Fix comments

Yarkrn · Yarkrn · commit fbc17f0de132 · 2025-09-18T16:59:37.000+03:00
diff --git a/Management-Utilities/ec2-user-data-iscsi-create-and-mount/EC2-cloud_formation.yaml b/Management-Utilities/ec2-user-data-iscsi-create-and-mount/EC2-cloud_formation.yaml
@@ -1,5 +1,76 @@
+
 AWSTemplateFormatVersion: '2010-09-09'
-Description: Launch EC2 instance with user data script downloaded from S3 and dynamic parameters
+Description: Launch EC2 instance with user data script downloaded from Github and dynamic parameters
+Metadata:
+  AWS::CloudFormation::Interface:
+    ParameterGroups:
+      - Label:
+          default: "EC2 Configuration"
+        Parameters:
+          - OperationSystem
+          - InstanceType
+          - InstanceName
+          - KeyName
+          - ImageId
+          - VpcId
+          - SubnetId
+          - ManagedPolicyArn
+      - Label:
+          default: "FSxN Configuration"
+        Parameters:
+          - SecretName
+          - AWSRegion
+          - ManagementEndpointIP
+          - VolumeName
+          - VolumeSize
+          - SvmName
+          - DriveLetter
+      - Label:
+          default: "Networking"
+        Parameters:
+          - CidrIp
+      - Label:
+          default: "User Data Scripts"
+        Parameters:
+          - LinuxUserDataUrl
+          - WindowsUserDataUrl
+    ParameterLabels:
+      OperationSystem:
+        default: "Operating System"
+      InstanceType:
+        default: "Instance Type"
+      InstanceName:
+        default: "Instance Name"
+      KeyName:
+        default: "Key Pair Name"
+      ImageId:
+        default: "AMI ID"
+      VpcId:
+        default: "VPC ID"
+      SubnetId:
+        default: "Subnet ID"
+      SecretName:
+        default: "AWS Secret Name"
+      AWSRegion:
+        default: "AWS Region"
+      ManagementEndpointIP:
+        default: "Management Endpoint IP"
+      VolumeName:
+        default: "Volume Name"
+      VolumeSize:
+        default: "Volume Size (GiB)"
+      SvmName:
+        default: "SVM Name"
+      DriveLetter:
+        default: "Drive Letter (Windows Only)"
+      CidrIp:
+        default: "CIDR IP for SSH/RDP Access"
+      LinuxUserDataUrl:
+        default: "Linux User Data Script URL"
+      WindowsUserDataUrl:
+        default: "Windows User Data Script URL"
+      ManagedPolicyArn:
+        default: "IAM Managed Policy ARN"
 
 Parameters:
   OperationSystem:
@@ -9,7 +80,7 @@ Parameters:
       - Windows
   InstanceType:
     Type: String
-    Default: t3.micro
+    Default: t3.large
     Description: EC2 instance type
   InstanceName:
     Type: String
@@ -20,6 +91,9 @@ Parameters:
   ImageId:
     Type: AWS::EC2::Image::Id
     Description: AMI ID for the instance
+    AllowedValues:
+        - ami-0b09ffb6d8b58ca91 # Amazon Linux 2023 Kernel-6.1 AMI (us-east-1)
+        - ami-0e3c2921641a4a215 # Microsoft Windows Server 2025 Base (us-east-1)
   VpcId:
     Type: AWS::EC2::VPC::Id
     Description: VPC ID
@@ -31,10 +105,10 @@ Parameters:
     Description: Aws Secret name
   AWSRegion:
     Type: String
-    Description: AWS Region
-  FSxNAdminIp:
+    Description: AWS Secret region(in which you have yours secret)
+  ManagementEndpointIP :
     Type: String
-    Description: FSxN Admin IP
+    Description: Management endpoint IP Address of your FSxN
   VolumeName:
     Type: String
     Description: Volume Name
@@ -51,7 +125,6 @@ Parameters:
     Description: Drive Letter - valid for Windows only
   CidrIp:
     Type: String
-    Default: 0.0.0.0/0 # For testing; restrict to your IP for production
     Description: CIDR IP for SSH access to the instance
   LinuxUserDataUrl:
     Type: String
@@ -61,11 +134,13 @@ Parameters:
     Type: String
     Default: https://raw.githubusercontent.com/NetApp/FSx-ONTAP-samples-scripts/refs/heads/main/Management-Utilities/ec2-user-data-iscsi-create-and-mount/windows_userData.ps1
     Description: URL to Windows user data script
-
+  ManagedPolicyArn:
+    Type: String
+    Description: IAM managed policy ARN to attach to the EC2 instance role
 Conditions:
   IsLinux: !Equals [ !Ref OperationSystem, "Linux" ]
   IsWindows: !Equals [ !Ref OperationSystem, "Windows" ]
-
+  
 Resources:
   EC2InstanceSecurityGroup: 
     Type: AWS::EC2::SecurityGroup
@@ -75,13 +150,13 @@ Resources:
       SecurityGroupIngress:
         - IpProtocol: tcp
           FromPort: !If
-          - IsLinux
-          - 22
-          - 3389
+            - IsLinux
+            - 22
+            - 3389
           ToPort: !If
-          - IsLinux
-          - 22
-          - 3389
+            - IsLinux
+            - 22
+            - 3389
           CidrIp: !Ref CidrIp
   EC2InstanceRole:
     Type: AWS::IAM::Role
@@ -95,7 +170,7 @@ Resources:
             Action: sts:AssumeRole
       Path: /
       ManagedPolicyArns:
-        - arn:aws:iam::aws:policy/SecretsManagerReadWrite
+        - !Ref ManagedPolicyArn
 
