### THIS FILE IS AUTOMATICALLY GENERATED, DO NOT EDIT ### module MU class Config # The configuration file format for Mu application stacks. class BasketofKittens # Administrative contacts for this application stack. Will be automatically set to invoking Mu user, if not specified. class admins # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :email # @!endgroup # @!group Optional parameters # An OpenSSH-style public key string. This will be installed on all instances created in this deployment. # # @return [String] attr_accessor :public_key # @!endgroup end end class BasketofKittens # CloudFormation-specific. Define Conditions as in http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html. Arguments must use the cloudCode() macro. class conditions # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :cloudcode # @!endgroup end end class BasketofKittens # Parameters to be substituted elsewhere in this Basket of Kittens as ERB variables (<%= varname %>) class parameters # @!group Optional parameters # # @return [String] attr_accessor :name # # @return [String] attr_accessor :default # Treat the value as a comma-separated list of values with this key name, equivalent to CloudFormation's various List<> types. For example, set to 'subnet_id' to pass values as an array of subnet identifiers as the 'subnets' argument of a VPC stanza. # # @return [String] attr_accessor :list_of # An alternative name to use when generating parameter fields in, for example, CloudFormation templates # # @return [String] attr_accessor :prettyname # # @return [String] attr_accessor :description # A platform-specific string describing the type of validation to use for this parameter. E.g. when generating a CloudFormation template, set to AWS::EC2::Image::Id to validate input as an AMI identifier. # # @return [String] attr_accessor :cloudtype # **Default: `true`** # # @return [Boolean] attr_accessor :required # # @return [Array] attr_accessor :valid_values # @!endgroup end end class BasketofKittens class collections # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class collections # set cloudformation template parameter class parameters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :parameter_key # **REQUIRED** # # @return [String] attr_accessor :parameter_value # @!endgroup end end end class BasketofKittens class collections # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create an Amazon CloudFormation stack. class collections # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::collections::tags attr_accessor :tags # set cloudformation template parameter # # @return [Array] # @see BasketofKittens::collections::parameters attr_accessor :parameters # Pass in the deploy key for this stack as a CloudFormation parameter. Set this to the CloudFormation parameter name. # # @return [String] attr_accessor :pass_deploy_key_as # **Default: `true`** - # If targeting CloudFormation, this will pass all of the parent template's parameters to the nested template # # @return [Boolean] attr_accessor :pass_parent_parameters # **Default: `ROLLBACK`**, # **Must be one of: `DO_NOTHING, ROLLBACK, DELETE`** # # @return [String] attr_accessor :on_failure # # @return [String] attr_accessor :template_file # **Default: `45`** - # Timeout (in minutes) for building this Collection. # # @return [String] attr_accessor :timeout # **Must match pattern `^(?x-mi:(?=(?-mix:http|https):) # ([a-zA-Z][\-+.a-zA-Z\d]*): (?# 1: scheme) # (?: # ((?:[\-_.!~*'()a-zA-Z\d;?:@&=+$,]|%[a-fA-F\d]{2})(?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*) (?# 2: opaque) # | # (?:(?: # \/\/(?: # (?:(?:((?:[\-_.!~*'()a-zA-Z\d;:&=+$,]|%[a-fA-F\d]{2})*)@)? (?# 3: userinfo) # (?:((?:(?:[a-zA-Z0-9\-.]|%\h\h)+|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|\[(?:(?:[a-fA-F\d]{1,4}:)*(?:[a-fA-F\d]{1,4}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})|(?:(?:[a-fA-F\d]{1,4}:)*[a-fA-F\d]{1,4})?::(?:(?:[a-fA-F\d]{1,4}:)*(?:[a-fA-F\d]{1,4}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}))?)\]))(?::(\d*))?))? (?# 4: host, 5: port) # | # ((?:[\-_.!~*'()a-zA-Z\d$,;:@&=+]|%[a-fA-F\d]{2})+) (?# 6: registry) # ) # | # (?!\/\/)) (?# XXX: '\/\/' is the mark for hostport) # (\/(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*(?:;(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*)*(?:\/(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*(?:;(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*)*)*)? (?# 7: path) # )(?:\?((?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*))? (?# 8: query) # ) # (?:\#((?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*))? (?# 9: fragment) # )$`** # # @return [String] attr_accessor :template_url # **Must be one of: `existing, new`** # # @return [String] attr_accessor :creation_style # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::collections::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class databases # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class databases class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class databases # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::databases::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class databases # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class databases # Incorporate a database object class read_replica_of # @!group Optional parameters # # @return [String] attr_accessor :db_id # # @return [String] attr_accessor :db_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Identify this Database by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Look for a Database fitting this description in another Mu deployment with this id. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class databases # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class databases # Internal use class member_of_cluster end end end class BasketofKittens class databases class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class databases class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class databases class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class databases # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::databases::dns_records::zone] # @see BasketofKittens::databases::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `CNAME`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::databases::dns_records::geo_location] # @see BasketofKittens::databases::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::databases::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class databases class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class databases # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::databases::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class databases # The vault storing the password of the database master user. a random password will be generated if not specified. class auth_vault # @!group Required parameters # **Default: `database`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for database master user is stored # # @return [String] attr_accessor :password_field # @!endgroup end end end class BasketofKittens class databases # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class databases # The database parameter group parameter to change and when to apply the change. class db_parameter_group_parameters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `immediate`**, # **Must be one of: `pending-reboot, immediate`** # # @return [String] attr_accessor :apply_method # @!endgroup end end end class BasketofKittens class databases # The database parameter group parameter to change and when to apply the change. class cluster_parameter_group_parameters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `immediate`**, # **Must be one of: `pending-reboot, immediate`** # # @return [String] attr_accessor :apply_method # @!endgroup end end end class BasketofKittens # Create a dedicated database server. class databases # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `mysql, postgres, oracle-se1, oracle-se2, oracle-se, oracle-ee, sqlserver-ee, sqlserver-se, sqlserver-ex, sqlserver-web, aurora, mariadb`** # # @return [String] attr_accessor :engine # **REQUIRED**, # **Must match pattern `^db.(t|m|c|i|g|r|hi|hs|cr|cg|cc){1,2}[0-9]\.(micro|small|medium|[248]?x?large)$`** - # The Amazon RDS instance type to use when creating this database instance. # # @return [String] attr_accessor :size # **REQUIRED** - # Storage space for this database instance (GB). # # @return [Integer] attr_accessor :storage # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `Chef`**, # **Must be one of: `Chef`** # # @return [String] attr_accessor :groomer # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # # @return [String] attr_accessor :db_family # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::databases::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::databases::alarms attr_accessor :alarms # # @return [String] attr_accessor :engine_version # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::databases::add_firewall_rules attr_accessor :add_firewall_rules # Incorporate a database object # # @return [BasketofKittens::databases::read_replica_of] # @see BasketofKittens::databases::read_replica_of attr_accessor :read_replica_of # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::databases::ingress_rules attr_accessor :ingress_rules # **Default: `false`** - # Internal use # # @return [Boolean] attr_accessor :add_cluster_node # Internal use # # @return [BasketofKittens::databases::member_of_cluster] # @see BasketofKittens::databases::member_of_cluster attr_accessor :member_of_cluster # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::databases::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # **Default: `gp2`**, # **Must be one of: `standard, gp2, io1`** # # @return [String] attr_accessor :storage_type # Arbitrary SQL commands to run after the database is fully configred (PostgreSQL databases only). # # @return [Array] attr_accessor :run_sql_on_deploy # # @return [Integer] attr_accessor :port # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::databases::vpc] # @see BasketofKittens::databases::vpc attr_accessor :vpc # # @return [Boolean] attr_accessor :publicly_accessible # **Default: `false`** - # Enable high availability when the database instance is created # # @return [Boolean] attr_accessor :multi_az_on_create # **Default: `false`** - # See multi_az_on_groom # # @return [Boolean] attr_accessor :multi_az_on_deploy # **Default: `false`** - # Enable high availability after the database instance is created. This may make deployments based on creation_style other then 'new' faster. # # @return [Boolean] attr_accessor :multi_az_on_groom # **Default: `1`** - # The number of days to retain an automatic database snapshot. If set to 0 and deployment is multi-az will be overridden to 35 # # @return [Integer] attr_accessor :backup_retention_period # **Default: `05:00-05:30`** - # The preferred time range to perform automatic database backups. # # @return [String] attr_accessor :preferred_backup_window # The preferred data/time range to perform database maintenance. Ex. Sun:02:00-Sun:03:00 # # @return [String] attr_accessor :preferred_maintenance_window # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. Increments of 1,000 # # @return [Integer] attr_accessor :iops # **Default: `true`** # # @return [Boolean] attr_accessor :auto_minor_version_upgrade # **Default: `false`** # # @return [Boolean] attr_accessor :allow_major_version_upgrade # **Default: `false`** # # @return [Boolean] attr_accessor :storage_encrypted # **Default: `new`**, # **Must be one of: `existing, new, new_snapshot, existing_snapshot, point_in_time`** - # 'new' - create a pristine database instances; 'existing' - use an existing database instance; 'new_snapshot' - create a snapshot of an existing database, and create a new one from that snapshot; 'existing_snapshot' - create database from an existing snapshot.; 'point_in_time' - create database from point in time backup of an existing database # # @return [String] attr_accessor :creation_style # For any creation_style other than 'new' this parameter identifies the database to use. In the case of new_snapshot or point_in_time this is the identifier of an existing database instance; in the case of existing_snapshot this is the identifier of the snapshot. # # @return [String] attr_accessor :identifier # Set master user name for this database instance; if not specified a random username will be generated # # @return [String] attr_accessor :master_user # Must either be set to 'latest' or date/time value in the following format: 2015-09-12T22:30:00Z. Applies only to point_in_time creation_style # # @return [String] attr_accessor :restore_time # **Default: `false`** # # @return [Boolean] attr_accessor :create_read_replica # Put read-replica in a particular region, other than the region of the source database. # # @return [String] attr_accessor :read_replica_region # The number of database instances to add to a database cluster. This only applies to aurora # # @return [Integer] attr_accessor :cluster_node_count # Create a database cluster instead of a standalone database. # # @return [Boolean] attr_accessor :create_cluster # **Must be one of: `postgres9.6, postgres9.5, postgres9.4, postgres9.3, mysql5.1, mysql5.5, mysql5.6, mysql5.7, oracle-ee-11.2, oracle-ee-12.1, oracle-se-11.2, oracle-se-12.1, oracle-se1-11.2, oracle-se1-12.1, sqlserver-ee-10.5, sqlserver-ee-11.0, sqlserver-ee-12.0, sqlserver-ex-10.5, sqlserver-ex-11.0, sqlserver-ex-12.0, sqlserver-se-10.5, sqlserver-se-11.0, sqlserver-se-12.0, sqlserver-web-10.5, sqlserver-web-11.0, sqlserver-web-12.0, aurora5.6, mariadb-10.0, mariadb-10.1`** - # The database family to create the DB Parameter Group for. The family type must be the same type as the database major version - eg if you set engine_version to 9.4.4 the db_family must be set to postgres9.4. # # @return [String] attr_accessor :parameter_group_family # The vault storing the password of the database master user. a random password will be generated if not specified. # # @return [BasketofKittens::databases::auth_vault] # @see BasketofKittens::databases::auth_vault attr_accessor :auth_vault # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::databases::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY** # The database parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::databases::db_parameter_group_parameters attr_accessor :db_parameter_group_parameters # **AWS & CLOUDFORMATION ONLY** # The database parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::databases::cluster_parameter_group_parameters attr_accessor :cluster_parameter_group_parameters # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `license-included, bring-your-own-license, general-public-license, postgresql-license`** - # +AWS+: #+CLOUDFORMATION+: # # @return [String] attr_accessor :license_model # @!endgroup end end class BasketofKittens class dnszones class records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class dnszones class records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class dnszones # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class records # @!group Required parameters # **REQUIRED**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # **REQUIRED** - # The value of this record. Must be valid for the 'type' field, e.g. A records must point to an IP address. If creating a record for an existing deployment, specify the mu_name of the resource, you must also specifiy deploy_id and mu_type # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::dnszones::records::geo_location] # @see BasketofKittens::dnszones::records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::dnszones::records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class dnszones # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpcs # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class dnszones # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create a DNS zone in Route 53. class dnszones # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # The domain name to create. Must comply with RFC 1123 # # @return [String] attr_accessor :name # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `true`** - # Create as a private internal domain, not publicly resolvable. # # @return [Boolean] attr_accessor :private # **Default: `true`** - # If this zone is private, make sure it is resolvable from all VPCs in this account. Will supercede the list in {MU::Config::BasketofKittens::dnszones.vpcs} for VPCs in this account. # # @return [Boolean] attr_accessor :all_account_vpcs # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::dnszones::records attr_accessor :records # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [Array] # @see BasketofKittens::dnszones::vpcs attr_accessor :vpcs # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::dnszones::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class firewall_rules # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class firewall_rules # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class firewall_rules # Network ingress and/or egress rules. class rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp, all`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # # @return [Array] attr_accessor :source_tags # # @return [Array] attr_accessor :source_service_accounts # # @return [Array] attr_accessor :target_tags # # @return [Array] attr_accessor :target_service_accounts # @!endgroup end end end class BasketofKittens class firewall_rules # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create network-level access controls. class firewall_rules # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Backwards-compatibility means of identifying a VPC; see {MU::Config::BasketofKittens::firewall_rules::vpc} # # @return [String] attr_accessor :vpc_name # Backwards-compatibility means of identifying a VPC; see {MU::Config::BasketofKittens::firewall_rules::vpc} # # @return [String] attr_accessor :vpc_id # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::firewall_rules::vpc] # @see BasketofKittens::firewall_rules::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::firewall_rules::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `false`** # # @return [Boolean] attr_accessor :self_referencing # **Default: `false`** - # Internal use only. Flag generic administrative firewall rulesets for use by the Mu Master # # @return [Boolean] attr_accessor :admin # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::firewall_rules::rules attr_accessor :rules # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::firewall_rules::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources # # @return [String] attr_accessor :project # @!endgroup end end class BasketofKittens class loadbalancers class listeners # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end end class BasketofKittens class loadbalancers class listeners class rules # Rule condition class conditions # @!group Required parameters # **Default: `path-pattern`**, # **Must be one of: `path-pattern`** # # @return [String] attr_accessor :field # **REQUIRED** - # A pattern to match against for this field. # # @return [Array] attr_accessor :values # @!endgroup end end end end end class BasketofKittens class loadbalancers class listeners class rules # Rule action class actions # @!group Required parameters # **Default: `forward`**, # **Must be one of: `forward`** - # An action to take when a match occurs. Currently, only forwarding to a targetgroup is supported. # # @return [String] attr_accessor :action # **REQUIRED** - # Which of our declared targetgroups should be the recipient of this traffic. If left unspecified, will default to the default targetgroup of this listener. # # @return [String] attr_accessor :targetgroup # @!endgroup end end end end end class BasketofKittens class loadbalancers class listeners # Rules to route requests to different target groups based on the request path class rules # @!group Required parameters # **REQUIRED** # Rule condition # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules::conditions attr_accessor :conditions # **Default: `1`** - # The priority for the rule. Use to order processing relative to other rules. # # @return [Integer] attr_accessor :order # @!endgroup # @!group Optional parameters # Rule action # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules::actions attr_accessor :actions # @!endgroup end end end end class BasketofKittens class loadbalancers # A list of port/protocols which this Load Balancer should answer. class listeners # @!group Required parameters # **REQUIRED** - # Specifies the external load balancer port number. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :lb_port # **REQUIRED** - # Specifies the TCP port on which the instance server is listening. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :instance_port # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL, UDP`** - # Specifies the load balancer transport protocol to use for routing - HTTP, HTTPS, TCP, SSL, or UDP. SSL and UDP are only valid in Google Cloud. # # @return [String] attr_accessor :lb_protocol # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL, UDP`** - # Specifies the protocol to use for routing traffic to back-end instances - HTTP, HTTPS, TCP, or SSL. This property cannot be modified for the life of the load balancer. # # If the front-end protocol is HTTP or HTTPS, InstanceProtocol has to be at the same protocol layer, i.e., HTTP or HTTPS. Likewise, if the front-end protocol is TCP or SSL, InstanceProtocol has to be TCP or SSL. # # @return [String] attr_accessor :instance_protocol # @!endgroup # @!group Optional parameters # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::listeners::healthcheck] # @see BasketofKittens::loadbalancers::listeners::healthcheck attr_accessor :healthcheck # Which of our declared targetgroups should be the back-end for this listener's traffic # # @return [String] attr_accessor :targetgroup # The name of a server certificate. # # @return [String] attr_accessor :ssl_certificate_name # The ARN string of an Amazon IAM server certificate. # # @return [String] attr_accessor :ssl_certificate_id # **Default: `tls1.2`**, # **Must be one of: `tls1.0, tls1.1, tls1.2`** - # Lowest level of TLS to support. # # @return [String] attr_accessor :tls_policy # Rules to route requests to different target groups based on the request path # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules attr_accessor :rules # @!endgroup end end end class BasketofKittens class loadbalancers # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class loadbalancers # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class loadbalancers class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class loadbalancers class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class loadbalancers class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class loadbalancers # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::loadbalancers::dns_records::zone] # @see BasketofKittens::loadbalancers::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `R53ALIAS`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::loadbalancers::dns_records::geo_location] # @see BasketofKittens::loadbalancers::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::loadbalancers::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class loadbalancers class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class loadbalancers # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::loadbalancers::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class loadbalancers # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class loadbalancers # Creates a cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners. class lb_cookie_stickiness_policy # @!group Required parameters # **REQUIRED**, # **Must match pattern `^([a-zA-Z0-9\-]+)$`** - # The name of this policy. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # The time period in seconds after which the cookie should be considered stale. Not specifying this parameter indicates that the sticky session will last for the duration of the browser session. # # @return [Integer] attr_accessor :timeout # @!endgroup end end end class BasketofKittens class loadbalancers # Use IP addresses or IP/port/proto combinations to map client sessions to back-end servers. Only valid with Google Cloud, and is ignored for UDP-based listeners. class ip_stickiness_policy # @!group Optional parameters # **Default: `false`** - # Include the client protocol as well as the IP when determining session affinity. Only valid for internal load balancers. # # @return [Boolean] attr_accessor :map_proto # **Default: `false`** - # Include the client port as well as the IP when determining session affinity. Only valid for internal load balancers, and only in combination with map_proto. # # @return [Boolean] attr_accessor :map_port # @!endgroup end end end class BasketofKittens class loadbalancers # Use an application cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners, on AWS. class app_cookie_stickiness_policy # @!group Required parameters # **REQUIRED**, # **Must match pattern `^([a-zA-Z0-9\-]+)$`** - # The name of this policy. # # @return [String] attr_accessor :name # **REQUIRED** - # The name of an application cookie to use for session tracking. # # @return [String] attr_accessor :cookie # @!endgroup end end end class BasketofKittens class loadbalancers class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class loadbalancers # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::loadbalancers::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class loadbalancers # Access logging for Load Balancer requests. class access_log # @!group Required parameters # **Default: `false`** - # Toggle access log publishing. # # @return [Boolean] attr_accessor :enabled # **REQUIRED** - # The Amazon S3 bucket to which to publish access logs. # # @return [String] attr_accessor :s3_bucket_name # @!endgroup # @!group Optional parameters # **Default: ``** - # The path within the S3 bucket to which to publish the logs. # # @return [String] attr_accessor :s3_bucket_prefix # **Default: `60`**, # **Must be one of: `5, 60`** - # How frequently to publish access logs. # # @return [Integer] attr_accessor :emit_interval # @!endgroup end end end class BasketofKittens class loadbalancers # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end class BasketofKittens class loadbalancers class targetgroups # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end end class BasketofKittens class loadbalancers # A grouping of class targetgroups # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL`** # # @return [String] attr_accessor :proto # **REQUIRED** - # Specifies the TCP port on which the instance server is listening. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :port # @!endgroup # @!group Optional parameters # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::targetgroups::healthcheck] # @see BasketofKittens::loadbalancers::targetgroups::healthcheck attr_accessor :healthcheck # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end class BasketofKittens class loadbalancers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class loadbalancers # A named network port for a Google instance group, used for health checks and forwarding targets. class named_ports # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **GOOGLE ONLY** # # @return [Integer] attr_accessor :port # @!endgroup end end end class BasketofKittens # Create Load Balancers class loadbalancers # @!group Required parameters # **REQUIRED** - # Note that Amazon Elastic Load Balancer names must be relatively short. Brevity is recommended here. # # @return [String] attr_accessor :name # **REQUIRED** # A list of port/protocols which this Load Balancer should answer. # # @return [Array] # @see BasketofKittens::loadbalancers::listeners attr_accessor :listeners # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # Normally an ELB's Amazon identifier will be named the same as its internal Mu identifier. This allows you to override that name with a specific value. Note that Amazon Elastic Load Balancer names must be relatively short. Brevity is recommended here. Note also that setting a static name here may result in deploy failures due to name collision with existing ELBs. # # @return [String] attr_accessor :override_name # **Default: `false`** - # For AWS Load Balancers, revert to the old API instead ElasticLoadbalancingV2 (ALBs) # # @return [Boolean] attr_accessor :classic # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::loadbalancers::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::loadbalancers::add_firewall_rules attr_accessor :add_firewall_rules # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::loadbalancers::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::loadbalancers::alarms attr_accessor :alarms # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::loadbalancers::ingress_rules attr_accessor :ingress_rules # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `false`** - # Set true to disable Cross-Zone load balancing, which we enable by default: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/how-elb-works.html#request-routing # # @return [Boolean] attr_accessor :cross_zone_unstickiness # **Default: `60`** - # Specifies the time (in seconds) the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. # # @return [Integer] attr_accessor :idle_timeout # Creates a cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners. # # @return [BasketofKittens::loadbalancers::lb_cookie_stickiness_policy] # @see BasketofKittens::loadbalancers::lb_cookie_stickiness_policy attr_accessor :lb_cookie_stickiness_policy # Use IP addresses or IP/port/proto combinations to map client sessions to back-end servers. Only valid with Google Cloud, and is ignored for UDP-based listeners. # # @return [BasketofKittens::loadbalancers::ip_stickiness_policy] # @see BasketofKittens::loadbalancers::ip_stickiness_policy attr_accessor :ip_stickiness_policy # Use an application cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners, on AWS. # # @return [BasketofKittens::loadbalancers::app_cookie_stickiness_policy] # @see BasketofKittens::loadbalancers::app_cookie_stickiness_policy attr_accessor :app_cookie_stickiness_policy # **Default: `-1`** - # Permits the load balancer to complete connections to unhealthy backend instances before retiring them fully. Timeout is in seconds; set to -1 to disable. # # @return [Integer] attr_accessor :connection_draining_timeout # **Default: `false`** - # Set to true if this ELB should only be assigned a private IP address (no public interface). # # @return [Boolean] attr_accessor :private # **Default: `true`** - # Google Cloud only. Deploy as a global artifact instead of in a specific region. Not valid for UDP targets. # # @return [Boolean] attr_accessor :global # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::loadbalancers::vpc] # @see BasketofKittens::loadbalancers::vpc attr_accessor :vpc # # @return [Array] attr_accessor :zones # Access logging for Load Balancer requests. # # @return [BasketofKittens::loadbalancers::access_log] # @see BasketofKittens::loadbalancers::access_log attr_accessor :access_log # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::healthcheck] # @see BasketofKittens::loadbalancers::healthcheck attr_accessor :healthcheck # A grouping of # # @return [Array] # @see BasketofKittens::loadbalancers::targetgroups attr_accessor :targetgroups # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::loadbalancers::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY** # A named network port for a Google instance group, used for health checks and forwarding targets. # # @return [Array] # @see