diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 0000000..f0a98e9 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1 @@ +* @aws-quickstart/aws_quickstart_team diff --git a/README.md b/README.md index ce35a99..f6e4a88 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,3 @@ -# quickstart-examples +# AWS Partner Solution examples -This GitHub repository contains example AWS Quick Start templates, including AWS CloudFormation, deployment guide, and diagram templates. It also includes examples that are discussed in the [Infrastructure & Automation blog](https://aws.amazon.com/blogs/infrastructure-and-automation/). +This GitHub repository contains example files for [AWS Partner Solutions](https://aws.amazon.com/solutions/browse-all/?solutions-all.sort-by=item.additionalFields.sortDate&solutions-all.sort-order=desc&awsf.Content-Type=*all&awsf.AWS-Product%20Category=*all), including AWS CloudFormation templates, deployment guides, and architecture diagrams. It also includes examples that are discussed in posts on the [Integration & Automation Blog](https://aws.amazon.com/blogs/infrastructure-and-automation/). diff --git a/blog-assets/change-cfn-stack-name/01-vpc-basic.yaml b/blog-assets/change-cfn-stack-name/01-vpc-basic.yaml new file mode 100644 index 0000000..f2228c4 --- /dev/null +++ b/blog-assets/change-cfn-stack-name/01-vpc-basic.yaml @@ -0,0 +1,12 @@ +AWSTemplateFormatVersion: 2010-09-09 + +Description: "Deploys a VPC (qs-1t72ibrq5)" + +Resources: + Vpc: + Type: AWS::EC2::VPC + Properties: + CidrBlock: 10.0.0.0/16 + Tags: + - Key: Name + Value: rename-stack-demo \ No newline at end of file diff --git a/blog-assets/change-cfn-stack-name/02-vpc-retain.yaml b/blog-assets/change-cfn-stack-name/02-vpc-retain.yaml new file mode 100644 index 0000000..7b6658b --- /dev/null +++ b/blog-assets/change-cfn-stack-name/02-vpc-retain.yaml @@ -0,0 +1,13 @@ +AWSTemplateFormatVersion: 2010-09-09 + +Description: Deploys a VPC + +Resources: + Vpc: + Type: AWS::EC2::VPC + DeletionPolicy: Retain + Properties: + CidrBlock: 10.0.0.0/16 + Tags: + - Key: Name + Value: rename-stack-demo \ No newline at end of file diff --git a/blog-assets/eks-cluster-prework/templates/eks-cluster-prework.template.yaml b/blog-assets/eks-cluster-prework/templates/eks-cluster-prework.template.yaml index 58571d2..bb84846 100644 --- a/blog-assets/eks-cluster-prework/templates/eks-cluster-prework.template.yaml +++ b/blog-assets/eks-cluster-prework/templates/eks-cluster-prework.template.yaml @@ -4,6 +4,11 @@ Parameters: AccessCIDR: Default: 0.0.0.0/0 Type: String + KeyPairName: + Description: Name of an existing key pair, which allows you to securely connect to your bastion instance after it launches. + Leave empty to proceed without a key pair. You would need to use AWS Systems Manager Session Manager to connect to the provisioned EC2 instances. + Type: String + Default: "" JobName: Type: String Default: 'job-example' @@ -21,16 +26,13 @@ Parameters: Default: 'aws-quickstart' PreworkScriptObject: Type: String - Default: 'quickstart-examples/blog-assets/eks-cluster-prework/script/pw-script.sh' + Default: 'quickstart-examples/blog-assets/eks-cluster-prework/scripts/pw-script.sh' Resources: EKSStack: Type: AWS::CloudFormation::Stack Properties: TemplateURL: 'https://aws-quickstart.s3.amazonaws.com/quickstart-amazon-eks/templates/amazon-eks-entrypoint-new-vpc.template.yaml' Parameters: - # QuickStart properties - QSS3BucketName: aws-quickstart - QSS3KeyPrefix: quickstart-amazon-eks/ # Cluster properties ProvisionBastionHost: Enabled RemoteAccessCIDR: !Ref AccessCIDR @@ -45,20 +47,16 @@ Resources: AwsCliCommand: !Sub "eks describe-cluster --name ${EKSStack.Outputs.EKSClusterName} --query 'cluster.identity.oidc.