### THIS FILE IS AUTOMATICALLY GENERATED, DO NOT EDIT ### # # # module MU class Config # The configuration file format for Mu application stacks. class BasketofKittens # Administrative contacts for this application stack. Will be automatically set to invoking Mu user, if not specified. class admins # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :email # @!endgroup # @!group Optional parameters # An OpenSSH-style public key string. This will be installed on all instances created in this deployment. # # @return [String] attr_accessor :public_key # @!endgroup end end class BasketofKittens # CloudFormation-specific. Define Conditions as in http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html. Arguments must use the cloudCode() macro. class conditions # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :cloudcode # @!endgroup end end class BasketofKittens # Parameters to be substituted elsewhere in this Basket of Kittens as ERB variables (<%= varname %>) class parameters # @!group Optional parameters # # @return [String] attr_accessor :name # # @return [String] attr_accessor :default # Treat the value as a comma-separated list of values with this key name, equivalent to CloudFormation's various List<> types. For example, set to 'subnet_id' to pass values as an array of subnet identifiers as the 'subnets' argument of a VPC stanza. # # @return [String] attr_accessor :list_of # An alternative name to use when generating parameter fields in, for example, CloudFormation templates # # @return [String] attr_accessor :prettyname # # @return [String] attr_accessor :description # A platform-specific string describing the type of validation to use for this parameter. E.g. when generating a CloudFormation template, set to AWS::EC2::Image::Id to validate input as an AMI identifier. # # @return [String] attr_accessor :cloudtype # **Default: `true`** # # @return [Boolean] attr_accessor :required # # @return [Array] attr_accessor :valid_values # @!endgroup end end class BasketofKittens class folders class parent # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class folders # Reference a 'folders' resource from this 'folder' resource class parent # @!group Required parameters # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::folders::parent::tag] # @see BasketofKittens::folders::parent::tag attr_accessor :tag # @!endgroup end end end class BasketofKittens class folders # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Set up a cloud provider folder/OU for containing other account-level resources # # `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. class folders # @!group Optional parameters # # @return [String] attr_accessor :name # Reference a 'folders' resource from this 'folder' resource # # @return [BasketofKittens::folders::parent] # @see BasketofKittens::folders::parent attr_accessor :parent # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::folders::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY** - # +GOOGLE+: The +display_name+ field of this folder, specified only if we want it to be something other than the automatically-generated string derived from the +name+ field. # # @return [String] attr_accessor :display_name # @!endgroup end end class BasketofKittens class habitats class parent # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class habitats # Reference a 'folders' resource from this 'habitat' resource class parent # @!group Required parameters # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::habitats::parent::tag] # @see BasketofKittens::habitats::parent::tag attr_accessor :tag # @!endgroup end end end class BasketofKittens class habitats # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Generate a cloud habitat (AWS account, Google Cloud project, Azure Directory, etc) # # `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class habitats # @!group Optional parameters # # @return [String] attr_accessor :name # Reference a 'folders' resource from this 'habitat' resource # # @return [BasketofKittens::habitats::parent] # @see BasketofKittens::habitats::parent attr_accessor :parent # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::habitats::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: AWS accounts require a unique contact email address. If not provided, Mu will generate an alias to the global mu_admin_email using the +foo SMTP mechanism. # # @return [String] attr_accessor :email # **GOOGLE ONLY** - # +GOOGLE+: Billing account ID to associate with a newly-created Google Project. If not specified, will attempt to locate a billing account associated with the default project for our credentials. # # @return [String] attr_accessor :billing_acct # **GOOGLE ONLY** - # +GOOGLE+: A human readable name for this project. If not specified, will default to our long-form deploy-generated name. # # @return [String] attr_accessor :display_name # @!endgroup end end class BasketofKittens class collections # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class collections # set cloudformation template parameter class parameters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :parameter_key # **REQUIRED** # # @return [String] attr_accessor :parameter_value # @!endgroup end end end class BasketofKittens class collections # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create an Amazon CloudFormation stack. # # `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class collections # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::collections::tags attr_accessor :tags # set cloudformation template parameter # # @return [Array] # @see BasketofKittens::collections::parameters attr_accessor :parameters # Pass in the deploy key for this stack as a CloudFormation parameter. Set this to the CloudFormation parameter name. # # @return [String] attr_accessor :pass_deploy_key_as # **Default: `true`** - # If targeting CloudFormation, this will pass all of the parent template's parameters to the nested template # # @return [Boolean] attr_accessor :pass_parent_parameters # **Default: `ROLLBACK`**, # **Must be one of: `DO_NOTHING, ROLLBACK, DELETE`** # # @return [String] attr_accessor :on_failure # # @return [String] attr_accessor :template_file # **Default: `45`** - # Timeout (in minutes) for building this Collection. # # @return [String] attr_accessor :timeout # **Must match pattern `^(?x-mi:(?=(?-mix:http|https):) # ([a-zA-Z][\-+.a-zA-Z\d]*): (?# 1: scheme) # (?: # ((?:[\-_.!~*'()a-zA-Z\d;?:@&=+$,]|%[a-fA-F\d]{2})(?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*) (?# 2: opaque) # | # (?:(?: # \/\/(?: # (?:(?:((?:[\-_.!~*'()a-zA-Z\d;:&=+$,]|%[a-fA-F\d]{2})*)@)? (?# 3: userinfo) # (?:((?:(?:[a-zA-Z0-9\-.]|%\h\h)+|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|\[(?:(?:[a-fA-F\d]{1,4}:)*(?:[a-fA-F\d]{1,4}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})|(?:(?:[a-fA-F\d]{1,4}:)*[a-fA-F\d]{1,4})?::(?:(?:[a-fA-F\d]{1,4}:)*(?:[a-fA-F\d]{1,4}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}))?)\]))(?::(\d*))?))? (?# 4: host, 5: port) # | # ((?:[\-_.!~*'()a-zA-Z\d$,;:@&=+]|%[a-fA-F\d]{2})+) (?# 6: registry) # ) # | # (?!\/\/)) (?# XXX: '\/\/' is the mark for hostport) # (\/(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*(?:;(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*)*(?:\/(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*(?:;(?:[\-_.!~*'()a-zA-Z\d:@&=+$,]|%[a-fA-F\d]{2})*)*)*)? (?# 7: path) # )(?:\?((?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*))? (?# 8: query) # ) # (?:\#((?:[\-_.!~*'()a-zA-Z\d;\/?:@&=+$,\[\]]|%[a-fA-F\d]{2})*))? (?# 9: fragment) # )$`** # # @return [String] attr_accessor :template_url # **Must be one of: `existing, new`** # # @return [String] attr_accessor :creation_style # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::collections::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class databases # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class databases class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class databases # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::databases::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class databases class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class databases class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class databases class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::databases::add_firewall_rules::habitat::tag] # @see BasketofKittens::databases::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class databases # Reference a 'firewall_rules' resource from this 'database' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::databases::add_firewall_rules::tag] # @see BasketofKittens::databases::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::databases::add_firewall_rules::habitat] # @see BasketofKittens::databases::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class databases # Incorporate a database object class read_replica_of # @!group Optional parameters # # @return [String] attr_accessor :db_id # # @return [String] attr_accessor :db_name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^[^=]+=.+`** - # Identify this Database by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # Look for a Database fitting this description in another Mu deployment with this id. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class databases # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class databases # Internal use class member_of_cluster end end end class BasketofKittens class databases class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class databases class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class databases class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class databases # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::databases::dns_records::zone] # @see BasketofKittens::databases::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `CNAME`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::databases::dns_records::geo_location] # @see BasketofKittens::databases::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::databases::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class databases class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class databases class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class databases class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::databases::vpc::habitat::tag] # @see BasketofKittens::databases::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class databases class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class databases # Reference a 'vpcs' resource from this 'database' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::databases::vpc::tag] # @see BasketofKittens::databases::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::databases::vpc::habitat] # @see BasketofKittens::databases::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::databases::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class databases # The vault storing the password of the database master user. a random password will be generated if not specified. class auth_vault # @!group Required parameters # **Default: `database`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for database master user is stored # # @return [String] attr_accessor :password_field # @!endgroup end end end class BasketofKittens class databases # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class databases # The database parameter group parameter to change and when to apply the change. class db_parameter_group_parameters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `immediate`**, # **Must be one of: `pending-reboot, immediate`** # # @return [String] attr_accessor :apply_method # @!endgroup end end end class BasketofKittens class databases # The database parameter group parameter to change and when to apply the change. class cluster_parameter_group_parameters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `immediate`**, # **Must be one of: `pending-reboot, immediate`** # # @return [String] attr_accessor :apply_method # @!endgroup end end end class BasketofKittens class databases # +AWS+: Scaling configuration for a +serverless+ Aurora cluster # +CLOUDFORMATION+: Scaling configuration for a +serverless+ Aurora cluster class serverless_scaling # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # A value that specifies whether to allow or disallow automatic pause for an Aurora DB cluster in serverless DB engine mode # # @return [Boolean] attr_accessor :auto_pause # **AWS & CLOUDFORMATION ONLY**, # **Default: `2`**, # **Must be one of: `2, 4, 8, 16, 32, 64, 128, 256`** - # The minimum capacity for an Aurora DB cluster in serverless DB engine mode. # # @return [Integer] attr_accessor :min_capacity # **AWS & CLOUDFORMATION ONLY**, # **Default: `2`**, # **Must be one of: `2, 4, 8, 16, 32, 64, 128, 256`** - # The maximum capacity for an Aurora DB cluster in serverless DB engine mode. # # @return [Integer] attr_accessor :max_capacity # **AWS & CLOUDFORMATION ONLY**, # **Default: `86400`** - # A DB cluster can be paused only when it's idle (it has no connections). If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it. # # @return [Integer] attr_accessor :seconds_until_auto_pause # @!endgroup end end end class BasketofKittens # Create a dedicated database server. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class databases # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `mysql, postgres, oracle-se1, oracle-se2, oracle-se, oracle-ee, sqlserver-ee, sqlserver-se, sqlserver-ex, sqlserver-web, aurora, mariadb`** # # @return [String] attr_accessor :engine # **REQUIRED**, # **Must match pattern `^db.(t|m|c|i|g|r|hi|hs|cr|cg|cc){1,2}[0-9]\.