Skip to content

Commit

Permalink
Merge pull request #3 from atangirala/master
Browse files Browse the repository at this point in the history 
Modified templates as per feedback provided
  • Loading branch information
@dowen12
dowen12 authored May 28, 2019
2 parents 4a8b43b + 80f30de commit c13203a
Show file tree
Hide file tree
Showing 2 changed files with 175 additions and 43 deletions.
110 changes: 88 additions & 22 deletions templates/quickstart-ct-clickstream-analytics-master.template
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ Metadata:
- Label:
default: Amazon elasticsearch configuration
Parameters:
- ESDomainName
- ESVersion
- ESClusterInstanceCount
- ESInstanceType
Expand Down Expand Up @@ -160,6 +161,8 @@ Metadata:
default: Index name
ESType:
default: Type name
ESDomainName:
default: Elasticsearch domain name
ESVersion:
default: Amazon ES version
ESIndexRotation:
Expand All @@ -177,7 +180,7 @@ Metadata:
Parameters:
ESClusterInstanceCount:
Type: String
Description: Number of data nodes for cluster. Select even number of data nodes if Zone awareness is enabled
Description: For two availability zones, you must choose instances in multiples of two
Default: 1
ESInstanceType:
Type: String
Expand Down Expand Up @@ -261,7 +264,7 @@ Parameters:
Default: m4.large.elasticsearch
DedicatedMasterCount:
Type: String
Description: Number of dedicated masters to run. Leave this field to default if DedicatedMasterForCluster parameter is set to true
Description: Number of dedicated masters to run. Leave this field to default for not to have a dedicated master instances
AllowedValues:
- 0
- 3
Expand Down Expand Up @@ -552,6 +555,9 @@ Parameters:
- 'yes'
- 'no'
Default: 'no'
ESDomainName:
Description: User defined elasticsearch domain name
Type: String
ESVersion:
Description: User defined elasticsearch version
Type: String
Expand Down Expand Up @@ -1329,6 +1335,7 @@ Resources:
ESDomain:
Type: AWS::Elasticsearch::Domain
Properties:
DomainName: !Ref 'ESDomainName'
ElasticsearchVersion: !Ref ESVersion
ElasticsearchClusterConfig:
DedicatedMasterEnabled: !If [HasDedicatedMasterNodes, true, false]
Expand All @@ -1349,7 +1356,7 @@ Resources:
Statement:
-
Principal:
AWS: "*"
AWS: !Sub "arn:aws:iam::${AWS::AccountId}:root"
Action:
- "es:ESHttpGet"
- "es:ESHttpPut"
Expand All @@ -1360,7 +1367,7 @@ Resources:
IpAddress:
aws:SourceIp:
- Ref: RemoteAccessCIDR
Resource: "arn:aws:es:*"
Resource: !Sub 'arn:aws:es:${AWS::Region}:${AWS::AccountId}:domain/${ESDomainName}/*'
AdvancedOptions:
rest.action.multi.allow_explicit_index: 'true'
indices.fielddata.cache.size: '100'
Expand Down Expand Up @@ -1451,15 +1458,15 @@ Resources:
- ':'
- !Ref 'AWS::AccountId'
- :domain/
- !Ref 'ESDomain'
- !Ref 'ESDomainName'
- !Join
- ''
- - 'arn:aws:es:'
- !Ref 'AWS::Region'
- ':'
- !Ref 'AWS::AccountId'
- :domain/
- !Ref 'ESDomain'
- !Ref 'ESDomainName'
- /*
- Sid: ''
Effect: Allow
Expand Down Expand Up @@ -1730,13 +1737,13 @@ Resources:
Prefix: RedshiftDelivery/
Username: !Ref 'MasterUser'

