-
Notifications
You must be signed in to change notification settings - Fork 1
/
shell-definition.yaml
321 lines (317 loc) · 15.5 KB
/
shell-definition.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
tosca_definitions_version: tosca_simple_yaml_1_0
metadata:
template_name: Amazon AWS Cloud Provider Shell 2G
template_author: Quali
template_version: 1.5.1
template_icon: AWS.png
description: >
AWS EC2 template will create a AWS EC2 resource in CloudShell. Once the AWS EC2 is
modeled correctly in CloudShell it will be possible to deploy Apps on this AWS EC2.
imports:
- cloudshell_standard: cloudshell_cloud_provider_standard_1_0_0.yaml
node_types:
vendor.resource.Amazon AWS Cloud Provider 2G:
derived_from: cloudshell.nodes.CustomCloudProvider
properties:
Region:
type: string
default: ""
description: "The code of the AWS region to be used by this cloud provider
resource. For example, 'us-east-1'."
constraints:
- valid_values:
- us-east-1
- us-east-2
- us-west-1
- us-west-2
- eu-central-1
- eu-west-1
- ap-southeast-1
- ap-southeast-2
- ap-northeast-1
- ap-northeast-2
AWS Mgmt SG ID:
type: string
default: ""
description: "The Management VPC's security group (use the SG1id output when
configuring the Management VPC for the region). For example, 'sg-71240198'.
This value is used by the Setup process to configure the communication between
the Management VPC's instances and the Sandbox instances."
AWS Mgmt VPC ID:
type: string
default: ""
description: "ID of the Management VPC. Used by the Setup process to set up the
VPC and subnet for the sandbox (use the ManagementVPCID output when configuring
the Management VPC for the region). For example 'vpc-633fb904'. This value is
created when configuring the Management VPC for the region."
Keypairs Location:
type: string
default: ""
description: "S3 bucket containing sandbox PEM files (use the S3Name output when
configuring the Management VPC for the region). Each active Sandbox creates a
PEM file under a designated folder. For example, 'sandbox-management'."
Max Storage Size:
type: integer
default: 0
description: "(Optional) The maximum number of GiB in the root volume. The value
of this parameter will be the storage size limit for all apps deployed on this
Cloud Provider. For example, '8'. The value must be greater than or equal to the
size of the root snapshot used. If set to '0', the default size of the snapshot
will be used."
Max Storage IOPS:
type: integer
default: 0
description: "(Optional) The maximum number of I/O operations per second to be
supported by the volume. The value of this parameter will be the storage IOPS
limit for all apps deployed on this Cloud Provider. For example, '240'. This
parameter is used only for storage of type io1, in which you can provision up to
30 IOPS per GiB. If set to zero, the default in the image is used."
Networks in use:
type: string
default: ""
description: "Reserved networks that will be excluded when allocating sandbox
networks, and therefore must include the Management VPC CIDR (which was provided
as an input to the CloudFormation deployment process) as well as any other
private networks that have access to the Management VPC. The syntax is comma
separated CIDR, only of size '/24'. For example, '10.0.0.0/24,172.31.0.0/24'."
Instance Type:
type: string
default: ""
description: "(Optional) The default AWS EC2 instance type for the deployed
instance. The instance type determines the CPU, memory and networking capacity
of the instance to be deployed. For example 't2.large'. The instance type can be
changed when creating the App in the Manage dashboard."
VPC Mode:
type: string
default: "Dynamic"
description: "Every sandbox with AWS Apps deploys a VPC to AWS, while in Shared
VPC mode, CloudShell deploys the sandbox to an existing VPC. This setting
determines how the sandbox VPC selects a CIDR block. Options are:<br>
* Dynamic: The CIDR block is selected by Cloudshell Server. In other
words, CloudShell deploys a new VPC with a dedicated CIDR for every sandbox.<br>
* Static: The CIDR block for all sandboxes allocated is taken from the VPC CIDR
attribute.<br>
* Shared: Indicates that the cloud provider resource will deploy to the shared
VPC defined in Shared VPC ID and use the VPC CIDR block.<br>
* Single: The sandbox infrastructure will be deployed to the Management VPC and
use the VPC CIDR block."
constraints:
- valid_values: [ "Dynamic", "Static", "Shared", "Single", "Predefined networking" ]
Static VPC CIDR:
type: string
default: ""
description: "CIDR to be used for sandbox VPC if VPC Mode is set to Static."