(micro|small|medium|[248]?x?large)$`** - # The Amazon RDS instance type to use when creating this database instance. # # @return [String] attr_accessor :size # **REQUIRED** - # Storage space for this database instance (GB). # # @return [Integer] attr_accessor :storage # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `Chef`**, # **Must be one of: `Chef, Ansible`** # # @return [String] attr_accessor :groomer # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # # @return [String] attr_accessor :db_family # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::databases::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::databases::alarms attr_accessor :alarms # Reference a 'firewall_rules' resource from this 'database' resource # # @return [Array] # @see BasketofKittens::databases::add_firewall_rules attr_accessor :add_firewall_rules # Incorporate a database object # # @return [BasketofKittens::databases::read_replica_of] # @see BasketofKittens::databases::read_replica_of attr_accessor :read_replica_of # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::databases::ingress_rules attr_accessor :ingress_rules # # @return [String] attr_accessor :engine_version # **Default: `false`** - # Internal use # # @return [Boolean] attr_accessor :add_cluster_node # Internal use # # @return [BasketofKittens::databases::member_of_cluster] # @see BasketofKittens::databases::member_of_cluster attr_accessor :member_of_cluster # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::databases::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # **Default: `gp2`**, # **Must be one of: `standard, gp2, io1`** # # @return [String] attr_accessor :storage_type # Arbitrary SQL commands to run after the database is fully configred (PostgreSQL databases only). # # @return [Array] attr_accessor :run_sql_on_deploy # # @return [Integer] attr_accessor :port # Reference a 'vpcs' resource from this 'database' resource # # @return [BasketofKittens::databases::vpc] # @see BasketofKittens::databases::vpc attr_accessor :vpc # # @return [Boolean] attr_accessor :publicly_accessible # **Default: `false`** - # Enable high availability when the database instance is created # # @return [Boolean] attr_accessor :multi_az_on_create # **Default: `false`** - # See multi_az_on_groom # # @return [Boolean] attr_accessor :multi_az_on_deploy # **Default: `false`** - # Enable high availability after the database instance is created. This may make deployments based on creation_style other then 'new' faster. # # @return [Boolean] attr_accessor :multi_az_on_groom # **Default: `1`** - # The number of days to retain an automatic database snapshot. If set to 0 and deployment is multi-az will be overridden to 35 # # @return [Integer] attr_accessor :backup_retention_period # **Default: `05:00-05:30`** - # The preferred time range to perform automatic database backups. # # @return [String] attr_accessor :preferred_backup_window # The preferred data/time range to perform database maintenance. Ex. Sun:02:00-Sun:03:00 # # @return [String] attr_accessor :preferred_maintenance_window # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. Increments of 1,000 # # @return [Integer] attr_accessor :iops # **Default: `true`** # # @return [Boolean] attr_accessor :auto_minor_version_upgrade # **Default: `false`** # # @return [Boolean] attr_accessor :allow_major_version_upgrade # **Default: `false`** # # @return [Boolean] attr_accessor :storage_encrypted # **Default: `new`**, # **Must be one of: `existing, new, new_snapshot, existing_snapshot, point_in_time`** - # 'new' - create a pristine database instances; 'existing' - use an existing database instance; 'new_snapshot' - create a snapshot of an existing database, and create a new one from that snapshot; 'existing_snapshot' - create database from an existing snapshot.; 'point_in_time' - create database from point in time backup of an existing database # # @return [String] attr_accessor :creation_style # For any creation_style other than 'new' this parameter identifies the database to use. In the case of new_snapshot or point_in_time this is the identifier of an existing database instance; in the case of existing_snapshot this is the identifier of the snapshot. # # @return [String] attr_accessor :identifier # Set master user name for this database instance; if not specified a random username will be generated # # @return [String] attr_accessor :master_user # Must either be set to 'latest' or date/time value in the following format: 2015-09-12T22:30:00Z. Applies only to point_in_time creation_style # # @return [String] attr_accessor :restore_time # **Default: `false`** # # @return [Boolean] attr_accessor :create_read_replica # Put read-replica in a particular region, other than the region of the source database. # # @return [String] attr_accessor :read_replica_region # **Default: `2`** - # The number of database instances to add to a database cluster. This only applies to aurora # # @return [Integer] attr_accessor :cluster_node_count # Create a database cluster instead of a standalone database. # # @return [Boolean] attr_accessor :create_cluster # The vault storing the password of the database master user. a random password will be generated if not specified. # # @return [BasketofKittens::databases::auth_vault] # @see BasketofKittens::databases::auth_vault attr_accessor :auth_vault # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::databases::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY** # The database parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::databases::db_parameter_group_parameters attr_accessor :db_parameter_group_parameters # **AWS & CLOUDFORMATION ONLY** # The database parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::databases::cluster_parameter_group_parameters attr_accessor :cluster_parameter_group_parameters # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An RDS parameter group family. See also https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html # ## +CLOUDFORMATION+: An RDS parameter group family. See also https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html # # @return [String] attr_accessor :parameter_group_family # **AWS & CLOUDFORMATION ONLY**, # **Default: `provisioned`**, # **Must be one of: `provisioned, serverless, parallelquery, global`** - # +AWS+: The DB engine mode of the DB cluster # ## +CLOUDFORMATION+: The DB engine mode of the DB cluster # # @return [String] attr_accessor :cluster_mode # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `error, general, audit, slow_query`** # # @return [Array] attr_accessor :cloudwatch_logs # **AWS & CLOUDFORMATION ONLY** # +AWS+: Scaling configuration for a +serverless+ Aurora cluster # ## +CLOUDFORMATION+: Scaling configuration for a +serverless+ Aurora cluster # # @return [BasketofKittens::databases::serverless_scaling] # @see BasketofKittens::databases::serverless_scaling attr_accessor :serverless_scaling # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `license-included, bring-your-own-license, general-public-license, postgresql-license`** - # ## # # @return [String] attr_accessor :license_model # @!endgroup end end class BasketofKittens class dnszones class records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class dnszones class records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class dnszones # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class records # @!group Required parameters # **REQUIRED**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # **REQUIRED** - # The value of this record. Must be valid for the 'type' field, e.g. A records must point to an IP address. If creating a record for an existing deployment, specify the mu_name of the resource, you must also specifiy deploy_id and mu_type # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::dnszones::records::geo_location] # @see BasketofKittens::dnszones::records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::dnszones::records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class dnszones class vpcs # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class dnszones class vpcs class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class dnszones class vpcs # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::dnszones::vpcs::habitat::tag] # @see BasketofKittens::dnszones::vpcs::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class dnszones # Reference a 'vpcs' resource from this 'dnszone' resource class vpcs # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::dnszones::vpcs::tag] # @see BasketofKittens::dnszones::vpcs::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::dnszones::vpcs::habitat] # @see BasketofKittens::dnszones::vpcs::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # @!endgroup end end end class BasketofKittens class dnszones # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create a DNS zone in Route 53. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class dnszones # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # The domain name to create. Must comply with RFC 1123 # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `true`** - # Create as a private internal domain, not publicly resolvable. # # @return [Boolean] attr_accessor :private # **Default: `true`** - # If this zone is private, make sure it is resolvable from all VPCs in this account. Will supercede the list in {MU::Config::BasketofKittens::dnszones.vpcs} for VPCs in this account. # # @return [Boolean] attr_accessor :all_account_vpcs # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::dnszones::records attr_accessor :records # Reference a 'vpcs' resource from this 'dnszone' resource # # @return [Array] # @see BasketofKittens::dnszones::vpcs attr_accessor :vpcs # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::dnszones::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class firewall_rules class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class firewall_rules class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class firewall_rules class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::firewall_rules::vpc::habitat::tag] # @see BasketofKittens::firewall_rules::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class firewall_rules # Reference a 'vpcs' resource from this 'firewall_rule' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::firewall_rules::vpc::tag] # @see BasketofKittens::firewall_rules::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::firewall_rules::vpc::habitat] # @see BasketofKittens::firewall_rules::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # @!endgroup end end end class BasketofKittens class firewall_rules # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class firewall_rules # Network ingress and/or egress rules. class rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp, esp, ah, sctp, ipip, all, standard`** - # +GOOGLE+: The protocol to allow with this rule. The +standard+ keyword will expand to a series of identical rules covering +icmp+, +tcp+, and +udp; the +all+ keyword will expand to a series of identical rules for all supported protocols. # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # +GOOGLE+: Explicitly set a priority for this firewall rule, between 0 and 65535, with lower numbered priority rules having greater precedence. # # @return [Integer] attr_accessor :weight # **Default: `false`** - # +GOOGLE+: Set this rule to +DENY+ traffic instead of +ALLOW+ # # @return [Boolean] attr_accessor :deny # # @return [Array] attr_accessor :source_tags # # @return [Array] attr_accessor :source_service_accounts # # @return [Array] attr_accessor :target_tags # # @return [Array] attr_accessor :target_service_accounts # @!endgroup end end end class BasketofKittens class firewall_rules # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create network-level access controls. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class firewall_rules # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Backwards-compatibility means of identifying a VPC; see {MU::Config::BasketofKittens::firewall_rules::vpc} # # @return [String] attr_accessor :vpc_name # Backwards-compatibility means of identifying a VPC; see {MU::Config::BasketofKittens::firewall_rules::vpc} # # @return [String] attr_accessor :vpc_id # Reference a 'vpcs' resource from this 'firewall_rule' resource # # @return [BasketofKittens::firewall_rules::vpc] # @see BasketofKittens::firewall_rules::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::firewall_rules::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `false`** # # @return [Boolean] attr_accessor :self_referencing # **Default: `false`** - # Internal use only. Flag generic administrative firewall rulesets for use by the Mu Master # # @return [Boolean] attr_accessor :admin # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::firewall_rules::rules attr_accessor :rules # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::firewall_rules::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources # # @return [String] attr_accessor :project # @!endgroup end end class BasketofKittens class loadbalancers class listeners # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end end class BasketofKittens class loadbalancers class listeners class rules # Rule condition class conditions # @!group Required parameters # **Default: `path-pattern`**, # **Must be one of: `path-pattern`** # # @return [String] attr_accessor :field # **REQUIRED** - # A pattern to match against for this field. # # @return [Array] attr_accessor :values # @!endgroup end end end end end class BasketofKittens class loadbalancers class listeners class rules # Rule action class actions # @!group Required parameters # **Default: `forward`**, # **Must be one of: `forward`** - # An action to take when a match occurs. Currently, only forwarding to a targetgroup is supported. # # @return [String] attr_accessor :action # **REQUIRED** - # Which of our declared targetgroups should be the recipient of this traffic. If left unspecified, will default to the default targetgroup of this listener. # # @return [String] attr_accessor :targetgroup # @!endgroup end end end end end class BasketofKittens class loadbalancers class listeners # Rules to route requests to different target groups based on the request path class rules # @!group Required parameters # **REQUIRED** # Rule condition # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules::conditions attr_accessor :conditions # **Default: `1`** - # The priority for the rule. Use to order processing relative to other rules. # # @return [Integer] attr_accessor :order # @!endgroup # @!group Optional parameters # Rule action # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules::actions attr_accessor :actions # @!endgroup end end end end class BasketofKittens class loadbalancers # A list of port/protocols which this Load Balancer should answer. class listeners # @!group Required parameters # **REQUIRED** - # Specifies the external load balancer port number. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :lb_port # **REQUIRED** - # Specifies the TCP port on which the instance server is listening. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :instance_port # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL, UDP`** - # Specifies the load balancer transport protocol to use for routing - HTTP, HTTPS, TCP, SSL, or UDP. SSL and UDP are only valid in Google Cloud. # # @return [String] attr_accessor :lb_protocol # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL, UDP`** - # Specifies the protocol to use for routing traffic to back-end instances - HTTP, HTTPS, TCP, or SSL. This property cannot be modified for the life of the load balancer. # # If the front-end protocol is HTTP or HTTPS, InstanceProtocol has to be at the same protocol layer, i.e., HTTP or HTTPS. Likewise, if the front-end protocol is TCP or SSL, InstanceProtocol has to be TCP or SSL. # # @return [String] attr_accessor :instance_protocol # @!endgroup # @!group Optional parameters # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::listeners::healthcheck] # @see BasketofKittens::loadbalancers::listeners::healthcheck attr_accessor :healthcheck # Which of our declared targetgroups should be the back-end for this listener's traffic # # @return [String] attr_accessor :targetgroup # The name of a server certificate. # # @return [String] attr_accessor :ssl_certificate_name # The ARN string of an Amazon IAM server certificate. # # @return [String] attr_accessor :ssl_certificate_id # **Default: `tls1.2`**, # **Must be one of: `tls1.0, tls1.1, tls1.2`** - # Lowest level of TLS to support. # # @return [String] attr_accessor :tls_policy # Rules to route requests to different target groups based on the request path # # @return [Array] # @see BasketofKittens::loadbalancers::listeners::rules attr_accessor :rules # @!endgroup end end end class BasketofKittens class loadbalancers # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class loadbalancers class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class loadbalancers class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class loadbalancers class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::loadbalancers::add_firewall_rules::habitat::tag] # @see BasketofKittens::loadbalancers::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class loadbalancers # Reference a 'firewall_rules' resource from this 'loadbalancer' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::loadbalancers::add_firewall_rules::tag] # @see BasketofKittens::loadbalancers::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::loadbalancers::add_firewall_rules::habitat] # @see BasketofKittens::loadbalancers::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class loadbalancers class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class loadbalancers class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class loadbalancers class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class loadbalancers # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::loadbalancers::dns_records::zone] # @see BasketofKittens::loadbalancers::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `R53ALIAS`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::loadbalancers::dns_records::geo_location] # @see BasketofKittens::loadbalancers::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::loadbalancers::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class loadbalancers class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class loadbalancers # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::loadbalancers::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class loadbalancers # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class loadbalancers # Creates a cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners. class lb_cookie_stickiness_policy # @!group Required parameters # **REQUIRED**, # **Must match pattern `^([a-zA-Z0-9\-]+)$`** - # The name of this policy. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # The time period in seconds after which the cookie should be considered stale. Not specifying this parameter indicates that the sticky session will last for the duration of the browser session. # # @return [Integer] attr_accessor :timeout # @!endgroup end end end class BasketofKittens class loadbalancers # Use IP addresses or IP/port/proto combinations to map client sessions to back-end servers. Only valid with Google Cloud, and is ignored for UDP-based listeners. class ip_stickiness_policy # @!group Optional parameters # **Default: `false`** - # Include the client protocol as well as the IP when determining session affinity. Only valid for internal load balancers. # # @return [Boolean] attr_accessor :map_proto # **Default: `false`** - # Include the client port as well as the IP when determining session affinity. Only valid for internal load balancers, and only in combination with map_proto. # # @return [Boolean] attr_accessor :map_port # @!endgroup end end end class BasketofKittens class loadbalancers # Use an application cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners, on AWS. class app_cookie_stickiness_policy # @!group Required parameters # **REQUIRED**, # **Must match pattern `^([a-zA-Z0-9\-]+)$`** - # The name of this policy. # # @return [String] attr_accessor :name # **REQUIRED** - # The name of an application cookie to use for session tracking. # # @return [String] attr_accessor :cookie # @!endgroup end end end class BasketofKittens class loadbalancers class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class loadbalancers class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class loadbalancers class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::loadbalancers::vpc::habitat::tag] # @see BasketofKittens::loadbalancers::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class loadbalancers class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class loadbalancers # Reference a 'vpcs' resource from this 'loadbalancer' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::loadbalancers::vpc::tag] # @see BasketofKittens::loadbalancers::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::loadbalancers::vpc::habitat] # @see BasketofKittens::loadbalancers::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::loadbalancers::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class loadbalancers # Access logging for Load Balancer requests. class access_log # @!group Required parameters # **Default: `false`** - # Toggle access log publishing. # # @return [Boolean] attr_accessor :enabled # **REQUIRED** - # The Amazon S3 bucket to which to publish access logs. # # @return [String] attr_accessor :s3_bucket_name # @!endgroup # @!group Optional parameters # **Default: ``** - # The path within the S3 bucket to which to publish the logs. # # @return [String] attr_accessor :s3_bucket_prefix # **Default: `60`**, # **Must be one of: `5, 60`** - # How frequently to publish access logs. # # @return [Integer] attr_accessor :emit_interval # @!endgroup end end end class BasketofKittens class loadbalancers # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end class BasketofKittens class loadbalancers class targetgroups # The method used by a Load Balancer to check the health of its client nodes. class healthcheck # @!group Required parameters # **REQUIRED**, # **Must match pattern `^(TCP:\d+|SSL:\d+|HTTP:\d+\/.*|HTTPS:\d+\/.*)$`** - # Specifies the instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. # # TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case a healthcheck simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. # # SSL is also specified as SSL: port pair, for example, SSL:5000. # # For HTTP or HTTPS protocol, the situation is different. You have to include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. # # The total length of the HTTP ping target needs to be 1024 16-bit Unicode characters or less. # # @return [String] attr_accessor :target # @!endgroup # @!group Optional parameters # **Default: `5`** # # @return [Integer] attr_accessor :timeout # **Default: `30`** # # @return [Integer] attr_accessor :interval # **Default: `2`** # # @return [Integer] attr_accessor :unhealthy_threshold # **Default: `10`** # # @return [Integer] attr_accessor :healthy_threshold # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # @!endgroup end end end end class BasketofKittens class loadbalancers # A grouping of class targetgroups # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, TCP, SSL`** # # @return [String] attr_accessor :proto # **REQUIRED** - # Specifies the TCP port on which the instance server is listening. This property cannot be modified for the life of the load balancer. # # @return [Integer] attr_accessor :port # @!endgroup # @!group Optional parameters # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::targetgroups::healthcheck] # @see BasketofKittens::loadbalancers::targetgroups::healthcheck attr_accessor :healthcheck # **Default: `200,301,302`** - # The HTTP codes to use when checking for a successful response from a target. # # @return [String] attr_accessor :httpcode # **Must be one of: `instance, ip, lambda`** # # @return [String] attr_accessor :target_type # @!endgroup end end end class BasketofKittens class loadbalancers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class loadbalancers # A named network port for a Google instance group, used for health checks and forwarding targets. class named_ports # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **GOOGLE ONLY** # # @return [Integer] attr_accessor :port # @!endgroup end end end class BasketofKittens # Create Load Balancers # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class loadbalancers # @!group Required parameters # **REQUIRED** - # Note that Amazon Elastic Load Balancer names must be relatively short. Brevity is recommended here. # # @return [String] attr_accessor :name # **REQUIRED** # A list of port/protocols which this Load Balancer should answer. # # @return [Array] # @see BasketofKittens::loadbalancers::listeners attr_accessor :listeners # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # Normally an ELB's Amazon identifier will be named the same as its internal Mu identifier. This allows you to override that name with a specific value. Note that Amazon Elastic Load Balancer names must be relatively short. Brevity is recommended here. Note also that setting a static name here may result in deploy failures due to name collision with existing ELBs. # # @return [String] attr_accessor :override_name # **Default: `false`** - # For AWS Load Balancers, revert to the old API instead ElasticLoadbalancingV2 (ALBs) # # @return [Boolean] attr_accessor :classic # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::loadbalancers::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Reference a 'firewall_rules' resource from this 'loadbalancer' resource # # @return [Array] # @see BasketofKittens::loadbalancers::add_firewall_rules attr_accessor :add_firewall_rules # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::loadbalancers::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::loadbalancers::alarms attr_accessor :alarms # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::loadbalancers::ingress_rules attr_accessor :ingress_rules # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Default: `false`** - # Set true to disable Cross-Zone load balancing, which we enable by default: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/how-elb-works.html#request-routing # # @return [Boolean] attr_accessor :cross_zone_unstickiness # **Default: `60`** - # Specifies the time (in seconds) the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. # # @return [Integer] attr_accessor :idle_timeout # Creates a cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners. # # @return [BasketofKittens::loadbalancers::lb_cookie_stickiness_policy] # @see BasketofKittens::loadbalancers::lb_cookie_stickiness_policy attr_accessor :lb_cookie_stickiness_policy # Use IP addresses or IP/port/proto combinations to map client sessions to back-end servers. Only valid with Google Cloud, and is ignored for UDP-based listeners. # # @return [BasketofKittens::loadbalancers::ip_stickiness_policy] # @see BasketofKittens::loadbalancers::ip_stickiness_policy attr_accessor :ip_stickiness_policy # Use an application cookie to tie client sessions to back-end servers. Only valid with HTTP/HTTPS listeners, on AWS. # # @return [BasketofKittens::loadbalancers::app_cookie_stickiness_policy] # @see BasketofKittens::loadbalancers::app_cookie_stickiness_policy attr_accessor :app_cookie_stickiness_policy # **Default: `-1`** - # Permits the load balancer to complete connections to unhealthy backend instances before retiring them fully. Timeout is in seconds; set to -1 to disable. # # @return [Integer] attr_accessor :connection_draining_timeout # **Default: `false`** - # Set to true if this ELB should only be assigned a private IP address (no public interface). # # @return [Boolean] attr_accessor :private # **Default: `true`** - # Google Cloud only. Deploy as a global artifact instead of in a specific region. Not valid for UDP targets. # # @return [Boolean] attr_accessor :global # Reference a 'vpcs' resource from this 'loadbalancer' resource # # @return [BasketofKittens::loadbalancers::vpc] # @see BasketofKittens::loadbalancers::vpc attr_accessor :vpc # # @return [Array] attr_accessor :zones # Access logging for Load Balancer requests. # # @return [BasketofKittens::loadbalancers::access_log] # @see BasketofKittens::loadbalancers::access_log attr_accessor :access_log # The method used by a Load Balancer to check the health of its client nodes. # # @return [BasketofKittens::loadbalancers::healthcheck] # @see BasketofKittens::loadbalancers::healthcheck attr_accessor :healthcheck # A grouping of # # @return [Array] # @see BasketofKittens::loadbalancers::targetgroups attr_accessor :targetgroups # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::loadbalancers::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY** # A named network port for a Google instance group, used for health checks and forwarding targets. # # @return [Array] # @see BasketofKittens::loadbalancers::named_ports attr_accessor :named_ports # @!endgroup end end class BasketofKittens class servers class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class servers class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class servers class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class servers # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::servers::dns_records::zone] # @see BasketofKittens::servers::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `A`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::servers::dns_records::geo_location] # @see BasketofKittens::servers::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::servers::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class servers # Create a reusable image of this server once it is complete. # class create_image # @!group Required parameters # **Default: `false`** - # Make the image public once it's complete # # @return [Boolean] attr_accessor :public # **Default: `false`** - # Destroy the source server after creating the reusable image(s). # # @return [Boolean] attr_accessor :image_then_destroy # **Default: `false`** - # When creating an image of this server, exclude the block device mappings of the source server. # # @return [Boolean] attr_accessor :image_exclude_storage # @!endgroup # @!group Optional parameters # Regions in which to place more copies of this image. If none are specified, or if the