 264 | - m5.12xlarge 265 | - m5.24xlarge 266 | - m5d.large 267 | - m5d.xlarge 268 | - m5d.2xlarge 269 | - m5d.4xlarge 270 | - m5d.12xlarge 271 | - m5d.24xlarge 272 | - r4.large 273 | - r4.xlarge 274 | - r4.2xlarge 275 | - r4.4xlarge 276 | - r4.8xlarge 277 | - r4.16xlarge 278 | - r5.large 279 | - r5.xlarge 280 | - r5.2xlarge 281 | - r5.4xlarge 282 | - r5.12xlarge 283 | - r5.24xlarge 284 | - r5d.large 285 | - r5d.xlarge 286 | - r5d.2xlarge 287 | - r5d.4xlarge 288 | - r5d.12xlarge 289 | - r5d.24xlarge 290 | - t2.medium 291 | - t2.large 292 | - t2.xlarge 293 | - t2.2xlarge 294 | - t3.medium 295 | - t3.large 296 | - t3.xlarge 297 | - t3.2xlarge 298 | - x1.16xlarge 299 | - x1.32xlarge 300 | - x1e.xlarge 301 | - x1e.2xlarge 302 | - x1e.4xlarge 303 | - x1e.8xlarge 304 | - x1e.16xlarge 305 | - x1e.32xlarge 306 | - z1d.large 307 | - z1d.xlarge 308 | - z1d.2xlarge 309 | - z1d.3xlarge 310 | - z1d.6xlarge 311 | - z1d.12xlarge 312 | ConstraintDescription: Must be an EC2 instance type from the selection list 313 | Description: Instance type for the cluster application nodes. 314 | Type: String 315 | ClusterNodeMax: 316 | Description: Maximum number of nodes in the cluster. 317 | Default: 1 318 | Type: Number 319 | ClusterNodeMin: 320 | Default: 1 321 | Description: Set to 1 for new deployment. Can be updated post launch. 322 | Type: Number 323 | ClusterNodeVolumeSize: 324 | Default: 50 325 | Description: Size of cluster node root volume in Gb (note - size based upon Application indexes x 4). 326 | Type: Number 327 | CustomDnsName: 328 | Default: "" 329 | Description: 'Use custom existing DNS name for your Data Center instance. This will take precedence over HostedZone. Please note: you must own the domain and configure it to point at the load balancer.' 330 | Type: String 331 | DBEngine: 332 | Default: 'PostgreSQL' 333 | Description: 'Database Engine to use for the application. PostgreSQL or Amazon Aurora PostgreSQL.' 334 | AllowedValues: 335 | - 'PostgreSQL' 336 | - 'Amazon Aurora PostgreSQL' 337 | ConstraintDescription: Must be 'Amazon Aurora PostgreSQL' or 'PostgreSQL'. 338 | Type: String 339 | DBEngineVersion: 340 | Default: 12 341 | AllowedValues: 342 | - 12 343 | - 11 344 | - 10 345 | - 9 346 | Description: "The database engine version to use; we'll install a suitable minor version for your chosen engine. Make sure that the Jira version you're installing supports the database engine selected. Check https://confluence.atlassian.com/x/bqr1Nw to verify this. (Warning: Amazon RDS for PostgreSQL 9.6 will reach end of life on January 31st, 2022. Deployments after this date should not be made using this version. If you wish to upgrade to a major version from 9 see: https://confluence.atlassian.com/x/1IRlQQ)" 347 | Type: String 348 | DBInstanceClass: 349 | Default: db.m5.large 350 | AllowedValues: 351 | - db.m5.large 352 | - db.m5.xlarge 353 | - db.m5.2xlarge 354 | - db.m5.4xlarge 355 | - db.m5.12xlarge 356 | - db.m5.24xlarge 357 | - db.r5.large 358 | - db.r5.xlarge 359 | - db.r5.2xlarge 360 | - db.r5.4xlarge 361 | - db.r5.12xlarge 362 | - db.r5.24xlarge 363 | - db.r4.large 364 | - db.r4.xlarge 365 | - db.r4.2xlarge 366 | - db.r4.4xlarge 367 | - db.r4.8xlarge 368 | - db.r4.16xlarge 369 | - db.m4.large 370 | - db.m4.xlarge 371 | - db.m4.2xlarge 372 | - db.m4.4xlarge 373 | - db.m4.10xlarge 374 | - db.m4.16xlarge 375 | - db.t3.medium 376 | - db.t3.large 377 | - db.t3.xlarge 378 | - db.t3.2xlarge 379 | - db.t2.medium 380 | - db.t2.large 381 | - db.t2.xlarge 382 | - db.t2.2xlarge 383 | ConstraintDescription: Must be a valid RDS instance class, from the selection list 384 | Description: RDS instance type (must be r family if using Aurora). 385 | Type: String 386 | DBIops: 387 | Default: 1000 388 | ConstraintDescription: 'Must be in the range 1000 - 30000' 389 | Description: 'Must be in the range of 1000 - 30000 and a multiple of 1000. This value is only used with Provisioned IOPS. Note: The ratio of IOPS per allocated-storage must be between 3.00 and 10.00 (not used for Aurora).' 390 | MaxValue: 30000 391 | MinValue: 1000 392 | Type: Number 393 | DBMasterUserPassword: 394 | AllowedPattern: >- 395 | ^(?=^.{8,255}$)(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^A-Za-z0-9])(?!.*[@/"']).*$ 396 | ConstraintDescription: >- 397 | Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % & 398 | Description: "Password for the master ('postgres') account. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ + % &" 399 | NoEcho: True 400 | MaxLength: 128 401 | MinLength: 8 402 | Type: String 403 | DBMaxIdle: 404 | Default: 20 405 | Description: The maximum number of database connections that are allowed to remain idle in the pool. 406 | Type: Number 407 | DBMaxWaitMillis: 408 | Default: 10000 409 | Description: The length of time (in milliseconds) that Jira is allowed to wait for a database connection to become available (while there are no free ones available in the pool), before returning an error. 410 | Type: Number 411 | DBMinEvictableIdleTimeMillis: 412 | Default: 180000 413 | Description: The minimum amount of time an object may sit idle in the database connection pool before it is eligible for eviction by the idle object eviction. 414 | Type: Number 415 | DBMinIdle: 416 | Default: 10 417 | Description: The minimum number of idle database connections that are kept open at any time. 418 | Type: Number 419 | DBMultiAZ: 420 | Description: Whether to provision a multi-AZ RDS instance. 421 | Default: "true" 422 | AllowedValues: 423 | - "true" 424 | - "false" 425 | ConstraintDescription: Must be 'true' or 'false'. 426 | Type: String 427 | DBPassword: 428 | AllowedPattern: '(?=^.{6,255}$)((?=.*\\d)(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[^A-Za-z0-9])(?=.*[a-z])|(?=.*[^A-Za-z0-9])(?=.*[A-Z])(?=.*[a-z])|(?=.*\\d)(?=.*[A-Z])(?=.*[^A-Za-z0-9]))^.*' 429 | ConstraintDescription: 'Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &' 430 | Description: "Database password used by Jira. Must be at least 8 characters and include 1 uppercase, 1 lowercase, 1 number, and 1 of the following symbols: ! # $ { * : [ = , ] - _ @ + % &" 431 | MinLength: 8 432 | MaxLength: 128 433 | NoEcho: true 434 | Type: String 435 | DBPoolMaxSize: 436 | Default: 20 437 | Description: The maximum number of database connections that can be opened at any time. 438 | Type: Number 439 | DBPoolMinSize: 440 | Default: 20 441 | Description: The minimum number of idle database connections that are kept open at any time. 442 | Type: Number 443 | DBRemoveAbandoned: 444 | Default: "true" 445 | AllowedValues: 446 | - "true" 447 | - "false" 448 | Description: Flag to remove abandoned database connections if they exceed the Removed Abandoned Timeout. 