NotificationTopic:
AppNotificationTopic:
Type: AWS::SNS::Topic
Properties:
Subscription:
- Endpoint: !Ref 'OperatorEMail'
Protocol: email
NotificationTopicPolicy:
AppNotificationTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
PolicyDocument:
Expand All @@ -1747,9 +1754,9 @@ Resources:
Service:
- events.amazonaws.com
Action: sns:Publish
Resource: !Ref NotificationTopic
Resource: !Ref AppNotificationTopic
Topics:
- !Ref NotificationTopic
- !Ref AppNotificationTopic
AppServerGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Condition: isDemon
Expand All @@ -1774,7 +1781,7 @@ Resources:
TargetGroupARNs:
- !Ref TargetGroupPublic
NotificationConfiguration:
TopicARN: !Ref 'NotificationTopic'
TopicARN: !Ref 'AppNotificationTopic'
NotificationTypes:
- autoscaling:EC2_INSTANCE_LAUNCH
- autoscaling:EC2_INSTANCE_LAUNCH_ERROR
Expand Down Expand Up @@ -1945,7 +1952,7 @@ Resources:
TargetGroupARNs:
- !Ref TargetGroupPublic
NotificationConfiguration:
TopicARN: !Ref 'NotificationTopic'
TopicARN: !Ref 'AppNotificationTopic'
NotificationTypes:
- autoscaling:EC2_INSTANCE_LAUNCH
- autoscaling:EC2_INSTANCE_LAUNCH_ERROR
Expand Down Expand Up @@ -2287,7 +2294,33 @@ Resources:
Resource: !Ref BastionNotificationTopic
Topics:
- !Ref BastionNotificationTopic
KinesisAnalyticsRole:
ESAnalyticsRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: kinesisanalytics.amazonaws.com
Action: "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: Open
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "firehose:DescribeDeliveryStream"
- "firehose:Get*"
- "firehose:PutRecordBatch"
- "firehose:PutRecord"
- "firehose:DescribeDeliveryStream"
- "es:*"
- "kinesis:*"
Resource: !GetAtt FIrehoseToElasticsearch.Arn
RSAnalyticsRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Expand All @@ -2304,8 +2337,41 @@ Resources:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action: "*"
Resource: "*"
Action:
- "firehose:DescribeDeliveryStream"
- "firehose:Get*"
- "firehose:PutRecordBatch"
- "firehose:PutRecord"
- "firehose:DescribeDeliveryStream"
- "redshift:*"
- "kinesis:*"
Resource: !GetAtt FIrehoseToRedshift.Arn
S3AnalyticsRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: kinesisanalytics.amazonaws.com
Action: "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: Open
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "firehose:DescribeDeliveryStream"
- "firehose:Get*"
- "firehose:PutRecordBatch"
- "firehose:PutRecord"
- "firehose:DescribeDeliveryStream"
- "s3:*"
- "kinesis:*"
Resource: !GetAtt FIrehoseToS3.Arn
ESCloudwatchLogsGroup:
Type: AWS::Logs::LogGroup
Properties:
Expand Down Expand Up @@ -2352,7 +2418,7 @@ Resources:
RecordRowPath: "$"
KinesisFirehoseInput:
ResourceARN: !GetAtt FIrehoseToElasticsearch.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt ESAnalyticsRole.Arn
BasicApplicationOutputs:
Type: AWS::KinesisAnalytics::ApplicationOutput
DependsOn: BasicApplication1
Expand All @@ -2364,7 +2430,7 @@ Resources:
RecordFormatType: "CSV"
KinesisFirehoseOutput:
ResourceARN: !GetAtt FIrehoseToElasticsearch.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt ESAnalyticsRole.Arn
BasicApplication2:
Type: AWS::KinesisAnalytics::Application
Properties:
Expand All @@ -2384,7 +2450,7 @@ Resources:
RecordRowPath: "$"
KinesisFirehoseInput:
ResourceARN: !GetAtt FIrehoseToRedshift.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt RSAnalyticsRole.Arn
SecondBasicApplicationOutputs:
Type: AWS::KinesisAnalytics::ApplicationOutput
DependsOn: BasicApplication2
Expand All @@ -2396,7 +2462,7 @@ Resources:
RecordFormatType: "CSV"
KinesisFirehoseOutput:
ResourceARN: !GetAtt FIrehoseToRedshift.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt RSAnalyticsRole.Arn
BasicApplication3:
Type: AWS::KinesisAnalytics::Application
Properties:
Expand All @@ -2416,7 +2482,7 @@ Resources:
RecordRowPath: "$"
KinesisFirehoseInput:
ResourceARN: !GetAtt FIrehoseToS3.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt S3AnalyticsRole.Arn
ThirdBasicApplicationOutputs:
Type: AWS::KinesisAnalytics::ApplicationOutput
DependsOn: BasicApplication3
Expand All @@ -2428,7 +2494,7 @@ Resources:
RecordFormatType: "CSV"
KinesisFirehoseOutput:
ResourceARN: !GetAtt FIrehoseToS3.Arn
RoleARN: !GetAtt KinesisAnalyticsRole.Arn
RoleARN: !GetAtt S3AnalyticsRole.Arn

Outputs:
AppSecurityGroup:
Expand All @@ -2440,7 +2506,7 @@ Outputs:
S3DeliveryStream:
Value: !Ref FIrehoseToS3
ElasticSearchDomainName:
Value: !Ref ESDomain
Value: !Ref ESDomainName
ElasticSearchDomainEndpoint:
Value: !GetAtt ESDomain.DomainEndpoint
ElasticSearchDeliveryStream:
Expand Down
Loading

0 comments on commit c13203a

Please sign in to comment.