keyword #ALL is specified, will place in all available regions. # # @return [Array] attr_accessor :copy_to_regions # +GOOGLE+: Add a GCP image +family+ string to the created image(s) # # @return [String] attr_accessor :family # @!endgroup end end end class BasketofKittens class servers class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class servers class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::vpc::habitat::tag] # @see BasketofKittens::servers::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers # Reference a 'vpcs' resource from this 'server' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::vpc::tag] # @see BasketofKittens::servers::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::servers::vpc::habitat] # @see BasketofKittens::servers::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::servers::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class servers # Creates and attaches an EBS volume to this instance. class storage # @!group Required parameters # **REQUIRED** - # Size of this EBS volume (GB) # # @return [Integer] attr_accessor :size # @!endgroup # @!group Optional parameters # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. # # @return [Integer] attr_accessor :iops # Map this volume to a specific OS-level device (e.g. /dev/sdg) # # @return [String] attr_accessor :device # # @return [String] attr_accessor :virtual_name # # @return [String] attr_accessor :snapshot_id # **Default: `true`** # # @return [Boolean] attr_accessor :delete_on_termination # Do not share this device with the OS # # @return [String] attr_accessor :no_device # **Default: `false`** # # @return [Boolean] attr_accessor :encrypted # **Default: `gp2`**, # **Must be one of: `standard, io1, gp2, st1, sc1`** # # @return [String] attr_accessor :volume_type # @!endgroup end end end class BasketofKittens class servers # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. class ansible_vars end end end class BasketofKittens class servers # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. class groomer_variables end end end class BasketofKittens class servers # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class servers class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class servers # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::servers::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class servers class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class servers class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class servers # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::servers::active_directory::domain_join_vault] # @see BasketofKittens::servers::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::servers::active_directory::domain_admin_vault] # @see BasketofKittens::servers::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class servers # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class servers class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class servers class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::add_firewall_rules::habitat::tag] # @see BasketofKittens::servers::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers # Reference a 'firewall_rules' resource from this 'server' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::add_firewall_rules::tag] # @see BasketofKittens::servers::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::servers::add_firewall_rules::habitat] # @see BasketofKittens::servers::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class servers # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class servers # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class servers # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class servers # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class servers # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class servers # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class servers # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class servers # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class servers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class servers # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end class BasketofKittens class servers class roles class role # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class roles class role class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class servers class roles class role # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::roles::role::habitat::tag] # @see BasketofKittens::servers::roles::role::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class servers class roles # Reference a 'roles' resource from this 'user' resource class role # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `roles`**, # **Must be one of: `roles`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::roles::role::tag] # @see BasketofKittens::servers::roles::role::tag attr_accessor :tag # **GOOGLE & AZURE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::servers::roles::role::habitat] # @see BasketofKittens::servers::roles::role::habitat attr_accessor :habitat # @!endgroup end end end end class BasketofKittens class servers class roles class projects # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class roles # Reference a 'habitats' resource from this 'user' resource class projects # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::roles::projects::tag] # @see BasketofKittens::servers::roles::projects::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers class roles class folders # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class roles # Reference a 'folders' resource from this 'user' resource class folders # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::roles::folders::tag] # @see BasketofKittens::servers::roles::folders::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. class roles # @!group Optional parameters # **GOOGLE & AZURE ONLY** # Reference a 'roles' resource from this 'user' resource # # @return [BasketofKittens::servers::roles::role] # @see BasketofKittens::servers::roles::role attr_accessor :role # **GOOGLE & AZURE ONLY** # Reference a 'habitats' resource from this 'user' resource # # @return [Array] # @see BasketofKittens::servers::roles::projects attr_accessor :projects # **GOOGLE & AZURE ONLY** # Reference a 'folders' resource from this 'user' resource # # @return [Array] # @see BasketofKittens::servers::roles::folders attr_accessor :folders # **GOOGLE & AZURE ONLY** - # Either an organization cloud identifier, like +organizations/123456789012+, or the name of set of Mu credentials listed in +mu.yaml+, which can be used as an alias to the organization to which they authenticate. # # @return [Array] attr_accessor :organizations # @!endgroup end end end class BasketofKittens class servers class service_account # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class servers class service_account class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class servers class service_account # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::service_account::habitat::tag] # @see BasketofKittens::servers::service_account::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class servers # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. class service_account # @!group Required parameters # **GOOGLE ONLY**, # **Default: `users`**, # **Must be one of: `users`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::servers::service_account::tag] # @see BasketofKittens::servers::service_account::tag attr_accessor :tag # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::servers::service_account::habitat] # @see BasketofKittens::servers::service_account::habitat attr_accessor :habitat # @!endgroup end end end class BasketofKittens class servers # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines class metadata # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class servers # Define a network route, typically for use inside a VPC. class routes # @!group Optional parameters # **GOOGLE ONLY**, # **Default: `0.0.0.0/0`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :destination_network # **GOOGLE ONLY** - # The ID of a VPC peering connection to use as a gateway # # @return [String] attr_accessor :peer_id # **GOOGLE ONLY** - # The ID of a VPN, NAT, or Internet gateway attached to your VPC. #INTERNET will refer to this VPC's default internet gateway, if one exists. #NAT will refer to a this VPC's NAT gateway, and will implicitly create one if none exists. #DENY will ensure that the subnets associated with this route do *not* have a route outside of the VPC's local address space (primarily for Google Cloud, where we must explicitly disable egress to the internet). # # @return [String] attr_accessor :gateway # **GOOGLE ONLY** - # The instance id of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_id # **GOOGLE ONLY** - # The MU resource name or Name tag of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_name # **GOOGLE ONLY** - # A network interface over which to route. # # @return [String] attr_accessor :interface # @!endgroup end end end class BasketofKittens # Create individual server instances. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class servers # @!group Required parameters # **REQUIRED** - # The instance type to create. Must be valid for the cloud provider into which we're deploying. # # @return [String] attr_accessor :size # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::servers::dns_records attr_accessor :dns_records # **Default: `false`** - # Allow this server to be automatically used as a bastion host # # @return [Boolean] attr_accessor :bastion # The cloud provider image on which to base this instance. Will use the default appropriate for the +platform+, if not specified. # # @return [String] attr_accessor :image_id # Create a reusable image of this server once it is complete. ## # # @return [BasketofKittens::servers::create_image] # @see BasketofKittens::servers::create_image attr_accessor :create_image # Reference a 'vpcs' resource from this 'server' resource # # @return [BasketofKittens::servers::vpc] # @see BasketofKittens::servers::vpc attr_accessor :vpc # **Default: `true`** - # Enable detailed instance monitoring. # # @return [Boolean] attr_accessor :monitoring # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Request a specific private IP address for this instance. # # @return [String] attr_accessor :private_ip # Creates and attaches an EBS volume to this instance. # # @return [Array] # @see BasketofKittens::servers::storage attr_accessor :storage # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. # # @return [BasketofKittens::servers::ansible_vars] # @see BasketofKittens::servers::ansible_vars attr_accessor :ansible_vars # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef, Ansible`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # For groomer implementations which support automatically fetching roles/recipes/manifests from a public library, such as Ansible Galaxy, this will toggle this behavior on or off. # # @return [Boolean] attr_accessor :groomer_autofetch # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. # # @return [BasketofKittens::servers::groomer_variables] # @see BasketofKittens::servers::groomer_variables attr_accessor :groomer_variables # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::servers::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::servers::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::servers::active_directory] # @see BasketofKittens::servers::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::servers::loadbalancers attr_accessor :loadbalancers # Reference a 'firewall_rules' resource from this 'server' resource # # @return [Array] # @see BasketofKittens::servers::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::servers::static_ip] # @see BasketofKittens::servers::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::servers::userdata_script] # @see BasketofKittens::servers::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::servers::windows_auth_vault] # @see BasketofKittens::servers::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** - # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # **Default: `linux`**, # **Must be one of: `rhel71, centos6, centos7, ubuntu16, ubuntu14, win2k12r2, win2k16, amazon, win2k12, windows, ubuntu, centos, rhel7, rhel, linux, rhel6, debian10, debian9, ubuntu18, ubuntu19, win2k19, google, coreos, debian, rhel8`** - # Helps select default machine images, and enables correct grooming behavior based on operating system type. # # @return [String] attr_accessor :platform # A list of +groomer+ recipes/roles/scripts to run, using naming conventions specific to the appropriate grooming layer. In +Chef+, this corresponds to a node's +run_list+ attribute, and entries should be of the form role[rolename] or recipe[recipename]. In +Ansible+, it should be a list of roles (+rolename+), which Mu will use to generate a custom Playbook for the deployment. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::servers::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::servers::application_attributes] # @see BasketofKittens::servers::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::servers::secrets] # @see BasketofKittens::servers::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::servers::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::servers::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::servers::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Alias for +image_id+ # ## +CLOUDFORMATION+: Alias for +image_id+ # # @return [String] attr_accessor :ami_id # **AWS & CLOUDFORMATION ONLY**, # **Default: `true`** - # +AWS+: Generate a unique IAM profile for this Server or ServerPool. # ## +CLOUDFORMATION+: Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # ## +CLOUDFORMATION+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **AWS & CLOUDFORMATION ONLY** - # IAM policies to attach, pre-defined by Amazon (e.g. AmazonEKSWorkerNodePolicy) # # @return [Array] attr_accessor :canned_iam_policies # **AWS & CLOUDFORMATION ONLY** # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::servers::iam_policies attr_accessor :iam_policies # **GOOGLE & AZURE ONLY** # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. # # @return [Array] # @see BasketofKittens::servers::roles attr_accessor :roles # **GOOGLE ONLY** - # +GOOGLE+: Target this instance to a specific Availability Zone # # @return [String] attr_accessor :availability_zone # **GOOGLE ONLY** - # Add a network tag to this host, which can be used to selectively apply routes or firewall rules. # # @return [Array] attr_accessor :network_tags # **GOOGLE ONLY** # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. # # @return [BasketofKittens::servers::service_account] # @see BasketofKittens::servers::service_account attr_accessor :service_account # **GOOGLE ONLY** # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines # # @return [Array] # @see BasketofKittens::servers::metadata attr_accessor :metadata # **GOOGLE ONLY** # Define a network route, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::servers::routes attr_accessor :routes # **GOOGLE ONLY** - # API scopes to make available to this resource's service account. # # @return [Array] attr_accessor :scopes # @!endgroup end end class BasketofKittens class server_pools class basis class launch_config # Creates and attaches an EBS volume to this instance. class storage # @!group Required parameters # **REQUIRED** - # Size of this EBS volume (GB) # # @return [Integer] attr_accessor :size # @!endgroup # @!group Optional parameters # The amount of IOPS to allocate to Provisioned IOPS (io1) volumes. # # @return [Integer] attr_accessor :iops # Map this volume to a specific OS-level device (e.g. /dev/sdg) # # @return [String] attr_accessor :device # # @return [String] attr_accessor :virtual_name # # @return [String] attr_accessor :snapshot_id # **Default: `true`** # # @return [Boolean] attr_accessor :delete_on_termination # Do not share this device with the OS # # @return [String] attr_accessor :no_device # **Default: `false`** # # @return [Boolean] attr_accessor :encrypted # **Default: `gp2`**, # **Must be one of: `standard, io1, gp2, st1, sc1`** # # @return [String] attr_accessor :volume_type # @!endgroup end end end end end class BasketofKittens class server_pools class basis class launch_config # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end end end class BasketofKittens class server_pools class basis # An Amazon Launch Config for an Autoscale Group. class launch_config # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The Amazon EC2 instance type to use when creating this server. # # @return [String] attr_accessor :size # @!endgroup # @!group Optional parameters # The AWS instance ID of an existing instance to use as the base image in this Launch Config. # # @return [String] attr_accessor :instance_id # Creates and attaches an EBS volume to this instance. # # @return [Array] # @see BasketofKittens::server_pools::basis::launch_config::storage attr_accessor :storage # Build a server defined elsewhere in this stack, create an AMI from it, then use it as the base image in this Launch Config. # # @return [String] attr_accessor :server # The Amazon EC2 AMI to use as the base image in this Launch Config. Will use the default for platform if not specified. # # @return [String] attr_accessor :ami_id # The Google Cloud Platform Image on which to base this autoscaler. Will use the default appropriate for the platform, if not specified. # # @return [String] attr_accessor :image_id # **Default: `true`** - # Enable instance monitoring? # # @return [Boolean] attr_accessor :monitoring # **Default: `false`** - # EBS optimized? # # @return [Boolean] attr_accessor :ebs_optimized # An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **Default: `true`** - # Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::server_pools::basis::launch_config::iam_policies attr_accessor :iam_policies # # @return [String] attr_accessor :spot_price # Kernel to use with servers created from this Launch Configuration. # # @return [String] attr_accessor :kernel_id # Kernel to use with servers created from this Launch Configuration. # # @return [String] attr_accessor :ramdisk_id # @!endgroup end end end end class BasketofKittens class server_pools # The baseline for new servers created within this Autoscale Group. class basis # @!group Optional parameters # The AWS instance ID of an existing instance to use as the base image for this Autoscale Group. # # @return [String] attr_accessor :instance_id # Build a server defined elsewhere in this stack, then use it as the base image for this Autoscale Group. # # @return [String] attr_accessor :server # An Amazon Launch Config for an Autoscale Group. # # @return [BasketofKittens::server_pools::basis::launch_config] # @see BasketofKittens::server_pools::basis::launch_config attr_accessor :launch_config # @!endgroup end end end class BasketofKittens class server_pools class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class server_pools class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class server_pools class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class server_pools # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::server_pools::dns_records::zone] # @see BasketofKittens::server_pools::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `A`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::server_pools::dns_records::geo_location] # @see BasketofKittens::server_pools::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::server_pools::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class server_pools class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class server_pools class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class server_pools class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::vpc::habitat::tag] # @see BasketofKittens::server_pools::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class server_pools class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class server_pools # Reference a 'vpcs' resource from this 'server_pool' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::vpc::tag] # @see BasketofKittens::server_pools::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::server_pools::vpc::habitat] # @see BasketofKittens::server_pools::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::server_pools::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class server_pools # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class server_pools # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. class ansible_vars end end end class BasketofKittens class server_pools # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. class groomer_variables end end end class BasketofKittens class server_pools class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class server_pools # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::server_pools::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class server_pools class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class server_pools class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class server_pools # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::server_pools::active_directory::domain_join_vault] # @see BasketofKittens::server_pools::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::server_pools::active_directory::domain_admin_vault] # @see BasketofKittens::server_pools::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class server_pools # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class server_pools class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class server_pools class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class server_pools class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::add_firewall_rules::habitat::tag] # @see BasketofKittens::server_pools::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class server_pools # Reference a 'firewall_rules' resource from this 'server' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::add_firewall_rules::tag] # @see BasketofKittens::server_pools::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::server_pools::add_firewall_rules::habitat] # @see BasketofKittens::server_pools::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class server_pools # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class server_pools # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class server_pools # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class server_pools # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class server_pools # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class server_pools # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class server_pools # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class server_pools # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class server_pools # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class server_pools # +AWS+: Send notifications to an SNS topic for basic AutoScaling events # +CLOUDFORMATION+: Send notifications to an SNS topic for basic AutoScaling events class notifications # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # The short name or ARN of an SNS topic which should receive notifications for basic Autoscaling events # # @return [String] attr_accessor :topic # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `launch, failed_launch, terminate, failed_terminate`** - # The AutoScaling events which should generate a notification # # @return [Array] attr_accessor :events # @!endgroup end end end class BasketofKittens class server_pools # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } class iam_policies end end end class BasketofKittens class server_pools # Tell AutoScale to alter min/max/desired for this group at a scheduled time, optionally repeating. class schedule # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A name for this scheduled action, e.g. 'scale-down-over-night' # # @return [String] attr_accessor :action_name # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # When should this one-off scheduled behavior take effect? Times are UTC. Must be a valid Ruby Time.parse() string, e.g. '20:00' or '2014-05-12T08:00:00Z'. If declared along with 'recurrence,' AutoScaling performs the action at this time, and then performs the action based on the specified recurrence. # # @return [String] attr_accessor :start_time # **AWS & CLOUDFORMATION ONLY** - # When should this scheduled behavior end? Times are UTC. Must be a valid Ruby Time.parse() string, e.g. '20:00' or '2014-05-12T08:00:00Z' # # @return [String] attr_accessor :end_time # **AWS & CLOUDFORMATION ONLY** - # A recurring schedule for this action, in Unix cron syntax format (e.g. '0 20 * * *'). Times are UTC. # # @return [String] attr_accessor :recurrence # **AWS & CLOUDFORMATION ONLY** # # @return [Integer] attr_accessor :min_size # **AWS & CLOUDFORMATION ONLY** # # @return [Integer] attr_accessor :max_size # **AWS & CLOUDFORMATION ONLY** - # The number of Amazon EC2 instances that should be running in the group. Should be between min_size and max_size. # # @return [Integer] attr_accessor :desired_capacity # @!endgroup end end end class BasketofKittens class server_pools class scaling_policies class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # **AWS & CLOUDFORMATION ONLY** - # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # **AWS & CLOUDFORMATION ONLY** - # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # **AWS & CLOUDFORMATION ONLY** - # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end end class BasketofKittens class server_pools class scaling_policies # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :ok_actions # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :alarm_actions # **AWS & CLOUDFORMATION ONLY** # # @return [Array] attr_accessor :no_data_actions # **AWS & CLOUDFORMATION ONLY** - # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # **AWS & CLOUDFORMATION ONLY** # What to monitor # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::alarms::dimensions attr_accessor :dimensions # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # **AWS & CLOUDFORMATION ONLY** - # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **AWS & CLOUDFORMATION ONLY**, # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **AWS & CLOUDFORMATION ONLY**, # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # **AWS & CLOUDFORMATION ONLY** - # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end end class BasketofKittens class server_pools class scaling_policies # Requires policy_type 'StepScaling' class step_adjustments # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The number of instances by which to scale at this specific step. Postive value when adding capacity, negative value when removing capacity # # @return [Integer] attr_accessor :adjustment # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # The lower bound value in percentage points above/below the alarm threshold at which to add/remove capacity for this step. Positive value when adding capacity and negative when removing capacity. If this is the first step and capacity is being added this value will most likely be 0 # # @return [Integer] attr_accessor :lower_bound # **AWS & CLOUDFORMATION ONLY** - # The upper bound value in percentage points above/below the alarm threshold at which to add/remove capacity for this step. Positive value when adding capacity and negative when removing capacity. If this is the first step and capacity is being removed this value will most likely be 0 # # @return [Integer] attr_accessor :upper_bound # @!endgroup end end end end class BasketofKittens class server_pools class scaling_policies class target_tracking_configuration class customized_metric_specification # What resource to monitor with the alarm we are implicitly declaring class dimensions # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The type of resource we're monitoring, e.g. InstanceId or AutoScalingGroupName # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name or cloud identifier of the resource we're monitoring # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class server_pools class scaling_policies class target_tracking_configuration # A customized metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html#customized_metric_specification-instance_method class customized_metric_specification # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The name of container 'metric_name' belongs to eg. 