From 8ee5ea3f386034f088ad0c8b0f2365f316b75702 Mon Sep 17 00:00:00 2001 From: Juno Yeon <73125906+kumoy@users.noreply.github.com> Date: Tue, 15 Jun 2021 17:00:05 -0400 Subject: [PATCH 1/2] Update CFN template from LaunchConfig to LaunchTemplate. --- .../watchmaker-lx-autoscale.template.cfn.yaml | 235 +++++++++--------- .../watchmaker-lx-instance.template.cfn.yaml | 2 +- ...watchmaker-win-autoscale.template.cfn.yaml | 137 +++++----- .../watchmaker-win-instance.template.cfn.yaml | 2 +- 4 files changed, 199 insertions(+), 177 deletions(-) diff --git a/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml b/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml index 4990a936..698f73ea 100644 --- a/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml +++ b/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml @@ -119,7 +119,7 @@ Conditions: - !Ref WatchmakerStandaloneUrl - '' Description: >- - This template creates an Autoscaling Group and Launch Configuration that + This template creates an Autoscaling Group and Launch Template that deploys Linux instances with Watchmaker, which applies the DISA STIG. Mappings: Distro2RootDevice: @@ -221,9 +221,9 @@ Outputs: WatchmakerAutoScalingGroupId: Description: Autoscaling Group ID Value: !Ref WatchmakerAutoScalingGroup - WatchmakerLaunchConfigId: - Description: Launch Configuration ID - Value: !Ref WatchmakerLaunchConfig + WatchmakerLaunchTemplateId: + Description: Launch Template ID + Value: !Ref WatchmakerLaunchTemplate WatchmakerLaunchConfigLogGroupName: Condition: InstallCloudWatchAgent Description: Log Group Name @@ -377,7 +377,7 @@ Parameters: - 'false' Default: 'false' Description: >- - Specifies whether the launch configuration is optimized for EBS I/O. This optimization provides + Specifies whether the launch template is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. Warning: Stack creation will fail if set to true and the instance type does not support EBS Optimization. See complete list of supported instances here: @@ -603,7 +603,9 @@ Resources: - UseElbHealthCheck - ELB - EC2 - LaunchConfigurationName: !Ref WatchmakerLaunchConfig + LaunchTemplate: + LaunchTemplateId: !Ref WatchmakerLaunchTemplate + Version: !GetAtt WatchmakerLaunchTemplate.LatestVersionNumber LoadBalancerNames: !If - UseLoadBalancerNames - !Ref LoadBalancerNames @@ -648,9 +650,9 @@ Resources: UpdatePolicy: AutoScalingReplacingUpdate: WillReplace: true - WatchmakerLaunchConfig: + WatchmakerLaunchTemplate: Metadata: - AWS::CloudFormation::Init: + 'AWS::CloudFormation::Init': configSets: launch: - setup @@ -872,7 +874,7 @@ Resources: [cfn-auto-reloader-hook] triggers=post.update path=Resources.WatchmakerInstance.Metadata - action=cfn-init -v -c update --stack ${AWS::StackName} --resource WatchmakerLaunchConfig --region ${AWS::Region} ${local_AssignInstanceRole} ${local_UseCfnUrl} + action=cfn-init -v -c update --stack ${AWS::StackName} --resource WatchmakerLaunchTemplate --region ${AWS::Region} ${local_AssignInstanceRole} ${local_UseCfnUrl} runas=root - local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}', ''] @@ -962,122 +964,131 @@ Resources: local_UseAdminUsers: !If [UseAdminUsers, !Sub '--admin-users ${WatchmakerAdminUsers}', ''] ToggleCfnInitUpdate: !Ref ToggleCfnInitUpdate Properties: - AssociatePublicIpAddress: !If - - AssignPublicIp - - true - - false - BlockDeviceMappings: - - DeviceName: !Sub - - '/dev/${local_Distro2RootDevice}' - - local_Distro2RootDevice: !FindInMap [Distro2RootDevice, !Ref AmiDistro, DeviceName] - Ebs: - DeleteOnTermination: true - Encrypted: !Ref RootVolumeEncrypted - VolumeSize: !Ref RootVolumeSize - VolumeType: gp2 - - !If - - CreateAppVolume - - DeviceName: !Ref AppVolumeDeviceName + LaunchTemplateData: + BlockDeviceMappings: + - DeviceName: !Sub + - '/dev/${local_Distro2RootDevice}' + - local_Distro2RootDevice: !FindInMap [Distro2RootDevice, !Ref AmiDistro, DeviceName] Ebs: DeleteOnTermination: true - Encrypted: !Ref AppVolumeEncrypted - SnapshotId: !If - - UseAppVolumeSnapshot - - !Ref AppVolumeSnapshotId - - !Ref 'AWS::NoValue' - VolumeSize: !Ref AppVolumeSize - VolumeType: !Ref AppVolumeType - - !Ref 'AWS::NoValue' - EbsOptimized: !Ref EbsOptimized - IamInstanceProfile: !If - - AssignInstanceRole - - !Ref InstanceRole - - !Ref 'AWS::NoValue' - ImageId: !Ref AmiId - InstanceType: !Ref InstanceType - KeyName: !Ref KeyPairName - SecurityGroups: !Ref SecurityGroupIds - UserData: - !Base64 - Fn::Sub: - - | - Content-Type: multipart/mixed; boundary="===============3585321300151562773==" - MIME-Version: 1.0 - --===============3585321300151562773== - Content-Type: text/cloud-config; charset="us-ascii" - MIME-Version: 1.0 - Content-Transfer-Encoding: 7bit - Content-Disposition: attachment; filename="cloud.cfg" + Encrypted: !Ref RootVolumeEncrypted + VolumeSize: !Ref RootVolumeSize + VolumeType: gp2 + - !If + - CreateAppVolume + - DeviceName: !Ref AppVolumeDeviceName + Ebs: + DeleteOnTermination: true + Encrypted: !Ref AppVolumeEncrypted + SnapshotId: !If + - UseAppVolumeSnapshot + - !Ref AppVolumeSnapshotId + - !Ref 'AWS::NoValue' + VolumeSize: !Ref AppVolumeSize + VolumeType: !Ref AppVolumeType + - !Ref 'AWS::NoValue' + EbsOptimized: !Ref EbsOptimized + IamInstanceProfile: !If + - AssignInstanceRole + - Name: !Ref InstanceRole + - !Ref AWS::NoValue + ImageId: !Ref AmiId + InstanceType: !Ref InstanceType + KeyName: !Ref KeyPairName + NetworkInterfaces: + - AssociatePublicIpAddress: !If + - AssignPublicIp + - true + - false + DeviceIndex: 0 + Groups: !Ref SecurityGroupIds + UserData: + !Base64 + Fn::Sub: + - | + Content-Type: multipart/mixed; boundary="===============3585321300151562773==" + MIME-Version: 1.0 + --===============3585321300151562773== + Content-Type: text/cloud-config; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="cloud.cfg" - #cloud-config - ${local_ExpandRootVolume} + #cloud-config + ${local_ExpandRootVolume} - --===============3585321300151562773== - Content-Type: text/x-shellscript; charset="us-ascii" - MIME-Version: 1.0 - Content-Transfer-Encoding: 7bit - Content-Disposition: attachment; filename="script.sh" + --===============3585321300151562773== + Content-Type: text/x-shellscript; charset="us-ascii" + MIME-Version: 1.0 + Content-Transfer-Encoding: 7bit + Content-Disposition: attachment; filename="script.sh" - #!/bin/bash -xe + #!/bin/bash -xe - # Format and mount app volume - if [[ "${AppVolumeDevice}" == "true" ]] - then - MOUNT_VFSTYPE="auto" - MOUNT_OPTS="defaults,nofail" - cloud-init-per instance mkfsappvolume mkfs -t ext4 "${AppVolumeDeviceName}" - grep -q "${AppVolumeDeviceName}" /etc/fstab || printf "%s\t%s\t%s\t%s\t0\t2\n" "${AppVolumeDeviceName}" "${AppVolumeMountPath}" "$MOUNT_VFSTYPE" "$MOUNT_OPTS" >> /etc/fstab - mkdir -p "${AppVolumeMountPath}" - mount -a - fi + # Format and mount app volume + if [[ "${AppVolumeDevice}" == "true" ]] + then + MOUNT_VFSTYPE="auto" + MOUNT_OPTS="defaults,nofail" + cloud-init-per instance mkfsappvolume mkfs -t ext4 "${AppVolumeDeviceName}" + grep -q "${AppVolumeDeviceName}" /etc/fstab || printf "%s\t%s\t%s\t%s\t0\t2\n" "${AppVolumeDeviceName}" "${AppVolumeMountPath}" "$MOUNT_VFSTYPE" "$MOUNT_OPTS" >> /etc/fstab + mkdir -p "${AppVolumeMountPath}" + mount -a + fi - # Suppress erroneous LVM file