Adding VPC template

tonynv · tonynv · commit b53ecd1ac942 · 2018-11-05T14:52:58.000-08:00
- Added inputs.json for (VPC + TM Deep Security Builds)
- Updated taskcat.yml to use VPC Builds
diff --git a/ci/defaults.json b/ci/defaults.json
@@ -1,6 +1,6 @@
 [{
     "ParameterKey": "KeyPairName",
-    "ParameterValue": "mykey"
+    "ParameterValue": "cikey"
 }, {
     "ParameterKey": "AWSVPC",
     "ParameterValue": "vpc-ae07a6cb"
@@ -22,4 +22,4 @@
 }, {
     "ParameterKey": "ProtectedInstances",
     "ParameterValue": "1-100"
-}]
+}]
diff --git a/ci/inputs.json b/ci/inputs.json
@@ -0,0 +1,18 @@
+[
+{
+    "ParameterKey": "KeyPairName",
+    "ParameterValue": "override"
+},
+{
+    "ParameterKey": "AvailabilityZones",
+    "ParameterValue": "$[taskcat_genaz_3]"
+},
+{
+    "ParameterKey": "DeepSecurityAdminPass",
+    "ParameterValue": "$[taskcat_genpass_8A]"
+},
+{
+    "ParameterKey": "ProtectedInstances",
+    "ParameterValue": "1-100"
+}
+]
diff --git a/ci/taskcat.yml b/ci/taskcat.yml
@@ -7,6 +7,6 @@ global:
     - us-east-1
   reporting: true
 tests:
-  defaults:
-    parameter_input: defaults.json
-    template_file: quickstart/trendmicro-deepsecurity-master.template
+  test-deepsec:
+    parameter_input: inputs.json
+    template_file: quickstart/trendmicro-deepsecurity-vpc.template
diff --git a/templates/quickstart/trendmicro-deepsecurity-vpc.template b/templates/quickstart/trendmicro-deepsecurity-vpc.template
@@ -2,39 +2,13 @@
 AWSTemplateFormatVersion: 2010-09-09
 Description: 'This template is used strictly for CI entrypoints. It is not designed to be launched outside of the CI/CD Pipeline of the AWS QuickStart Team'
 Parameters:
-  AWSKeyPairName:
+  KeyPairName:
     Description: Select an existing key pair to use for connecting to your Deep Security
       Manager Instance.
     Type: AWS::EC2::KeyPair::KeyName
     MinLength: '1'
     MaxLength: '255'
     ConstraintDescription: Select an existing EC2 Key Pair.
-  AWSVPC:
-    Description: Select an existing VPC to deploy Deep Security Manager.
-    Type: AWS::EC2::VPC::Id
-    MinLength: '1'
-    MaxLength: '255'
-    AllowedPattern: '[-_a-zA-Z0-9]*'
-  DatabaseSubnet1:
-    Description: Select a private subnet for the RDS database.  Must be a private
-      subnet contained the in VPC chosen above.
-    Type: AWS::EC2::Subnet::Id
-    ConstraintDescription: RDS Subnet Groups must be comprised of 2 subnets in seperate
-      availability zones within the specified VPC for deploying this template
-  DatabaseSubnet2:
-    Description: Select a second private subnet for the RDS database.  Must be a private
-      subnet contained the in VPC chosen above.
-    Type: AWS::EC2::Subnet::Id
-    ConstraintDescription: RDS Subnet Groups must be comprised of 2 subnets in seperate
-      availability zones within the specified VPC for deploying this template
-  DeepSecuritySubnet:
-    Description: Select an existing Subnet for Deep Security Manager. Must be a public
-      subnet contained the in VPC chosen above.
-    Type: AWS::EC2::Subnet::Id
-    MinLength: '1'
-    MaxLength: '255'
-    AllowedPattern: '[-_a-zA-Z0-9]*'
-    ConstraintDescription: Subnet ID must exist in the chosen VPC
   DeepSecurityAdminName:
     Default: MasterAdmin
     Description: The Deep Security Manager administrator username for Web Console
@@ -84,15 +58,10 @@ Parameters:
       forward slash (/).