BasketofKittens::loadbalancers::named_ports attr_accessor :named_ports # @!endgroup end end class BasketofKittens class servers class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class servers class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class servers class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class servers # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::servers::dns_records::zone] # @see BasketofKittens::servers::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `A`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::servers::dns_records::geo_location] # @see BasketofKittens::servers::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::servers::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class servers # Create a reusable image of this server once it is complete. class create_image # @!group Required parameters # **Default: `false`** - # Make the image public once it's complete # # @return [Boolean] attr_accessor :public # **Default: `false`** - # Destroy the source server after creating the reusable image(s). # # @return [Boolean] attr_accessor :image_then_destroy # **Default: `false`** - # When creating an image of this server, exclude the block device mappings of the source server. # # @return [Boolean] attr_accessor :image_exclude_storage # @!endgroup # @!group Optional parameters # Regions in which to place more copies of this image. If none are specified, or if the keyword #ALL is specified, will place in all available regions. # # @return [Array] attr_accessor :copy_to_regions # @!endgroup end end end class BasketofKittens class servers class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::servers::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class servers # Creates and attaches an EBS volume to this instance. class storage # @!group Required parameters # **REQUIRED** - # Size of this EBS volume (GB) # # @return [Integer] attr_accessor :size # @!endgroup # @!group Optional parameters # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. # # @return [Integer] attr_accessor :iops # Map this volume to a specific OS-level device (e.g. /dev/sdg) # # @return [String] attr_accessor :device # # @return [String] attr_accessor :virtual_name # # @return [String] attr_accessor :snapshot_id # **Default: `true`** # # @return [Boolean] attr_accessor :delete_on_termination # Do not share this device with the OS # # @return [String] attr_accessor :no_device # **Default: `false`** # # @return [Boolean] attr_accessor :encrypted # **Default: `gp2`**, # **Must be one of: `standard, io1, gp2, st1, sc1`** # # @return [String] attr_accessor :volume_type # @!endgroup end end end class BasketofKittens class servers # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class servers class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class servers # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::servers::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class servers class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class servers class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class servers # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::servers::active_directory::domain_join_vault] # @see BasketofKittens::servers::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::servers::active_directory::domain_admin_vault] # @see BasketofKittens::servers::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class servers # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class servers # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class servers # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class servers # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class servers # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class servers # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class servers # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class servers # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class servers # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class servers # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class servers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class servers # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end class BasketofKittens class servers # Define a network route, typically for use inside a VPC. class routes # @!group Optional parameters # **GOOGLE ONLY**, # **Default: `0.0.0.0/0`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :destination_network # **GOOGLE ONLY** - # The ID of a VPC peering connection to use as a gateway # # @return [String] attr_accessor :peer_id # **GOOGLE ONLY** - # The ID of a VPN, NAT, or Internet gateway attached to your VPC. #INTERNET will refer to this VPC's default internet gateway, if one exists. #NAT will refer to a this VPC's NAT gateway, and will implicitly create one if none exists. #DENY will ensure that the subnets associated with this route do *not* have a route outside of the VPC's local address space (primarily for Google Cloud, where we must explicitly disable egress to the internet). # # @return [String] attr_accessor :gateway # **GOOGLE ONLY** - # The instance id of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_id # **GOOGLE ONLY** - # The MU resource name or Name tag of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_name # **GOOGLE ONLY** - # A network interface over which to route. # # @return [String] attr_accessor :interface # @!endgroup end end end class BasketofKittens # Create individual server instances. class servers # @!group Required parameters # **REQUIRED** - # The instance type to create. Must be valid for the cloud provider into which we're deploying. # # @return [String] attr_accessor :size # **REQUIRED** # # @return [String] attr_accessor :name # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::servers::dns_records attr_accessor :dns_records # Create a reusable image of this server once it is complete. # # @return [BasketofKittens::servers::create_image] # @see BasketofKittens::servers::create_image attr_accessor :create_image # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::servers::vpc] # @see BasketofKittens::servers::vpc attr_accessor :vpc # **Default: `true`** - # Enable detailed instance monitoring. # # @return [Boolean] attr_accessor :monitoring # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Request a specific private IP address for this instance. # # @return [String] attr_accessor :private_ip # Creates and attaches an EBS volume to this instance. # # @return [Array] # @see BasketofKittens::servers::storage attr_accessor :storage # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::servers::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::servers::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::servers::active_directory] # @see BasketofKittens::servers::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::servers::loadbalancers attr_accessor :loadbalancers # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::servers::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::servers::static_ip] # @see BasketofKittens::servers::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::servers::userdata_script] # @see BasketofKittens::servers::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::servers::windows_auth_vault] # @see BasketofKittens::servers::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # **Default: `linux`**, # **Must be one of: `linux, windows, centos, ubuntu, centos6, ubuntu14, win2k12, win2k12r2, win2k16, centos7, rhel7, rhel71, amazon`** - # Helps select default AMIs, and enables correct grooming behavior based on operating system type. # # @return [String] attr_accessor :platform # Chef run list entry, e.g. role[rolename] or recipe[recipename]. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::servers::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::servers::application_attributes] # @see BasketofKittens::servers::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::servers::secrets] # @see BasketofKittens::servers::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::servers::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::servers::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::servers::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY** - # +AWS+: The Amazon EC2 AMI on which to base this instance. Will use the default appropriate for the platform, if not specified. #+CLOUDFORMATION+: The Amazon EC2 AMI on which to base this instance. Will use the default appropriate for the platform, if not specified. # # @return [String] attr_accessor :ami_id # **AWS & CLOUDFORMATION & GOOGLE ONLY** - # +AWS+: Synonymous with ami_id #+CLOUDFORMATION+: Synonymous with ami_id #+GOOGLE+: The Google Cloud Platform Image on which to base this instance. Will use the default appropriate for the platform, if not specified. # # @return [String] attr_accessor :image_id # **AWS & CLOUDFORMATION ONLY**, # **Default: `true`** - # +AWS+: Generate a unique IAM profile for this Server or ServerPool. #+CLOUDFORMATION+: Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. #+CLOUDFORMATION+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **AWS & CLOUDFORMATION ONLY** - # IAM policies to attach, pre-defined by Amazon (e.g. AmazonEKSWorkerNodePolicy) # # @return [Array] attr_accessor :canned_iam_policies # **AWS & CLOUDFORMATION ONLY** # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::servers::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** # Define a network route, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::servers::routes attr_accessor :routes # @!endgroup end end class BasketofKittens class server_pools class basis class launch_config # Creates and attaches an EBS volume to this instance. class storage # @!group Required parameters # **REQUIRED** - # Size of this EBS volume (GB) # # @return [Integer] attr_accessor :size # @!endgroup # @!group Optional parameters # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. # # @return [Integer] attr_accessor :iops # Map this volume to a specific OS-level device (e.g. /dev/sdg) # # @return [String] attr_accessor :device # # @return [String] attr_accessor :virtual_name # # @return [String] attr_accessor :snapshot_id # **Default: `true`** # # @return [Boolean] attr_accessor :delete_on_termination # Do not share this device with the OS # # @return [String] attr_accessor :no_device # **Default: `false`** # # @return [Boolean] attr_accessor :encrypted # **Default: `gp2`**, # **Must be one of: `standard, io1, gp2, st1, sc1`** # # @return [String] attr_accessor :volume_type # @!endgroup end end end end end class BasketofKittens class server_pools class basis class launch_config # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end end end class BasketofKittens class server_pools class basis # An Amazon Launch Config for an Autoscale Group. class launch_config # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The Amazon EC2 instance type to use when creating this server. # # @return [String] attr_accessor :size # @!endgroup # @!group Optional parameters # The AWS instance ID of an existing instance to use as the base image in this Launch Config. # # @return [String] attr_accessor :instance_id # Creates and attaches an EBS volume to this instance. # # @return [Array] # @see BasketofKittens::server_pools::basis::launch_config::storage attr_accessor :storage # Build a server defined elsewhere in this stack, create an AMI from it, then use it as the base image in this Launch Config. # # @return [String] attr_accessor :server # The Amazon EC2 AMI to use as the base image in this Launch Config. Will use the default for platform if not specified. # # @return [String] attr_accessor :ami_id # The Google Cloud Platform Image on which to base this autoscaler. Will use the default appropriate for the platform, if not specified. # # @return [String] attr_accessor :image_id # **Default: `true`** - # Enable instance monitoring? # # @return [Boolean] attr_accessor :monitoring # **Default: `false`** - # EBS optimized? # # @return [Boolean] attr_accessor :ebs_optimized # An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **Default: `true`** - # Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::server_pools::basis::launch_config::iam_policies attr_accessor :iam_policies # # @return [String] attr_accessor :spot_price # Kernel to use with servers created from this Launch Configuration. # # @return [String] attr_accessor :kernel_id # Kernel to use with servers created from this Launch Configuration. # # @return [String] attr_accessor :ramdisk_id # @!endgroup end end end end class BasketofKittens class server_pools # The baseline for new servers created within this Autoscale Group. class basis # @!group Optional parameters # The AWS instance ID of an existing instance to use as the base image for this Autoscale Group. # # @return [String] attr_accessor :instance_id # Build a server defined elsewhere in this stack, then use it as the base image for this Autoscale Group. # # @return [String] attr_accessor :server # An Amazon Launch Config for an Autoscale Group. # # @return [BasketofKittens::server_pools::basis::launch_config] # @see BasketofKittens::server_pools::basis::launch_config attr_accessor :launch_config # @!endgroup end end end class BasketofKittens class server_pools class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class server_pools class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class server_pools class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class server_pools # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::server_pools::dns_records::zone] # @see BasketofKittens::server_pools::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `A`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::server_pools::dns_records::geo_location] # @see BasketofKittens::server_pools::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::server_pools::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class server_pools class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class server_pools # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::server_pools::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class server_pools # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class server_pools class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class server_pools # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::server_pools::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class server_pools class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class server_pools class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class server_pools # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::server_pools::active_directory::domain_join_vault] # @see BasketofKittens::server_pools::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::server_pools::active_directory::domain_admin_vault] # @see BasketofKittens::server_pools::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class server_pools # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class server_pools # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class server_pools # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class server_pools # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class server_pools # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class server_pools # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class server_pools # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class server_pools # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class server_pools # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class server_pools # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class server_pools # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class server_pools # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end class BasketofKittens class server_pools # Tell AutoScale to alter min/max/desired for this group at a scheduled time, optionally repeating. class schedule # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A name for this scheduled action, e.g. 