From f8786f0c318226a92c5320ff8dd9d07ca41711e5 Mon Sep 17 00:00:00 2001 From: Michael Bloch Date: Mon, 30 Nov 2020 13:58:38 +1100 Subject: [PATCH] Removed deprecated configuration parameters #371 (#419) Removed deprecated configuration parameters #371 --- CHANGELOG.md | 3 + conf/ansible/inventory/group_vars/apps.yaml | 7 -- docs/configuration.md | 9 +- .../playbooks/apps/aem/full-set/main.yaml | 28 +++--- .../apps/aem/full-set/author-dispatcher.yaml | 59 ------------- .../apps/aem/full-set/author.yaml | 86 ------------------- .../apps/aem/full-set/chaos-monkey.yaml | 45 ---------- .../apps/aem/full-set/main-c.yaml | 78 ++++++----------- .../apps/aem/full-set/main.yaml | 80 +++++------------ .../apps/aem/full-set/orchestrator.yaml | 62 ------------- .../apps/aem/full-set/publish-dispatcher.yaml | 61 ------------- .../apps/aem/full-set/publish.yaml | 61 ------------- 12 files changed, 68 insertions(+), 511 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d0ba8be6..08009e28 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -20,6 +20,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Fix Network component playbook - Fix AEM jvm_opts default value +### Removed +- Removed deprecated configuration parameters [#371] + ## 4.41.0 - 2020-06-15 ### Added - Added configurable ttl value for Switch-DNS function. [#411] diff --git a/conf/ansible/inventory/group_vars/apps.yaml b/conf/ansible/inventory/group_vars/apps.yaml index 19702eae..f80e1ae7 100644 --- a/conf/ansible/inventory/group_vars/apps.yaml +++ b/conf/ansible/inventory/group_vars/apps.yaml @@ -279,7 +279,6 @@ publish_dispatcher: instance_type: t2.small root_vol_size: 20 data_vol_size: 20 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" enable_random_termination: true elb_health_check: HTTPS:443/system/health?tags=shallow elb_scheme: internet-facing @@ -302,7 +301,6 @@ publish: instance_type: m3.large root_vol_size: 20 data_vol_size: 75 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" enable_random_termination: true asg_min_size: 2 asg_desired_capacity: 2 @@ -315,7 +313,6 @@ author: instance_type: m3.large root_vol_size: 20 data_vol_size: 75 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" elb_health_check: HTTPS:5432/system/health?tags=shallow author_dispatcher: @@ -323,7 +320,6 @@ author_dispatcher: instance_type: t2.small root_vol_size: 20 data_vol_size: 20 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" enable_random_termination: true elb_health_check: HTTPS:443/system/health?tags=shallow asg_min_size: 2 @@ -337,7 +333,6 @@ author_publish_dispatcher: instance_type: m4.xlarge root_vol_size: 20 data_vol_size: 20 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" associate_public_ip_address: true orchestrator: @@ -345,7 +340,6 @@ orchestrator: instance_type: t2.small root_vol_size: 20 data_vol_size: 20 - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" enable_random_termination: true chaos_monkey: @@ -353,7 +347,6 @@ chaos_monkey: instance_type: t2.small root_vol_size: 20 include_stack: true - enable_vol_encryption: "{{ aws.encryption.ebs_volume.enable }}" enable_random_termination: true termination_settings: calendar_open_hour: '9' diff --git a/docs/configuration.md b/docs/configuration.md index 0ab8439d..24a6a340 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -18,7 +18,7 @@ These configurations are applicable to both network and AEM application infrastr | aws.cloudwatch.log_subscription_arn | The ARN of the AEM Stack Manager Lambda `cloudwatch logs s3 stream` function. | Optional | `` | | aws.cloudwatch.enable_cloudwatch_cleanup | This flag controls if all Cloudwatch Loggroups belonging to the AEM stack should get removed while deleting the AEM Stack. | Optional | `false` | | aws.encryption.ebs_volume.enable | Enable/disable EBS volume encryption. | Optional | `true` | -| aws.encryption.ebs_volume.kms_key_id | Use to encrypt the EBS Volume with. Configuration `aws.encryption.ebs_volume.enable` needs to be set to true. Valid values are described [here](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html#cfn-ec2-ebs-volume-kmskeyid) | Optional | None | +| aws.encryption.ebs_volume.kms_key_id | Provide the KMS Key ID which was used to encrypt the EBS Volumes of the Source AMI. Configuration `aws.encryption.ebs_volume.enable` needs to be set to true. Valid values are described [here](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-ebs-volume.html#cfn-ec2-ebs-volume-kmskeyid). Mandatory if source Volumes are encrypted and configuration parameter `aws.encryption.ebs_volume.managed_policy_arn` is not set, so permissions for accessing the key can be granted for the AEM Stack. | Optional | None | | aws.encryption.ebs_volume.managed_policy_arn | Managed policy arn with permissions to access the CMK defined in the configuration parameter `aws.encryption.ebs_volume.kms_key_id`. If no managed policy is defined permissions for the instance profiles for accessing the CMK key is set via grants. | Optional(permission-type b) | None | | aws.encryption.dynamo_db.kms_key_id | If provided AEM Stack Manager DynamoDB table uses this key for SSE encryption.