     Type: String
   AvailabilityZones:
-  Description: List of Availability Zones to use for the subnets in the VPC. Three
-    Availability Zones are used for this deployment, and the logical order of your
-    selections is preserved.
-  Type: List<AWS::EC2::AvailabilityZone::Name>
-  KeyPairName:
-    Description: The name of an existing public/private key pair, which allows you
-      to securely connect to your instance after it launches
-    Type: AWS::EC2::KeyPair::KeyName
-Mappings:
+    Description: List of Availability Zones to use for the subnets in the VPC. Three
+      Availability Zones are used for this deployment, and the logical order of your
+      selections is preserved.
+    Type: List<AWS::EC2::AvailabilityZone::Name>
 Mappings:
   DSMSIZE:
     us-east-1:
@@ -283,60 +252,26 @@ Resources:
         AvailabilityZones: !Join [ ',', !Ref 'AvailabilityZones' ]
         KeyPairName: !Ref 'KeyPairName'
         NumberOfAZs: '3'
-  TrendMicroMaster:
+  TrendMicroQuickStart:
     Type: AWS::CloudFormation::Stack
     Condition: PerHostSupportedRegion
     Properties:
       TemplateURL:
         Fn::Sub:
-        - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}templates/marketplace/master-mp.template
+        - https://${QSS3BucketName}.${QSS3Region}.amazonaws.com/${QSS3KeyPrefix}templates/quickstart/trendmicro-deepsecurity-master.template
         - QSS3Region:
             !If
             - GovCloudCondition
             - s3-us-gov-west-1
             - s3
       Parameters:
-        AWSIKeyPairName: !Ref AWSKeyPairName
-        AWSIVPC: !Ref AWSVPC
-        DSISubnetID: !Ref DeepSecuritySubnet
-        DBIRDSInstanceSize:
-          !FindInMap
-          - RDSInstanceSize
-          - !Ref AWS::Region
-          - !FindInMap
-            - DeploymentSize
-            - !Ref ProtectedInstances
-            - Size
-        DBIStorageAllocation:
-          !FindInMap
-          - RDSStorageSize
-          - !Ref ProtectedInstances
-          - Size
-        DBPBackupDays: '5'
-        DBPCreateDbInstance: 'Yes'
-        DBICAdminName: dsmadmin
-        DBICAdminPassword: !Ref DeepSecurityAdminPass
-        DBPEngine: PostgreSQL
-        DBPEndpoint: ''
-        DBPName: dsm
-        DSCAdminName: !Ref DeepSecurityAdminName
-        DSCAdminPassword: !Ref DeepSecurityAdminPass
-        DSIMultiNode: '2'
-        DSIPLicenseKey: XX-XXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX
-        DSIPHeartbeatPort: '4120'
-        DSIPGUIPort: '443'
-        DSIPInstanceType:
-          !FindInMap
-          - DSMSIZE
-          - !Ref AWS::Region
-          - !FindInMap
-            - DeploymentSize
-            - !Ref ProtectedInstances
-            - Size
-        DBISubnet1: !Ref 'VPCStack.Outputs.PrivateSubnet1AID'
-        DBISubnet2: !Ref 'VPCStack.Outputs.PrivateSubnet2AID'
-        DSIPLicense: PerHost
-        DBPMultiAZ: 'true'
+        AWSKeyPairName: !Ref KeyPairName
+        AWSVPC: !GetAtt 'VPCStack.Outputs.VPCID'
+        DatabaseSubnet1: !GetAtt 'VPCStack.Outputs.PrivateSubnet1AID'
+        DatabaseSubnet2: !GetAtt 'VPCStack.Outputs.PrivateSubnet2AID'
+        DeepSecuritySubnet: !GetAtt 'VPCStack.Outputs.PublicSubnet1ID'
+        DeepSecurityAdminPass: !Ref DeepSecurityAdminPass
+        ProtectedInstances: !Ref ProtectedInstances
         QSS3BucketName: !Ref QSS3BucketName
         QSS3KeyPrefix: !Ref QSS3KeyPrefix
 Conditions:
@@ -349,4 +284,4 @@ Conditions:
     !Equals
     - !Ref AWS::Region
     - us-gov-west-1
-...
+