'scale-down-over-night' # # @return [String] attr_accessor :action_name # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # When should this one-off scheduled behavior take effect? Times are UTC. Must be a valid Ruby Time.parse() string, e.g. '20:00' or '2014-05-12T08:00:00Z'. If declared along with 'recurrence,' AutoScaling performs the action at this time, and then performs the action based on the specified recurrence. # # @return [String] attr_accessor :start_time # **AWS & CLOUDFORMATION ONLY** - # When should this scheduled behavior end? Times are UTC. Must be a valid Ruby Time.parse() string, e.g. '20:00' or '2014-05-12T08:00:00Z' # # @return [String] attr_accessor :end_time # **AWS & CLOUDFORMATION ONLY** - # A recurring schedule for this action, in Unix cron syntax format (e.g. '0 20 * * *'). Times are UTC. # # @return [String] attr_accessor :recurrence # **AWS & CLOUDFORMATION ONLY** # # @return [Integer] attr_accessor :min_size # **AWS & CLOUDFORMATION ONLY** # # @return [Integer] attr_accessor :max_size # **AWS & CLOUDFORMATION ONLY** - # The number of Amazon EC2 instances that should be running in the group. Should be between min_size and max_size. # # @return [Integer] attr_accessor :desired_capacity # @!endgroup end end end class BasketofKittens class server_pools class scaling_policies class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # **AWS & CLOUDFORMATION ONLY** - # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # **AWS & CLOUDFORMATION ONLY** - # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # **AWS & CLOUDFORMATION ONLY** - # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end end class BasketofKittens class server_pools class scaling_policies # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :ok_actions # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :alarm_actions # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :no_data_actions # **AWS & CLOUDFORMATION ONLY** - # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # **AWS & CLOUDFORMATION ONLY** # What to monitor # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::alarms::dimensions attr_accessor :dimensions # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # **AWS & CLOUDFORMATION ONLY** - # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **AWS & CLOUDFORMATION ONLY**, # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **AWS & CLOUDFORMATION ONLY**, # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # **AWS & CLOUDFORMATION ONLY** - # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end end class BasketofKittens class server_pools class scaling_policies # Requires policy_type 'StepScaling' class step_adjustments # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The number of instances by which to scale at this specific step. Postive value when adding capacity, negative value when removing capacity # # @return [Integer] attr_accessor :adjustment # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # The lower bound value in percentage points above/below the alarm threshold at which to add/remove capacity for this step. Positive value when adding capacity and negative when removing capacity. If this is the first step and capacity is being added this value will most likely be 0 # # @return [Integer] attr_accessor :lower_bound # **AWS & CLOUDFORMATION ONLY** - # The upper bound value in percentage points above/below the alarm threshold at which to add/remove capacity for this step. Positive value when adding capacity and negative when removing capacity. If this is the first step and capacity is being removed this value will most likely be 0 # # @return [Integer] attr_accessor :upper_bound # @!endgroup end end end end class BasketofKittens class server_pools class scaling_policies class target_tracking_configuration class customized_metric_specification class dimensions # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The type of resource we're monitoring, e.g. InstanceId or AutoScalingGroupName # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name or cloud identifier of the resource we're monitoring # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class server_pools class scaling_policies class target_tracking_configuration # A customized metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html#customized_metric_specification-instance_method class customized_metric_specification # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of container 'metric_name' belongs to eg. 'AWS/ApplicationELB' # # @return [String] attr_accessor :namespace # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `Average, Minimum, Maximum, SampleCount, Sum`** # # @return [String] attr_accessor :statistic # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # Associated with the 'metric', usually something like Megabits or Seconds # # @return [String] attr_accessor :unit # **AWS & CLOUDFORMATION ONLY** # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification::dimensions attr_accessor :dimensions # @!endgroup end end end end end class BasketofKittens class server_pools class scaling_policies # Required when policy_type is set to 'TargetTrackingScaling' https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html class target_tracking_configuration # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The target value for the metric. # # @return [Float] attr_accessor :target_value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # If set to true, new instances created by this policy will not be subject to termination by scaling in. # # @return [Boolean] attr_accessor :disable_scale_in # **AWS & CLOUDFORMATION ONLY**, # **Default: `ASGAverageCPUUtilization`**, # **Must be one of: `ASGAverageCPUUtilization, ASGAverageNetworkIn, ASGAverageNetworkOut, ALBRequestCountPerTarget`** - # A predefined metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/PredefinedMetricSpecification.html # # @return [String] attr_accessor :predefined_metric_specification # **AWS & CLOUDFORMATION ONLY** # A customized metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html#customized_metric_specification-instance_method # # @return [BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification attr_accessor :customized_metric_specification # @!endgroup end end end end class BasketofKittens class server_pools # A custom AWS Autoscale scaling policy for this pool. class scaling_policies # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::alarms attr_accessor :alarms # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `ChangeInCapacity, ExactCapacity, PercentChangeInCapacity`** - # Specifies whether 'adjustment' is an absolute number or a percentage of the current capacity for SimpleScaling and StepScaling. Valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. # # @return [String] attr_accessor :type # **AWS & CLOUDFORMATION ONLY** - # The number of instances by which to scale. 'type' determines the interpretation of this number (e.g., as an absolute number or as a percentage of the existing Auto Scaling group size). A positive increment adds to the current capacity and a negative value removes from the current capacity. Used only when policy_type is set to 'SimpleScaling' # # @return [Integer] attr_accessor :adjustment # **AWS & CLOUDFORMATION ONLY**, # **Default: `1`** - # The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start. # # @return [Integer] attr_accessor :cooldown # **AWS & CLOUDFORMATION ONLY** - # Used when 'type' is set to 'PercentChangeInCapacity', the scaling policy changes the DesiredCapacity of the Auto Scaling group by at least the number of instances specified in the value. # # @return [Integer] attr_accessor :min_adjustment_magnitude # **AWS & CLOUDFORMATION ONLY**, # **Default: `SimpleScaling`**, # **Must be one of: `SimpleScaling, StepScaling, TargetTrackingScaling`** - # 'StepScaling' will add capacity based on the magnitude of the alarm breach, 'SimpleScaling' will add capacity based on the 'adjustment' value provided. Defaults to 'SimpleScaling'. # # @return [String] attr_accessor :policy_type # **AWS & CLOUDFORMATION ONLY**, # **Default: `Average`**, # **Must be one of: `Minimum, Maximum, Average`** - # Defaults to 'Average' if not specified. Required when policy_type is set to 'StepScaling' # # @return [String] attr_accessor :metric_aggregation_type # **AWS & CLOUDFORMATION ONLY** # Requires policy_type 'StepScaling' # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::step_adjustments attr_accessor :step_adjustments # **AWS & CLOUDFORMATION ONLY** - # Required when policy_type is set to 'StepScaling' # # @return [Integer] attr_accessor :estimated_instance_warmup # **AWS & CLOUDFORMATION ONLY** # Required when policy_type is set to 'TargetTrackingScaling' https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html # # @return [BasketofKittens::server_pools::scaling_policies::target_tracking_configuration] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration attr_accessor :target_tracking_configuration # @!endgroup end end end class BasketofKittens class server_pools # A named network port for a Google instance group, used for health checks and forwarding targets. class named_ports # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **GOOGLE ONLY** # # @return [Integer] attr_accessor :port # @!endgroup end end end class BasketofKittens # Create scalable pools of identical servers. class server_pools # @!group Required parameters # **REQUIRED** # # @return [Integer] attr_accessor :min_size # **REQUIRED** # # @return [Integer] attr_accessor :max_size # **REQUIRED** # The baseline for new servers created within this Autoscale Group. # # @return [BasketofKittens::server_pools::basis] # @see BasketofKittens::server_pools::basis attr_accessor :basis # **REQUIRED** # # @return [String] attr_accessor :name # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::server_pools::dns_records attr_accessor :dns_records # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `0`** - # Use this parameter to force a certain number of nodes to come up and be fully bootstrapped before the rest of the pool is initialized. # # @return [Integer] attr_accessor :wait_for_nodes # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::server_pools::vpc] # @see BasketofKittens::server_pools::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::server_pools::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # The number of Amazon EC2 instances that should be running in the group. Should be between min_size and max_size. # # @return [Integer] attr_accessor :desired_capacity # **Default: `300`** # # @return [Integer] attr_accessor :default_cooldown # **Default: `EC2`**, # **Must be one of: `EC2, ELB`** # # @return [String] attr_accessor :health_check_type # **Default: `0`** # # @return [Integer] attr_accessor :health_check_grace_period # A comma-separated list of subnet identifiers of Amazon Virtual Private Clouds (Amazon VPCs). # # If you specify subnets and Availability Zones with this call, ensure that the subnets' Availability Zones match the Availability Zones specified. # # @return [String] attr_accessor :vpc_zone_identifier # # @return [Array] attr_accessor :zones # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::server_pools::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::server_pools::active_directory] # @see BasketofKittens::server_pools::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::server_pools::loadbalancers attr_accessor :loadbalancers # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::server_pools::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::server_pools::static_ip] # @see BasketofKittens::server_pools::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::server_pools::userdata_script] # @see BasketofKittens::server_pools::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::server_pools::windows_auth_vault] # @see BasketofKittens::server_pools::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # **Default: `linux`**, # **Must be one of: `linux, windows, centos, ubuntu, centos6, ubuntu14, win2k12, win2k12r2, win2k16, centos7, rhel7, rhel71, amazon`** - # Helps select default AMIs, and enables correct grooming behavior based on operating system type. # # @return [String] attr_accessor :platform # Chef run list entry, e.g. role[rolename] or recipe[recipename]. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::server_pools::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::server_pools::application_attributes] # @see BasketofKittens::server_pools::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::server_pools::secrets] # @see BasketofKittens::server_pools::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::server_pools::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::server_pools::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::server_pools::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `true`** - # +AWS+: Generate a unique IAM profile for this Server or ServerPool. #+CLOUDFORMATION+: Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. #+CLOUDFORMATION+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **AWS & CLOUDFORMATION ONLY** # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::server_pools::iam_policies attr_accessor :iam_policies # **AWS & CLOUDFORMATION ONLY** - # IAM policies to attach, pre-defined by Amazon (e.g. AmazonEKSWorkerNodePolicy) # # @return [Array] attr_accessor :canned_iam_policies # **AWS & CLOUDFORMATION ONLY** # Tell AutoScale to alter min/max/desired for this group at a scheduled time, optionally repeating. # # @return [Array] # @see BasketofKittens::server_pools::schedule attr_accessor :schedule # **AWS & CLOUDFORMATION ONLY**, # **Must match pattern `^(all|initial|\d+)$`** - # +AWS+: Protect instances from scale-in termination. Can be 'all', 'initial' (essentially 'min_size'), or an number; note the number needs to be a string, so put it in quotes #+CLOUDFORMATION+: Protect instances from scale-in termination. Can be 'all', 'initial' (essentially 'min_size'), or an number; note the number needs to be a string, so put it in quotes # # @return [String] attr_accessor :scale_in_protection # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ALBRequestCountPerTarget with some reasonable defaults #+CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ALBRequestCountPerTarget with some reasonable defaults # # @return [Float] attr_accessor :scale_with_alb_traffic # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageCPUUtilization with some reasonable defaults #+CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageCPUUtilization with some reasonable defaults # # @return [Float] attr_accessor :scale_with_cpu # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkIn with some reasonable defaults #+CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkIn with some reasonable defaults # # @return [Float] attr_accessor :scale_with_network_in # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkOut with some reasonable defaults #+CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkOut with some reasonable defaults # # @return [Float] attr_accessor :scale_with_network_out # **AWS & CLOUDFORMATION ONLY**, # **Default: `Default`**, # **Must be one of: `AllocationStrategy, ClosestToNextInstanceHour, Default, NewestInstance, OldestInstance, OldestLaunchConfiguration, OldestLaunchTemplate`** # # @return [Array] attr_accessor :termination_policies # **AWS & CLOUDFORMATION ONLY** # A custom AWS Autoscale scaling policy for this pool. # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies attr_accessor :scaling_policies # **GOOGLE ONLY** # A named network port for a Google instance group, used