'AWS/ApplicationELB' # # @return [String] attr_accessor :namespace # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `Average, Minimum, Maximum, SampleCount, Sum`** # # @return [String] attr_accessor :statistic # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # Associated with the 'metric', usually something like Megabits or Seconds # # @return [String] attr_accessor :unit # **AWS & CLOUDFORMATION ONLY** # What resource to monitor with the alarm we are implicitly declaring # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification::dimensions attr_accessor :dimensions # @!endgroup end end end end end class BasketofKittens class server_pools class scaling_policies # Required when policy_type is set to 'TargetTrackingScaling' https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html class target_tracking_configuration # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # The target value for the metric. # # @return [Float] attr_accessor :target_value # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** - # If our load balancer has multiple target groups, prefer the one with this name instead of choosing one arbitrarily # # @return [String] attr_accessor :preferred_target_group # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # If set to true, new instances created by this policy will not be subject to termination by scaling in. # # @return [Boolean] attr_accessor :disable_scale_in # **AWS & CLOUDFORMATION ONLY**, # **Default: `ASGAverageCPUUtilization`**, # **Must be one of: `ASGAverageCPUUtilization, ASGAverageNetworkIn, ASGAverageNetworkOut, ALBRequestCountPerTarget`** - # A predefined metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/PredefinedMetricSpecification.html # # @return [String] attr_accessor :predefined_metric_specification # **AWS & CLOUDFORMATION ONLY** # A customized metric. You can specify either a predefined metric or a customized metric. https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html#customized_metric_specification-instance_method # # @return [BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration::customized_metric_specification attr_accessor :customized_metric_specification # @!endgroup end end end end class BasketofKittens class server_pools # A custom AWS Autoscale scaling policy for this pool. class scaling_policies # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **AWS & CLOUDFORMATION ONLY** # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::alarms attr_accessor :alarms # **AWS & CLOUDFORMATION ONLY**, # **Must be one of: `ChangeInCapacity, ExactCapacity, PercentChangeInCapacity`** - # Specifies whether 'adjustment' is an absolute number or a percentage of the current capacity for SimpleScaling and StepScaling. Valid values are ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity. # # @return [String] attr_accessor :type # **AWS & CLOUDFORMATION ONLY** - # The number of instances by which to scale. 'type' determines the interpretation of this number (e.g., as an absolute number or as a percentage of the existing Auto Scaling group size). A positive increment adds to the current capacity and a negative value removes from the current capacity. Used only when policy_type is set to 'SimpleScaling' # # @return [Integer] attr_accessor :adjustment # **AWS & CLOUDFORMATION ONLY**, # **Default: `1`** - # The amount of time, in seconds, after a scaling activity completes and before the next scaling activity can start. # # @return [Integer] attr_accessor :cooldown # **AWS & CLOUDFORMATION ONLY** - # Used when 'type' is set to 'PercentChangeInCapacity', the scaling policy changes the DesiredCapacity of the Auto Scaling group by at least the number of instances specified in the value. # # @return [Integer] attr_accessor :min_adjustment_magnitude # **AWS & CLOUDFORMATION ONLY**, # **Default: `SimpleScaling`**, # **Must be one of: `SimpleScaling, StepScaling, TargetTrackingScaling`** - # 'StepScaling' will add capacity based on the magnitude of the alarm breach, 'SimpleScaling' will add capacity based on the 'adjustment' value provided. Defaults to 'SimpleScaling'. # # @return [String] attr_accessor :policy_type # **AWS & CLOUDFORMATION ONLY**, # **Default: `Average`**, # **Must be one of: `Minimum, Maximum, Average`** - # Defaults to 'Average' if not specified. Required when policy_type is set to 'StepScaling' # # @return [String] attr_accessor :metric_aggregation_type # **AWS & CLOUDFORMATION ONLY** # Requires policy_type 'StepScaling' # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies::step_adjustments attr_accessor :step_adjustments # **AWS & CLOUDFORMATION ONLY** - # Required when policy_type is set to 'StepScaling' # # @return [Integer] attr_accessor :estimated_instance_warmup # **AWS & CLOUDFORMATION ONLY** # Required when policy_type is set to 'TargetTrackingScaling' https://docs.aws.amazon.com/sdkforruby/api/Aws/AutoScaling/Types/TargetTrackingConfiguration.html # # @return [BasketofKittens::server_pools::scaling_policies::target_tracking_configuration] # @see BasketofKittens::server_pools::scaling_policies::target_tracking_configuration attr_accessor :target_tracking_configuration # @!endgroup end end end class BasketofKittens class server_pools # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines class metadata # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class server_pools class service_account # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class server_pools class service_account class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class server_pools class service_account # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::service_account::habitat::tag] # @see BasketofKittens::server_pools::service_account::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class server_pools # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. class service_account # @!group Required parameters # **GOOGLE ONLY**, # **Default: `users`**, # **Must be one of: `users`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::server_pools::service_account::tag] # @see BasketofKittens::server_pools::service_account::tag attr_accessor :tag # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::server_pools::service_account::habitat] # @see BasketofKittens::server_pools::service_account::habitat attr_accessor :habitat # @!endgroup end end end class BasketofKittens class server_pools # A named network port for a Google instance group, used for health checks and forwarding targets. class named_ports # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **GOOGLE ONLY** # # @return [Integer] attr_accessor :port # @!endgroup end end end class BasketofKittens # Create scalable pools of identical servers. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. class server_pools # @!group Required parameters # **REQUIRED** # # @return [Integer] attr_accessor :min_size # **REQUIRED** # # @return [Integer] attr_accessor :max_size # **REQUIRED** # The baseline for new servers created within this Autoscale Group. # # @return [BasketofKittens::server_pools::basis] # @see BasketofKittens::server_pools::basis attr_accessor :basis # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::server_pools::dns_records attr_accessor :dns_records # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `0`** - # Use this parameter to force a certain number of nodes to come up and be fully bootstrapped before the rest of the pool is initialized. # # @return [Integer] attr_accessor :wait_for_nodes # Reference a 'vpcs' resource from this 'server_pool' resource # # @return [BasketofKittens::server_pools::vpc] # @see BasketofKittens::server_pools::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::server_pools::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # The number of Amazon EC2 instances that should be running in the group. Should be between min_size and max_size. # # @return [Integer] attr_accessor :desired_capacity # **Default: `300`** # # @return [Integer] attr_accessor :default_cooldown # **Default: `EC2`**, # **Must be one of: `EC2, ELB`** # # @return [String] attr_accessor :health_check_type # **Default: `0`** # # @return [Integer] attr_accessor :health_check_grace_period # A comma-separated list of subnet identifiers of Amazon Virtual Private Clouds (Amazon VPCs). # # If you specify subnets and Availability Zones with this call, ensure that the subnets' Availability Zones match the Availability Zones specified. # # @return [String] attr_accessor :vpc_zone_identifier # # @return [Array] attr_accessor :zones # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. # # @return [BasketofKittens::server_pools::ansible_vars] # @see BasketofKittens::server_pools::ansible_vars attr_accessor :ansible_vars # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef, Ansible`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # For groomer implementations which support automatically fetching roles/recipes/manifests from a public library, such as Ansible Galaxy, this will toggle this behavior on or off. # # @return [Boolean] attr_accessor :groomer_autofetch # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. # # @return [BasketofKittens::server_pools::groomer_variables] # @see BasketofKittens::server_pools::groomer_variables attr_accessor :groomer_variables # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::server_pools::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::server_pools::active_directory] # @see BasketofKittens::server_pools::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::server_pools::loadbalancers attr_accessor :loadbalancers # Reference a 'firewall_rules' resource from this 'server' resource # # @return [Array] # @see BasketofKittens::server_pools::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::server_pools::static_ip] # @see BasketofKittens::server_pools::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::server_pools::userdata_script] # @see BasketofKittens::server_pools::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::server_pools::windows_auth_vault] # @see BasketofKittens::server_pools::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** - # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # **Default: `linux`**, # **Must be one of: `rhel71, centos6, centos7, ubuntu16, ubuntu14, win2k12r2, win2k16, amazon, win2k12, windows, ubuntu, centos, rhel7, rhel, linux, rhel6, debian10, debian9, ubuntu18, ubuntu19, win2k19, google, coreos, debian, rhel8`** - # Helps select default machine images, and enables correct grooming behavior based on operating system type. # # @return [String] attr_accessor :platform # A list of +groomer+ recipes/roles/scripts to run, using naming conventions specific to the appropriate grooming layer. In +Chef+, this corresponds to a node's +run_list+ attribute, and entries should be of the form role[rolename] or recipe[recipename]. In +Ansible+, it should be a list of roles (+rolename+), which Mu will use to generate a custom Playbook for the deployment. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::server_pools::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::server_pools::application_attributes] # @see BasketofKittens::server_pools::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::server_pools::secrets] # @see BasketofKittens::server_pools::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::server_pools::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::server_pools::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::server_pools::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: Normally we namespace IAM roles with a +path+ set to match our +deploy_id+; this disables that behavior. Temporary workaround for a bug in EKS/IAM integration. # ## +CLOUDFORMATION+: Normally we namespace IAM roles with a +path+ set to match our +deploy_id+; this disables that behavior. Temporary workaround for a bug in EKS/IAM integration. # # @return [Boolean] attr_accessor :role_strip_path # **AWS & CLOUDFORMATION ONLY** # +AWS+: Send notifications to an SNS topic for basic AutoScaling events # ## +CLOUDFORMATION+: Send notifications to an SNS topic for basic AutoScaling events # # @return [BasketofKittens::server_pools::notifications] # @see BasketofKittens::server_pools::notifications attr_accessor :notifications # **AWS & CLOUDFORMATION ONLY**, # **Default: `true`** - # +AWS+: Generate a unique IAM profile for this Server or ServerPool. # ## +CLOUDFORMATION+: Generate a unique IAM profile for this Server or ServerPool. # # @return [Boolean] attr_accessor :generate_iam_role # **AWS & CLOUDFORMATION ONLY** - # +AWS+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # ## +CLOUDFORMATION+: An Amazon IAM instance profile, from which to harvest role policies to merge into this node's own instance profile. If generate_iam_role is false, will simple use this profile. # # @return [String] attr_accessor :iam_role # **AWS & CLOUDFORMATION ONLY** # Amazon-compatible role policies which will be merged into this node's own instance profile. Not valid with generate_iam_role set to false. Our parser expects the role policy document to me embedded under a named container, e.g. { 'name_of_policy':'{ } } # # @return [Array] # @see BasketofKittens::server_pools::iam_policies attr_accessor :iam_policies # **AWS & CLOUDFORMATION ONLY** - # IAM policies to attach, pre-defined by Amazon (e.g. AmazonEKSWorkerNodePolicy) # # @return [Array] attr_accessor :canned_iam_policies # **AWS & CLOUDFORMATION ONLY** # Tell AutoScale to alter min/max/desired for this group at a scheduled time, optionally repeating. # # @return [Array] # @see BasketofKittens::server_pools::schedule attr_accessor :schedule # **AWS & CLOUDFORMATION ONLY**, # **Must match pattern `^(all|initial|\d+)$`** - # +AWS+: Protect instances from scale-in termination. Can be 'all', 'initial' (essentially 'min_size'), or an number; note the number needs to be a string, so put it in quotes # ## +CLOUDFORMATION+: Protect instances from scale-in termination. Can be 'all', 'initial' (essentially 'min_size'), or an number; note the number needs to be a string, so put it in quotes # # @return [String] attr_accessor :scale_in_protection # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ALBRequestCountPerTarget with some reasonable defaults # ## +CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ALBRequestCountPerTarget with some reasonable defaults # # @return [Float] attr_accessor :scale_with_alb_traffic # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageCPUUtilization with some reasonable defaults # ## +CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageCPUUtilization with some reasonable defaults # # @return [Float] attr_accessor :scale_with_cpu # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkIn with some reasonable defaults # ## +CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkIn with some reasonable defaults # # @return [Float] attr_accessor :scale_with_network_in # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkOut with some reasonable defaults # ## +CLOUDFORMATION+: Shorthand for creating a target_tracking_configuration to scale on ASGAverageNetworkOut with some reasonable defaults # # @return [Float] attr_accessor :scale_with_network_out # **AWS & CLOUDFORMATION ONLY**, # **Default: `Default`**, # **Must be one of: `AllocationStrategy, ClosestToNextInstanceHour, Default, NewestInstance, OldestInstance, OldestLaunchConfiguration, OldestLaunchTemplate`** # # @return [Array] attr_accessor :termination_policies # **AWS & CLOUDFORMATION ONLY** # A custom AWS Autoscale scaling policy for this pool. # # @return [Array] # @see BasketofKittens::server_pools::scaling_policies attr_accessor :scaling_policies # **GOOGLE