{issuer:issuer}'" IdField: 'issuer' PreworkStack: + DependsOn: EKSStack Type: AWS::CloudFormation::Stack Properties: TemplateURL: 'https://aws-quickstart.s3.amazonaws.com/quickstart-examples/blog-assets/eks-cluster-prework/templates/prework.template.yaml' Parameters: - ClusterName: !Sub "EKSStack.Outputs.EKSClusterName" + ClusterName: !GetAtt "EKSStack.Outputs.EKSClusterName" PreworkScriptBucket: !Ref PreworkScriptBucket PreworkScriptObject: !Ref PreworkScriptObject JobName: !Ref JobName KubernetesNameSpace: "prework-example" - OIDCProvider: !Sub - - "${OIDCProvider1}/${OIDCProvider2}/${OIDCProvider3}" - - OIDCProvider1: !Select [ 2, !Split [ "/", !Ref GetOIDCProvider ] ] - OIDCProvider2: !Select [ 3, !Split [ "/", !Ref GetOIDCProvider ] ] - OIDCProvider3: !Select [ 4, !Split [ "/", !Ref GetOIDCProvider ] ] Outputs: EKSClusterName: Value: !GetAtt EKSStack.Outputs.EKSClusterName diff --git a/blog-assets/eks-cluster-prework/templates/prework.template.yaml b/blog-assets/eks-cluster-prework/templates/prework.template.yaml index aae7057..570a73d 100644 --- a/blog-assets/eks-cluster-prework/templates/prework.template.yaml +++ b/blog-assets/eks-cluster-prework/templates/prework.template.yaml @@ -8,18 +8,14 @@ Parameters: Default: aws-quickstart PreworkScriptObject: Type: String - Default: "quickstart-examples/samples/eks-cluster-prework/scripts/pw-script.sh" + Default: "quickstart-examples/blog-assets/eks-cluster-prework/scripts/pw-script.sh" JobName: Type: String - Default: job-example + Default: example-job AllowedPattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' ConstraintDescription: "a lowercase RFC 1123 subdomain must consist of lower case alphanumeric characters, '-' or '.', and must start and end with an alphanumeric character" - OIDCProvider: - Type: String - Description: Amazon EKS cluster OIDC provider, without the protocol (e.g., oidc.eks.us-east-1.amazonaws.com/id/SADFASFFASFXCCVXCVSDFSDF). - Default: "" KubernetesNameSpace: Type: String Default: "prework-example" @@ -49,6 +45,7 @@ Resources: } - NameSpace: !Ref KubernetesNameSpace ResourceName: !Sub "pw-service-account-${JobName}" + OIDCProvider: !Join [ '', !Split [ 'https://', !Ref 'GetOIDCProvider' ] ] Path: "/" Policies: - PolicyName: root @@ -60,7 +57,13 @@ Resources: - s3:GetObject - s3:HeadObject Resource: - - !Sub "arn:aws:s3:::${PreworkScriptBucket}/${PreworkScriptObject}" + - !Sub "arn:${AWS::Partition}:s3:::${PreworkScriptBucket}/${PreworkScriptObject}" + GetOIDCProvider: + Type: Custom::GetOIDCProvider + Properties: + ServiceToken: !Sub "arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:eks-quickstart-ResourceReader" + AwsCliCommand: !Sub "eks describe-cluster --name ${ClusterName} --query 'cluster.identity.oidc.{issuer:issuer}'" + IdField: 'issuer' KubePreWorkNamespace: Type: "AWSQS::Kubernetes::Resource" Properties: @@ -164,10 +167,9 @@ Resources: args: - > sleep 15; - yum update -y; - yum install -y awscli; export AWS_REGION=${AWS::Region}; export NS=${NameSpace}; + yum install -y aws-cli; aws sts get-caller-identity; aws s3 cp ${!S3_SCRIPT_URL} ./prework-script.sh && chmod +x ./prework-script.sh && @@ -184,4 +186,4 @@ Resources: backoffLimit: 4 - ResourceName: !Sub "pw-job-${JobName}" NameSpace: !Ref "KubernetesNameSpace" - S3ScriptURL: !Sub "s3://${PreworkScriptBucket}/${PreworkScriptObject}" \ No newline at end