for health checks and forwarding targets. # # @return [Array] # @see BasketofKittens::server_pools::named_ports attr_accessor :named_ports # @!endgroup end end class BasketofKittens class vpcs # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class vpcs # When the 'create_standard_subnets' flag is set, use this to target a specific set of availability zones across which to spread those subnets. Will attempt to guess based on the target region, if not specified. class availability_zones # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :zone # @!endgroup end end end class BasketofKittens class vpcs # Amazon-compatible endpoint policy that controls access to the endpoint by other resources in the VPC. If not provided Amazon will create a default policy that provides full access. class endpoint_policy end end end class BasketofKittens class vpcs # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class vpcs class peers class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class vpcs class peers # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::vpcs::peers::vpc::subnets attr_accessor :subnets # @!endgroup end end end end class BasketofKittens class vpcs # One or more other VPCs with which to attempt to create a peering connection. class peers # @!group Required parameters # **REQUIRED** # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::vpcs::peers::vpc] # @see BasketofKittens::vpcs::peers::vpc attr_accessor :vpc # @!endgroup # @!group Optional parameters # The AWS account which owns the target VPC. # # @return [String] attr_accessor :account # @!endgroup end end end class BasketofKittens class vpcs class route_tables # Define a network route, typically for use inside a VPC. class routes # @!group Optional parameters # **Default: `0.0.0.0/0`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :destination_network # The ID of a VPC peering connection to use as a gateway # # @return [String] attr_accessor :peer_id # The ID of a VPN, NAT, or Internet gateway attached to your VPC. #INTERNET will refer to this VPC's default internet gateway, if one exists. #NAT will refer to a this VPC's NAT gateway, and will implicitly create one if none exists. #DENY will ensure that the subnets associated with this route do *not* have a route outside of the VPC's local address space (primarily for Google Cloud, where we must explicitly disable egress to the internet). # # @return [String] attr_accessor :gateway # The instance id of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_id # The MU resource name or Name tag of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_name # A network interface over which to route. # # @return [String] attr_accessor :interface # @!endgroup end end end end class BasketofKittens class vpcs # A table of route entries, typically for use inside a VPC. class route_tables # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # Define a network route, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::vpcs::route_tables::routes attr_accessor :routes # @!endgroup end end end class BasketofKittens class vpcs # A list of subnets class subnets # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :ip_block # @!endgroup # @!group Optional parameters # # @return [String] attr_accessor :availability_zone # # @return [String] attr_accessor :route_table # **Default: `false`** - # If the cloud provider's instances should automatically be assigned publicly routable addresses. # # @return [Boolean] attr_accessor :map_public_ips # **AWS & CLOUDFORMATION ONLY**, # **Default: `all`**, # **Must be one of: `accept, reject, all`** - # +AWS+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. #+CLOUDFORMATION+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # # @return [String] attr_accessor :traffic_type_to_log # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created #+CLOUDFORMATION+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # # @return [String] attr_accessor :log_group_name # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC #+CLOUDFORMATION+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # # @return [Boolean] attr_accessor :enable_traffic_logging # @!endgroup end end end class BasketofKittens class vpcs # Alternate DHCP behavior for nodes in this VPC class dhcp # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four DNS servers # # @return [Array] attr_accessor :dns_servers # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four NTP servers # # @return [Array] attr_accessor :ntp_servers # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four NetBIOS servers # # @return [Array] attr_accessor :netbios_servers # **Default: `2`**, # **Must be one of: `1, 2, 4, 8`** # # @return [Integer] attr_accessor :netbios_type # If you're using AmazonProvidedDNS in us-east-1, specify ec2.internal. If you're using AmazonProvidedDNS in another region, specify region.compute.internal (for example, ap-northeast-1.compute.internal). Otherwise, specify a domain name (for example, MyCompany.com). # # @return [Array] attr_accessor :domains # @!endgroup end end end class BasketofKittens # Create Virtual Private Clouds with custom public or private subnets. class vpcs # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Default: `10.0.0.0/16`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :ip_block # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::vpcs::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `true`** - # If the 'subnets' parameter to this VPC is not specified, we will instead create one set of public subnets and one set of private, with a public/private pair in each Availability Zone in the target region. # # @return [Boolean] attr_accessor :create_standard_subnets # When the 'create_standard_subnets' flag is set, use this to target a specific set of availability zones across which to spread those subnets. Will attempt to guess based on the target region, if not specified. # # @return [Array] # @see BasketofKittens::vpcs::availability_zones attr_accessor :availability_zones # **Default: `true`** # # @return [Boolean] attr_accessor :create_internet_gateway # **Default: `false`** - # If set to 'true' will create a NAT gateway to enable traffic in private subnets to be routed to the internet. # # @return [Boolean] attr_accessor :create_nat_gateway # **Default: `true`** # # @return [Boolean] attr_accessor :enable_dns_support # Amazon-compatible endpoint policy that controls access to the endpoint by other resources in the VPC. If not provided Amazon will create a default policy that provides full access. # # @return [Array] # @see BasketofKittens::vpcs::endpoint_policy attr_accessor :endpoint_policy # An Amazon service specific endpoint that resources within a VPC can route to without going through a NAT or an internet gateway. Currently only S3 is supported. an example S3 endpoint in the us-east-1 region: com.amazonaws.us-east-1.s3. # # @return [String] attr_accessor :endpoint # **Default: `true`** # # @return [Boolean] attr_accessor :enable_dns_hostnames # **Default: `false`** - # If set to 'true' will create a separate NAT gateway in each availability zone and configure subnet route tables appropriately # # @return [Boolean] attr_accessor :nat_gateway_multi_az # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::vpcs::dependencies attr_accessor :dependencies # **Default: `true`** - # Peering connections requested to this VPC by other deployments on the same Mu master will be automatically accepted. # # @return [Boolean] attr_accessor :auto_accept_peers # One or more other VPCs with which to attempt to create a peering connection. # # @return [Array] # @see BasketofKittens::vpcs::peers attr_accessor :peers # A table of route entries, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::vpcs::route_tables attr_accessor :route_tables # A list of subnets # # @return [Array] # @see BasketofKittens::vpcs::subnets attr_accessor :subnets # Alternate DHCP behavior for nodes in this VPC # # @return [BasketofKittens::vpcs::dhcp] # @see BasketofKittens::vpcs::dhcp attr_accessor :dhcp # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `all`**, # **Must be one of: `accept, reject, all`** - # +AWS+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. #+CLOUDFORMATION+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # # @return [String] attr_accessor :traffic_type_to_log # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created #+CLOUDFORMATION+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # # @return [String] attr_accessor :log_group_name # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC #+CLOUDFORMATION+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # # @return [Boolean] attr_accessor :enable_traffic_logging # **GOOGLE ONLY**, # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [Array] attr_accessor :regions # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources # # @return [String] attr_accessor :project # @!endgroup end end class BasketofKittens class cache_clusters # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class cache_clusters # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class cache_clusters # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class cache_clusters class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class cache_clusters class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class cache_clusters class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class cache_clusters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::cache_clusters::dns_records::zone] # @see BasketofKittens::cache_clusters::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `CNAME`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::cache_clusters::dns_records::geo_location] # @see BasketofKittens::cache_clusters::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::cache_clusters::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class cache_clusters class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class cache_clusters # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::cache_clusters::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class cache_clusters class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class cache_clusters # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::cache_clusters::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class cache_clusters # The cache cluster parameter group parameter to change and when to apply the change. class parameter_group_parameters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class cache_clusters # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create cache cluster(s). class cache_clusters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **Default: `redis`**, # **Must be one of: `memcached, redis`** # # @return [String] attr_accessor :engine # **REQUIRED**, # **Must match pattern `^cache.(t|m|c|i|g|hi|hs|cr|cg|cc){1,2}[0-9]\.(micro|small|medium|[248]?x?large)$`** - # The Amazon EleastiCache instance type to use when creating this cache cluster. # # @return [String] attr_accessor :size # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::cache_clusters::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # # @return [String] attr_accessor :engine_version # **Default: `1`** - # The number of cache nodes in a cache cluster (memcached), or the number of cache clusters in a cache group (redis) # # @return [Integer] attr_accessor :node_count # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::cache_clusters::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::cache_clusters::ingress_rules attr_accessor :ingress_rules # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::cache_clusters::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::cache_clusters::alarms attr_accessor :alarms # **Default: `6379`** # # @return [Integer] attr_accessor :port # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::cache_clusters::vpc] # @see BasketofKittens::cache_clusters::vpc attr_accessor :vpc # **Default: `false`** - # Rather to deploy the cache cluster/cache group in Multi AZ or Single AZ # # @return [Boolean] attr_accessor :multi_az # The ARN (Resource Name) of the redis backup stored in S3. Applies only to redis # # @return [String] attr_accessor :snapshot_arn # The number of days to retain an automatic cache cluster snapshot. Applies only to redis # # @return [Integer] attr_accessor :snapshot_retention_limit # The preferred time range to perform automatic cache cluster backups. Time is in UTC. Applies only to redis. Window must be at least 60 minutes long - 05:00-06:00. # # @return [String] attr_accessor :snapshot_window # The preferred data/time range to perform cache cluster maintenance. Window must be at least 60 minutes long - sun:06:00-sun:07:00. # # @return [String] attr_accessor :preferred_maintenance_window # **Default: `true`** # # @return [Boolean] attr_accessor :auto_minor_version_upgrade # **Default: `new`**, # **Must be one of: `new, new_snapshot, existing_snapshot`** - # 'new' - create a new cache cluster; 'new_snapshot' - create a snapshot of of an existing cache cluster, and build a new cache cluster from that snapshot; 'existing_snapshot' - create a cache cluster from an existing snapshot. # # @return [String] attr_accessor :creation_style # For any creation_style other than 'new' this parameter identifies the cache cluster to use. In the case of new_snapshot it will create a snapshot from that cache cluster first; in the case of existing_snapshot, it will use the latest avaliable snapshot. # # @return [String] attr_accessor :identifier # The AWS resource name of the AWS SNS notification topic notifications will be sent to. # # @return [String] attr_accessor :notification_arn # The cache cluster parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::cache_clusters::parameter_group_parameters attr_accessor :parameter_group_parameters # **Must be one of: `memcached1.4, redis2.6, redis2.8`** - # The cache cluster family to create the Parameter Group for. The family type must be the same type as the cache cluster major version - eg if you set engine_version to 2.6 this parameter must be set to redis2.6. # # @return [String] attr_accessor :parameter_group_family # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::cache_clusters::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class alarms # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Cloud platform monitoring alarms class alarms # @!group Optional parameters # # @return [String] attr_accessor :name # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # What to monitor # # @return [Array] # @see BasketofKittens::alarms::dimensions attr_accessor :dimensions # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::alarms::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class notifiers # A list of people or resources which should receive notifications class subscriptions # @!group Required parameters # **REQUIRED** - # The endpoint which should be subscribed to this notifier, typically an email address or SMS-enabled phone number. # # @return [String] attr_accessor :endpoint # @!endgroup # @!group Optional parameters # **Must be one of: `http, https, email, email-json, sms, sqs, application, lambda`** # # # @return [String] attr_accessor :type # @!endgroup end end end class BasketofKittens class notifiers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # A stub for inline resource that generate SNS notifications in AWS. This should really be expanded. class notifiers # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # A list of people or resources which should receive notifications # # @return [Array] # @see BasketofKittens::notifiers::subscriptions attr_accessor :subscriptions # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::notifiers::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup end end class BasketofKittens class logs # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class logs # Create a filter on a CloudWachLogs log group. class filters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A search pattern that will match values in the log # # @return [String] attr_accessor :search_pattern # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A descriptive and easy to find name for the metric. This can be used to create Alarm(s) # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A new or existing name space to add the metric to. Use the same namespace for all filters/metrics that are logically grouped together. Will be used to to create Alarm(s) # # @return [String] attr_accessor :namespace # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens # Log events using a cloud provider's log service. class logs # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::logs::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `14`**, # **Must be one of: `1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653`** - # +AWS+: The number of days to keep log events in the log group before deleting them. #+CLOUDFORMATION+: The number of days to keep log events in the log group before deleting them. # # @return [Integer] attr_accessor :retention_period # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: #+CLOUDFORMATION+: # # @return [Boolean] attr_accessor :enable_cloudtrail_logging # **AWS & CLOUDFORMATION ONLY** # Create a filter on a CloudWachLogs log group. # # @return [Array] # @see BasketofKittens::logs::filters attr_accessor :filters # @!endgroup end end class BasketofKittens class storage_pools # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class storage_pools # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class storage_pools class mount_points class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::vpc::subnets attr_accessor :subnets # @!endgroup end end end end class BasketofKittens class storage_pools class mount_points # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end end class BasketofKittens class storage_pools class mount_points # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end end class BasketofKittens class storage_pools # Mount points for AWS EFS. class mount_points # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Default: `/efs`** - # The local directory this mount point will be mounted to # # @return [String] attr_accessor :directory # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::storage_pools::mount_points::vpc] # @see BasketofKittens::storage_pools::mount_points::vpc attr_accessor :vpc # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::ingress_rules attr_accessor :ingress_rules # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The private IP address to assign to the mount point. # # @return [String] attr_accessor :ip_address # @!endgroup end end end class BasketofKittens class storage_pools # Firewall rules to apply to our mountpoints class ingress_rules # @!group Optional parameters # **AWS ONLY** - # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # **AWS ONLY** - # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens # Create a storage pool. class storage_pools # @!group Required parameters # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::storage_pools::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::storage_pools::dependencies attr_accessor :dependencies # **Default: `generalPurpose`**, # **Must be one of: `generalPurpose, maxIO`** - # The storage type / performance mode of this storage pool. Defaults to generalPurpose # # @return [String] attr_accessor :storage_type # Mount points for AWS EFS. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points attr_accessor :mount_points # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** # Firewall rules to apply to our mountpoints # # @return [Array] # @see BasketofKittens::storage_pools::ingress_rules attr_accessor :ingress_rules # @!endgroup end end class BasketofKittens class functions # Zipped deployment package to upload to Lambda. You must specify either s3_bucket+s3_key or zip_file. class code # @!group Optional parameters # An S3 bucket where the deployment package can be found. Must be used in conjunction with s3_key. # # @return [String] attr_accessor :s3_bucket # Key in s3_bucket where the deployment package can be found. Must be used in conjunction with s3_bucket. # # @return [String] attr_accessor :s3_key # Specify an S3 object version for the deployment package, instead of the current default # # @return [String] attr_accessor :s3_object_version # Path to a zipped deployment package to upload. # # @return [String] attr_accessor :zip_file # @!endgroup end end end class BasketofKittens class functions class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class functions # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::functions::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class functions # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class functions # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class functions # Trigger for lambda function class triggers # @!group Required parameters # **REQUIRED**, # **Must be one of: `apigateway, events, s3, sns, sqs, dynamodb, kinesis, ses, cognito, alexa, iot`** - # The name of the AWS service that will trigger this function # # @return [String] attr_accessor :service # @!endgroup # @!group Optional parameters # The name of the API Gateway, Cloudwatch Event, or other event trigger object # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class functions # environment variables class environment_variable # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens # Create a cloud function. class functions # @!group Required parameters # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `nodejs, nodejs4.3, nodejs6.10, nodejs8.10, java8, python2.7, python3.6, dotnetcore1.0, dotnetcore2.0, dotnetcore2.1, nodejs4.3-edge, go1.x`** # # @return [String] attr_accessor :runtime # **REQUIRED**, # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **REQUIRED** - # The function within your code that Lambda calls to begin execution. For Node.js, it is the module-name.export value in your function. For Java, it can be package.class-name::handler or package.class-name. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/java-programming-model-handler-types.html # # @return [String] attr_accessor :handler # **REQUIRED** # Zipped deployment package to upload to Lambda. You must specify either s3_bucket+s3_key or zip_file. # # @return [BasketofKittens::functions::code] # @see BasketofKittens::functions::code attr_accessor :code # @!endgroup # @!group Optional parameters # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::functions::vpc] # @see BasketofKittens::functions::vpc attr_accessor :vpc # **Default: `3`** - # Maximum run time for an invocation of this function, in seconds # # @return [Integer] attr_accessor :timeout # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::functions::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `128`** - # Memory to allocation for function, in MB. The value must be a multiple of 64 MB. # # @return [Integer] attr_accessor :memory # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::functions::dependencies attr_accessor :dependencies # Trigger for lambda function # # @return [Array] # @see BasketofKittens::functions::triggers attr_accessor :triggers # environment variables # # @return [Array] # @see BasketofKittens::functions::environment_variable attr_accessor :environment_variable # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: The name of an IAM role for our Lambda function to assume. Can refer to an existing IAM role, or a sibling 'role' resource in Mu. If not specified, will create a default role with the AWSLambdaBasicExecutionRole policy attached. To grant other permissions for your function, create a Mu 'role' resource and use the 'import' and 'policies' parameters to add permissions. See also: https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html # # @return [String] attr_accessor :iam_role # @!endgroup end end class BasketofKittens class container_clusters class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class container_clusters # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::container_clusters::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class container_clusters # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class container_clusters # Options for Kubernetes, specific to EKS or GKE class kubernetes # @!group Optional parameters # **Default: `1.10`** - # Version of Kubernetes control plane to deploy # # @return [String] attr_accessor :version # **Default: `5`** - # Maximum number of pods that can be deployed on any given worker node # # @return [Integer] attr_accessor :max_pods # @!endgroup end end end class BasketofKittens class container_clusters # Optional Kubernetes-specific resource descriptors to run with kubectl create|replace when grooming this cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/#understanding-kubernetes-objects class kubernetes_resources end end end class BasketofKittens class container_clusters class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class container_clusters # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::container_clusters::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class container_clusters class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class container_clusters class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class container_clusters # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::container_clusters::active_directory::domain_join_vault] # @see BasketofKittens::container_clusters::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::container_clusters::active_directory::domain_admin_vault] # @see BasketofKittens::container_clusters::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class container_clusters # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class container_clusters # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class container_clusters # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class container_clusters # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class container_clusters # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class container_clusters # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end class BasketofKittens class container_clusters # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class container_clusters # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class container_clusters # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class container_clusters # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class container_clusters # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create a cluster of container hosts. class container_clusters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **Default: `2`** # # @return [Integer] attr_accessor :instance_count # **REQUIRED** - # Type of container host instances to use. Equivalent to 'size' parameter in Server or ServerPool # # @return [String] attr_accessor :instance_type # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::container_clusters::vpc] # @see BasketofKittens::container_clusters::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::container_clusters::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Options for Kubernetes, specific to EKS or GKE # # @return [BasketofKittens::container_clusters::kubernetes] # @see BasketofKittens::container_clusters::kubernetes attr_accessor :kubernetes # Optional Kubernetes-specific resource descriptors to run with kubectl create|replace when grooming this cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/#understanding-kubernetes-objects # # @return [Array] # @see BasketofKittens::container_clusters::kubernetes_resources attr_accessor :kubernetes_resources # **Default: `ECS`**, # **Must be one of: `ECS, EKS, Fargate`** - # Container clusters in Amazon can be ECS, EKS, or Fargate; Google supports GKE only #+AWS+: # # @return [String] attr_accessor :flavor # **Default: `linux`**, # **Must be one of: `linux, windows, centos, ubuntu, centos6, ubuntu14, win2k12, win2k12r2, win2k16, centos7, rhel7, rhel71, amazon`** - # Helps select default AMIs, and enables correct grooming behavior based on operating system type. #+AWS+: The platform to choose for worker nodes. Will default to Amazon Linux for ECS, CentOS 7 for everything else # # @return [String] attr_accessor :platform # **Default: `all_private`** - # Worker nodes inherit the main cluster VPC configuration by default. This parameter allows targeting the worker node-cluster to a different class of subnets # # @return [String] attr_accessor :instance_subnet_pref # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::container_clusters::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::container_clusters::active_directory] # @see BasketofKittens::container_clusters::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::container_clusters::loadbalancers attr_accessor :loadbalancers # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::container_clusters::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::container_clusters::static_ip] # @see BasketofKittens::container_clusters::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::container_clusters::userdata_script] # @see BasketofKittens::container_clusters::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::container_clusters::windows_auth_vault] # @see BasketofKittens::container_clusters::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # Chef run list entry, e.g. role[rolename] or recipe[recipename]. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::container_clusters::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::container_clusters::application_attributes] # @see BasketofKittens::container_clusters::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::container_clusters::secrets] # @see BasketofKittens::container_clusters::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::container_clusters::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::container_clusters::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::container_clusters::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: The Amazon EC2 AMI on which to base this cluster's container hosts. Will use the default appropriate for the platform, if not specified. # # @return [String] attr_accessor :ami_id # **GOOGLE ONLY** - # +GOOGLE+: The number of local SSD disks to be attached to workers. See https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits # # @return [Integer] attr_accessor :local_ssd_count # **GOOGLE ONLY**, # **Default: `100`** - # +GOOGLE+: Size of the disk attached to each worker, specified in GB. The smallest allowed disk size is 10GB # # @return [Integer] attr_accessor :disk_size_gb # **GOOGLE ONLY** - # +GOOGLE+: Minimum CPU platform to be used by workers. The instances may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: 'Intel Haswell' or minCpuPlatform: 'Intel Sandy Bridge'. # # @return [String] attr_accessor :min_cpu_platform # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: Whether the workers are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances. # # @return [Boolean] attr_accessor :preemptible # **GOOGLE ONLY** - # +GOOGLE+: The image type to use for workers. Note that for a given image type, the latest version of it will be used. # # @return [String] attr_accessor :image_type # @!endgroup end end class BasketofKittens class search_domains class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class search_domains # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. class vpc # @!group Optional parameters # Discover this VPC by looking for this cloud provider identifier. # # @return [String] attr_accessor :vpc_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Discover this VPC by Mu-internal name; typically the shorthand 'name' field of a VPC declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :vpc_name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Discover this VPC by a cloud provider tag (key=value); note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Search for this VPC in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::search_domains::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class search_domains # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class search_domains # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). class add_firewall_rules # @!group Optional parameters # # @return [String] attr_accessor :rule_id # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class search_domains # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # **Default: `true`** # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end class BasketofKittens class search_domains # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class search_domains # +AWS+: An IAM policy document for access to ElasticSearch. Our parser expects this to be defined inline like the rest of your YAML/JSON Basket of Kittens, not as raw JSON. For guidance on ElasticSearch IAM capabilities, see: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html class access_policies end end end class BasketofKittens class search_domains # +AWS+: Key => Value strings pairs that pass certain configuration options to Elasticsearch. For a list of supported values, see https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-createupdatedomains.html#es-createdomain-configure-advanced-options class advanced_options end end end class BasketofKittens class search_domains # +AWS+: Options to specify the Cognito user and identity pools for Kibana authentication. For more information, see http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html class cognito # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # Amazon Cognito user pool. Looks like 'us-east-1:69e2223c-2c74-42ca-9b27-1037fcb60b91'. See https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html # # @return [String] attr_accessor :user_pool_id # **REQUIRED**, # **AWS ONLY** - # Amazon Cognito identity pool. Looks like 'us-east-1_eSwWA1VGY'. See https://docs.aws.amazon.com/cognito/latest/developerguide/identity-pools.html # # @return [String] attr_accessor :identity_pool_id # @!endgroup # @!group Optional parameters # **AWS ONLY** - # An IAM role that has the AmazonESCognitoAccess policy attached. If not specified, one will be generated automatically. # # @return [String] attr_accessor :role_arn # @!endgroup end end end class BasketofKittens # Set up a cloud provider managed Elastic Search cluster. class search_domains # @!group Optional parameters # **Must match pattern `^[a-z][a-z0-9\-]+$`** - # +AWS+: #+AWS+: # # @return [String] attr_accessor :name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Deploy, attach, allow access from, or peer this resource with a VPC of VPCs. # # @return [BasketofKittens::search_domains::vpc] # @see BasketofKittens::search_domains::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::search_domains::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Apply one or more network rulesets, defined in this stack or pre-existing, to this resource. Note that if you add a pre-existing ACL to your resource, they must be compatible (e.g. if using VPCs, they must reside in the same VPC). # # @return [Array] # @see BasketofKittens::search_domains::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::search_domains::ingress_rules attr_accessor :ingress_rules # **Default: `1`** # # @return [Integer] attr_accessor :instance_count # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::search_domains::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Default: `6.4`** - # +AWS+: A supported ElasticSearch version for the region of this SearchDomain. Known versions from us-east-1: 6.4, 6.3, 6.2, 6.0, 5.6, 5.5, 5.3, 5.1, 2.3, 1.5 # # @return [String] attr_accessor :elasticsearch_version # **AWS ONLY**, # **Default: `t2.small.elasticsearch`** - # +AWS+: A supported ElasticSearch instance type for the region of this SearchDomain. Known types from us-east-1: t2.small.elasticsearch, t2.medium.elasticsearch, c4.large.elasticsearch, c4.xlarge.elasticsearch, c4.2xlarge.elasticsearch, c4.4xlarge.elasticsearch, c4.8xlarge.elasticsearch, m3.medium.elasticsearch, m3.large.elasticsearch, m3.xlarge.elasticsearch, m3.2xlarge.elasticsearch, m4.large.elasticsearch, m4.xlarge.elasticsearch, m4.2xlarge.elasticsearch, m4.4xlarge.elasticsearch, m4.10xlarge.elasticsearch, r3.large.elasticsearch, r3.xlarge.elasticsearch, r3.2xlarge.elasticsearch, r3.4xlarge.elasticsearch, r3.8xlarge.elasticsearch, r4.large.elasticsearch, r4.xlarge.elasticsearch, r4.2xlarge.elasticsearch, r4.4xlarge.elasticsearch, r4.8xlarge.elasticsearch, r4.16xlarge.elasticsearch, i2.xlarge.elasticsearch, i2.2xlarge.elasticsearch, i3.large.elasticsearch, i3.xlarge.elasticsearch, i3.2xlarge.elasticsearch, i3.4xlarge.elasticsearch, i3.8xlarge.elasticsearch, i3.16xlarge.elasticsearch. # # @return [String] attr_accessor :instance_type # **AWS ONLY**, # **Default: `0`** - # +AWS+: Separate, dedicated master node(s), over and above the search instances specified in instance_count. # # @return [Integer] attr_accessor :dedicated_masters # **AWS ONLY** # +AWS+: An IAM policy document for access to ElasticSearch. Our parser expects this to be defined inline like the rest of your YAML/JSON Basket of Kittens, not as raw JSON. For guidance on ElasticSearch IAM capabilities, see: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html # # @return [BasketofKittens::search_domains::access_policies] # @see BasketofKittens::search_domains::access_policies attr_accessor :access_policies # **AWS ONLY** - # +AWS+: Instance type for dedicated master nodes, if any were requested. Will default to match instance_type. # # @return [String] attr_accessor :master_instance_type # **AWS ONLY**, # **Default: `standard`**, # **Must be one of: `standard, gp2, io1, none`** - # +AWS+: Type of EBS storage to use for cluster nodes. If 'none' is specified, EBS storage will not be used, but this is only valid for certain instance types. # # @return [String] attr_accessor :ebs_type # **AWS ONLY** - # +AWS+: Specifies the IOPD for a Provisioned IOPS EBS volume (SSD). Must specify ebs_type for this to take effect. # # @return [Integer] attr_accessor :ebs_iops # **AWS ONLY**, # **Default: `20`** - # +AWS+: Specifies the size (GB) of EBS storage. Must specify ebs_type for this to take effect. # # @return [Integer] attr_accessor :ebs_size # **AWS ONLY**, # **Default: `23`** - # +AWS+: Clock hour (UTC) to begin daily snapshots # # @return [Integer] attr_accessor :snapshot_hour # **AWS ONLY** - # +AWS+: If specified, will attempt to enable encryption at rest with this KMS Key ID # # @return [String] attr_accessor :kms_encryption_key_id # **AWS ONLY**, # **Default: `false`** - # +AWS+: Spread search instances across Availability Zones to facilitate replica index sharding for greater resilience. Note that you also must use the native Elasticsearch API to create replica shards for your cluster. Zone awareness requires an even number of instances in the instance count. # # @return [Boolean] attr_accessor :zone_aware # **AWS ONLY** - # +AWS+: The ARN of a CloudWatch Log Group to which we we'll send slow index and search logs. If not specified, a log group will be generated. # # @return [String] attr_accessor :slow_logs # **AWS ONLY** # +AWS+: Key => Value strings pairs that pass certain configuration options to Elasticsearch. For a list of supported values, see https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-createupdatedomains.html#es-createdomain-configure-advanced-options # # @return [BasketofKittens::search_domains::advanced_options] # @see BasketofKittens::search_domains::advanced_options attr_accessor :advanced_options # **AWS ONLY** # +AWS+: Options to specify the Cognito user and identity pools for Kibana authentication. For more information, see http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html # # @return [BasketofKittens::search_domains::cognito] # @see BasketofKittens::search_domains::cognito attr_accessor :cognito # @!endgroup end end class BasketofKittens class msg_queues # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class msg_queues # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class msg_queues # +AWS+: Target queue for messages that can't be processed (consumed) successfully. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html class failqueue # @!group Optional parameters # **AWS ONLY** - # Create a separate MsgQueue on the fly. # # @return [Boolean] attr_accessor :create # **AWS ONLY**, # **Default: `10`** - # Number of times a message should fail before being sent to this queue. Must be between 1 and 1000. # # @return [Integer] attr_accessor :retries_before_fail # **AWS ONLY** - # The name of a sibling SQS resource in this deploy, or the cloud identifier or URL of a pre-existing one # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class msg_queues # +AWS+: Use an Amazon KMS key to encrypt and decrypt messages in the background. This feature is not available in all regions. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms class kms # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # KMS key to use for encryption and decryption # # @return [String] attr_accessor :key_id # **AWS ONLY**, # **Default: `5 minutes`** - # The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. You can specify a string like '5m' or '2 hours'. # # @return [String] attr_accessor :key_reuse_period # @!endgroup end end end class BasketofKittens # Set up a cloud provider queueing service. class msg_queues # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::msg_queues::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::msg_queues::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Default: `256`** - # +AWS+: Maximum size of messages in this queue, in kB. Must be between 1 and 256. # # @return [Integer] attr_accessor :max_msg_size # **AWS ONLY**, # **Default: `4 days`** - # +AWS+: The length of time for which Amazon SQS retains a message. Assumed to be in seconds, unless you specify a string like '4d' or 'five hours'. Must be between 1 minute and 14 days. # # @return [String] attr_accessor :retain # **AWS ONLY**, # **Default: `0 seconds`** - # +AWS+: Delay delivery by up to 15 minutes. You can specify a string like '1m' or '600 seconds'. # # @return [String] attr_accessor :delay # **AWS ONLY**, # **Default: `0 seconds`** - # +AWS+: The length of time, for which a ReceiveMessage action waits for a message to arrive, between 0 and 20 seconds. You can specify a string like '5s' or '20 seconds'. # # @return [String] attr_accessor :receive_timeout # **AWS ONLY**, # **Default: `30 seconds`** - # +AWS+: The length of time during which Amazon SQS prevents other consumers from receiving and processing a message after another consumer has received it. Must be between 0 seconds and 12 hours. You can specify a string like '5 minutes' or '3 hours'. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html # # @return [String] attr_accessor :visibility_timeout # **AWS ONLY**, # **Default: `false`** - # +AWS+: Designate this queue as a FIFO queue. Messages in this queue must explicitly specify MessageGroupId. This cannot be changed once instantiated. This feature is not available in all regions. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-understanding-logic # # @return [Boolean] attr_accessor :fifo # **AWS ONLY**, # **Default: `false`** - # +AWS+: Enables content-based deduplication. When ContentBasedDeduplication is in effect, messages with identical content sent within the deduplication interval are treated as duplicates and only one copy of the message is delivered. This feature is not available in all regions. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing # # @return [Boolean] attr_accessor :dedup # **AWS ONLY** # +AWS+: Target queue for messages that can't be processed (consumed) successfully. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html # # @return [BasketofKittens::msg_queues::failqueue] # @see BasketofKittens::msg_queues::failqueue attr_accessor :failqueue # **AWS ONLY** # +AWS+: Use an Amazon KMS key to encrypt and decrypt messages in the background. This feature is not available in all regions. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms # # @return [BasketofKittens::msg_queues::kms] # @see BasketofKittens::msg_queues::kms attr_accessor :kms # @!endgroup end end class BasketofKittens class habitats # Deploy into or connect with resources in a specific account/project class folder # @!group Optional parameters # Discover this folder/OU by looking by its cloud provider identifier # # @return [String] attr_accessor :id # Discover this folder/OU by Mu-internal name; typically the shorthand 'name' field of an Folder object declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :name # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Search for this folder in an existing Mu deploy; specify a Mu deploy id (e.g. DEMO-DEV-2014111400-NG). # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class habitats # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Generate a cloud habitat (AWS account, Google Cloud project, Azure Directory, etc) class habitats # @!group Optional parameters # # @return [String] attr_accessor :name # Deploy into or connect with resources in a specific account/project # # @return [BasketofKittens::habitats::folder] # @see BasketofKittens::habitats::folder attr_accessor :folder # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::habitats::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: AWS accounts require a unique contact email address. If not provided, Mu will generate an alias to the global mu_admin_email using the +foo SMTP mechanism. # # @return [String] attr_accessor :email # @!endgroup end end class BasketofKittens class folders # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Set up a cloud provider folder/OU for containing other account-level resources class folders # @!group Optional parameters # # @return [String] attr_accessor :name # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::folders::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class users # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class users # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class users # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens # Set up a cloud provider user or machine account class users # @!group Required parameters # **REQUIRED** - # The name of the account to create or associate. #+AWS+: A plain IAM user. If the user already exists, we will operate on that existing user. Otherwise, we will attempt to create a new user. #+GOOGLE+: This must be the email address of an existing Google user account (+foo@gmail.com+), or of a federated GSuite or Cloud Identity domain account from your organization. # # @return [String] attr_accessor :name # **Default: `interactive`**, # **Must be one of: `interactive, service`** - # Indicates whether to create or associate an account meant for interactive human use, or for a machine or service. #+GOOGLE+: 'interactive' will attempt to bind an existing user; 'service' will create a service account and generate API keys # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Default: `true`** - # If we attempt to create or associate a user that already exists, simply modify that user in-place and use it, rather than throwing an error. If this flag is set, the user will *not* be deleted on cleanup, nor will we overwrite any existing tags on cloud platforms that support user tagging. # # @return [Boolean] attr_accessor :use_if_exists # **Default: `false`** - # Create a set of cloud API keys for this user. Keys will be shared via Scratchpad for one-time retrieval. # # @return [Boolean] attr_accessor :create_api_key # **Default: `false`** - # Leave the user intact during the cleanup process. If we are re-using an existing user, rather than creating one ourselves, this option has no effect- that user will always be left intact. # # @return [Boolean] attr_accessor :preserve_on_cleanup # One or more groups to associate with this user. If there is a 'group' resource defined with this name in this Basket of Kittens, we will use that; if not, and if there is an existing cloud provider group in the appropriate account/project that matches, we will use that; if neither of those exists, we will implicitly create a matching group if it had been declared in this Basket of Kittens. # # @return [Array] attr_accessor :groups # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::users::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Must match pattern `^\/(?:[^\/]+(?:\/[^\/]+)*\/$)?