449 | Type: String 450 | DBRemoveAbandonedTimeout: 451 | Default: 60 452 | Description: The length of time (in seconds) that a database connection can be idle before it is considered abandoned. 453 | Type: Number 454 | DBStorage: 455 | Default: 200 456 | Description: Database allocated storage size, in gigabytes (GB). If you choose Provisioned IOPS, storage should be between 100 and 6144 (not used for Aurora). 457 | Type: Number 458 | DBStorageEncrypted: 459 | Default: "false" 460 | AllowedValues: 461 | - "true" 462 | - "false" 463 | Description: Whether or not to encrypt the database. 464 | Type: String 465 | DBStorageType: 466 | Default: General Purpose (SSD) 467 | AllowedValues: 468 | - General Purpose (SSD) 469 | - Provisioned IOPS 470 | ConstraintDescription: Must be 'General Purpose (SSD)' or 'Provisioned IOPS'. 471 | Description: Database storage type (not used for Aurora). 472 | Type: String 473 | DBTestOnBorrow: 474 | Default: "false" 475 | AllowedValues: 476 | - "true" 477 | - "false" 478 | Description: Tests if the database connection is valid when it is borrowed from the database connection pool by Jira. 479 | Type: String 480 | DBTestWhileIdle: 481 | Default: "true" 482 | AllowedValues: 483 | - "true" 484 | - "false" 485 | Description: Periodically tests if the database connection is valid when it is idle. 486 | Type: String 487 | DBTimeBetweenEvictionRunsMillis: 488 | Default: 60000 489 | Description: The number of milliseconds to sleep between runs of the idle object eviction thread. When non-positive, no idle object eviction thread will be run. 490 | Type: Number 491 | DeploymentAutomationRepository: 492 | Default: "https://bitbucket.org/atlassian/dc-deployments-automation.git" 493 | Type: String 494 | Description: The deployment automation repository to use for per-node initialization. Leave this as default unless you have customizations. 495 | DeploymentAutomationBranch: 496 | Default: "master" 497 | Type: String 498 | Description: The deployment automation repository branch to pull from. 499 | DeploymentAutomationPlaybook: 500 | Default: "aws_jira_dc_node.yml" 501 | Type: String 502 | Description: The Ansible playbook to invoke to initialize the Jira node on first start. 503 | DeploymentAutomationCustomParams: 504 | Default: "" 505 | Type: String 506 | Description: Additional command-line options for the `ansible-playbook` command. See https://bitbucket.org/atlassian/dc-deployments-automation/src/master/README.md for more information about overriding parameters. (Optional) 507 | DeploymentAutomationKeyName: 508 | Default: "" 509 | Type: String 510 | Description: Named Key Pair name to use with this repository. The key should be imported into the SSM parameter store. (Optional) 511 | ExportPrefix: 512 | Default: 'ATL-' 513 | Description: 514 | Each Atlassian Standard Infrastructure (ASI) uses a unique identifier. If you have multiple ASIs within the same AWS region, use this field to specify where to deploy Jira. 515 | Type: String 516 | HostedZone: 517 | Default: '' 518 | ConstraintDescription: Must be the name of an existing Route53 Hosted Zone. 519 | Description: The domain name of the Route53 PRIVATE Hosted Zone in which to create cnames. 520 | Type: String 521 | InternetFacingLoadBalancer: 522 | Default: "true" 523 | AllowedValues: ["true", "false"] 524 | ConstraintDescription: Must be 'true' or 'false'. 525 | Description: Controls whether the load balancer should be visible to the internet (true) or only within the VPC (false). 526 | Type: String 527 | JiraProduct: 528 | Default: Software 529 | Description: The Jira product to install. If "All" is selected, Jira Software and Jira Service Management will be installed. A Jira Service Management license is required in "Applications" admin menu after configuring Jira Software. 530 | Type: String 531 | ConstraintDescription: 'Must be "Core", "Software", "ServiceManagement", or "All".' 532 | AllowedValues: 533 | - Core 534 | - Software 535 | - ServiceManagement 536 | - All 537 | JiraVersion: 538 | Default: "8.20.6" 539 | AllowedPattern: '(\d+\.\d+\.\d+(-?.*))|(latest)' 540 | ConstraintDescription: Must be a valid version number or 'latest'; for example, 8.14.0 for Jira Software, or 4.14.0 for Jira Service Management. 541 | Description: The version of Jira Software or Jira Service Management to install. If choosing Jira All, pick the version of Jira Software and the latest compatible version of Jira Service Management will be selected automatically. Find valid versions at https://confluence.atlassian.com/x/TVlNLg (Jira Software), https://confluence.atlassian.com/x/jh9-Lg (Jira Service Management), or https://confluence.atlassian.com/x/XM2EO (Long Term Support releases). 542 | Type: String 543 | JvmHeapOverride: 544 | Default: '' 545 | Description: Override the default amount of memory to allocate to the JVM for your instance type - set size in meg or gig e.g. 1024m or 1g. 546 | Type: String 547 | BastionHostRequired: 548 | Default: "true" 549 | AllowedValues: 550 | - "true" 551 | - "false" 552 | Description: Whether to grant access to Jira EC2 instances through the ASI's Bastion host (if it exists). If 'true', remember to provide an EC2 Key Pair. If your ASI does not have a Bastion host, set this to 'false'. 553 | Type: String 554 | KeyPairName: 555 | ConstraintDescription: Must be the name of an existing EC2 Key Pair. Note the supplied value must not include the file extension. 556 | Description: Public/private EC2 Key Pairs (without file extension) to allow you to securely access the Bastion host. 557 | Type: String 558 | Default: '' 559 | MailEnabled: 560 | AllowedValues: 561 | - "true" 562 | - "false" 563 | ConstraintDescription: Must be 'true' or 'false'. 564 | Default: "true" 565 | Description: Enable mail processing and sending. 