Metadata: Description: Provides a Jira Application complete with EC2, ALB, and RDS AWS::CloudFormation::Interface: ParameterGroups: - Label: default: EC2 Instance Configuration Parameters: - InstanceType - KeyName - VPC - InstanceSubnet - Label: default: Operational Configuration Parameters: - JiraFoundationStack - JiraRDSStack Parameters: InstanceType: Type: String Description: The Instance type to use Default: 't2.micro' VPC: Type: 'AWS::EC2::VPC::Id' KeyName: Type: 'AWS::EC2::KeyPair::KeyName' Description: The SSH Keypair for the Jira Instances InstanceSubnet: Type: 'AWS::EC2::Subnet::Id' Description: The private subnet for the application JiraFoundationStack: Type: String Description: Name of the Jira foundation stack. Default: jira JiraRDSStack: Type: String Description: Name of the Jira RDS stack. Default: jira-rds

ServiceTag: Type: String Description: Exact name of the Service as defined in the service catalog. EnvironmentTag: Type: String Description: Used to distinguish between development, test, production,etc. environment types. AllowedValues: [dev, tst, prd, trn, stg, cfg, sup, rpt] Default: dev ContactNetidTag: Type: String Description: Used to identify the netid of the person most familiar with the usage of the resource. Default: mhirst AccountNumberTag: Type: String Description: Identifies the financial system account number. SubAccountNumberTag: Type: String Description: Identifies the sub account which is not a number. TicketNumberTag: Type: String Description: Used to identify the Jira, Cherwell, or other ticketing system ticket number to link to more information about the need for the resource. Mappings: RegionMap: us-east-1: "AMIID": "ami-c481fad3" us-west-1: "AMIID": "ami-de347abe" us-west-2: "AMIID": "ami-b04e92d0" eu-west-1: "AMIID": "ami-d41d58a7" Resources: InstanceSG: Type: 'AWS::EC2::SecurityGroup' Properties: GroupDescription: 'Allow traffic to Bootstrap Instance' VpcId: !Ref VPC SecurityGroupIngress: - CidrIp: "0.0.0.0/0" IpProtocol: "tcp" FromPort: "22" ToPort: "22" EFSIngress: Type: AWS::EC2::SecurityGroupIngress Properties: GroupId: Fn::ImportValue: !Sub "${JiraFoundationStack}-efs-sg" IpProtocol: tcp FromPort: '2049' ToPort: '2049' SourceSecurityGroupId: !Ref InstanceSG DBIngress: Type: AWS::EC2::SecurityGroupIngress Properties: GroupId: Fn::ImportValue: !Sub "${JiraRDSStack}-dbsecuritygroup" IpProtocol: tcp FromPort: '3306' ToPort: '3306' SourceSecurityGroupId: !Ref InstanceSG EC2Role: Type: 'AWS::IAM::Role' Properties: AssumeRolePolicyDocument: Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - 'sts:AssumeRole' Path: / Policies: - PolicyName: s3-access PolicyDocument: Statement: - Effect: Allow Action: - 's3:*' Resource: !Sub - "arn:aws:s3:::${S3Bucket}*" - S3Bucket: Fn::ImportValue: !Sub "${JiraFoundationStack}-jirabucket" - PolicyName: logs-access PolicyDocument: Statement: - Effect: Allow Action: - 'logs:CreateLogStream' - 'logs:PutLogEvents' Resource: '*' EC2InstanceProfile: Type: 'AWS::IAM::InstanceProfile' Properties: Path: / Roles: - !Ref EC2Role JiraInstance: Type: "AWS::EC2::Instance" Properties: Tags: - Key: Name Value: JiraBootstrap - Key: service Value: !Ref ServiceTag - Key: environment Value: !Ref EnvironmentTag - Key: contactnetid Value: !Ref ContactNetidTag - Key: accountnumber Value: !Ref AccountNumberTag - Key: subaccountnumber Value: !Ref SubAccountNumberTag - Key: ticketnumber Value: !Ref TicketNumberTag InstanceType: !Ref InstanceType IamInstanceProfile: !Ref EC2InstanceProfile KeyName : !Ref KeyName ImageId : !FindInMap [ RegionMap, !Ref "AWS::Region" , AMIID ] SecurityGroupIds: - !Ref InstanceSG SubnetId: !Ref InstanceSubnet UserData : Fn::Base64: !Sub - | #!/bin/bash -e yum update -y yum install mysql -y mkdir -p /efs/jira echo "${efsid}.efs.${AWS::Region}.amazonaws.com:/ /efs/jira nfs4 nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 0 0" >> /etc/fstab mount -a -t nfs4 - efsid: Fn::ImportValue: !Sub "${JiraFoundationStack}-fs-id" Outputs: JiraInstance: Description: Private IP Address Value: !GetAtt JiraInstance.PrivateIp