Shared VPC ID:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) Shared VPC's ID (can be found in
the output of the shared VPC CloudFormation stack, in the SharedVPCId key).
For example: 'vpc-0bf24b1ebrd855e30'."
Shared VPC Role Arn:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) Role created by the CloudFormation
process with read/write permissions in the AWS account (can be found in the
output of the shared VPC CloudFormation stack, in the SharedRoleARN key).
This role is used by CloudShell to operate in the shared VPC."
AWS Secret Access Key:
type: cloudshell.datatypes.Password
default: ""
description: "If empty the role that is configured on the Execution Server
instance in the Management VPC is used."
AWS Access Key ID:
type: cloudshell.datatypes.Password
default: ""
description: "If empty the role that is configured on the Execution Server
instance in the Management VPC is used."
Transit Gateway ID:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) ID of the transit gateway
(can be found in the output of the main CloudFormation stack, in the TGWid key)."
Additional Management Networks:
type: string
default: ""
description: "Networks to be allowed to interact with all sandboxes. This is
used for allowing connectivity to AWS resources outside the Management VPC.
The syntax is comma separated CIDRs.
For example, '10.0.0.0/24,10.1.0.0/16,172.31.0.0/24'."
VPN Gateway ID:
type: string
default: ""
description: "(Applies to Shared VPC mode only) ID of the gateway to use.
Required to connect the shared VPC's sandbox subnets to the VPN gateway.
CloudShell does this by creating a route between the specified VPN gateway and
the connected subnet within the VPC CIDR. Can be found in the output of the
shared VPC CloudFormation stack, in the VPNGWid key."
VPN CIDRs:
type: string
default: ""
description: "(Mandatory for Shared VPC mode if VPN Gateway ID is defined)
Comma-separated list of CIDRs in the local network to be used to VPN to the
shared VPC. Example, 10.1.0.0/24,10.3.0.0/16"
capabilities:
concurrent_command_capability:
type: cloudshell.capabilities.SupportConcurrentCommands
auto_discovery_capability:
type: cloudshell.capabilities.AutoDiscovery
properties:
enable_auto_discovery:
type: boolean
default: true
auto_discovery_description:
type: string
default: "After filling in all the inputs click Start Discovery to complete
the cloud provider creation process"
inventory_description:
type: string
default: "AWS EC2 template will create a AWS EC2 resource in CloudShell.
Once the AWS EC2 is modeled correctly in CloudShell it will be possible to
deploy Apps on this AWS EC2."
hide_address:
type: string
default: true
Region:
type: string
default: ""
description: "The code of the AWS region to be used by this cloud provider
resource. For example, 'us-east-1'."
constraints:
- valid_values:
- us-east-1
- us-east-2
- us-west-1
- us-west-2
- eu-central-1
- eu-west-1
- ap-southeast-1
- ap-southeast-2
- ap-northeast-1
- ap-northeast-2
AWS Mgmt SG ID:
type: string
default: ""
description: "The Management VPC's security group (use the SG1id output when
configuring the Management VPC for the region). For example, 'sg-71240198'.
This value is used by the Setup process to configure the communication between
the Management VPC's instances and the Sandbox instances."
AWS Mgmt VPC ID:
type: string
default: ""
description: "ID of the Management VPC. Used by the Setup process to set up
the VPC and subnet for the sandbox (use the ManagementVPCID output when
configuring the Management VPC for the region). For example 'vpc-633fb904'.
This value is created when configuring the Management VPC for the region."
Keypairs Location:
type: string
default: ""
description: "S3 bucket containing sandbox PEM files (use the S3Name output
when configuring the Management VPC for the region). Each active Sandbox
creates a PEM file under a designated folder. For example,
'sandbox-management'."