566 | Type: String 567 | SSLCertificateARN: 568 | Default: '' 569 | Description: "Amazon Resource Name (ARN) of your SSL certificate. Supplying this will automatically enable HTTPS on the product and load balancer, configured to use the corresponding certificate. If you want to use your own certificate that you generated outside of Amazon, you need to first import it to AWS Certificate Manager. After a successful import, you'll receive the ARN. If you want to create a certificate with AWS Certificate Manager (ACM certificate), you will receive the ARN after it's successfully created." 570 | MinLength: 0 571 | MaxLength: 90 572 | Type: String 573 | TomcatAcceptCount: 574 | Default: 10 575 | Description: The maximum queue length for incoming connection requests when all possible request processing threads are in use. 576 | Type: Number 577 | TomcatConnectionTimeout: 578 | Default: 20000 579 | Description: The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. 580 | Type: Number 581 | TomcatContextPath: 582 | Default: '' 583 | AllowedPattern: '^(\/[A-z_\-0-9\.]+)?$' 584 | Description: The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. If used, must include leading "/". 585 | Type: String 586 | TomcatDefaultConnectorPort: 587 | Default: 8080 588 | Description: The port on which to serve the application. 589 | Type: Number 590 | TomcatEnableLookups: 591 | Default: "false" 592 | AllowedValues: 593 | - "true" 594 | - "false" 595 | Description: Set to true if you want calls to request.getRemoteHost() to perform DNS lookups in order to return the actual host name of the remote client. 596 | Type: String 597 | TomcatMaxThreads: 598 | Default: 200 599 | Description: The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. 600 | Type: Number 601 | TomcatMinSpareThreads: 602 | Default: 10 603 | Description: The minimum number of threads always kept running. 604 | Type: Number 605 | TomcatProtocol: 606 | Default: 'HTTP/1.1' 607 | Description: Sets the protocol to handle incoming traffic. 608 | Type: String 609 | TomcatRedirectPort: 610 | Default: 8443 611 | Description: The port number for Catalina to use when automatically redirecting a non-SSL connector actioning a redirect to a SSL URI. 612 | Type: Number 613 | QSS3BucketName: 614 | Default: 'aws-quickstart' 615 | AllowedPattern: ^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$ 616 | ConstraintDescription: Quick Start bucket name can include numbers, lowercase 617 | letters, uppercase letters, and hyphens (-). It cannot start or end with a hyphen 618 | (-). 619 | Description: S3 bucket name for the Quick Start assets. Quick Start bucket name 620 | can include numbers, lowercase letters, uppercase letters, and hyphens (-). 621 | It cannot start or end with a hyphen (-). 622 | Type: String 623 | QSS3KeyPrefix: 624 | Default: 'quickstart-atlassian-jira/' 625 | AllowedPattern: ^[0-9a-zA-Z-/]*$ 626 | ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters, 627 | uppercase letters, hyphens (-), and forward slash (/). 628 | Description: S3 key prefix for the Quick Start assets. Quick Start key prefix 629 | can include numbers, lowercase letters, uppercase letters, hyphens (-), and 630 | forward slash (/). 631 | Type: String 632 | 633 | Conditions: 634 | DisableMail: 635 | !Not [!Equals [!Ref MailEnabled, true]] 636 | EnableCloudWatch: 637 | !Not [!Equals [!Ref CloudWatchIntegration, 'Off']] 638 | EnableCloudWatchLogs: 639 | !Equals [!Ref CloudWatchIntegration, 'Metrics and Logs'] 640 | DoSSL: 641 | !Not [!Equals [!Ref SSLCertificateARN, '']] 642 | KeyProvided: 643 | !Not [!Equals [!Ref KeyPairName, '']] 644 | OverrideHeap: 645 | !Not [!Equals [!Ref JvmHeapOverride, '']] 646 | UseContextPath: 647 | !Not [!Equals [!Ref TomcatContextPath, '']] 648 | UseCustomDnsName: 649 | !Not [!Equals [!Ref CustomDnsName, '']] 650 | UseDatabaseEncryption: 651 | !Equals [!Ref DBStorageEncrypted, true] 652 | UseHostedZone: 653 | !Not [!Equals [!Ref HostedZone, '']] 654 | UsePublicIp: 655 | !Equals [!Ref InternetFacingLoadBalancer, 'true'] 656 | GovCloudCondition: 657 | !Equals [!Ref 'AWS::Region', 'us-gov-west-1'] 658 | DBEngineAurora: 659 | !Equals [!Ref DBEngine, "Amazon Aurora PostgreSQL"] 660 | DBEnginePostgres: 661 | !Equals [!Ref DBEngine, "PostgreSQL"] 662 | UseBastionHost: !And 663 | - !Equals [!Ref BastionHostRequired, true] 664 | - !Condition KeyProvided 665 | InstallJSDAsOBR: 666 | !Equals [!Ref JiraProduct, "All"] 667 | Mappings: 668 | AWSInstanceType2Arch: 669 | c4.large: 670 | Arch: HVM64 671 | Jvmheap: 2304m 672 | c4.xlarge: 673 | Arch: HVM64 674 | Jvmheap: 4608m 675 | c4.2xlarge: 676 | Arch: HVM64 677 | Jvmheap: 12288m 678 | c4.4xlarge: 679 | Arch: HVM64 680 | Jvmheap: 12288m 681 | c4.8xlarge: 682 | Arch: HVM64 683 | Jvmheap: 12288m 684 | c5.large: 685 | Arch: HVM64 686 | Jvmheap: 2048m 687 | c5.xlarge: 688 | Arch: HVM64 689 | Jvmheap: 5120m 690 | c5.2xlarge: 691 | Arch: HVM64 692 | Jvmheap: 12288m 693 | c5.4xlarge: 694 | Arch: HVM64 695 | Jvmheap: 12288m 696 | c5.9xlarge: 697 | Arch: HVM64 698 | Jvmheap: 12288m 699 | c5.18xlarge: 700 | Arch: HVM64 701 | Jvmheap: 12288m 702 | c5d.large: 703 | Arch: HVM64 704 | Jvmheap: 2048m 705 | c5d.xlarge: 706 | Arch: HVM64 707 | Jvmheap: 5120m 708 | c5d.2xlarge: 709 | Arch: HVM64 710 | Jvmheap: 12288m 711 | c5d.4xlarge: 712 | Arch: HVM64 713 | Jvmheap: 12288m 714 | c5d.9xlarge: 715 | Arch: HVM64 716 | Jvmheap: 12288m 717 | c5d.18xlarge: 718 | Arch: HVM64 719 | Jvmheap: 12288m 720 | d2.xlarge: 721 | Arch: HVM64 722 | Jvmheap: 12288m 723 | d2.2xlarge: 724 | Arch: HVM64 725 | Jvmheap: 12288m 726 | d2.4xlarge: 727 | Arch: HVM64 728 | Jvmheap: 12288m 729 | d2.8xlarge: 730 | Arch: HVM64 731 | Jvmheap: 12288m 732 | h1.2xlarge: 733 | Arch: HVM64 734 | Jvmheap: 12288m 735 | h1.4xlarge: 736 | Arch: HVM64 737 | Jvmheap: 12288m 738 | h1.8xlarge: 739 | Arch: HVM64 740 | Jvmheap: 12288m 741 | h1.16xlarge: 742 | Arch: HVM64 743 | Jvmheap: 12288m 744 | i3.large: 745 | Arch: HVM64 746 | Jvmheap: 12288m 747 | i3.xlarge: 748 | Arch: HVM64 749 | Jvmheap: 12288m 750 | i3.2xlarge: 751 | Arch: HVM64 752 | Jvmheap: 12288m 753 | i3.4xlarge: 754 | Arch: HVM64 755 | Jvmheap: 12288m 756 | i3.8xlarge: 757 | Arch: HVM64 758 | Jvmheap: 12288m 759 | i3.16xlarge: 760 | Arch: HVM64 761 | Jvmheap: 12288m 762 | i3.metal: 763 | Arch: HVM64 764 | Jvmheap: 12288m 765 | m4.large: 766 | Arch: HVM64 767 | Jvmheap: 5120m 768 | m4.xlarge: 769 | Arch: HVM64 770 | Jvmheap: 