of file + S3ScriptURL: !Sub "s3://${PreworkScriptBucket}/${PreworkScriptObject}" diff --git a/blog-assets/svcvirt-apigateway-cfn/template.yaml b/blog-assets/svcvirt-apigateway-cfn/template.yaml index 81c3edd..9c38500 100644 --- a/blog-assets/svcvirt-apigateway-cfn/template.yaml +++ b/blog-assets/svcvirt-apigateway-cfn/template.yaml @@ -1,6 +1,6 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: AWS API Gateway working as a Service Virtualization +Description: "AWS API Gateway working as a Service Virtualization (qs-1sq3s942d)" Resources: @@ -155,4 +155,4 @@ Resources: - PostMethod Properties: Description: Mock API Deployment - RestApiId: !Ref RestApi \ No newline at end of file + RestApiId: !Ref RestApi diff --git a/doc/Partner Quick Start Template and Style Guide.docx b/doc/Partner Quick Start Template and Style Guide.docx deleted file mode 100644 index 794222d..0000000 Binary files a/doc/Partner Quick Start Template and Style Guide.docx and /dev/null differ diff --git a/doc/Quick Start architecture diagram.pptx b/doc/Quick Start architecture diagram.pptx deleted file mode 100644 index ddaa4ce..0000000 Binary files a/doc/Quick Start architecture diagram.pptx and /dev/null differ diff --git a/doc/eks-architecture-examples/discngine-3decision-architecture-diagram.pptx b/doc/eks-architecture-examples/discngine-3decision-architecture-diagram.pptx new file mode 100644 index 0000000..7661c6a Binary files /dev/null and b/doc/eks-architecture-examples/discngine-3decision-architecture-diagram.pptx differ diff --git a/doc/serverless-architecture-examples/snowflake-sagemaker-autopilot-architecture-diagram.pptx b/doc/serverless-architecture-examples/snowflake-sagemaker-autopilot-architecture-diagram.pptx new file mode 100644 index 0000000..93eb7e0 Binary files /dev/null and b/doc/serverless-architecture-examples/snowflake-sagemaker-autopilot-architecture-diagram.pptx differ diff --git a/doc/three-tier-architecture-examples/crest-infosolutions-cloudmeet-architecture-diagram.pptx b/doc/three-tier-architecture-examples/crest-infosolutions-cloudmeet-architecture-diagram.pptx new file mode 100644 index 0000000..02cbf0c Binary files /dev/null and b/doc/three-tier-architecture-examples/crest-infosolutions-cloudmeet-architecture-diagram.pptx differ diff --git a/doc/three-tier-architecture-examples/nvidia-cheminformatics-architecture-diagram.pptx b/doc/three-tier-architecture-examples/nvidia-cheminformatics-architecture-diagram.pptx new file mode 100644 index 0000000..fad1ca7 Binary files /dev/null and b/doc/three-tier-architecture-examples/nvidia-cheminformatics-architecture-diagram.pptx differ diff --git a/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py index 42638d9..cfc81c3 100644 --- a/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py +++ b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/lambda_function.py @@ -3,7 +3,7 @@ import string import logging import threading -from botocore.vendored import requests +import requests import json from botocore.credentials import ( AssumeRoleCredentialFetcher, diff --git a/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/requirements.txt b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/requirements.txt new file mode 100644 index 0000000..f229360 --- /dev/null +++ b/samples/cloudformation-cross-account/functions/source/CfnStackAssumeRole/requirements.txt @@ -0,0 +1 @@ +requests diff --git a/samples/cloudformation-stack-ttl/scripts/deploy-admin-stack.sh b/samples/cloudformation-stack-ttl/scripts/deploy-admin-stack.sh index 