Max Storage Size:
type: integer
default: 0
description: "(Optional) The maximum number of GiB in the root volume. The
value of this parameter will be the storage size limit for all apps deployed
on this Cloud Provider. For example, '8'. The value must be greater than or
equal to the size of the root snapshot used. If set to '0', the default size
of the snapshot will be used."
Max Storage IOPS:
type: integer
default: 0
description: "(Optional) The maximum number of I/O operations per second to
be supported by the volume. The value of this parameter will be the storage
IOPS limit for all apps deployed on this Cloud Provider. For example, '240'.
This parameter is used only for storage of type io1, in which you can
provision up to 30 IOPS per GiB. If set to zero, the default in the image is
used."
Networks in use:
type: string
default: ""
description: "Reserved networks that will be excluded when allocating
sandbox networks, and therefore must include the Management VPC CIDR (which
was provided as an input to the CloudFormation deployment process) as well
as any other private networks that have access to the Management VPC. The
syntax is comma separated CIDR, only of size '/24'. For example,
'10.0.0.0/24,172.31.0.0/24'."
Instance Type:
type: string
default: ""
description: "(Optional) The default AWS EC2 instance type for the deployed
instance. The instance type determines the CPU, memory and networking
capacity of the instance to be deployed. For example “t2.large”. The
instance type can be changed when creating the App in the Manage dashboard."
VPC Mode:
type: string
default: "Dynamic"
description: "Every sandbox with AWS Apps deploys a VPC to AWS, while in
Shared VPC mode, CloudShell deploys the sandbox to an existing VPC. This
setting determines how the sandbox VPC selects a CIDR block. Options are:
<br>
* Dynamic: The CIDR block is selected by Cloudshell Server. In other
words, CloudShell deploys a new VPC with a dedicated CIDR for every
sandbox.<br>
* Static: The CIDR block for all sandboxes allocated is taken from the VPC
CIDR attribute.<br>
* Shared: Indicates that the cloud provider resource will deploy to the
shared VPC defined in Shared VPC ID and use the VPC CIDR block.<br>
* Single: The sandbox infrastructure will be deployed to the Management VPC
and use the VPC CIDR block."
constraints:
- valid_values: [ "Dynamic", "Static", "Shared", "Single", "Predefined networking" ]
Static VPC CIDR:
type: string
default: ""
description: "CIDR to be used for sandbox VPC if VPC Mode is set to Static."
Shared VPC ID:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) Shared VPC's ID (can be found
in the output of the shared VPC CloudFormation stack, in the SharedVPCId
key). For example: 'vpc-0bf24b1ebrd855e30'."
Shared VPC Role Arn:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) Role created by the
CloudFormation process with read/write permissions in the AWS account (can
be found in the output of the shared VPC CloudFormation stack, in the
SharedRoleARN key). This role is used by CloudShell to operate in the shared
VPC."
Transit Gateway ID:
type: string
default: ""
description: "(Mandatory for Shared VPC mode) ID of the transit gateway
(can be found in the output of the main CloudFormation stack, in the TGWid
key)."
Additional Management Networks:
type: string
default: ""
description: "Networks to be allowed to interact with all sandboxes. This is
used for allowing connectivity to AWS resources outside the Management VPC.
The syntax is comma separated CIDRs.
For example, '10.0.0.0/24,10.1.0.0/16,172.31.0.0/24'."
VPN Gateway ID:
type: string
default: ""
description: "(Applies to Shared VPC mode only) ID of the gateway to use.
Required to connect the shared VPC's sandbox subnets to the VPN gateway.
CloudShell does this by creating a route between the specified VPN gateway
and the connected subnet within the VPC CIDR. Can be found in the output of
the shared VPC CloudFormation stack, in the VPNGWid key."
VPN CIDRs:
type: string
default: ""
description: "(Mandatory for Shared VPC mode if VPN Gateway ID is defined)
Comma-separated list of CIDRs in the local network to be used to VPN to the
shared VPC. Example, 10.1.0.0/24,10.3.0.0/16"
artifacts:
icon:
file: AWS.png
type: tosca.artifacts.File
driver:
file: AmazonAWSCloudProviderShell2GDriver.zip
type: tosca.artifacts.File
deployment:
file: Deployments.zip
type: tosca.artifacts.File