12288m 771 | m4.2xlarge: 772 | Arch: HVM64 773 | Jvmheap: 12288m 774 | m4.4xlarge: 775 | Arch: HVM64 776 | Jvmheap: 12288m 777 | m4.10xlarge: 778 | Arch: HVM64 779 | Jvmheap: 12288m 780 | m4.16xlarge: 781 | Arch: HVM64 782 | Jvmheap: 12288m 783 | m5.large: 784 | Arch: HVM64 785 | Jvmheap: 5120m 786 | m5.xlarge: 787 | Arch: HVM64 788 | Jvmheap: 12288m 789 | m5.2xlarge: 790 | Arch: HVM64 791 | Jvmheap: 12288m 792 | m5.4xlarge: 793 | Arch: HVM64 794 | Jvmheap: 12288m 795 | m5.12xlarge: 796 | Arch: HVM64 797 | Jvmheap: 12288m 798 | m5.24xlarge: 799 | Arch: HVM64 800 | Jvmheap: 12288m 801 | m5d.large: 802 | Arch: HVM64 803 | Jvmheap: 5120m 804 | m5d.xlarge: 805 | Arch: HVM64 806 | Jvmheap: 12288m 807 | m5d.2xlarge: 808 | Arch: HVM64 809 | Jvmheap: 12288m 810 | m5d.4xlarge: 811 | Arch: HVM64 812 | Jvmheap: 12288m 813 | m5d.12xlarge: 814 | Arch: HVM64 815 | Jvmheap: 12288m 816 | m5d.24xlarge: 817 | Arch: HVM64 818 | Jvmheap: 12288m 819 | r4.large: 820 | Arch: HVM64 821 | Jvmheap: 12288m 822 | r4.xlarge: 823 | Arch: HVM64 824 | Jvmheap: 12288m 825 | r4.2xlarge: 826 | Arch: HVM64 827 | Jvmheap: 12288m 828 | r4.4xlarge: 829 | Arch: HVM64 830 | Jvmheap: 12288m 831 | r4.8xlarge: 832 | Arch: HVM64 833 | Jvmheap: 12288m 834 | r4.16xlarge: 835 | Arch: HVM64 836 | Jvmheap: 12288m 837 | r5.large: 838 | Arch: HVM64 839 | Jvmheap: 12288m 840 | r5.xlarge: 841 | Arch: HVM64 842 | Jvmheap: 12288m 843 | r5.2xlarge: 844 | Arch: HVM64 845 | Jvmheap: 12288m 846 | r5.4xlarge: 847 | Arch: HVM64 848 | Jvmheap: 12288m 849 | r5.12xlarge: 850 | Arch: HVM64 851 | Jvmheap: 12288m 852 | r5.24xlarge: 853 | Arch: HVM64 854 | Jvmheap: 12288m 855 | r5d.large: 856 | Arch: HVM64 857 | Jvmheap: 12288m 858 | r5d.xlarge: 859 | Arch: HVM64 860 | Jvmheap: 12288m 861 | r5d.2xlarge: 862 | Arch: HVM64 863 | Jvmheap: 12288m 864 | r5d.4xlarge: 865 | Arch: HVM64 866 | Jvmheap: 12288m 867 | r5d.12xlarge: 868 | Arch: HVM64 869 | Jvmheap: 12288m 870 | r5d.24xlarge: 871 | Arch: HVM64 872 | Jvmheap: 12288m 873 | t2.medium: 874 | Arch: HVM64 875 | Jvmheap: 2048m 876 | t2.large: 877 | Arch: HVM64 878 | Jvmheap: 5120m 879 | t2.xlarge: 880 | Arch: HVM64 881 | Jvmheap: 12288m 882 | t2.2xlarge: 883 | Arch: HVM64 884 | Jvmheap: 12288m 885 | t3.medium: 886 | Arch: HVM64 887 | Jvmheap: 2048m 888 | t3.large: 889 | Arch: HVM64 890 | Jvmheap: 5120m 891 | t3.xlarge: 892 | Arch: HVM64 893 | Jvmheap: 12288m 894 | t3.2xlarge: 895 | Arch: HVM64 896 | Jvmheap: 12288m 897 | x1.16xlarge: 898 | Arch: HVM64 899 | Jvmheap: 12288m 900 | x1.32xlarge: 901 | Arch: HVM64 902 | Jvmheap: 12288m 903 | x1e.xlarge: 904 | Arch: HVM64 905 | Jvmheap: 12288m 906 | x1e.2xlarge: 907 | Arch: HVM64 908 | Jvmheap: 12288m 909 | x1e.4xlarge: 910 | Arch: HVM64 911 | Jvmheap: 12288m 912 | x1e.8xlarge: 913 | Arch: HVM64 914 | Jvmheap: 12288m 915 | x1e.16xlarge: 916 | Arch: HVM64 917 | Jvmheap: 12288m 918 | x1e.32xlarge: 919 | Arch: HVM64 920 | Jvmheap: 12288m 921 | z1d.large: 922 | Arch: HVM64 923 | Jvmheap: 12288m 924 | z1d.xlarge: 925 | Arch: HVM64 926 | Jvmheap: 12288m 927 | z1d.2xlarge: 928 | Arch: HVM64 929 | Jvmheap: 12288m 930 | z1d.3xlarge: 931 | Arch: HVM64 932 | Jvmheap: 12288m 933 | z1d.6xlarge: 934 | Arch: HVM64 935 | Jvmheap: 12288m 936 | z1d.12xlarge: 937 | Arch: HVM64 938 | Jvmheap: 12288m 939 | 940 | AWSRegionArch2AMI: 941 | ap-northeast-1: 942 | HVM64: ami-08d56ac42e2d4a08b 943 | ap-northeast-2: 944 | HVM64: ami-0eb7a369386789460 945 | ap-south-1: 946 | HVM64: ami-0dafa01c8100180f8 947 | ap-southeast-1: 948 | HVM64: ami-04fc979a55e14b094 949 | ap-southeast-2: 950 | HVM64: ami-042c4533fa25c105a 951 | ca-central-1: 952 | HVM64: ami-040d8c460f4fc4a9f 953 | eu-central-1: 954 | HVM64: ami-00e232b942edaf8f9 955 | eu-north-1: 956 | HVM64: ami-0e3f1570eb0a9bc7f 957 | eu-west-1: 958 | HVM64: ami-09d5dd12541e69077 959 | eu-west-2: 960 | HVM64: ami-098a393b6fa6e700b 961 | eu-west-3: 962 | HVM64: ami-05cb6b584fc3c8ac8 963 | sa-east-1: 964 | HVM64: ami-088911543b10876a4 965 | us-east-1: 966 | HVM64: ami-038b3df3312ddf25d 967 | us-east-2: 968 | HVM64: ami-07b1d7739c91ed3fc 969 | us-west-1: 970 | HVM64: ami-0729cd65c1a99b0c9 971 | us-west-2: 972 | HVM64: ami-090bc08d7ae1f3881 973 | us-gov-west-1: 974 | HVM64: ami-0bbf3595bb2fb39ec 975 | us-gov-east-1: 976 | HVM64: ami-0cc17d57bec8c6017 977 | 978 | JIRAProduct2NameAndVersion: 979 | Core: 980 | name: jira-core 981 | editionToInstall: core 982 | shortdisplayname: '"Jira Core"' 983 | fulldisplayname: '"Atlassian Jira Core"' 984 | ServiceManagement: 985 | name: servicedesk 986 | editionToInstall: servicedesk 987 | shortdisplayname: '"Jira SD"' 988 | fulldisplayname: '"Atlassian Jira Service Management"' 989 | Software: 990 | name: jira-software 991 | editionToInstall: software 992 | shortdisplayname: '"Jira SW"' 993 | fulldisplayname: '"Atlassian Jira Software"' 994 | All: 995 | name: jira-all 996 | editionToInstall: software 997 | shortdisplayname: '"Jira"' 998 | fulldisplayname: '"Atlassian Jira"' 999 | Resources: 1000 | JiraClusterNodeRole: 1001 | Type: AWS::IAM::Role 1002 | Properties: 1003 | AssumeRolePolicyDocument: 1004 | Version: 2012-10-17 1005 | Statement: 1006 | - Effect: Allow 1007 | Principal: 1008 | Service: [ec2.amazonaws.com] 1009 | Action: ['sts:AssumeRole'] 1010 | ManagedPolicyArns: 1011 | - !Sub 'arn:${AWS::Partition}:iam::aws:policy/AmazonSSMManagedInstanceCore' 1012 | - !Sub 'arn:${AWS::Partition}:iam::aws:policy/CloudWatchAgentServerPolicy' 1013 | Path: / 1014 | Policies: 1015 | - PolicyName: JiraClusterNodePolicy 1016 | PolicyDocument: 1017 | Version: 2012-10-17 1018 | Statement: 1019 | - Action: 1020 | - ec2:CreateTags 1021 | Effect: Allow 1022 | Resource: 1023 | - !Sub "arn:${AWS::Partition}:ec2:*:${AWS::AccountId}:instance/*" 1024 | - !Sub "arn:${AWS::Partition}:ec2:*:${AWS::AccountId}:vpc/*" 1025 | - Action: 1026 | - autoscaling:CreateOrUpdateTags 1027 | - route53:ListResourceRecordSets 1028 | Effect: Allow 1029 | Resource: 1030 | - !Sub "arn:${AWS::Partition}:autoscaling:*:${AWS::AccountId}:autoScalingGroup:*:autoScalingGroupName/*" 1031 | - !Sub "arn:${AWS::Partition}:route53:::hostedzone/*" 1032 | - Action: 1033 | - ec2:DescribeInstances 1034 | - ec2:DescribeTags 1035 | - route53:ListHostedZones 1036 | - autoscaling:DescribeTags 1037 | Effect: Allow 1038 | Resource: "*" 1039 | - Action: route53:ChangeResourceRecordSets 1040 | Effect: Allow 1041 | Resource: 1042 | - !Sub "arn:${AWS::Partition}:route53:::hostedzone/*" 1043 | - !Sub "arn:${AWS::Partition}:route53:::change/*" 1044 | - !Sub "arn:${AWS::Partition}:route53:::healthcheck/*" 1045 | - !Sub "arn:${AWS::Partition}:route53:::delegationset/*" 1046 | - PolicyName: SSMParameterPutAccess 1047 | PolicyDocument: 1048 | Version: 2012-10-17 1049 | Statement: 1050 | - Action: 1051 | - 'ssm:PutParameter' 1052 | Effect: Allow 1053 | Resource: !Sub "arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${AWS::StackName}/pinned-ansible-sha" 1054 | JiraClusterNodeInstanceProfile: 1055 | Type: AWS::IAM::InstanceProfile 1056 | Properties: 1057 | Path: / 1058 | Roles: [!Ref JiraClusterNodeRole] 1059 | # Jira node config 1060 | ClusterNodeGroup: 1061 | Type: AWS::AutoScaling::AutoScalingGroup 1062 | CreationPolicy: 1063 | ResourceSignal: 1064 | Count: !Ref ClusterNodeMin 1065 | Timeout: PT15M 1066 | Properties: 1067 | DesiredCapacity: !Ref ClusterNodeMin 1068 | LaunchConfigurationName: !Ref ClusterNodeLaunchConfig 1069 | MaxSize: !Ref ClusterNodeMax 1070 | MinSize: !Ref ClusterNodeMin 1071 | TargetGroupARNs: [!Ref MainTargetGroup] 1072 | VPCZoneIdentifier: !Split 1073 | - "," 1074 | - Fn::ImportValue: !Sub "${ExportPrefix}PriNets" 1075 | Tags: 1076 | - Key: Name 1077 | Value: !Sub ["${StackName} Jira Node", {StackName: !Ref 'AWS::StackName'}] 1078 | PropagateAtLaunch: true 1079 | - Key: Cluster 1080 | Value: !Ref AWS::StackName 1081 | PropagateAtLaunch: true 1082 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1083 | - Key: "atl:quickstart:commit-id" 1084 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1085 | PropagateAtLaunch: true 1086 | - Key: "atl:quickstart:timestamp" 1087 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1088 | PropagateAtLaunch: true 1089 | 1090 | ClusterNodeLaunchConfig: 1091 | Type: AWS::AutoScaling::LaunchConfiguration 1092 | DependsOn: 1093 | - EFSMountAz1 1094 | - EFSMountAz2 1095 | - AnsibleRepoPinSHA 1096 | Metadata: 1097 | Comment: '' 1098 | AWS::CloudFormation::Init: 1099 | config: 1100 | files: 1101 | /etc/atl: 1102 | mode: "000640" 1103 | owner: root 1104 | group: root 1105 | content: 1106 | 'Fn::Join': 1107 | - "\n" 1108 | - - "ATL_PRODUCT_FAMILY=jira" 1109 | - "ATL_DB_DRIVER=org.postgresql.Driver" 1110 | - "ATL_JDBC_DB_NAME=jira" 1111 | - "ATL_JDBC_USER=atljira" 1112 | - "ATL_JVM_OPTS='-XX:+ExplicitGCInvokesConcurrent -XX:ReservedCodeCacheSize=512M'" 1113 | - "ATL_APP_DATA_MOUNT_ENABLED=false" 1114 | - "ATL_ENABLED_PRODUCTS=Jira" 1115 | - "ATL_ENABLED_SHARED_HOMES=" 1116 | - "ATL_NGINX_ENABLED=false" 1117 | - "ATL_POSTGRES_ENABLED=false" 1118 | - "ATL_RELEASE_S3_BUCKET=atlassian-software" 1119 | - "ATL_RELEASE_S3_PATH=releases" 1120 | - "ATL_SSL_SELF_CERT_ENABLED=false" 1121 | - "" 1122 | - !Sub ["ATL_PRODUCT_EDITION=${Edition}", Edition: !FindInMap [ "JIRAProduct2NameAndVersion", !Ref JiraProduct, "editionToInstall"]] 1123 | - !Sub ["ATL_PRODUCT_VERSION=${ProductVersion}", ProductVersion: !Ref JiraVersion] 1124 | - !If [InstallJSDAsOBR, "ATL_JSD_ASOBR=true", !Ref "AWS::NoValue"] 1125 | - !Sub ["ATL_EFS_ID=${ElasticFileSystem}", ElasticFileSystem: !Ref "ElasticFileSystem"] 1126 | - !If [DoSSL, "ATL_SSL_PROXY=true", !Ref "AWS::NoValue"] 1127 | - !Sub ["ATL_AWS_STACK_NAME=${StackName}", StackName: !Ref "AWS::StackName"] 1128 | - !Sub ["ATL_CATALINA_OPTS=\"${CatalinaOpts} ${MailOpts}\"", { CatalinaOpts: !Ref CatalinaOpts, MailOpts: !If [DisableMail, '-Datlassian.mail.senddisabled=true -Datlassian.mail.fetchdisabled=true -Datlassian.mail.popdisabled=true', ''] }] 1129 | - !Sub ["ATL_DB_ENGINE=${DBEngine}", DBEngine: !If [DBEngineAurora, aurora_postgres, !If [DBEnginePostgres, rds_postgres, '']]] 1130 | - !Sub ["ATL_DB_HOST=${DBEndpointAddress}", DBEndpointAddress: !GetAtt DB.Outputs.RDSEndPointAddress] 1131 | - !Sub ["ATL_DB_MAXIDLE=${DBMaxIdle}", DBMaxIdle: !Ref DBMaxIdle] 1132 | - !Sub ["ATL_DB_MAXWAITMILLIS=${DBMaxWaitMillis}", DBMaxWaitMillis: !Ref DBMaxWaitMillis] 1133 | - !Sub ["ATL_DB_MINEVICTABLEIDLETIMEMILLIS=${DBMinEvictableIdleTimeMillis}", DBMinEvictableIdleTimeMillis: !Ref DBMinEvictableIdleTimeMillis] 1134 | - !Sub ["ATL_DB_MINIDLE=${DBMinIdle}", DBMinIdle: !Ref DBMinIdle] 1135 | - !Sub ["ATL_DB_ROOT_PASSWORD='${DBMasterUserPassword}'", DBMasterUserPassword: !Ref DBMasterUserPassword] 1136 | - !Sub ["ATL_DB_POOLMAXSIZE=${DBPoolMaxSize}", DBPoolMaxSize: !Ref DBPoolMaxSize] 1137 | - !Sub ["ATL_DB_POOLMINSIZE=${DBPoolMinSize}", DBPoolMinSize: !Ref DBPoolMinSize] 1138 | - !Sub ["ATL_DB_PORT=${DBEndpointPort}", DBEndpointPort: !GetAtt DB.Outputs.RDSEndPointPort] 1139 | - !Sub ["ATL_DB_REMOVEABANDONED=${DBRemoveAbandoned}", DBRemoveAbandoned: !Ref DBRemoveAbandoned] 1140 | - !Sub ["ATL_DB_REMOVEABANDONEDTIMEOUT=${DBRemoveAbandonedTimeout}", DBRemoveAbandonedTimeout: !Ref DBRemoveAbandonedTimeout] 1141 | - !Sub ["ATL_DB_TESTONBORROW=${DBTestOnBorrow}", DBTestOnBorrow: !Ref DBTestOnBorrow] 1142 | - !Sub ["ATL_DB_TESTWHILEIDLE=${DBTestWhileIdle}", DBTestWhileIdle: !Ref DBTestWhileIdle] 1143 | - !Sub ["ATL_DB_TIMEBETWEENEVICTIONRUNSMILLIS=${DBTimeBetweenEvictionRunsMillis}", DBTimeBetweenEvictionRunsMillis: !Ref DBTimeBetweenEvictionRunsMillis] 1144 | - !Sub ["ATL_HOSTEDZONE=${HostedZone}", HostedZone: !Ref HostedZone] 1145 | - !Sub ["ATL_JDBC_PASSWORD='${DBPassword}'", DBPassword: !Ref DBPassword] 1146 | - !Sub ["ATL_JDBC_URL=jdbc:postgresql://${DBEndpointAddress}:${DBEndpointPort}/jira?targetServerType=master", { DBEndpointAddress: !GetAtt DB.Outputs.RDSEndPointAddress, DBEndpointPort: !GetAtt DB.Outputs.RDSEndPointPort }] 1147 | - !Sub ["ATL_JIRA_FULL_DISPLAY_NAME=${JiraFullDisplayName}", JiraFullDisplayName: !FindInMap [ "JIRAProduct2NameAndVersion", !Ref JiraProduct, "fulldisplayname"]] 1148 | - !Sub ["ATL_JIRA_NAME=${JiraProductName}", JiraProductName: !FindInMap [ "JIRAProduct2NameAndVersion", !Ref JiraProduct, "name"]] 1149 | - !Sub ["ATL_JIRA_SHORT_DISPLAY_NAME=${JiraShortDisplayName}", JiraShortDisplayName: !FindInMap [ "JIRAProduct2NameAndVersion", !Ref JiraProduct, "shortdisplayname"]] 1150 | - !Sub ["ATL_JVM_HEAP=${AtlJvmHeap}", AtlJvmHeap: !If [OverrideHeap, !Ref 'JvmHeapOverride', !FindInMap [AWSInstanceType2Arch, !Ref ClusterNodeInstanceType, Jvmheap]]] 1151 | - !Sub ["ATL_PROXY_NAME=${AtlProxyName}", AtlProxyName: !If [UseCustomDnsName, !Ref CustomDnsName, !If [UseHostedZone, !Ref LoadBalancerCname, !GetAtt LoadBalancer.DNSName]]] 1152 | - !Sub ["ATL_TOMCAT_ACCEPTCOUNT=${TomcatAcceptCount}", TomcatAcceptCount: !Ref TomcatAcceptCount] 1153 | - !Sub ["ATL_TOMCAT_CONNECTIONTIMEOUT=${TomcatConnectionTimeout}", TomcatConnectionTimeout: !Ref TomcatConnectionTimeout] 1154 | - !Sub ["ATL_TOMCAT_CONTEXTPATH=${TomcatContextPath}", TomcatContextPath: !Ref TomcatContextPath] 1155 | - !Sub ["ATL_TOMCAT_DEFAULTCONNECTORPORT=${TomcatDefaultConnectorPort}", TomcatDefaultConnectorPort: !Ref TomcatDefaultConnectorPort] 1156 | - !Sub ["ATL_TOMCAT_ENABLELOOKUPS=${TomcatEnableLookups}", TomcatEnableLookups: !Ref TomcatEnableLookups] 1157 | - !Sub ["ATL_TOMCAT_MAXTHREADS=${TomcatMaxThreads}", TomcatMaxThreads: !Ref TomcatMaxThreads] 1158 | - !Sub ["ATL_TOMCAT_MINSPARETHREADS=${TomcatMinSpareThreads}", TomcatMinSpareThreads: !Ref TomcatMinSpareThreads] 1159 | - !Sub ["ATL_TOMCAT_PROTOCOL=${TomcatProtocol}", TomcatProtocol: !Ref TomcatProtocol] 1160 | - !Sub ["ATL_TOMCAT_PROXYPORT=${TomcatProxyPort}", TomcatProxyPort: !If [DoSSL, 443, 80]] 1161 | - !Sub ["ATL_TOMCAT_REDIRECTPORT=${TomcatRedirectPort}", TomcatRedirectPort: !Ref TomcatRedirectPort] 1162 | - !Sub ["ATL_TOMCAT_SCHEME=${TomcatScheme}", TomcatScheme: !If [DoSSL, https, http]] 1163 | - !Sub ["ATL_TOMCAT_SECURE=${TomcatSecure}", TomcatSecure: !If [DoSSL, true, false]] 1164 | - !Sub ["ATL_DEPLOYMENT_REPOSITORY=${DeployRepository}", DeployRepository: !Ref "DeploymentAutomationRepository"] 1165 | - !Sub ["ATL_DEPLOYMENT_REPOSITORY_BRANCH=${DeployRepositoryBranch}", DeployRepositoryBranch: !Ref "DeploymentAutomationBranch"] 1166 | - !Sub ["ATL_DEPLOYMENT_REPOSITORY_PLAYBOOK=${DeployRepositoryPlaybook}", DeployRepositoryPlaybook: !Ref "DeploymentAutomationPlaybook"] 1167 | - !Sub ["ATL_DEPLOYMENT_REPOSITORY_KEYNAME=${DeployRepositoryKeyName}", DeployRepositoryKeyName: !Ref "DeploymentAutomationKeyName"] 1168 | - !Sub ["ATL_DEPLOYMENT_REPOSITORY_CUSTOM_PARAMS='${DeployRepositoryCustomParams}'", DeployRepositoryCustomParams: !Ref "DeploymentAutomationCustomParams"] 1169 | 1170 | - !Sub ["ATL_AWS_ENABLE_CLOUDWATCH=${EnableCW}", EnableCW: !If [EnableCloudWatch, true, false]] 1171 | - !Sub ["ATL_AWS_ENABLE_CLOUDWATCH_LOGS=${EnableCWLogs}", EnableCWLogs: !If [EnableCloudWatchLogs, true, false]] 1172 | 1173 | /opt/atlassian/bin/clone_deployment_repo: 1174 | content: !Sub | 1175 | #!/bin/bash 1176 | key_location=/root/.ssh/deployment_repo_key 1177 | key_name="${DeploymentAutomationKeyName}" 1178 | ssm_pin=/${AWS::StackName}/pinned-ansible-sha 1179 | 1180 | yum install -y git awscli jq 1181 | 1182 | if [[ ! -z "$key_name" ]]; then 1183 | # Ensure awscli is up to date 1184 | key_val=$(aws --region=${AWS::Region} ssm get-parameters --names "$key_name" --with-decryption | jq --raw-output '.Parameters[0].Value') 1185 | echo -e "$key_val" > $key_location 1186 | chmod 600 $key_location 1187 | export GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no -i $key_location" 1188 | else 1189 | export GIT_SSH_COMMAND="ssh -o IdentitiesOnly=yes -o StrictHostKeyChecking=no" 1190 | fi 1191 | 1192 | ### Ansible repo pinning ### 1193 | pinned_commit_id=$(aws --region=${AWS::Region} ssm get-parameters --names "$ssm_pin" | jq --raw-output '.Parameters[0].Value') 1194 | 1195 | git clone "${DeploymentAutomationRepository}" -b "${DeploymentAutomationBranch}" /opt/atlassian/dc-deployments-automation/ 1196 | cd /opt/atlassian/dc-deployments-automation/ 1197 | 1198 | if [[ "$pinned_commit_id" == "latest" || -z "$pinned_commit_id" ]]; then 1199 | head_id=$(git rev-parse HEAD) 1200 | echo "SSM param [$ssm_pin] has been set to 'latest' - Using the HEAD SHA [$head_id] to build cluster [${AWS::StackName}]" 1201 | echo "Updating SSM param [$ssm_pin] with current HEAD SHA: [$head_id]" 1202 | aws --region=${AWS::Region} ssm put-parameter --name "$ssm_pin" --value "$head_id" --overwrite --type String 1203 | else 1204 | echo "Ansible repo has been pinned, checking out commit: [$pinned_commit_id]" 1205 | git checkout -b "pinned-ansible-sha-$pinned_commit_id" "$pinned_commit_id" 1206 | fi 1207 | mode: "000750" 1208 | owner: root 1209 | group: root 1210 | 1211 | commands: 1212 | 070_create_atl_dir: 1213 | test: "test ! -d /opt/atlassian/" 1214 | command: mkdir -p /opt/atlassian 1215 | ignoreErrors: false 1216 | 071_install_packages: 1217 | command: yum install -y git python-virtualenv 1218 | ignoreErrors: true 1219 | 072_clone_atl_scripts: 1220 | test: "test ! -d /opt/atlassian/dc-deployments-automation/" 1221 | command: /opt/atlassian/bin/clone_deployment_repo 1222 | ignoreErrors: true 1223 | 080_run_atl_init_node: 1224 | command: !Sub | 1225 | cd /opt/atlassian/dc-deployments-automation/ && ./bin/install-ansible && ./bin/ansible-with-atl-env inv/aws_node_local ${DeploymentAutomationPlaybook} /var/log/ansible-bootstrap.log 1226 | ignoreErrors: true 1227 | 1228 | Properties: 1229 | AssociatePublicIpAddress: false 1230 | BlockDeviceMappings: 1231 | - DeviceName: /dev/xvda 1232 | Ebs: 1233 | VolumeSize: !Ref ClusterNodeVolumeSize 1234 | - DeviceName: /dev/xvdf 1235 | NoDevice: true 1236 | KeyName: !If 1237 | - KeyProvided 1238 | - !Ref KeyPairName 1239 | - Ref: AWS::NoValue 1240 | IamInstanceProfile: !Ref JiraClusterNodeInstanceProfile 1241 | ImageId: 1242 | !FindInMap 1243 | - AWSRegionArch2AMI 1244 | - !Ref AWS::Region 1245 | - !FindInMap 1246 | - AWSInstanceType2Arch 1247 | - !Ref ClusterNodeInstanceType 1248 | - Arch 1249 | InstanceType: !Ref ClusterNodeInstanceType 1250 | SecurityGroups: [!Ref SecurityGroup] 1251 | UserData: 1252 | Fn::Base64: 1253 | !Join 1254 | - "" 1255 | - 1256 | - "#!