| Optional | None | | aws.encryption.dynamo_db.managed_policy_arn | Managed policy arn with permissions to access the CMK defined in the configuration parameter `aws.encryption.dynamo_db.kms_key_id`. If no managed policy is defined, permissions for the AEM Stack Manager instance profiles for accessing the CMK key is set via grants. | Optional(permission-type b) | None | @@ -185,7 +185,6 @@ These configurations are applicable to the components used within AEM Full-Set a | publish_dispatcher.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `publish-dispatcher` component instances. | Optional | `t2.small` | | publish_dispatcher.root_vol_size | The root volume size in Gb of `publish-dispatcher` component instances. | Optional | `20` | | publish_dispatcher.data_vol_size | The data volume size in Gb of `publish-dispatcher` component instances. | Optional | `20` | -| publish_dispatcher.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | publish_dispatcher.asg_desired_capacity | The desired number of `publish-dispatcher` component instances. | Optional | `2` | | publish_dispatcher.asg_min_size | The minimum number of `publish-dispatcher` component instances. | Optional | `2` | | publish_dispatcher.asg_max_size | The maximum number of `publish-dispatcher` component instances. | Optional | `2` | @@ -201,7 +200,6 @@ These configurations are applicable to the components used within AEM Full-Set a | publish.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `publish` component instances. | Optional | `m3.large` | | publish.root_vol_size | The root volume size in Gb of `publish` component instances. | Optional | `20` | | publish.data_vol_size | The data volume size in Gb of `publish` component instances. | Optional | `75` | -| publish.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | publish.asg_desired_capacity | The desired number of `publish` component instances. | Optional | `2` | | publish.asg_min_size | The minimum number of `publish` component instances. | Optional | `2` | | publish.asg_max_size | The maximum number of `publish` component instances. | Optional | `2` | @@ -212,13 +210,11 @@ These configurations are applicable to the components used within AEM Full-Set a | author.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `author` component instances. | Optional | `m3.large` | | author.root_vol_size | The root volume size in Gb of `author` component instances. | Optional | `20` | | author.data_vol_size | The data volume size in Gb of `author` component instances. | Optional | `75` | -| author.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | author_dispatcher.elb_health_check | The health check to be performed on the ELB sitting in front of `author-dispatcher` component. | Optional | `HTTPS:5432/system/health?tags=shallow` | | author_dispatcher.instance_profile | ARN of the IAM instance profile to be used on `author_dispatcher` component. | Mandatory for instance profile exports stack, ignore this for other stacks. | | | author_dispatcher.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `author_dispatcher` component instances. | Optional | `t2.small` | | author_dispatcher.root_vol_size | The root volume size in Gb of `author_dispatcher` component instances. | Optional | `20` | | author_dispatcher.data_vol_size | The data volume size in Gb of `author_dispatcher` component instances. | Optional | `20` | -| author_dispatcher.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | author_dispatcher.asg_desired_capacity | The desired number of `author_dispatcher` component instances. | Optional | `2` | | author_dispatcher.asg_min_size | The minimum number of `author_dispatcher` component instances. | Optional | `2` | | author_dispatcher.asg_max_size | The maximum number of `author_dispatcher` component instances. | Optional | `2` | @@ -230,18 +226,15 @@ These configurations are applicable to the components used within AEM Full-Set a | author_publish_dispatcher.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `author_publish_dispatcher` component instances. | Optional | `m4.xlarge` | | author_publish_dispatcher.root_vol_size | The root volume size in Gb of `author_publish_dispatcher` component instances. | Optional | `20` | | author_publish_dispatcher.data_vol_size | The data volume size in Gb of `author_publish_dispatcher` component instances. | Optional | `20` | -| author_publish_dispatcher.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | author_publish_dispatcher.associate_public_ip_address | If true, then a public IP address will be associated to the `author-publish-dispatcher` instance. | Optional | `true` | | orchestrator.instance_profile | ARN of the IAM instance profile to be used on `orchestrator` component. | Mandatory for instance profile exports stack, ignore this for other stacks. | | | orchestrator.