   EC2InstanceProfile:
     Type: AWS::IAM::InstanceProfile
@@ -116,19 +191,19 @@ Resources:
         - Key: Name
           Value: !Ref InstanceName
       UserData: !If
-          - IsLinux
-          - Fn::Base64: !Sub |
-              #!/bin/bash
-              curl -o /tmp/userdata-script.sh ${LinuxUserDataUrl}
-              chmod +x /tmp/userdata-script.sh
-              # Pass parameters to the script
-              /tmp/userdata-script.sh "${SecretName}" "${AWSRegion}" "${FSxNAdminIp}" "${VolumeName}" "${VolumeSize}" "${SvmName}"
-          - Fn::Base64: !Sub |
-              <powershell>
-              Invoke-WebRequest -Uri ${WindowsUserDataUrl} -OutFile C:\userdata-script.ps1
-              (Get-Content 'C:\userdata-script.ps1') | Where-Object { $_ -notmatch '^<powershell>$|^</powershell>$' } | Set-Content 'C:\userdata-script.ps1'
-              powershell.exe -ExecutionPolicy Bypass -File C:\userdata-script.ps1 -SecretIdParam "${SecretName}" -FSxNAdminIpParam "${FSxNAdminIp}" -VolumeNameParam "${VolumeName}" -VolumeSizeParam "${VolumeSize}" -DriveLetterParam "${DriveLetter}" -SvmNameParam "${SvmName}"
-              </powershell>
+        - IsLinux
+        - Fn::Base64: !Sub |
+            #!/bin/bash
+            curl -o /tmp/userdata-script.sh ${LinuxUserDataUrl}
+            chmod +x /tmp/userdata-script.sh
+            # Pass parameters to the script
+            /tmp/userdata-script.sh "${SecretName}" "${AWSRegion}" "${ManagementEndpointIP }" "${VolumeName}" "${VolumeSize}" "${SvmName}"
+        - Fn::Base64: !Sub |
+            <powershell>
+            Invoke-WebRequest -Uri ${WindowsUserDataUrl} -OutFile C:\userdata-script.ps1
+            (Get-Content 'C:\userdata-script.ps1') | Where-Object { $_ -notmatch '^<powershell>$|^</powershell>$' } | Set-Content 'C:\userdata-script.ps1'
+            powershell.exe -ExecutionPolicy Bypass -File C:\userdata-script.ps1 -SecretIdParam "${SecretName}" -FSxNAdminIpParam "${ManagementEndpointIP }" -VolumeNameParam "${VolumeName}" -VolumeSizeParam "${VolumeSize}" -DriveLetterParam "${DriveLetter}" -SvmNameParam "${SvmName}"
+            </powershell>
 Outputs:
   InstanceId:
     Description: EC2 Instance ID