/bin/bash -xe\n" 1257 | - "yum update -y aws-cfn-bootstrap\n" 1258 | - !Sub ["/opt/aws/bin/cfn-init -v --stack ${StackName}", {StackName: !Ref "AWS::StackName"}] 1259 | - !Sub [" --resource ClusterNodeLaunchConfig --region ${Region}\n", {Region: !Ref "AWS::Region"}] 1260 | - !Sub ["/opt/aws/bin/cfn-signal -e $? --stack ${StackName}", {StackName: !Ref "AWS::StackName"}] 1261 | - !Sub [" --resource ClusterNodeGroup --region ${Region}", {Region: !Ref "AWS::Region"}] 1262 | ElasticFileSystem: 1263 | Type: AWS::EFS::FileSystem 1264 | Properties: 1265 | BackupPolicy: 1266 | Status: ENABLED 1267 | FileSystemTags: 1268 | - Key: Name 1269 | Value: !Join [' ', [!Ref 'AWS::StackName', 'cluster shared-files']] 1270 | - Key: Application 1271 | Value: !Ref AWS::StackId 1272 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1273 | - Key: "atl:quickstart:commit-id" 1274 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1275 | - Key: "atl:quickstart:timestamp" 1276 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1277 | EFSMountAz1: 1278 | Type: AWS::EFS::MountTarget 1279 | Properties: 1280 | FileSystemId: !Ref ElasticFileSystem 1281 | SecurityGroups: [!Ref SecurityGroup] 1282 | SubnetId: !Select 1283 | - 0 1284 | - !Split 1285 | - "," 1286 | - Fn::ImportValue: !Sub "${ExportPrefix}PriNets" 1287 | EFSMountAz2: 1288 | Type: AWS::EFS::MountTarget 1289 | Properties: 1290 | FileSystemId: !Ref ElasticFileSystem 1291 | SecurityGroups: [!Ref SecurityGroup] 1292 | SubnetId: !Select 1293 | - 1 1294 | - !Split 1295 | - "," 1296 | - Fn::ImportValue: !Sub "${ExportPrefix}PriNets" 1297 | EFSCname: 1298 | Type: AWS::Route53::RecordSet 1299 | Condition: UseHostedZone 1300 | Properties: 1301 | HostedZoneName: !Ref HostedZone 1302 | Comment: Route53 cname for the efs 1303 | Name: !If [ UseHostedZone, !Join ['.', [!Ref 'AWS::StackName', 'efs', !Ref 'HostedZone']], ''] 1304 | Type: CNAME 1305 | TTL: 900 1306 | ResourceRecords: 1307 | - !Join ['.', [!Ref ElasticFileSystem, 'efs', !Ref 'AWS::Region', 'amazonaws.com.']] 1308 | # Database 1309 | DB: 1310 | Type: AWS::CloudFormation::Stack 1311 | Properties: 1312 | TemplateURL: !Sub 1313 | - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-atlassian-services/templates/quickstart-database-for-atlassian-services.yaml 1314 | - QSS3Region: !If ["GovCloudCondition", "s3-us-gov-west-1", "s3"] 1315 | Parameters: 1316 | DatabaseImplementation: !Ref DBEngine 1317 | DBEngineVersion: !Ref DBEngineVersion 1318 | DBSecurityGroup: !Ref SecurityGroup 1319 | DBAutoMinorVersionUpgrade: "true" 1320 | DBBackupRetentionPeriod: "1" 1321 | DBInstanceClass: !Ref DBInstanceClass 1322 | DBIops: !Ref DBIops 1323 | DBMasterUserPassword: !Ref DBMasterUserPassword 1324 | DBMultiAZ: !Ref DBMultiAZ 1325 | DBAllocatedStorage: !Ref DBStorage 1326 | DBStorageEncrypted: !Ref DBStorageEncrypted 1327 | DBStorageType: !Ref DBStorageType 1328 | ExportPrefix: !Ref ExportPrefix 1329 | QSS3BucketName: !Ref QSS3BucketName 1330 | QSS3KeyPrefix: !Ref QSS3KeyPrefix 1331 | DBCname: 1332 | Condition: UseHostedZone 1333 | Type: AWS::Route53::RecordSet 1334 | Properties: 1335 | HostedZoneName: !Ref HostedZone 1336 | Comment: Route53 cname for the RDS 1337 | Name: !Join ['.', [!Ref 'AWS::StackName', 'db', !Ref 'HostedZone']] 1338 | Type: CNAME 1339 | TTL: 900 1340 | ResourceRecords: 1341 | - !GetAtt DB.Outputs.RDSEndPointAddress 1342 | 1343 | # Loadbalancer 1344 | LoadBalancer: 1345 | Type: AWS::ElasticLoadBalancingV2::LoadBalancer 1346 | Properties: 1347 | LoadBalancerAttributes: 1348 | - Key: idle_timeout.timeout_seconds 1349 | Value: '3600' 1350 | Scheme: !If [UsePublicIp, 'internet-facing', 'internal'] 1351 | SecurityGroups: [!Ref SecurityGroup] 1352 | Subnets: !Split 1353 | - "," 1354 | - Fn::ImportValue: !Sub "${ExportPrefix}PubNets" 1355 | Tags: 1356 | - Key: Name 1357 | Value: !Sub ["${StackName}-LoadBalancer", StackName: !Ref 'AWS::StackName'] 1358 | - Key: Cluster 1359 | Value: !Ref AWS::StackName 1360 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1361 | - Key: "atl:quickstart:commit-id" 1362 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1363 | - Key: "atl:quickstart:timestamp" 1364 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1365 | 1366 | LoadBalancerHTTPListener: 1367 | Type: AWS::ElasticLoadBalancingV2::Listener 1368 | Properties: 1369 | DefaultActions: 1370 | - !If 1371 | - DoSSL 1372 | - Type: redirect 1373 | RedirectConfig: 1374 | Protocol: HTTPS 1375 | Port: '443' 1376 | Host: '#{host}' 1377 | Path: '/#{path}' 1378 | Query: '#{query}' 1379 | StatusCode: HTTP_301 1380 | - Type: forward 1381 | TargetGroupArn: !Ref MainTargetGroup 1382 | LoadBalancerArn: !Ref LoadBalancer 1383 | Port: 80 1384 | Protocol: HTTP 1385 | LoadBalancerHTTPSListener: 1386 | Condition: DoSSL 1387 | Type: AWS::ElasticLoadBalancingV2::Listener 1388 | Properties: 1389 | Certificates: 1390 | - CertificateArn: !Ref SSLCertificateARN 1391 | DefaultActions: 1392 | - Type: forward 1393 | TargetGroupArn: !Ref MainTargetGroup 1394 | LoadBalancerArn: !Ref LoadBalancer 1395 | Port: 443 1396 | Protocol: HTTPS 1397 | MainTargetGroup: 1398 | Type: AWS::ElasticLoadBalancingV2::TargetGroup 1399 | Properties: 1400 | Port: !Ref TomcatDefaultConnectorPort 1401 | Protocol: HTTP 1402 | VpcId: 1403 | Fn::ImportValue: !Sub "${ExportPrefix}VPCID" 1404 | HealthCheckIntervalSeconds: 20 1405 | HealthCheckTimeoutSeconds: 10 1406 | HealthyThresholdCount: 2 1407 | Matcher: 1408 | HttpCode: '200' 1409 | HealthCheckPath: !If [UseContextPath, !Join ['', [!Ref 'TomcatContextPath', '/status']], '/status'] 1410 | HealthCheckPort: !Ref TomcatDefaultConnectorPort 1411 | HealthCheckProtocol: HTTP 1412 | TargetGroupAttributes: 1413 | - Key: stickiness.enabled 1414 | Value: 'true' 1415 | - Key: stickiness.type 1416 | Value: lb_cookie 1417 | - Key: deregistration_delay.timeout_seconds 1418 | Value: '30' 1419 | Tags: 1420 | - Key: Name 1421 | Value: MainTargetGroup 1422 | - Key: Cluster 1423 | Value: !Ref AWS::StackName 1424 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1425 | - Key: "atl:quickstart:commit-id" 1426 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1427 | - Key: "atl:quickstart:timestamp" 1428 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1429 | DependsOn: 1430 | - LoadBalancer 1431 | LoadBalancerCname: 1432 | Condition: UseHostedZone 1433 | Type: AWS::Route53::RecordSet 1434 | Properties: 1435 | HostedZoneName: !Ref HostedZone 1436 | Comment: Route53 cname for the ALB 1437 | Name: !Join ['.', [!Ref "AWS::StackName", !Ref 'HostedZone']] 1438 | Type: CNAME 1439 | TTL: 900 1440 | ResourceRecords: 1441 | - !GetAtt LoadBalancer.DNSName 1442 | SecurityGroup: 1443 | Type: AWS::EC2::SecurityGroup 1444 | Properties: 1445 | GroupDescription: Security group allowing SSH and HTTP/HTTPS access 1446 | SecurityGroupIngress: 1447 | - IpProtocol: tcp 1448 | FromPort: 22 1449 | ToPort: 22 1450 | CidrIp: !Ref CidrBlock 1451 | - !If 1452 | - UseBastionHost 1453 | - IpProtocol: tcp 