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `orchestrator` component instances. | Optional | `t2.small` | | orchestrator.root_vol_size | The root volume size in Gb of `orchestrator` component instances. | Optional | `20` | | orchestrator.data_vol_size | The data volume size in Gb of `orchestrator` component instances. | Optional | `20` | -| orchestrator.enable_vol_encryption | Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | orchestrator.enable_random_termination | If true, Chaos Monkey will attempt to randomly terminate an EC2 instance within this component's AutoScalingGroup. | Optional | `true` | | chaos_monkey.instance_profile | ARN of the IAM instance profile to be used on `chaos_monkey` component. | Mandatory for instance profile exports stack, ignore this for other stacks. | | | chaos_monkey.instance_type | The [EC2 instance type](https://aws.amazon.com/ec2/instance-types/) of `chaos_monkey` component instances. | Optional | `t2.small` | | chaos_monkey.root_vol_size | The root volume size in Gb of `chaos_monkey` component instances. | Optional | `20` | -| chaos_monkey.enable_vol_encryption Replaced with the configuration parameter aws.encryption.ebs_volume.enable . | Deprecated | `true` | | chaos_monkey.include_stack | If true, `chaos-monkey` component will be included in the created AEM environment. If false, then the environment won't have `chaos-monkey` component. | Optional | `true` | | chaos_monkey.termination_settings.calendar_open_hour | Chaos Monkey [setting](https://github.com/Netflix/SimianArmy/wiki/Global-Settings#simianarmycalendaropenhour) specifying the starting hour of the day when Chaos Monkey starts operating. | Optional | `9` | | chaos_monkey.termination_settings.calendar_close_hour | Chaos Monkey [setting](https://github.com/Netflix/SimianArmy/wiki/Global-Settings#simianarmycalendarclosehour) specifying the ending hour of the day when Chaos Monkey starts operating. | Optional | `15` | diff --git a/provisioners/ansible/playbooks/apps/aem/full-set/main.yaml b/provisioners/ansible/playbooks/apps/aem/full-set/main.yaml index ea667c8d..810dd8b6 100644 --- a/provisioners/ansible/playbooks/apps/aem/full-set/main.yaml +++ b/provisioners/ansible/playbooks/apps/aem/full-set/main.yaml @@ -24,7 +24,7 @@ PrerequisitesStackPrefixParameter: "{{ prerequisites_stack_prefix }}" MainStackPrefixParameter: "{{ stack_prefix }}" NetworkStackPrefixParameter: "{{ network_stack_prefix }}" - AWSEncryptionParameters: "{{ aws.encryption.ebs_volume.enable | lower }}, {{ aws.encryption.ebs_volume.kms_key_id }}" + EnableVolumeEncryptionParameter: "{{ aws.encryption.ebs_volume.enable | lower }}" ComputeKeyPairNameParameter: "{{ compute.key_pair_name }}" ELBCipherSuiteParameter: "{{ compute.elb_cipher_suite }}" DataBucketNameParameter: "{{ s3.data_bucket_name }}" @@ -32,12 +32,12 @@ AuthorLoadBalancerHealthCheckTargetParameter: "{{ author.elb_health_check }}" AuthorImageParameter: "{{ ami_ids.author }}" AuthorInstanceTypeParameter: "{{ author.instance_type }}" - AuthorVolParameter: "{{ author.root_vol_size }}, {{ author.data_vol_size }}, {{ snapshots.author.data_vol_snapshot_id }}, {{ snapshots.author.use_data_vol_snapshot | lower }}, {{ author.enable_vol_encryption | lower }}" + AuthorVolParameter: "{{ author.root_vol_size }}, {{ author.data_vol_size }}, {{ snapshots.author.data_vol_snapshot_id }}, {{ snapshots.author.use_data_vol_snapshot | lower }}" PublishImageParameter: "{{ ami_ids.publish }}" PublishInstanceTypeParameter: "{{ publish.instance_type }}" PublishASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" PublishASGConfigurationParameters: "{{ publish.asg_max_size }}, {{ publish.asg_min_size }}, {{ publish.asg_desired_capacity }}, {{ publish.asg_health_check_grace_period }}, {{ publish.asg_cooldown }}" - PublishVolParameter: "{{ publish.root_vol_size }}, {{ publish.data_vol_size }}, {{ snapshots.publish.data_vol_snapshot_id }}, {{ snapshots.publish.use_data_vol_snapshot | lower }}, {{ publish.enable_vol_encryption | lower }}" + PublishVolParameter: "{{ publish.root_vol_size }}, {{ publish.data_vol_size }}, {{ snapshots.publish.data_vol_snapshot_id }}, {{ snapshots.publish.use_data_vol_snapshot | lower }}" PublishDispatcherLoadBalancerHealthCheckTargetParameter: "{{ publish_dispatcher.elb_health_check }}" PublishDispatcherLoadBalancerSchemeParameter: "{{ publish_dispatcher.elb_scheme }}" PublishDispatcherImageParameter: "{{ ami_ids.publish_dispatcher }}" @@ -45,22 +45,22 @@ PublishDispatcherASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" PublishDispatcherASGConfigurationParameters: "{{ publish_dispatcher.asg_max_size }}, {{ publish_dispatcher.asg_min_size }}, {{ publish_dispatcher.asg_desired_capacity }}, {{ publish_dispatcher.asg_health_check_grace_period }}, {{ publish_dispatcher.asg_cooldown }}" PublishDispatcherASGCPUScalingParameters: "{{ publish_dispatcher.asg_cpu_scaling_threshold }}, {{ publish_dispatcher.asg_cpu_high_period }}, {{ publish_dispatcher.asg_cpu_high_eval_period }}, {{ publish_dispatcher.asg_cpu_low_period }}, {{ publish_dispatcher.asg_cpu_low_eval_period }}, {{ publish_dispatcher.asg_cpu_high_scaling_cooldown }}, {{ publish_dispatcher.asg_cpu_low_scaling_cooldown }}" - PublishDispatcherVolParameter: "{{ publish_dispatcher.root_vol_size }}, {{ publish_dispatcher.data_vol_size }}, {{ publish_dispatcher.enable_vol_encryption | lower }}, {{ snapshots.publish_dispatcher.data_vol_snapshot_id }}, {{ snapshots.publish_dispatcher.use_data_vol_snapshot | lower }}" + PublishDispatcherVolParameter: "{{ publish_dispatcher.root_vol_size }}, {{ publish_dispatcher.data_vol_size }}, {{ snapshots.publish_dispatcher.data_vol_snapshot_id }}, {{ snapshots.publish_dispatcher.use_data_vol_snapshot | lower }}" AuthorDispatcherLoadBalancerHealthCheckTargetParameter: "{{ author_dispatcher.elb_health_check }}" AuthorDispatcherImageParameter: "{{ ami_ids.author_dispatcher }}" AuthorDispatcherInstanceTypeParameter: "{{ author_dispatcher.instance_type }}" AuthorDispatcherASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" AuthorDispatcherASGConfigurationParameters: "{{ author_dispatcher.asg_max_size }}, {{ author_dispatcher.asg_min_size }}, {{ author_dispatcher.asg_desired_capacity }}, {{ author_dispatcher.asg_health_check_grace_period }}, {{ author_dispatcher.asg_cooldown }}" - AuthorDispatcherVolParameter: "{{ author_dispatcher.root_vol_size }}, {{ author_dispatcher.data_vol_size }}, {{ author_dispatcher.enable_vol_encryption | lower }}, {{ snapshots.author_dispatcher.data_vol_snapshot_id }}, {{ snapshots.author_dispatcher.use_data_vol_snapshot | lower }}" + AuthorDispatcherVolParameter: "{{ author_dispatcher.root_vol_size }}, {{ author_dispatcher.data_vol_size }}, {{ snapshots.author_dispatcher.data_vol_snapshot_id }}, {{ snapshots.author_dispatcher.use_data_vol_snapshot | lower }}" OrchestratorImageParameter: "{{ ami_ids.orchestrator }}" OrchestratorInstanceTypeParameter: "{{ orchestrator.instance_type }}" OrchestratorASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" - OrchestratorVolParameter: "{{ orchestrator.root_vol_size }}, {{ orchestrator.data_vol_size }}, {{ orchestrator.enable_vol_encryption | lower }}" + OrchestratorVolParameter: "{{ orchestrator.root_vol_size }}, {{ orchestrator.data_vol_size }}" ChaosMonkeyIncludeStack: "{{ chaos_monkey.include_stack | lower }}" ChaosMonkeyImageParameter: "{{ ami_ids.chaos_monkey }}" ChaosMonkeyInstanceTypeParameter: "{{ chaos_monkey.instance_type }}" ChaosMonkeyASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" - ChaosMonkeyVolParameter: "{{ chaos_monkey.root_vol_size }}, {{ chaos_monkey.enable_vol_encryption | lower }}" + ChaosMonkeyRootVolSizeParameter: "{{ chaos_monkey.root_vol_size }}" MonitoringIncludeStack: "{{ monitoring.include_stack | lower }}" Route53HostedZoneNameParameter: "{{ dns_records.route53_hosted_zone_name }}" AuthorDNSRecordSetNameParameter: "{{ dns_records.author.record_set_name }}" @@ -83,7 +83,7 @@ PrerequisitesStackPrefixParameter: "{{ prerequisites_stack_prefix }}" MainStackPrefixParameter: "{{ stack_prefix }}" NetworkStackPrefixParameter: "{{ network_stack_prefix }}" - AWSEncryptionParameters: "{{ aws.encryption.ebs_volume.enable | lower }}, {{ aws.encryption.ebs_volume.kms_key_id }}" + EnableVolumeEncryptionParameter: "{{ aws.encryption.ebs_volume.enable | lower }}" ComputeKeyPairNameParameter: "{{ compute.key_pair_name }}" ELBCipherSuiteParameter: "{{ compute.elb_cipher_suite }}" DataBucketNameParameter: "{{ s3.data_bucket_name }}" @@ -91,12 +91,12 @@ AuthorLoadBalancerHealthCheckTargetParameter: "{{ author.elb_health_check }}" AuthorImageParameter: "{{ ami_ids.author }}" AuthorInstanceTypeParameter: "{{ author.instance_type }}" - AuthorVolParameter: "{{ author.root_vol_size }}, {{ author.data_vol_size }}, {{ snapshots.author.data_vol_snapshot_id }}, {{ snapshots.author.use_data_vol_snapshot | lower }}, {{ author.enable_vol_encryption | lower }}" + AuthorVolParameter: "{{ author.root_vol_size }}, {{ author.data_vol_size }}, {{ snapshots.author.data_vol_snapshot_id }}, {{ snapshots.author.use_data_vol_snapshot | lower }}" PublishImageParameter: "{{ ami_ids.publish }}" PublishInstanceTypeParameter: "{{ publish.instance_type }}" PublishASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" PublishASGConfigurationParameters: "{{ publish.asg_max_size }}, {{ publish.asg_min_size }}, {{ publish.asg_desired_capacity }}, {{ publish.asg_health_check_grace_period }}, {{ publish.asg_cooldown }}" - PublishVolParameter: "{{ publish.root_vol_size }}, {{ publish.data_vol_size }}, {{ snapshots.publish.data_vol_snapshot_id }}, {{ snapshots.publish.use_data_vol_snapshot | lower }}, {{ publish.enable_vol_encryption | lower }}" + PublishVolParameter: "{{ publish.root_vol_size }}, {{ publish.data_vol_size }}, {{ snapshots.publish.data_vol_snapshot_id }}, {{ snapshots.publish.use_data_vol_snapshot | lower }}" PublishDispatcherLoadBalancerHealthCheckTargetParameter: "{{ publish_dispatcher.elb_health_check }}" PublishDispatcherLoadBalancerSchemeParameter: "{{ publish_dispatcher.elb_scheme }}" PublishDispatcherImageParameter: "{{ ami_ids.publish_dispatcher }}" @@ -104,22 +104,22 @@ PublishDispatcherASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" PublishDispatcherASGConfigurationParameters: "{{ publish_dispatcher.asg_max_size }}, {{ publish_dispatcher.asg_min_size }}, {{ publish_dispatcher.asg_desired_capacity }}, {{ publish_dispatcher.asg_health_check_grace_period }}, {{ publish_dispatcher.asg_cooldown }}" PublishDispatcherASGCPUScalingParameters: "{{ publish_dispatcher.asg_cpu_scaling_threshold }}, {{ publish_dispatcher.asg_cpu_high_period }}, {{ publish_dispatcher.asg_cpu_high_eval_period }}, {{ publish_dispatcher.asg_cpu_low_period }}, {{ publish_dispatcher.asg_cpu_low_eval_period }}, {{ publish_dispatcher.asg_cpu_high_scaling_cooldown }}, {{ publish_dispatcher.asg_cpu_low_scaling_cooldown }}" - PublishDispatcherVolParameter: "{{ publish_dispatcher.root_vol_size }}, {{ publish_dispatcher.data_vol_size }}, {{ publish_dispatcher.enable_vol_encryption | lower }}, {{ snapshots.publish_dispatcher.data_vol_snapshot_id }}, {{ snapshots.publish_dispatcher.use_data_vol_snapshot | lower }}" + PublishDispatcherVolParameter: "{{ publish_dispatcher.root_vol_size }}, {{ publish_dispatcher.data_vol_size }}, {{ snapshots.publish_dispatcher.data_vol_snapshot_id }}, {{ snapshots.publish_dispatcher.use_data_vol_snapshot | lower }}" AuthorDispatcherLoadBalancerHealthCheckTargetParameter: "{{ author_dispatcher.elb_health_check }}" AuthorDispatcherImageParameter: "{{ ami_ids.author_dispatcher }}" AuthorDispatcherInstanceTypeParameter: "{{ author_dispatcher.instance_type }}" AuthorDispatcherASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" AuthorDispatcherASGConfigurationParameters: "{{ author_dispatcher.asg_max_size }}, {{ author_dispatcher.asg_min_size }}, {{ author_dispatcher.asg_desired_capacity }}, {{ author_dispatcher.asg_health_check_grace_period }}, {{ author_dispatcher.asg_cooldown }}" - AuthorDispatcherVolParameter: "{{ author_dispatcher.root_vol_size }}, {{ author_dispatcher.data_vol_size }}, {{ author_dispatcher.enable_vol_encryption | lower }}, {{ snapshots.author_dispatcher.data_vol_snapshot_id }}, {{ snapshots.author_dispatcher.use_data_vol_snapshot | lower }}" + AuthorDispatcherVolParameter: "{{ author_dispatcher.root_vol_size }}, {{ author_dispatcher.data_vol_size }}, {{ snapshots.author_dispatcher.data_vol_snapshot_id }}, {{ snapshots.author_dispatcher.use_data_vol_snapshot | lower }}" OrchestratorImageParameter: "{{ ami_ids.orchestrator }}" OrchestratorInstanceTypeParameter: "{{ orchestrator.instance_type }}" OrchestratorASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" - OrchestratorVolParameter: "{{ orchestrator.root_vol_size }}, {{ orchestrator.data_vol_size }}, {{ orchestrator.enable_vol_encryption | lower }}" + OrchestratorVolParameter: "{{ orchestrator.root_vol_size }}, {{ orchestrator.data_vol_size }}" ChaosMonkeyIncludeStack: "{{ chaos_monkey.include_stack | lower }}" ChaosMonkeyImageParameter: "{{ ami_ids.chaos_monkey }}" ChaosMonkeyInstanceTypeParameter: "{{ chaos_monkey.instance_type }}" ChaosMonkeyASGAvailabilityZoneListParameter: "{{ aws.availability_zone_list }}" - ChaosMonkeyVolParameter: "{{ chaos_monkey.root_vol_size }}, {{ chaos_monkey.enable_vol_encryption | lower }}" + ChaosMonkeyRootVolSizeParameter: "{{ chaos_monkey.root_vol_size }}" MonitoringIncludeStack: "{{ monitoring.include_stack | lower }}" Route53HostedZoneNameParameter: "{{ dns_records.route53_hosted_zone_name }}" AuthorDNSRecordSetNameParameter: "{{ dns_records.author.record_set_name }}" diff --git a/templates/cloudformation/apps/aem/full-set/author-dispatcher.yaml b/templates/cloudformation/apps/aem/full-set/author-dispatcher.yaml index 084b43c6..d401eea0 100644 --- a/templates/cloudformation/apps/aem/full-set/author-dispatcher.yaml +++ b/templates/cloudformation/apps/aem/full-set/author-dispatcher.yaml @@ -1,29 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' Conditions: - # The usage of a CMK in the ASG LaunchConfiguration - # is not supported yet but maybe in the future ? - # I just leave the code here in case it's supported in the future. - # Atm. the EBS Volumes are getting encrypted with the key which is - # provided by the AMIs. - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: AuthorDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' UseAuthorDispatcherDataVolSnapshotCondition: Fn::Equals: - Ref: UseAuthorDispatcherDataVolSnapshotParameter @@ -61,13 +37,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List AuthorDispatcherASGAvailabilityZoneListParameter: Description: The Author Dispatcher Availability Zone List Type: List @@ -207,20 +176,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: AuthorDispatcherRootVolSizeParameter VolumeType: gp2 @@ -230,20 +185,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue SnapshotId: Fn::If: - UseAuthorDispatcherDataVolSnapshotCondition diff --git a/templates/cloudformation/apps/aem/full-set/author.yaml b/templates/cloudformation/apps/aem/full-set/author.yaml index dca730a3..36817476 100644 --- a/templates/cloudformation/apps/aem/full-set/author.yaml +++ b/templates/cloudformation/apps/aem/full-set/author.yaml @@ -1,24 