descriptor warnings - # https://access.redhat.com/solutions/49144 - export LVM_SUPPRESS_FD_WARNINGS=1 + # Suppress erroneous LVM file descriptor warnings + # https://access.redhat.com/solutions/49144 + export LVM_SUPPRESS_FD_WARNINGS=1 - # Extend any available LVM PVs - if [[ -x $( which pvs ) ]] - then - LVMPVS=($(pvs --noheadings -o pv_name)) - for PV in "${!LVMPVS[@]}" - do - pvresize ${!PV} - done - fi + # Extend any available LVM PVs + if [[ -x $( which pvs ) ]] + then + LVMPVS=($(pvs --noheadings -o pv_name)) + for PV in "${!LVMPVS[@]}" + do + pvresize ${!PV} + done + fi - # CFN LaunchConfig Update Toggle: ${ToggleNewInstances} + # CFN LaunchTemplate Update Toggle: ${ToggleNewInstances} - # Setup terminal support for UTF-8 - export LC_ALL=en_US.UTF-8 - export LANG=en_US.UTF-8 + # Setup terminal support for UTF-8 + export LC_ALL=en_US.UTF-8 + export LANG=en_US.UTF-8 - # Export AWS ENVs - test -r /etc/aws/models/endpoints.json && export AWS_DATA_PATH=/etc/aws/models || true - export AWS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt - export REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt - export AWS_DEFAULT_REGION=${AWS::Region} + # Export AWS ENVs + test -r /etc/aws/models/endpoints.json && export AWS_DATA_PATH=/etc/aws/models || true + export AWS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt + export REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt + export AWS_DEFAULT_REGION=${AWS::Region} - # Ensure cfn utils are in path - hash cfn-signal 2> /dev/null || PATH="${!PATH}:/usr/local/bin:/opt/aws/bin" + # Ensure cfn utils are in path + hash cfn-signal 2> /dev/null || PATH="${!PATH}:/usr/local/bin:/opt/aws/bin" - # Execute cfn-init - cfn-init -v -c launch --stack ${AWS::StackName} --resource WatchmakerLaunchConfig --region ${AWS::Region} \ - ${local_AssignInstanceRole} ${local_UseCfnUrl} || \ - ( echo 'ERROR: cfn-init failed! Aborting!'; cfn-signal -e 1 --stack ${AWS::StackName} --resource WatchmakerAutoScalingGroup --region ${AWS::Region} \ - ${local_AssignInstanceRole} ${local_UseCfnUrl}; exit 1) - --===============3585321300151562773==-- - - - local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}', ''] - local_ExpandRootVolume: !If - - ExpandRootVolume - - |+ - growpart: - mode: auto - devices: [ '/dev/xvda', '/dev/xvda2', '/dev/nvme0n1', '/dev/nvme0n1p2' ] - ignore_growroot_disabled: false - - '' - local_UseCfnUrl: !If [UseCfnUrl, !Sub '--url ${CfnEndpointUrl}', ''] - Type: AWS::AutoScaling::LaunchConfiguration + # Execute cfn-init + cfn-init -v -c launch --stack ${AWS::StackName} --resource WatchmakerLaunchTemplate --region ${AWS::Region} \ + ${local_AssignInstanceRole} ${local_UseCfnUrl} || \ + ( echo 'ERROR: cfn-init failed! Aborting!'; cfn-signal -e 1 --stack ${AWS::StackName} --resource WatchmakerAutoScalingGroup --region ${AWS::Region} \ + ${local_AssignInstanceRole} ${local_UseCfnUrl}; exit 1) + --===============3585321300151562773==-- + - + local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}', ''] + local_ExpandRootVolume: !If + - ExpandRootVolume + - |+ + growpart: + mode: auto + devices: [ '/dev/xvda', '/dev/xvda2', '/dev/nvme0n1', '/dev/nvme0n1p2' ] + ignore_growroot_disabled: false + - '' + local_UseCfnUrl: !If [UseCfnUrl, !Sub '--url ${CfnEndpointUrl}', ''] + LaunchTemplateName: !Ref AWS::StackName + TagSpecifications: + - ResourceType: launch-template + Tags: + - Key: Name + Value: !Ref AWS::StackName + Type: AWS::EC2::LaunchTemplate WatchmakerLaunchConfigLogGroup: Condition: InstallCloudWatchAgent Properties: diff --git a/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml b/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml index a982aff8..eb229e3e 100644 --- a/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml +++ b/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml @@ -835,7 +835,7 @@ Resources: - AssignPublicIp - true - false - DeviceIndex: '0' + DeviceIndex: 0 GroupSet: !Ref SecurityGroupIds PrivateIpAddress: !If - AssignStaticPrivateIp diff --git a/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml b/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml index a77f919e..1d95046e 100644 --- a/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml +++ b/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml @@ -108,7 +108,7 @@ Conditions: - !Ref WatchmakerStandaloneUrl - '' Description: >- - This template creates an Autoscaling Group and Launch Configuration that + This template creates an Autoscaling Group and Launch Template that deploys Windows instances with Watchmaker, which applies the DISA STIG. Mappings: ShellCommandMap: @@ -207,9 +207,9 @@ Outputs: WatchmakerAutoScalingGroupId: Description: Autoscaling Group ID Value: !Ref WatchmakerAutoScalingGroup - WatchmakerLaunchConfigId: - Description: Launch Configuration ID - Value: !Ref WatchmakerLaunchConfig + WatchmakerLaunchTemplateId: + Description: Launch Template ID + Value: !Ref WatchmakerLaunchTemplate WatchmakerLaunchConfigLogGroupName: Condition: InstallCloudWatchAgent Description: Log Group Name @@ -562,7 +562,9 @@ Resources: - UseElbHealthCheck - ELB - EC2 - LaunchConfigurationName: !Ref WatchmakerLaunchConfig + LaunchTemplate: + LaunchTemplateId: !Ref WatchmakerLaunchTemplate + Version: !GetAtt WatchmakerLaunchTemplate.LatestVersionNumber LoadBalancerNames: !If - UseLoadBalancerNames - !Ref LoadBalancerNames @@ -607,7 +609,7 @@ Resources: UpdatePolicy: AutoScalingReplacingUpdate: WillReplace: true - WatchmakerLaunchConfig: + WatchmakerLaunchTemplate: Metadata: 'AWS::CloudFormation::Init': configSets: @@ -870,8 +872,8 @@ Resources: - | [cfn-auto-reloader-hook] triggers=post.update - path=Resources.WatchmakerLaunchConfig.Metadata - action=cfn-init.exe -v -c update --stack ${AWS::StackName} --resource WatchmakerLaunchConfig --region ${AWS::Region} ${local_AssignInstanceRole} ${local_UseCfnUrl} + path=Resources.WatchmakerLaunchTemplate.Metadata + action=cfn-init.exe -v -c update --stack ${AWS::StackName} --resource WatchmakerLaunchTemplate --region ${AWS::Region} ${local_AssignInstanceRole} ${local_UseCfnUrl} - local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}',''] local_UseCfnUrl: !If [UseCfnUrl, !Sub '--url ${CfnEndpointUrl}', ''] @@ -977,67 +979,76 @@ Resources: waitAfterCompletion: '0' ToggleCfnInitUpdate: !Ref ToggleCfnInitUpdate Properties: - AssociatePublicIpAddress: !If - - AssignPublicIp - - true - - false - BlockDeviceMappings: - - DeviceName: /dev/sda1 - Ebs: - DeleteOnTermination: true - Encrypted: !Ref RootVolumeEncrypted - VolumeSize: !Ref RootVolumeSize - VolumeType: gp2 - - !If - - CreateAppVolume - - DeviceName: !Ref AppVolumeDevice + LaunchTemplateData: + BlockDeviceMappings: + - DeviceName: /dev/sda1 Ebs: DeleteOnTermination: true - Encrypted: !Ref AppVolumeEncrypted - SnapshotId: !If - - UseAppVolumeSnapshot - - !Ref AppVolumeSnapshotId - - !Ref 'AWS::NoValue' - VolumeSize: !Ref AppVolumeSize - VolumeType: !Ref AppVolumeType + Encrypted: !Ref RootVolumeEncrypted + VolumeSize: !Ref RootVolumeSize + VolumeType: gp2 + - !If + - CreateAppVolume + - DeviceName: !Ref AppVolumeDevice + Ebs: + DeleteOnTermination: true + Encrypted: !Ref AppVolumeEncrypted + SnapshotId: !If + - UseAppVolumeSnapshot + - !Ref AppVolumeSnapshotId + - !Ref 