1454 | FromPort: 22 1455 | ToPort: 22 1456 | CidrIp: 1457 | !Sub 1458 | - "${BastionIp}/32" 1459 | - BastionIp: 1460 | Fn::ImportValue: !Sub '${ExportPrefix}BastionPrivIp' 1461 | - Ref: AWS::NoValue 1462 | - IpProtocol: tcp 1463 | FromPort: 80 1464 | ToPort: 80 1465 | CidrIp: !Ref CidrBlock 1466 | - IpProtocol: tcp 1467 | FromPort: 443 1468 | ToPort: 443 1469 | CidrIp: !Ref CidrBlock 1470 | - IpProtocol: tcp 1471 | FromPort: 80 1472 | ToPort: 80 1473 | CidrIp: 1474 | !Sub 1475 | - "${NAT1IP}/32" 1476 | - NAT1IP: 1477 | Fn::ImportValue: !Sub '${ExportPrefix}NAT1EIP' 1478 | - IpProtocol: tcp 1479 | FromPort: 80 1480 | ToPort: 80 1481 | CidrIp: 1482 | !Sub 1483 | - "${NAT2IP}/32" 1484 | - NAT2IP: 1485 | Fn::ImportValue: !Sub '${ExportPrefix}NAT2EIP' 1486 | - IpProtocol: tcp 1487 | FromPort: 443 1488 | ToPort: 443 1489 | CidrIp: 1490 | !Sub 1491 | - "${NAT1IP}/32" 1492 | - NAT1IP: 1493 | Fn::ImportValue: !Sub '${ExportPrefix}NAT1EIP' 1494 | - IpProtocol: tcp 1495 | FromPort: 443 1496 | ToPort: 443 1497 | CidrIp: 1498 | !Sub 1499 | - "${NAT2IP}/32" 1500 | - NAT2IP: 1501 | Fn::ImportValue: !Sub '${ExportPrefix}NAT2EIP' 1502 | Tags: 1503 | - Key: Name 1504 | Value: !Join [' ', [!Ref "AWS::StackName", 'sg']] 1505 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1506 | - Key: "atl:quickstart:commit-id" 1507 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1508 | - Key: "atl:quickstart:timestamp" 1509 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1510 | VpcId: 1511 | Fn::ImportValue: !Sub "${ExportPrefix}VPCID" 1512 | SecurityGroupIngress: 1513 | Type: AWS::EC2::SecurityGroupIngress 1514 | Properties: 1515 | GroupId: !Ref SecurityGroup 1516 | IpProtocol: '-1' 1517 | FromPort: -1 1518 | ToPort: -1 1519 | SourceSecurityGroupId: !Ref SecurityGroup 1520 | EncryptionKey: 1521 | Condition: UseDatabaseEncryption 1522 | DeletionPolicy: Retain 1523 | UpdateReplacePolicy: Retain 1524 | Type: AWS::KMS::Key 1525 | Properties: 1526 | KeyPolicy: 1527 | Version: 2012-10-17 1528 | Id: !Sub "${AWS::StackName}" 1529 | Statement: 1530 | - Effect: Allow 1531 | Principal: 1532 | AWS: 1533 | - !Sub "arn:${AWS::Partition}:iam::${AWS::AccountId}:root" 1534 | Action: 1535 | - kms:CreateAlias 1536 | - kms:CreateGrant 1537 | - kms:CreateKey 1538 | - kms:DeleteAlias 1539 | - kms:DeleteImportedKeyMaterial 1540 | - kms:DescribeKey 1541 | - kms:DisableKey 1542 | - kms:DisableKeyRotation 1543 | - kms:EnableKey 1544 | - kms:EnableKeyRotation 1545 | - kms:GetKeyPolicy 1546 | - kms:GetKeyRotationStatus 1547 | - kms:GetParametersForImport 1548 | - kms:GetPublicKey 1549 | - kms:PutKeyPolicy 1550 | Resource: '*' 1551 | EnableKeyRotation: true 1552 | Tags: 1553 | - Key: Name 1554 | Value: !Sub ["${StackName} Encryption Key", {StackName: !Ref 'AWS::StackName'}] 1555 | # NOTE: The leading COMMIT/TIMESTAMP are used to locate the position to update; see scripts/update-tags.py 1556 | - Key: "atl:quickstart:commit-id" 1557 | Value: "COMMIT: 52315af6533894206ebc56953532ff22dbfe9e13" 1558 | - Key: "atl:quickstart:timestamp" 1559 | Value: "TIMESTAMP: 2022-04-14T15:19:32Z" 1560 | EncryptionKeyAlias: 1561 | Condition: UseDatabaseEncryption 1562 | Type: AWS::KMS::Alias 1563 | Properties: 1564 | AliasName: !Sub "alias/${AWS::StackName}" 1565 | TargetKeyId: !Ref EncryptionKey 1566 | AnsibleRepoPinSHA: 1567 | Type: AWS::SSM::Parameter 1568 | Properties: 1569 | Description: "The dc-deployments-automation commit SHA that all nodes in the cluster will use" 1570 | Name: !Sub "/${AWS::StackName}/pinned-ansible-sha" 1571 | Type: String 1572 | AllowedPattern: '^(latest)|([0-9a-f]{5,40})$' 1573 | Value: "latest" 1574 | 1575 | # Optional: Cloudwatch dashboard to be created when CloudWatch is enabled 1576 | CloudWatchDashboard: 1577 | DependsOn: 1578 | - DB 1579 | Condition: EnableCloudWatch 1580 | Type: AWS::CloudFormation::Stack 1581 | Properties: 1582 | TemplateURL: !Sub 1583 | - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}submodules/quickstart-atlassian-services/templates/quickstart-cloudwatch-dashboard.yaml 1584 | - QSS3Region: !If ["GovCloudCondition", "s3-us-gov-west-1", "s3"] 1585 | Parameters: 1586 | ProductStackName: !Sub "${AWS::StackName}" 1587 | ProductFamilyName: !FindInMap [ "JIRAProduct2NameAndVersion", !Ref JiraProduct, "name"] 1588 | AsgToMonitor: !Ref ClusterNodeGroup 1589 | 1590 | Outputs: 1591 | ServiceURL: 1592 | Description: The URL to access this Atlassian service 1593 | Value: !If 1594 | - UseCustomDnsName 1595 | - !Sub 1596 | - "${HTTP}://${CustomDNSName}${ContextPath}" 1597 | - HTTP: !If [DoSSL, 'https', 'http'] 1598 | CustomDNSName: !Ref CustomDnsName 1599 | ContextPath: !Ref TomcatContextPath 1600 | - !If 1601 | - UseHostedZone 1602 | - !Sub 1603 | - "${HTTP}://${LBCName}${ContextPath}" 1604 | - HTTP: !If [DoSSL, 'https', 'http'] 1605 | LBCName: !Ref LoadBalancerCname 1606 | ContextPath: !Ref TomcatContextPath 1607 | - !Sub 1608 | - "${HTTP}://${LoadBalancerDNSName}${ContextPath}" 1609 | - HTTP: !If [DoSSL, 'https', 'http'] 1610 | LoadBalancerDNSName: !GetAtt LoadBalancer.DNSName 1611 | ContextPath: !Ref TomcatContextPath 1612 | LoadBalancerURL: 1613 | Description: The Load Balancer URL 1614 | Value: !Sub 1615 | - "${HTTP}://${LoadBalancerDNSName}" 1616 | - HTTP: !If [DoSSL, 'https', 'http'] 1617 | LoadBalancerDNSName: !GetAtt LoadBalancer.DNSName 1618 | SGname: 1619 | Description: The name of the SecurityGroup 1620 | Value: !Ref SecurityGroup 1621 | Export: { 1622 | Name: !Join ['', [!Ref 'AWS::StackName', '-SGname']] 1623 | } 1624 | DBEndpointAddress: 1625 | Description: The Database Connection String 1626 | Value: !GetAtt DB.Outputs.RDSEndPointAddress 1627 | DBEncryptionKey: 1628 | Condition: UseDatabaseEncryption 1629 | Description: The alias of the encryption key created for RDS 1630 | Value: !Ref EncryptionKeyAlias 1631 | EFSCname: 1632 | Description: The cname of the EFS 1633 | Value: !If 1634 | - UseHostedZone 1635 | - !Ref EFSCname 1636 | - !Ref ElasticFileSystem 1637 | Export: { 1638 | Name: !Join ['', [!Ref 'AWS::StackName', '-EFSCname']] 1639 | } 1640 | CloudWatchDashboardURL: 1641 | Description: CloudWatch monitoring dashboard URL 1642 | Value: !GetAtt CloudWatchDashboard.Outputs.Dashboard 1643 | Condition: EnableCloudWatch 1644 | --------------------------------------------------------------------------------