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' Conditions: - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: AuthorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' UseAuthorDataVolSnapshotCondition: Fn::Equals: - Ref: UseAuthorDataVolSnapshotParameter @@ -66,13 +47,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List AuthorDataVolSizeParameter: Description: Author Instances Data EBS Volume Size Type: Number @@ -376,21 +350,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: AuthorRootVolSizeParameter VolumeType: gp2 @@ -400,21 +359,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue SnapshotId: Fn::If: - UseAuthorDataVolSnapshotCondition @@ -464,21 +408,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: AuthorRootVolSizeParameter VolumeType: gp2 @@ -488,21 +417,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: AuthorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue SnapshotId: Fn::If: - UseAuthorDataVolSnapshotCondition diff --git a/templates/cloudformation/apps/aem/full-set/chaos-monkey.yaml b/templates/cloudformation/apps/aem/full-set/chaos-monkey.yaml index e447d76a..cab089c8 100644 --- a/templates/cloudformation/apps/aem/full-set/chaos-monkey.yaml +++ b/templates/cloudformation/apps/aem/full-set/chaos-monkey.yaml @@ -1,28 +1,4 @@ AWSTemplateFormatVersion: '2010-09-09' -Conditions: - # The usage of a CMK in the ASG LaunchConfiguration - # is not supported yet but maybe in the future ? - # I just leave the code here in case it's supported in the future. - # Atm. the EBS Volumes are getting encrypted with the key which is - # provided by the AMIs. - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: ChaosMonkeyEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' Description: Create the Compute resources for the AEM Chaos Monkey Outputs: ChaosMonkeyAutoScalingGroup: @@ -40,13 +16,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List ChaosMonkeyASGAvailabilityZoneListParameter: Description: The Chaos Monkey Availability Zone List Type: List @@ -153,20 +122,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: ChaosMonkeyEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: ChaosMonkeyRootVolSizeParameter VolumeType: gp2 diff --git a/templates/cloudformation/apps/aem/full-set/main-c.yaml b/templates/cloudformation/apps/aem/full-set/main-c.yaml index 508f91a5..5df5a43f 100644 --- a/templates/cloudformation/apps/aem/full-set/main-c.yaml +++ b/templates/cloudformation/apps/aem/full-set/main-c.yaml @@ -13,13 +13,15 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: + EnableVolumeEncryptionParameter: Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List + Boolean to Enable/Disable EBS Volume Encryption. + Needs to be ENabled if Source AMI has volumes encrypted + Type: String + Default: 'true' + AllowedValues: + - true + - false AuthorDNSRecordSetNameParameter: Description: Author DNS Record Set Name Type: String @@ -74,9 +76,9 @@ Parameters: Default: '' Description: The Chaos Monkey Instance Type Type: String - ChaosMonkeyVolParameter: - Description: Comma seperated list of Chaos Monkey Instances Volume parameters - Type: List + ChaosMonkeyRootVolSizeParameter: + Description: Chaos Monkey Instances Root EBS Volum Size + Type: String ComputeKeyPairNameParameter: Description: The Compute Resources Key Pair Name Type: AWS::EC2::KeyPair::KeyName @@ -163,10 +165,6 @@ Resources: Parameters: AemAwsStackProvisionerVersionParameter: Ref: AemAwsStackProvisionerVersionParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters AuthorDispatcherASGAvailabilityZoneListParameter: Fn::Join: - ',' @@ -199,15 +197,15 @@ Resources: - Ref: AuthorDispatcherVolParameter AuthorDispatcherEnableVolEncryptionParameter: Fn::Select: - - 2 - - Ref: AuthorDispatcherVolParameter + - 0 + - Ref: EnableVolumeEncryptionParameter AuthorDispatcherDataVolSnapshotParameter: Fn::Select: - - 3 + - 2 - Ref: AuthorDispatcherVolParameter UseAuthorDispatcherDataVolSnapshotParameter: Fn::Select: - - 4 + - 3 - Ref: AuthorDispatcherVolParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter @@ -261,12 +259,8 @@ Resources: - Ref: AuthorVolParameter AuthorEnableVolEncryptionParameter: Fn::Select: - - 4 - - Ref: AuthorVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + - 0 + - Ref: EnableVolumeEncryptionParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter DataBucketNameParameter: @@ -309,15 +303,11 @@ Resources: ChaosMonkeyRootVolSizeParameter: Fn::Select: - 0 - - Ref: ChaosMonkeyVolParameter + - Ref: ChaosMonkeyRootVolSizeParameter ChaosMonkeyEnableVolEncryptionParameter: Fn::Select: - - 1 - - Ref: ChaosMonkeyVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + - 0 + - Ref: EnableVolumeEncryptionParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter DataBucketNameParameter: @@ -380,12 +370,8 @@ Resources: - Ref: OrchestratorVolParameter OrchestratorEnableVolEncryptionParameter: Fn::Select: - - 2 - - Ref: OrchestratorVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + - 0 + - Ref: EnableVolumeEncryptionParameter PrerequisitesStackPrefixParameter: Ref: PrerequisitesStackPrefixParameter PublishDispatcherStackArn: @@ -460,20 +446,16 @@ Resources: - Ref: PublishDispatcherVolParameter PublishDispatcherEnableVolEncryptionParameter: Fn::Select: - - 2 - - Ref: PublishDispatcherVolParameter + - 0 + - Ref: EnableVolumeEncryptionParameter PublishDispatcherDataVolSnapshotParameter: Fn::Select: - - 3 + - 2 - Ref: PublishDispatcherVolParameter UsePublishDispatcherDataVolSnapshotParameter: Fn::Select: - - 4 + - 3 - Ref: PublishDispatcherVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters TemplateURL: Fn::Sub: https://s3-${AWS::Region}.amazonaws.com/${DataBucketNameParameter}/${MainStackPrefixParameter}/publish-dispatcher.yaml Type: AWS::CloudFormation::Stack @@ -518,12 +500,8 @@ Resources: - Ref: PublishVolParameter PublishEnableVolEncryptionParameter: Fn::Select: - - 4 - - Ref: PublishVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + - 0 + - Ref: EnableVolumeEncryptionParameter PublishImageParameter: Ref: PublishImageParameter PublishImageRootDevice: diff --git a/templates/cloudformation/apps/aem/full-set/main.yaml b/templates/cloudformation/apps/aem/full-set/main.yaml index 91780c9f..05ce6b64 100644 --- a/templates/cloudformation/apps/aem/full-set/main.yaml +++ b/templates/cloudformation/apps/aem/full-set/main.yaml @@ -13,13 +13,15 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: + EnableVolumeEncryptionParameter: Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List + Boolean to Enable/Disable EBS Volume Encryption. + Needs to be ENabled if Source AMI has volumes encrypted + Type: String + Default: 'true' + AllowedValues: + - true + - false AuthorDNSRecordSetNameParameter: Description: Author DNS Record Set Name Type: String @@ -74,9 +76,9 @@ Parameters: Default: '' Description: The Chaos Monkey Instance Type Type: String - ChaosMonkeyVolParameter: - Description: Comma seperated list of Chaos Monkey Instances Volume parameters - Type: List + ChaosMonkeyRootVolSizeParameter: + Description: Chaos Monkey Instances Root EBS Volum Size + Type: String ComputeKeyPairNameParameter: Description: The Compute Resources Key Pair Name Type: AWS::EC2::KeyPair::KeyName @@ -163,10 +165,6 @@ Resources: Parameters: AemAwsStackProvisionerVersionParameter: Ref: AemAwsStackProvisionerVersionParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters AuthorDispatcherASGAvailabilityZoneListParameter: Fn::Join: - ',' @@ -198,16 +196,14 @@ Resources: - 1 - Ref: AuthorDispatcherVolParameter AuthorDispatcherEnableVolEncryptionParameter: - Fn::Select: - - 2 - - Ref: AuthorDispatcherVolParameter + Ref: EnableVolumeEncryptionParameter AuthorDispatcherDataVolSnapshotParameter: Fn::Select: - - 3 + - 2 - Ref: AuthorDispatcherVolParameter UseAuthorDispatcherDataVolSnapshotParameter: Fn::Select: - - 4 + - 3 - Ref: AuthorDispatcherVolParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter @@ -260,13 +256,7 @@ Resources: - 3 - Ref: AuthorVolParameter AuthorEnableVolEncryptionParameter: - Fn::Select: - - 4 - - Ref: AuthorVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + Ref: EnableVolumeEncryptionParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter DataBucketNameParameter: @@ -307,17 +297,9 @@ Resources: ChaosMonkeyInstanceTypeParameter: Ref: ChaosMonkeyInstanceTypeParameter ChaosMonkeyRootVolSizeParameter: - Fn::Select: - - 0 - - Ref: ChaosMonkeyVolParameter + Ref: ChaosMonkeyRootVolSizeParameter ChaosMonkeyEnableVolEncryptionParameter: - Fn::Select: - - 1 - - Ref: ChaosMonkeyVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + Ref: EnableVolumeEncryptionParameter ComputeKeyPairNameParameter: Ref: ComputeKeyPairNameParameter DataBucketNameParameter: @@ -399,13 +381,7 @@ Resources: - 1 - Ref: OrchestratorVolParameter OrchestratorEnableVolEncryptionParameter: - Fn::Select: - - 2 - - Ref: OrchestratorVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + Ref: EnableVolumeEncryptionParameter PrerequisitesStackPrefixParameter: Ref: PrerequisitesStackPrefixParameter PublishDispatcherStackArn: @@ -463,21 +439,15 @@ Resources: - 1 - Ref: PublishDispatcherVolParameter PublishDispatcherEnableVolEncryptionParameter: - Fn::Select: - - 2 - - Ref: PublishDispatcherVolParameter + Ref: EnableVolumeEncryptionParameter PublishDispatcherDataVolSnapshotParameter: Fn::Select: - - 3 + - 2 - Ref: PublishDispatcherVolParameter UsePublishDispatcherDataVolSnapshotParameter: Fn::Select: - - 4 + - 3 - Ref: PublishDispatcherVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters PublishDispatcherImageParameter: Ref: PublishDispatcherImageParameter PublishDispatcherImageRootDevice: @@ -537,13 +507,7 @@ Resources: - 3 - Ref: PublishVolParameter PublishEnableVolEncryptionParameter: - Fn::Select: - - 4 - - Ref: PublishVolParameter - AWSEncryptionParameters: - Fn::Join: - - ',' - - Ref: AWSEncryptionParameters + Ref: EnableVolumeEncryptionParameter PublishImageParameter: Ref: PublishImageParameter PublishImageRootDevice: diff --git a/templates/cloudformation/apps/aem/full-set/orchestrator.yaml b/templates/cloudformation/apps/aem/full-set/orchestrator.yaml index f18d83fb..2b231215 100644 --- a/templates/cloudformation/apps/aem/full-set/orchestrator.yaml +++ b/templates/cloudformation/apps/aem/full-set/orchestrator.yaml @@ -1,29 +1,4 @@ AWSTemplateFormatVersion: '2010-09-09' -Conditions: - # The usage of a CMK in the ASG LaunchConfiguration - # is not supported yet but maybe in the future ? - # I just leave the code here in case it's supported in the future. - # Atm. the EBS Volumes are getting encrypted with the key which is - # provided by the AMIs. - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: OrchestratorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' Description: Create the Compute resources for the AEM Orchestrator Outputs: OrchestratorAutoScalingGroup: @@ -45,13 +20,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List AuthorDispatcherStackArn: Default: '' Description: The ARN of the author-dispatcher stack. @@ -169,21 +137,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: OrchestratorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: OrchestratorRootVolSizeParameter VolumeType: gp2 @@ -193,21 +146,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: OrchestratorEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: OrchestratorDataVolSizeParameter VolumeType: gp2 diff --git a/templates/cloudformation/apps/aem/full-set/publish-dispatcher.yaml b/templates/cloudformation/apps/aem/full-set/publish-dispatcher.yaml index 77ffde94..6153e9a6 100644 --- a/templates/cloudformation/apps/aem/full-set/publish-dispatcher.yaml +++ b/templates/cloudformation/apps/aem/full-set/publish-dispatcher.yaml @@ -1,29 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' Conditions: - # The usage of a CMK in the ASG LaunchConfiguration - # is not supported yet but maybe in the future ? - # I just leave the code here in case it's supported in the future. - # Atm. the EBS Volumes are getting encrypted with the key which is - # provided by the AMIs. - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: PublishDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' UsePublishDispatcherDataVolSnapshotCondition: Fn::Equals: - Ref: UsePublishDispatcherDataVolSnapshotParameter @@ -61,13 +37,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List ComputeKeyPairNameParameter: Description: The Compute Resources Key Pair Name Type: AWS::EC2::KeyPair::KeyName @@ -325,21 +294,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: PublishDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: PublishDispatcherRootVolSizeParameter VolumeType: gp2 @@ -349,21 +303,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: PublishDispatcherEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue SnapshotId: Fn::If: - UsePublishDispatcherDataVolSnapshotCondition diff --git a/templates/cloudformation/apps/aem/full-set/publish.yaml b/templates/cloudformation/apps/aem/full-set/publish.yaml index ddcc5264..c40a6a74 100644 --- a/templates/cloudformation/apps/aem/full-set/publish.yaml +++ b/templates/cloudformation/apps/aem/full-set/publish.yaml @@ -1,29 +1,5 @@ AWSTemplateFormatVersion: '2010-09-09' Conditions: - # The usage of a CMK in the ASG LaunchConfiguration - # is not supported yet but maybe in the future ? - # I just leave the code here in case it's supported in the future. - # Atm. the EBS Volumes are getting encrypted with the key which is - # provided by the AMIs. - UseCMKEBSVolumeEncryptionCondition: - Fn::And: - - Fn::Equals: - - Ref: PublishEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # - Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - - true - - Fn::Not: - - Fn::Equals: - - Fn::Select: - - 1 - - Ref: AWSEncryptionParameters - - 'overwrite-me' UsePublishDataVolSnapshotCondition: Fn::Equals: - Ref: UsePublishDataVolSnapshotParameter @@ -45,13 +21,6 @@ Parameters: AemAwsStackProvisionerVersionParameter: Description: AEM AWS Stack Provisioner version number Type: String - AWSEncryptionParameters: - Description: | - A list of AWS Encyrption parameters. - List hast to be containing the following values in the following order: - - Boolean for enabling/disabling EBS Volume encryption - - KMS Key ID used for EBS Volume encryption - Type: List ComputeKeyPairNameParameter: Description: The Compute Resources Key Pair Name Type: AWS::EC2::KeyPair::KeyName @@ -183,21 +152,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: PublishEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue VolumeSize: Ref: PublishRootVolSizeParameter VolumeType: gp2 @@ -207,21 +161,6 @@ Resources: DeleteOnTermination: true Encrypted: Ref: PublishEnableVolEncryptionParameter - # To support the deprecrated configuration parameters, - # [aem_component].enable_vol_encryption - # - # The new parameter is not support yet. - # - # Fn::Select: - # - 0 - # - Ref: AWSEncryptionParameters - # KmsKeyId: - # Fn::If: - # - UseCMKEBSVolumeEncryptionCondition - # - Fn::Select: - # - 1 - # - Ref: AWSEncryptionParameters - # - Ref: AWS::NoValue SnapshotId: Fn::If: - UsePublishDataVolSnapshotCondition