ONLY** # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines # # @return [Array] # @see BasketofKittens::server_pools::metadata attr_accessor :metadata # **GOOGLE ONLY** # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. # # @return [BasketofKittens::server_pools::service_account] # @see BasketofKittens::server_pools::service_account attr_accessor :service_account # **GOOGLE ONLY** - # API scopes to make available to this resource's service account. # # @return [Array] attr_accessor :scopes # **GOOGLE ONLY** - # Add a network tag to this host, which can be used to selectively apply routes or firewall rules. # # @return [Array] attr_accessor :network_tags # **GOOGLE ONLY** - # +GOOGLE+: Target a specific availability zone for this pool, which will create zonal instance managers and scalers instead of regional ones. # # @return [String] attr_accessor :availability_zone # **GOOGLE ONLY** # A named network port for a Google instance group, used for health checks and forwarding targets. # # @return [Array] # @see BasketofKittens::server_pools::named_ports attr_accessor :named_ports # @!endgroup end end class BasketofKittens class vpcs class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class vpcs # Reference a 'habitats' resource from this 'vpc' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::vpcs::habitat::tag] # @see BasketofKittens::vpcs::habitat::tag attr_accessor :tag # @!endgroup end end end class BasketofKittens class vpcs # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class vpcs class bastion # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class vpcs class bastion class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class vpcs class bastion # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::vpcs::bastion::habitat::tag] # @see BasketofKittens::vpcs::bastion::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class vpcs # A reference to a bastion host that can be used to tunnel into private address space in this VPC. class bastion # @!group Required parameters # **Default: `servers`**, # **Must be one of: `servers`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::vpcs::bastion::tag] # @see BasketofKittens::vpcs::bastion::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::vpcs::bastion::habitat] # @see BasketofKittens::vpcs::bastion::habitat attr_accessor :habitat # @!endgroup end end end class BasketofKittens class vpcs # When the 'create_standard_subnets' flag is set, use this to target a specific set of availability zones across which to spread those subnets. Will attempt to guess based on the target region, if not specified. class availability_zones # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :zone # @!endgroup end end end class BasketofKittens class vpcs # Amazon-compatible endpoint policy that controls access to the endpoint by other resources in the VPC. If not provided Amazon will create a default policy that provides full access. class endpoint_policy end end end class BasketofKittens class vpcs # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class vpcs class peers class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class vpcs class peers class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class vpcs class peers class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::vpcs::peers::vpc::habitat::tag] # @see BasketofKittens::vpcs::peers::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class vpcs class peers class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class vpcs class peers # Reference a 'vpcs' resource from this 'vpc' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::vpcs::peers::vpc::tag] # @see BasketofKittens::vpcs::peers::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::vpcs::peers::vpc::habitat] # @see BasketofKittens::vpcs::peers::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::vpcs::peers::vpc::subnets attr_accessor :subnets # @!endgroup end end end end class BasketofKittens class vpcs # One or more other VPCs with which to attempt to create a peering connection. class peers # @!group Required parameters # **REQUIRED** # Reference a 'vpcs' resource from this 'vpc' resource # # @return [BasketofKittens::vpcs::peers::vpc] # @see BasketofKittens::vpcs::peers::vpc attr_accessor :vpc # @!endgroup # @!group Optional parameters # The AWS account which owns the target VPC. # # @return [String] attr_accessor :account # **Default: `false`** - # +AZURE+: Allow traffic originating from outside peered networks # # @return [Boolean] attr_accessor :allow_forwarded_traffic # **Default: `false`** - # +AZURE+: Permit peered networks to use each others' VPN gateways # # @return [Boolean] attr_accessor :allow_gateway_traffic # @!endgroup end end end class BasketofKittens class vpcs class route_tables # Define a network route, typically for use inside a VPC. class routes # @!group Optional parameters # **Default: `0.0.0.0/0`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :destination_network # The ID of a VPC peering connection to use as a gateway # # @return [String] attr_accessor :peer_id # The ID of a VPN, NAT, or Internet gateway attached to your VPC. #INTERNET will refer to this VPC's default internet gateway, if one exists. #NAT will refer to a this VPC's NAT gateway, and will implicitly create one if none exists. #DENY will ensure that the subnets associated with this route do *not* have a route outside of the VPC's local address space (primarily for Google Cloud, where we must explicitly disable egress to the internet). # # @return [String] attr_accessor :gateway # The instance id of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_id # The MU resource name or Name tag of a NAT host in this VPN. # # @return [String] attr_accessor :nat_host_name # A network interface over which to route. # # @return [String] attr_accessor :interface # @!endgroup end end end end class BasketofKittens class vpcs # A table of route entries, typically for use inside a VPC. class route_tables # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # Define a network route, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::vpcs::route_tables::routes attr_accessor :routes # @!endgroup end end end class BasketofKittens class vpcs # A list of subnets class subnets # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :ip_block # @!endgroup # @!group Optional parameters # # @return [String] attr_accessor :availability_zone # # @return [String] attr_accessor :route_table # **Default: `false`** - # If the cloud provider's instances should automatically be assigned publicly routable addresses. # # @return [Boolean] attr_accessor :map_public_ips # **AWS & CLOUDFORMATION ONLY**, # **Default: `all`**, # **Must be one of: `accept, reject, all`** - # +AWS+: +AWS+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # ## +CLOUDFORMATION+: +CLOUDFORMATION+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # # @return [String] attr_accessor :traffic_type_to_log # **AWS & CLOUDFORMATION ONLY** - # +AWS+: +AWS+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # ## +CLOUDFORMATION+: +CLOUDFORMATION+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # # @return [String] attr_accessor :log_group_name # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: +AWS+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # ## +CLOUDFORMATION+: +CLOUDFORMATION+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # # @return [Boolean] attr_accessor :enable_traffic_logging # @!endgroup end end end class BasketofKittens class vpcs # Alternate DHCP behavior for nodes in this VPC class dhcp # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four DNS servers # # @return [Array] attr_accessor :dns_servers # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four NTP servers # # @return [Array] attr_accessor :ntp_servers # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The IP address of up to four NetBIOS servers # # @return [Array] attr_accessor :netbios_servers # **Default: `2`**, # **Must be one of: `1, 2, 4, 8`** # # @return [Integer] attr_accessor :netbios_type # If you're using AmazonProvidedDNS in us-east-1, specify ec2.internal. If you're using AmazonProvidedDNS in another region, specify region.compute.internal (for example, ap-northeast-1.compute.internal). Otherwise, specify a domain name (for example, MyCompany.com). # # @return [Array] attr_accessor :domains # @!endgroup end end end class BasketofKittens # Create Virtual Private Clouds with custom public or private subnets. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class vpcs # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Reference a 'habitats' resource from this 'vpc' resource # # @return [BasketofKittens::vpcs::habitat] # @see BasketofKittens::vpcs::habitat attr_accessor :habitat # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [String] attr_accessor :ip_block # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::vpcs::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `true`** - # If we have private subnets and our Mu Master will not be able to route directly to them, create a small instance to serve as an ssh relay. # # @return [Boolean] attr_accessor :create_bastion # A reference to a bastion host that can be used to tunnel into private address space in this VPC. # # @return [BasketofKittens::vpcs::bastion] # @see BasketofKittens::vpcs::bastion attr_accessor :bastion # **Default: `true`** - # If the 'subnets' parameter to this VPC is not specified, we will instead create one set of public subnets and one set of private, with a public/private pair in each Availability Zone in the target region. # # @return [Boolean] attr_accessor :create_standard_subnets # When the 'create_standard_subnets' flag is set, use this to target a specific set of availability zones across which to spread those subnets. Will attempt to guess based on the target region, if not specified. # # @return [Array] # @see BasketofKittens::vpcs::availability_zones attr_accessor :availability_zones # **Default: `true`** # # @return [Boolean] attr_accessor :create_internet_gateway # **Default: `false`** - # If set to 'true' will create a NAT gateway to enable traffic in private subnets to be routed to the internet. # # @return [Boolean] attr_accessor :create_nat_gateway # **Default: `true`** # # @return [Boolean] attr_accessor :enable_dns_support # Amazon-compatible endpoint policy that controls access to the endpoint by other resources in the VPC. If not provided Amazon will create a default policy that provides full access. # # @return [Array] # @see BasketofKittens::vpcs::endpoint_policy attr_accessor :endpoint_policy # An Amazon service specific endpoint that resources within a VPC can route to without going through a NAT or an internet gateway. Currently only S3 is supported. an example S3 endpoint in the us-east-1 region: com.amazonaws.us-east-1.s3. # # @return [String] attr_accessor :endpoint # **Default: `true`** # # @return [Boolean] attr_accessor :enable_dns_hostnames # **Default: `false`** - # If set to 'true' will create a separate NAT gateway in each availability zone and configure subnet route tables appropriately # # @return [Boolean] attr_accessor :nat_gateway_multi_az # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::vpcs::dependencies attr_accessor :dependencies # **Default: `true`** - # Peering connections requested to this VPC by other deployments on the same Mu master will be automatically accepted. # # @return [Boolean] attr_accessor :auto_accept_peers # One or more other VPCs with which to attempt to create a peering connection. # # @return [Array] # @see BasketofKittens::vpcs::peers attr_accessor :peers # A table of route entries, typically for use inside a VPC. # # @return [Array] # @see BasketofKittens::vpcs::route_tables attr_accessor :route_tables # A list of subnets # # @return [Array] # @see BasketofKittens::vpcs::subnets attr_accessor :subnets # Alternate DHCP behavior for nodes in this VPC # # @return [BasketofKittens::vpcs::dhcp] # @see BasketofKittens::vpcs::dhcp attr_accessor :dhcp # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `all`**, # **Must be one of: `accept, reject, all`** - # +AWS+: +AWS+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # ## +CLOUDFORMATION+: +CLOUDFORMATION+: The class of traffic to log - accepted traffic, rejected traffic or all traffic. # # @return [String] attr_accessor :traffic_type_to_log # **AWS & CLOUDFORMATION ONLY** - # +AWS+: +AWS+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # ## +CLOUDFORMATION+: +CLOUDFORMATION+: An existing CloudWachLogs log group the traffic will be logged to. If not provided, a new one will be created # # @return [String] attr_accessor :log_group_name # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # +AWS+: +AWS+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # ## +CLOUDFORMATION+: +CLOUDFORMATION+: If traffic logging is enabled or disabled. Will be enabled on all subnets and network interfaces if set to true on a VPC # # @return [Boolean] attr_accessor :enable_traffic_logging # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [Array] attr_accessor :regions # **GOOGLE ONLY** - # +GOOGLE+: The project into which to deploy resources. This is shorthand for a +habitat+ key with a +name+ or +id+ set. The config parser will attempt to correctly resolve this. # # @return [String] attr_accessor :project # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: Sets the +auto_create_subnetworks+ flag, which causes Google to generate a set of generic subnets, one per region. This effectively overrides Mu's +create_standard_subnets+ and any explicitly defined +subnets+. # # @return [Boolean] attr_accessor :auto_create_subnetworks # @!endgroup end end class BasketofKittens class cache_clusters # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class cache_clusters class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class cache_clusters class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class cache_clusters class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::cache_clusters::add_firewall_rules::habitat::tag] # @see BasketofKittens::cache_clusters::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class cache_clusters # Reference a 'firewall_rules' resource from this 'cache_cluster' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::cache_clusters::add_firewall_rules::tag] # @see BasketofKittens::cache_clusters::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::cache_clusters::add_firewall_rules::habitat] # @see BasketofKittens::cache_clusters::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class cache_clusters # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens class cache_clusters class dns_records # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. class zone # @!group Optional