`** - # +AWS+: AWS IAM users can be namespaced with a path (ex: +/organization/unit/user+). If not specified, and if we do not see a matching existing user under +/+ with +use_if_exists+ set, we will prepend the deploy identifier to the path of users we create. Ex: +/IAMTESTS-DEV-2018112910-GR/myuser+. # # @return [String] attr_accessor :path # **AWS ONLY** # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::users::tags attr_accessor :tags # **AWS ONLY**, # **Default: `true`** - # +AWS+: Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **AWS ONLY**, # **Default: `false`** - # +AWS+: Instead of creating/updating a user account with # the exact name specified in the 'name' field, generate a unique-per-deploy Mu- #style long name, like +IAMTESTS-DEV-2018112815-IS-USER-FOO+ # # @return [Boolean] attr_accessor :unique_name # **AWS ONLY**, # **Default: `false`** - # +AWS+: Generate a password for this user, for use logging into the AWS Console. It will be shared via Scratchpad for one-time retrieval. # # @return [Boolean] attr_accessor :create_console_password # **AWS ONLY** # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::users::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** - # One or more Google IAM roles to associate with this user. Google Cloud human user accounts (as distinct from service accounts) are not created directly; pre-existing Google accounts are associated with a project by being bound to one or more roles in that project. If no roles are specified, we default to +roles/viewer+, which permits read-only access project-wide. # # @return [Array] attr_accessor :roles # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources # # @return [String] attr_accessor :project # @!endgroup end end class BasketofKittens class groups # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class groups # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens # Set up a cloud provider group for containing accounts/groups class groups # @!group Required parameters # **REQUIRED** - # +GOOGLE+: This must be the email address of an existing Google Group (+foo@googlegroups.com+), or of a federated GSuite or Cloud Identity domain group from your organization. #+GOOGLE+: This must be the email address of an existing Google Group (+foo@googlegroups.com+), or of a federated GSuite or Cloud Identity domain group from your organization. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # One or more user accounts to add to this group. # # @return [Array] attr_accessor :members # **Default: `false`** - # Our +members+ list, by default, only adds the listed accounts to the group. If +purge_extra_members+ is +true+, it will remove any users that are not our list. Use with caution when managing groups created manually or managed by other applications. # # @return [Boolean] attr_accessor :purge_extra_members # **Default: `true`** - # If we attempt to create or associate a group that already exists, simply group that user in-place and use it, rather than throwing an error. If this flag is set, the group will *not* be deleted on cleanup. # # @return [Boolean] attr_accessor :use_if_exists # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::groups::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: Instead of creating/updating a group with # the exact name specified in the 'name' field, generate a unique-per-deploy Mu- #style long name, like +IAMTESTS-DEV-2018112815-IS-GROUP-FOO+. This parameter will automatically be set to +true+ if it is left unspecified and +use_if_exists+ is set to +false+. # # @return [Boolean] attr_accessor :unique_name # **AWS ONLY**, # **Must match pattern `^\/(?:[^\/]+(?:\/[^\/]+)*\/$)?`** - # +AWS+: AWS IAM groups can be namespaced with a path (ex: +/organization/unit/group+). If not specified, and if we do not see a matching existing group under +/+ with +use_if_exists+ set, we will prepend the deploy identifier to the path of groups we create. Ex: +/IAMTESTS-DEV-2018112910-GR/mygroup+. # # @return [String] attr_accessor :path # **AWS ONLY** # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::groups::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** - # One or more Google IAM roles to associate with this group. Google Cloud groups are not created directly; pre-existing Google Groups are associated with a project by being bound to one or more roles in that project. If no roles are specified, we default to +roles/viewer+, which permits read-only access project-wide. # # @return [Array] attr_accessor :roles # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources # # @return [String] attr_accessor :project # @!endgroup end end class BasketofKittens class roles class policies # Entities to which this policy will grant or deny access. class targets # @!group Required parameters # **REQUIRED** - # Either the name of a sibling Mu resource in this stack (used in conjunction with +entity_type+), or the full cloud identifier for a resource, such as an ARN in Amazon Web Services. # # @return [String] attr_accessor :identifier # @!endgroup # @!group Optional parameters # **Must be one of: `alarm, cache_cluster, collection, container_cluster, database, dnszone, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # A Mu resource type, used when referencing a sibling Mu resource in this stack with +identifier+. # # @return [String] attr_accessor :type # @!endgroup end end end end class BasketofKittens class roles # Policies which grant or deny permissions. class policies # @!group Required parameters # **REQUIRED** - # A unique name for this policy # # @return [String] attr_accessor :name # **REQUIRED** - # Permissions to grant or deny. Valid permission strings are cloud-specific. # # @return [Array] attr_accessor :permissions # **REQUIRED** # Entities to which this policy will grant or deny access. # # @return [Array] # @see BasketofKittens::roles::policies::targets attr_accessor :targets # @!endgroup # @!group Optional parameters # **Default: `allow`**, # **Must be one of: `allow, deny`** # # @return [String] attr_accessor :flag # @!endgroup end end end class BasketofKittens class roles # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, container_cluster, search_domain, msg_queue, habitat, folder, user, group, role`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class roles # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. class tags # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class roles # Entities which are permitted to assume this role. Can be services, IAM objects, or other Mu resources. class can_assume # @!group Required parameters # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `service, aws, federated, alarm, cache_cluster, collection, container_cluster, database, dnszone, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # Type of entity which will be permitted to assume this role. See +entity_id+ for details. # # @return [String] attr_accessor :entity_type # **REQUIRED**, # **AWS ONLY** - # An identifier appropriate for the +entity_type+ which is allowed to assume this role- see details for valid formats. # #**service**: The name of a service which is allowed to assume this role, such as +ec2.amazonaws.com+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html#roles-creatingrole-service-api. For an unofficial list of service names, see https://gist.github.com/shortjared/4c1e3fe52bdfa47522cfe5b41e5d6f22 # #**alarm, cache_cluster, collection, container_cluster, database, dnszone, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc**: A resource of one of these Mu types, declared elsewhere in this stack with a name specified in +entity_id+, for which Mu will attempt to resolve the appropriate *aws* or *service* identifier. # #**aws**: An ARN which should be permitted to assume this role, often another role like +arn:aws:iam::AWS-account-ID:role/role-name+ or a specific user session such as +arn:aws:sts::AWS-account-ID:assumed-role/role-name/role-session-name+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#Principal_specifying # #**federated**: A federated identity provider, such as +accounts.google.com+ or +arn:aws:iam::AWS-account-ID:saml-provider/provider-name+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#Principal_specifying # # @return [String] attr_accessor :entity_id # @!endgroup # @!group Optional parameters # **AWS ONLY**, # **Default: `basic`**, # **Must be one of: `basic, saml, web`** - # https://docs.aws.amazon.com/STS/latest/APIReference/API_Operations.html # # @return [String] attr_accessor :assume_method # @!endgroup end end end class BasketofKittens class roles # A key (name) with a value that is a raw Amazon-compatible policy document. This is not the recommended method for granting permissions- we suggest listing +roles+ for the user instead. See https://docs.aws.amazon.com/IAM/latest/RoleGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens # Set up a cloud provider role for mapping permissions to other entities class roles # @!group Optional parameters # **Must match pattern `^[a-zA-Z0-9_\-]+$`** - # The name of a cloud provider role to create # # @return [String] attr_accessor :name # Import pre-fabricated roles/policies from the cloud provider into this role. # # @return [Array] attr_accessor :import # Policies which grant or deny permissions. # # @return [Array] # @see BasketofKittens::roles::policies attr_accessor :policies # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::roles::dependencies attr_accessor :dependencies # **Default: `AWS`**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** # Tags to apply to this resource. Will apply at the cloud provider level and in Chef, where applicable. # # @return [Array] # @see BasketofKittens::roles::tags attr_accessor :tags # **AWS ONLY**, # **Default: `true`** - # +AWS+: Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **AWS ONLY**, # **Default: `false`** - # +AWS+: Do not create a role, but simply create the policies specified in +policies+ and/or +iam_policies+ for direct attachment to other entities. # # @return [Boolean] attr_accessor :bare_policies # **AWS ONLY** # Entities which are permitted to assume this role. Can be services, IAM objects, or other Mu resources. # # @return [Array] # @see BasketofKittens::roles::can_assume attr_accessor :can_assume # **AWS ONLY** # A key (name) with a value that is a raw Amazon-compatible policy document. This is not the recommended method for granting permissions- we suggest listing +roles+ for the user instead. See https://docs.aws.amazon.com/IAM/latest/RoleGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::roles::iam_policies attr_accessor :iam_policies # @!endgroup end end # A MU application stack, consisting of at least one resource. class BasketofKittens # @!group Required parameters # **REQUIRED** - # A name for your application stack. Should be short, but easy to differentiate from other applications. # # @return [String] attr_accessor :appname # **REQUIRED** # Administrative contacts for this application stack. Will be automatically set to invoking Mu user, if not specified. # # @return [Array] # @see BasketofKittens::admins attr_accessor :admins # @!endgroup # @!group Optional parameters # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. Setting this flag here will override declarations in individual resources. # # @return [Boolean] attr_accessor :scrub_mu_isms # GOOGLE: The project into which to deploy resources # # @return [String] attr_accessor :project # **Must be one of: `asia-east1, asia-east2, asia-northeast1, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Default: `false`** - # For resources which span regions, restrict to regions inside the United States # # @return [Boolean] attr_accessor :us_only # CloudFormation-specific. Define Conditions as in http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html. Arguments must use the cloudCode() macro. # # @return [Array] # @see BasketofKittens::conditions attr_accessor :conditions # Parameters to be substituted elsewhere in this Basket of Kittens as ERB variables (<%= varname %>) # # @return [Array] # @see BasketofKittens::parameters attr_accessor :parameters # Create an Amazon CloudFormation stack. # # @return [Array] # @see BasketofKittens::collections attr_accessor :collections # Create a dedicated database server. # # @return [Array] # @see BasketofKittens::databases attr_accessor :databases # Create a DNS zone in Route 53. # # @return [Array] # @see BasketofKittens::dnszones attr_accessor :dnszones # Create network-level access controls. # # @return [Array] # @see BasketofKittens::firewall_rules attr_accessor :firewall_rules # Create Load Balancers # # @return [Array] # @see BasketofKittens::loadbalancers attr_accessor :loadbalancers # Create individual server instances. # # @return [Array] # @see BasketofKittens::servers attr_accessor :servers # Create scalable pools of identical servers. # # @return [Array] # @see BasketofKittens::server_pools attr_accessor :server_pools # Create Virtual Private Clouds with custom public or private subnets. # # @return [Array] # @see BasketofKittens::vpcs attr_accessor :vpcs # Create cache cluster(s). # # @return [Array] # @see BasketofKittens::cache_clusters attr_accessor :cache_clusters # Cloud platform monitoring alarms # # @return [Array] # @see BasketofKittens::alarms attr_accessor :alarms # A stub for inline resource that generate SNS notifications in AWS. This should really be expanded. # # @return [Array] # @see BasketofKittens::notifiers attr_accessor :notifiers # Log events using a cloud provider's log service. # # @return [Array] # @see BasketofKittens::logs attr_accessor :logs # Create a storage pool. # # @return [Array] # @see BasketofKittens::storage_pools attr_accessor :storage_pools # Create a cloud function. # # @return [Array] # @see BasketofKittens::functions attr_accessor :functions # Create a cluster of container hosts. # # @return [Array] # @see BasketofKittens::container_clusters attr_accessor :container_clusters # Set up a cloud provider managed Elastic Search cluster. # # @return [Array] # @see BasketofKittens::search_domains attr_accessor :search_domains # Set up a cloud provider queueing service. # # @return [Array] # @see BasketofKittens::msg_queues attr_accessor :msg_queues # Generate a cloud habitat (AWS account, Google Cloud project, Azure Directory, etc) # # @return [Array] # @see BasketofKittens::habitats attr_accessor :habitats # Set up a cloud provider folder/OU for containing other account-level resources # # @return [Array] # @see BasketofKittens::folders attr_accessor :folders # Set up a cloud provider user or machine account # # @return [Array] # @see BasketofKittens::users attr_accessor :users # Set up a cloud provider group for containing accounts/groups # # @return [Array] # @see BasketofKittens::groups attr_accessor :groups # Set up a cloud provider role for mapping permissions to other entities # # @return [Array] # @see BasketofKittens::roles attr_accessor :roles # @!endgroup end end end