7fd06be..eb27e2f 100644 --- a/samples/cloudformation-stack-ttl/scripts/deploy-admin-stack.sh +++ b/samples/cloudformation-stack-ttl/scripts/deploy-admin-stack.sh @@ -1,6 +1,6 @@ #! /bin/bash aws cloudformation create-stack --stack-name --region us-east-1 cfn-admin-role-stack \ - --template-url https://s3.amazonaws.com/quickstart-examples/samples/cloudformation-stack-ttl/templates/cloudformation-admin-iam.yaml \ + --template-url https://s3.amazonaws.com/aws-quickstart/quickstart-examples/samples/cloudformation-stack-ttl/templates/cloudformation-admin-iam.yaml \ --capabilities "CAPABILITY_IAM" "CAPABILITY_AUTO_EXPAND" \ - --disable-rollback \ No newline at end of file + --disable-rollback diff --git a/samples/cloudformation-stack-ttl/scripts/deploy-demo-stack.sh b/samples/cloudformation-stack-ttl/scripts/deploy-demo-stack.sh index 35a0c72..7c57baa 100644 --- a/samples/cloudformation-stack-ttl/scripts/deploy-demo-stack.sh +++ b/samples/cloudformation-stack-ttl/scripts/deploy-demo-stack.sh @@ -1,7 +1,7 @@ #! /bin/bash aws cloudformation create-stack --stack-name --region us-east-1 demo-stack-ttl \ - --template-url https://s3.amazonaws.com/quickstart-examples/samples/cloudformation-stack-ttl/templates/demo-stack-ttl.yaml \ + --template-url https://s3.amazonaws.com/aws-quickstart/quickstart-examples/samples/cloudformation-stack-ttl/templates/demo-stack-ttl.yaml \ --capabilities "CAPABILITY_IAM" "CAPABILITY_AUTO_EXPAND" \ --role-arn "" \ - --disable-rollback \ No newline at end of file + --disable-rollback diff --git a/samples/cloudformation-stack-ttl/templates/cloudformation-stack-ttl.yaml b/samples/cloudformation-stack-ttl/templates/cloudformation-stack-ttl.yaml index aa1c0b7..d2bcf63 100644 --- a/samples/cloudformation-stack-ttl/templates/cloudformation-stack-ttl.yaml +++ b/samples/cloudformation-stack-ttl/templates/cloudformation-stack-ttl.yaml @@ -78,7 +78,7 @@ Resources: Variables: stackName: !Ref 'StackName' Handler: "index.handler" - Runtime: "python3.6" + Runtime: "python3.9" Timeout: "5" Role: !GetAtt DeleteCFNLambdaExecutionRole.Arn DeleteStackEventRule: @@ -161,7 +161,7 @@ Resources: status = cfnresponse.FAILED cfnresponse.send(event, context, status, {}, None) Handler: "index.handler" - Runtime: "python3.6" + Runtime: "python3.9" Timeout: "5" Role: !GetAtt BasicLambdaExecutionRole.Arn diff --git a/samples/session-manager-ssh/session-manager-example.yaml b/samples/session-manager-ssh/session-manager-example.yaml index 26e8741..4ca6b33 100644 --- a/samples/session-manager-ssh/session-manager-example.yaml +++ b/samples/session-manager-ssh/session-manager-example.yaml @@ -66,7 +66,7 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: - Fn::Sub: https://aws-quickstart.s3.amazonaws.com/quickstart-aws-vpc/templates/aws-vpc.template + Fn::Sub: https://aws-quickstart.s3.amazonaws.com/quickstart-aws-vpc/templates/aws-vpc.template.yaml Parameters: AvailabilityZones: Fn::Join: diff --git a/samples/session-manager-ssh/session-manager-ssh-example.yaml b/samples/session-manager-ssh/session-manager-ssh-example.yaml index 176f39a..85257e1 100644 --- a/samples/session-manager-ssh/session-manager-ssh-example.yaml +++ b/samples/session-manager-ssh/session-manager-ssh-example.yaml @@ -70,7 +70,7 @@ Resources: Type: AWS::CloudFormation::Stack Properties: TemplateURL: - Fn::Sub: https://aws-quickstart.s3.amazonaws.com/quickstart-aws-vpc/templates/aws-vpc.template + Fn::Sub: https://aws-quickstart.s3.amazonaws.com/quickstart-aws-vpc/templates/aws-vpc.template.yaml Parameters: AvailabilityZones: Fn::Join: