-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathmassdriver.yaml
184 lines (179 loc) · 5.63 KB
/
massdriver.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
schema: draft-07
name: aws-vpc
description: AWS VPC includes best-practice AWS reference architecture for VPCs and subnets.
source_url: github.com/massdriver-cloud/aws-vpc
access: public
type: infrastructure
steps:
- path: src
provisioner: terraform
params:
examples:
- __name: Wizard
aws_region: us-west-2
network:
automatic: true
mask: 20
high_availability: false
enable_flow_logs: false
monitoring:
mode: AUTOMATED
- __name: Small Development Network (4K IPs)
network:
automatic: true
mask: 20
high_availability: false
enable_flow_logs: false
- __name: Large Production Network (65K IPs)
network:
automatic: true
mask: 16
high_availability: true
enable_flow_logs: true
required:
- aws_region
- network
properties:
aws_region:
$ref: https://raw.githubusercontent.com/massdriver-cloud/artifact-definitions/main/definitions/types/aws-region.json
$md.immutable: true
network:
title: Network Configuration
type: object
properties:
automatic:
title: Automatically Select CIDR
description: Automatically select CIDR range that doesn't conflict with other VPCs in the region
type: boolean
default: true
$md.immutable: true
dependencies:
automatic:
oneOf:
- properties:
automatic:
const: true
mask:
title: VPC Size
type: integer
description: Select the size of the VPC in IP addresses
$md.immutable: true
default: 16
oneOf:
- const: 16
title: 65k IP Addresses
- const: 17
title: 32k IP Addresses
- const: 18
title: 16k IP Addresses
- const: 19
title: 8k IP Addresses
- const: 20
title: 4k IP Addresses
required:
- automatic
- mask
- properties:
automatic:
const: false
cidr:
title: CIDR Range
type: string
description: Enter a CIDR range to use for the size of your VPC
$md.immutable: true
pattern: ^(?:10\.(?:[0-9]|[0-9]{2}|1[0-9][0-9]|2[0-4][0-9]|25[0-5])|172\.(?:1[6-9]|2[0-9]|3[0-1])|192\.168)(?:\.(?:[0-9]|[0-9]{2}|1[0-9][0-9]|2[0-4][0-9]|25[0-5])){2}(?:/(?:1[6-9]|20))$
message:
pattern: Range must be from private networking space (10.X.X.X, 172.16-31.X.X, 192.168.X.X). Mask must be between 16 and 20
required:
- automatic
- cidr
high_availability:
type: boolean
title: NAT Gateway High Availability
description: Provision NAT Gateways in all availability zones so private subnets stay up in the event of a zonal failure
default: true
enable_flow_logs:
type: boolean
title: Enable VPC Flow Logs
description: Enable sending VPC traffic logs to Cloudwatch logs for auditing.
default: false
monitoring:
type: object
title: Monitoring
properties:
mode:
title: Alarm Mode
description: Enable and customize CloudWatch metric alarms.
type: string
default: AUTOMATED
oneOf:
- const: AUTOMATED
title: Automated
- const: CUSTOM
title: Custom
- const: DISABLED
title: Disabled
dependencies:
mode:
oneOf:
- properties:
mode:
const: AUTOMATED
- properties:
mode:
const: DISABLED
- properties:
mode:
const: CUSTOM
alarms:
type: object
title: Alarms
properties:
ip_address_utilization:
title: IP Address Utilization
type: object
required:
- percent
properties:
percent:
type: number
title: Percent
description: The percent of IP address usage in the VPC above which the alarm will trigger
default: 90
minimum: 0
maximum: 100
nat_gateway_port_allocation:
title: NAT Gateway Port Allocation Errors
type: object
required:
- count
properties:
count:
type: integer
title: Count
description: The threshold of port allocation errors above which the alarm will trigger
default: 1
minimum: 1
connections:
required:
- aws_authentication
properties:
aws_authentication:
$ref: massdriver/aws-iam-role
artifacts:
required:
- vpc
properties:
vpc:
$ref: massdriver/aws-vpc
ui:
ui:order:
- aws_region
- network
- high_availability
- enable_flow_logs
- monitoring
- "*"
aws_region:
ui:field: supportedCloudLocationsDropdown
cloudService: aws