'AWS::NoValue' + VolumeSize: !Ref AppVolumeSize + VolumeType: !Ref AppVolumeType + - !Ref 'AWS::NoValue' + EbsOptimized: !Ref EbsOptimized + IamInstanceProfile: !If + - AssignInstanceRole + - Name: !Ref InstanceRole - !Ref 'AWS::NoValue' - EbsOptimized: !Ref EbsOptimized - IamInstanceProfile: !If - - AssignInstanceRole - - !Ref InstanceRole - - !Ref 'AWS::NoValue' - ImageId: !Ref AmiId - InstanceType: !Ref InstanceType - KeyName: !Ref KeyPairName - SecurityGroups: !Ref SecurityGroupIds - UserData: - !Base64 - Fn::Sub: - - | - - - - local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}', ''] - local_UseCfnUrl: !If [UseCfnUrl, !Sub '--url ${CfnEndpointUrl}', ''] - Type: 'AWS::AutoScaling::LaunchConfiguration' + :success + + - + local_AssignInstanceRole: !If [AssignInstanceRole, !Sub '--role ${InstanceRole}', ''] + local_UseCfnUrl: !If [UseCfnUrl, !Sub '--url ${CfnEndpointUrl}', ''] + LaunchTemplateName: !Ref AWS::StackName + TagSpecifications: + - ResourceType: launch-template + Tags: + - Key: Name + Value: !Ref AWS::StackName + Type: AWS::EC2::LaunchTemplate WatchmakerLaunchConfigLogGroup: Condition: InstallCloudWatchAgent Properties: diff --git a/modules/win-instance/watchmaker-win-instance.template.cfn.yaml b/modules/win-instance/watchmaker-win-instance.template.cfn.yaml index 544bdae8..739f9a33 100644 --- a/modules/win-instance/watchmaker-win-instance.template.cfn.yaml +++ b/modules/win-instance/watchmaker-win-instance.template.cfn.yaml @@ -844,7 +844,7 @@ Resources: - AssignPublicIp - true - false - DeviceIndex: '0' + DeviceIndex: 0 GroupSet: !Ref SecurityGroupIds PrivateIpAddress: !If - AssignStaticPrivateIp From 39b9d2de21cb17d2f5797ebc5f99587f46113217 Mon Sep 17 00:00:00 2001 From: Juno Yeon <73125906+kumoy@users.noreply.github.com> Date: Mon, 21 Jun 2021 17:43:33 -0400 Subject: [PATCH 2/2] Update CFN template from LaunchConfig to LaunchTemplate. --- .bumpversion.cfg | 2 +- .gitignore | 1 + buildspec.yml | 2 +- .../watchmaker-lx-autoscale.template.cfn.yaml | 2 +- .../lx-instance/watchmaker-lx-instance.template.cfn.yaml | 4 ++-- .../watchmaker-win-autoscale.template.cfn.yaml | 2 +- .../watchmaker-win-instance.template.cfn.yaml | 4 ++-- tests/main.tf | 8 ++++++++ tests/output.tf | 1 + 9 files changed, 18 insertions(+), 8 deletions(-) diff --git a/.bumpversion.cfg b/.bumpversion.cfg index 13964c11..4c0e8253 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -1,5 +1,5 @@ [bumpversion] -current_version = 2.1.1 +current_version = 2.2.0 commit = True message = Bumps version to {new_version} tag = False diff --git a/.gitignore b/.gitignore index 09ff22fc..7b61a18e 100644 --- a/.gitignore +++ b/.gitignore @@ -99,6 +99,7 @@ htmlcov *.tfvars *.tfstate *.tfstate.backup +*.lock.hcl .terraform/ terraform.log diff --git a/buildspec.yml b/buildspec.yml index f2b7e217..eb115591 100644 --- a/buildspec.yml +++ b/buildspec.yml @@ -24,7 +24,7 @@ phases: - terraform apply -no-color -input=false tfplan # apply terraform post_build: commands: - - if [ "${DESTROY_AFTER_TEST}" = "true" ]; then terraform destroy -no-color -input=false -force; fi + - if [ "${DESTROY_AFTER_TEST}" = "true" ]; then terraform destroy -no-color -input=false -auto-approve; fi artifacts: files: - tests/terraform.tfstate diff --git a/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml b/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml index 698f73ea..d4c3aaa8 100644 --- a/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml +++ b/modules/lx-autoscale/watchmaker-lx-autoscale.template.cfn.yaml @@ -208,7 +208,7 @@ Metadata: default: Force Cfn Init Update ToggleNewInstances: default: Force New Instances - Version: 2.1.1 + Version: 2.2.0 Outputs: ScaleDownScheduledAction: Condition: UseScheduledAction diff --git a/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml b/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml index eb229e3e..2e967ef2 100644 --- a/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml +++ b/modules/lx-instance/watchmaker-lx-instance.template.cfn.yaml @@ -164,7 +164,7 @@ Metadata: ParameterLabels: ToggleCfnInitUpdate: default: Force Cfn Init Update - Version: 2.1.1 + Version: 2.2.0 Outputs: WatchmakerInstanceId: Description: Instance ID @@ -835,7 +835,7 @@ Resources: - AssignPublicIp - true - false - DeviceIndex: 0 + DeviceIndex: '0' GroupSet: !Ref SecurityGroupIds PrivateIpAddress: !If - AssignStaticPrivateIp diff --git a/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml b/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml index 1d95046e..d2192a5f 100644 --- a/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml +++ b/modules/win-autoscale/watchmaker-win-autoscale.template.cfn.yaml @@ -194,7 +194,7 @@ Metadata: default: Force Cfn Init Update ToggleNewInstances: default: Force New Instances - Version: 2.1.1 + Version: 2.2.0 Outputs: ScaleDownScheduledAction: Condition: UseScheduledAction diff --git a/modules/win-instance/watchmaker-win-instance.template.cfn.yaml b/modules/win-instance/watchmaker-win-instance.template.cfn.yaml index 739f9a33..3782153e 100644 --- a/modules/win-instance/watchmaker-win-instance.template.cfn.yaml +++ b/modules/win-instance/watchmaker-win-instance.template.cfn.yaml @@ -148,7 +148,7 @@ Metadata: ParameterLabels: ToggleCfnInitUpdate: default: Force Cfn Init Update - Version: 2.1.1 + Version: 2.2.0 Outputs: WatchmakerInstanceId: Description: Instance ID @@ -844,7 +844,7 @@ Resources: - AssignPublicIp - true - false - DeviceIndex: 0 + DeviceIndex: '0' GroupSet: !Ref SecurityGroupIds PrivateIpAddress: !If - AssignStaticPrivateIp diff --git a/tests/main.tf b/tests/main.tf index eae60ebd..396189eb 100644 --- a/tests/main.tf +++ b/tests/main.tf @@ -27,6 +27,7 @@ module "lx-instance-centos7" { WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env EnableRepos = "epel" + TimeoutInMinutes = 45 } module "lx-autoscale-centos7" { @@ -53,6 +54,7 @@ module "lx-autoscale-centos7" { WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env EnableRepos = "epel" + TimeoutInMinutes = 45 } module "win-instance-2012R2" { @@ -77,6 +79,7 @@ module "win-instance-2012R2" { SubnetId = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } module "win-instance-2016" { @@ -102,6 +105,7 @@ module "win-instance-2016" { SubnetId = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } module "win-instance-2019" { @@ -123,6 +127,7 @@ module "win-instance-2019" { SubnetId = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } module "win-autoscale-2012R2" { @@ -149,6 +154,7 @@ module "win-autoscale-2012R2" { SubnetIds = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } module "win-autoscale-2016" { @@ -175,6 +181,7 @@ module "win-autoscale-2016" { SubnetIds = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } module "win-autoscale-2019" { @@ -198,4 +205,5 @@ module "win-autoscale-2019" { SubnetIds = var.subnet_id WatchmakerConfig = var.watchmaker_config WatchmakerEnvironment = var.watchmaker_env + TimeoutInMinutes = 45 } diff --git a/tests/output.tf b/tests/output.tf index 2c496ad6..b803e442 100644 --- a/tests/output.tf +++ b/tests/output.tf @@ -1,6 +1,7 @@ output "private_key" { description = "Private key for the keypair" value = join("", tls_private_key.this.*.private_key_pem) + sensitive = true } output "build_id" {