parameters # The domain name of the DNS zone to which to add this record. # # @return [String] attr_accessor :name # The Route53 identifier of the zone to which to add this record. # # @return [String] attr_accessor :id # @!endgroup end end end end class BasketofKittens class cache_clusters class dns_records # Set location for location-based routing. class geo_location # @!group Optional parameters # **Must be one of: `AF, AN, AS, EU, OC, NA, SA`** - # The code for a continent geo location. Note: only continent locations have a continent code. Specifying continent_code with either country_code or subdivision_code returns an InvalidInput error. # # @return [String] attr_accessor :continent_code # The code for a country geo location. The default location uses '' for the country code and will match all locations that are not matched by a geo location. All other country codes follow the ISO 3166 two-character code. # # @return [String] attr_accessor :country_code # The code for a country's subdivision (e.g., a province of Canada). A subdivision code is only valid with the appropriate country code. Specifying subdivision_code without country_code returns an InvalidInput error. # # @return [String] attr_accessor :subdivision_code # @!endgroup end end end end class BasketofKittens class cache_clusters class dns_records # Check used to determine instance health for failover routing. class healthchecks # @!group Required parameters # **REQUIRED**, # **Must be one of: `HTTP, HTTPS, HTTP_STR_MATCH, HTTPS_STR_MATCH, TCP, CALCULATED, CLOUDWATCH_METRIC`** - # The health check method to use # # @return [String] attr_accessor :method # **REQUIRED** - # The health check name. # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # Port on which this health check should expect to find a working service. For HTTP and HTTP_STR_MATCH this defaults to 80 if the port is not specified. For HTTPS and HTTPS_STR_MATCH this defaults to 443 if the port is not specified. # # @return [Integer] attr_accessor :port # Path to check for HTTP-based health checks. # # @return [String] attr_accessor :path # **Default: `primary`**, # **Must be one of: `primary, secondary`** - # When using CALCULATED based health checks make sure to set only the CALCULATED health check to primary while setting all other health checks to secondary. # # @return [String] attr_accessor :type # Path to check for STR_MATCH-based health checks. # # @return [String] attr_accessor :search_string # **Default: `30`**, # **Must be one of: `10, 30`** - # The frequency of health checks in seconds. # # @return [Integer] attr_accessor :check_interval # **Default: `2`**, # **Must match pattern `^([1-9]|10)$`** - # The number of failed health checks before we consider this entry in failure. Values can be between 1-10. # # @return [Integer] attr_accessor :failure_threshold # **Must be one of: `Healthy, Unhealthy, LastKnownStatus`** - # What should the health check status be set to if there is insufficient data return from the CloudWatch alarm. Used only with CLOUDWATCH_METRIC based health checks. # # @return [String] attr_accessor :insufficient_data # # @return [Array] attr_accessor :regions # **Default: `false`** - # If to measure and graph latency between the health checkers and the endpoint. Used only with HTTP/HTTPS/TCP based health checks. # # @return [Boolean] attr_accessor :latency # **Default: `false`** - # If the status of the health check should be inverted, eg. if health check status is healthy but you would like it to be evaluated as not healthy # # @return [Boolean] attr_accessor :inverted # **Default: `false`** - # Enabled by default on HTTPS or HTTPS_STR_MATCH # # @return [Boolean] attr_accessor :enable_sni # **Default: `1`**, # **Must match pattern `^[\d]?{3}$`** - # The minimum number of health checks that must be healthy when configuring a health check of type CALCULATED. Values can be between 0-256. # # @return [Integer] attr_accessor :health_threshold # # @return [Array] attr_accessor :health_check_ids # The cloud provider's region the cloudwatch alarm was created in. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_region # The cloudwatch alarm name. Used with CLOUDWATCH_METRIC health checks # # @return [String] attr_accessor :alarm_name # @!endgroup end end end end class BasketofKittens class cache_clusters # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. class dns_records # @!group Required parameters # **REQUIRED** # The zone to which to add this record, either as a domain name or as a Route53 zone identifier. # # @return [BasketofKittens::cache_clusters::dns_records::zone] # @see BasketofKittens::cache_clusters::dns_records::zone attr_accessor :zone # @!endgroup # @!group Optional parameters # **Default: `false`** - # If true, this record will overwrite any existing record of the same name and type. # # @return [Boolean] attr_accessor :override_existing # **Default: `CNAME`**, # **Must be one of: `SOA, A, TXT, NS, CNAME, MX, PTR, SRV, SPF, AAAA, R53ALIAS`** - # The class of DNS record to create. The R53ALIAS type is not traditional DNS, but instead refers to AWS Route53's alias functionality. An R53ALIAS is only valid if the target is an Elastic LoadBalancer, CloudFront, S3 bucket (configured as a public web server), or another record in the same Route53 hosted zone. # # @return [String] attr_accessor :type # If using a type of R53ALIAS, this is the hosted zone ID of the target. Defaults to the zone to which this record is being added. # # @return [String] attr_accessor :alias_zone # Look for a resource in another Mu deployment with this id. Requires mu_type # # @return [String] attr_accessor :deploy_id # **Must be one of: `loadbalancer, server, database, cache_cluster`** - # The Mu resource type to search the deployment for. # # @return [String] attr_accessor :mu_type # **Must be one of: `public, private`** - # If the target is a public or a private resource. This only applies to servers/server_pools when using automatic DNS registration. If set to public but the target only has a private address, the private address will be used # # @return [String] attr_accessor :target_type # Set the proportion of traffic directed to this target, based on the relative weight of other records with the same DNS name and type. # # @return [Integer] attr_accessor :weight # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `PRIMARY, SECONDARY`** - # Failover classification # # @return [String] attr_accessor :failover # **Default: `7200`** - # DNS time-to-live value for query caching. # # @return [Integer] attr_accessor :ttl # **Must match pattern `^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$`** - # Name of the record to create. If not specified, will default to the Mu resource name. # # @return [String] attr_accessor :name # **Default: `false`** - # If to append the environment name (eg mydnsname.dev.mudomain.com). to the DNS name # # @return [Boolean] attr_accessor :append_environment_name # Set location for location-based routing. # # @return [BasketofKittens::cache_clusters::dns_records::geo_location] # @see BasketofKittens::cache_clusters::dns_records::geo_location attr_accessor :geo_location # Check used to determine instance health for failover routing. # # @return [Array] # @see BasketofKittens::cache_clusters::dns_records::healthchecks attr_accessor :healthchecks # @!endgroup end end end class BasketofKittens class cache_clusters class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class cache_clusters # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::cache_clusters::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class cache_clusters class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class cache_clusters class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class cache_clusters class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::cache_clusters::vpc::habitat::tag] # @see BasketofKittens::cache_clusters::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class cache_clusters class vpc # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class cache_clusters # Reference a 'vpcs' resource from this 'cache_cluster' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::cache_clusters::vpc::tag] # @see BasketofKittens::cache_clusters::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::cache_clusters::vpc::habitat] # @see BasketofKittens::cache_clusters::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # The Mu-internal name of a NAT host to use; Typically the shorthand 'name' field of a Server declared elsewhere in the deploy, or in another deploy that's being referenced with 'deploy_id'. # # @return [String] attr_accessor :nat_host_name # Discover a Server to use as a NAT by looking for this cloud provider identifier. # # @return [String] attr_accessor :nat_host_id # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # Discover a Server to use as a NAT by looking for an associated IP. # # @return [String] attr_accessor :nat_host_ip # **Default: `root`** # # @return [String] attr_accessor :nat_ssh_user # An alternate SSH private key for access to the NAT. We'll expect to find this in ~/.ssh along with the regular keys. # # @return [String] attr_accessor :nat_ssh_key # **Must match pattern `^[^=]+=.+`** - # Discover a Server to use as a NAT by looking for a cloud provider tag (key=value); Note that this tag must not match more than one server. # # @return [String] attr_accessor :nat_host_tag # **Default: `all_public`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # The subnets to which to attach this resource. Will default to all subnets in this VPC if not specified. # # @return [Array] # @see BasketofKittens::cache_clusters::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class cache_clusters # The cache cluster parameter group parameter to change and when to apply the change. class parameter_group_parameters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class cache_clusters # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create cache cluster(s). # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class cache_clusters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **Default: `redis`**, # **Must be one of: `memcached, redis`** # # @return [String] attr_accessor :engine # **REQUIRED**, # **Must match pattern `^cache.(t|m|c|i|g|hi|hs|cr|cg|cc){1,2}[0-9]\.(micro|small|medium|[248]?x?large)$`** - # The Amazon EleastiCache instance type to use when creating this cache cluster. # # @return [String] attr_accessor :size # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::cache_clusters::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # # @return [String] attr_accessor :engine_version # **Default: `1`** - # The number of cache nodes in a cache cluster (memcached), or the number of cache clusters in a cache group (redis) # # @return [Integer] attr_accessor :node_count # Reference a 'firewall_rules' resource from this 'cache_cluster' resource # # @return [Array] # @see BasketofKittens::cache_clusters::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::cache_clusters::ingress_rules attr_accessor :ingress_rules # DNS records to create. If specified inside another resource (e.g. {MU::Config::BasketofKittens::servers}, {MU::Config::BasketofKittens::loadbalancers}, or {MU::Config::BasketofKittens::databases}), the record(s) will automatically target that resource. # # @return [Array] # @see BasketofKittens::cache_clusters::dns_records attr_accessor :dns_records # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::cache_clusters::alarms attr_accessor :alarms # **Default: `6379`** # # @return [Integer] attr_accessor :port # Reference a 'vpcs' resource from this 'cache_cluster' resource # # @return [BasketofKittens::cache_clusters::vpc] # @see BasketofKittens::cache_clusters::vpc attr_accessor :vpc # **Default: `false`** - # Rather to deploy the cache cluster/cache group in Multi AZ or Single AZ # # @return [Boolean] attr_accessor :multi_az # The ARN (Resource Name) of the redis backup stored in S3. Applies only to redis # # @return [String] attr_accessor :snapshot_arn # The number of days to retain an automatic cache cluster snapshot. Applies only to redis # # @return [Integer] attr_accessor :snapshot_retention_limit # The preferred time range to perform automatic cache cluster backups. Time is in UTC. Applies only to redis. Window must be at least 60 minutes long - 05:00-06:00. # # @return [String] attr_accessor :snapshot_window # The preferred data/time range to perform cache cluster maintenance. Window must be at least 60 minutes long - sun:06:00-sun:07:00. # # @return [String] attr_accessor :preferred_maintenance_window # **Default: `true`** # # @return [Boolean] attr_accessor :auto_minor_version_upgrade # **Default: `new`**, # **Must be one of: `new, new_snapshot, existing_snapshot`** - # 'new' - create a new cache cluster; 'new_snapshot' - create a snapshot of of an existing cache cluster, and build a new cache cluster from that snapshot; 'existing_snapshot' - create a cache cluster from an existing snapshot. # # @return [String] attr_accessor :creation_style # For any creation_style other than 'new' this parameter identifies the cache cluster to use. In the case of new_snapshot it will create a snapshot from that cache cluster first; in the case of existing_snapshot, it will use the latest avaliable snapshot. # # @return [String] attr_accessor :identifier # The AWS resource name of the AWS SNS notification topic notifications will be sent to. # # @return [String] attr_accessor :notification_arn # The cache cluster parameter group parameter to change and when to apply the change. # # @return [Array] # @see BasketofKittens::cache_clusters::parameter_group_parameters attr_accessor :parameter_group_parameters # **Must be one of: `memcached1.4, redis2.6, redis2.8`** - # The cache cluster family to create the Parameter Group for. The family type must be the same type as the cache cluster major version - eg if you set engine_version to 2.6 this parameter must be set to redis2.6. # # @return [String] attr_accessor :parameter_group_family # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::cache_clusters::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY** - # +AWS+: Create a replication group; will be set automatically if +engine+ is +redis+ and +node_count+ is greated than one. # ## +CLOUDFORMATION+: Create a replication group; will be set automatically if +engine+ is +redis+ and +node_count+ is greated than one. # # @return [Boolean] attr_accessor :create_replication_group # @!endgroup end end class BasketofKittens class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class alarms # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Cloud platform monitoring alarms # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class alarms # @!group Optional parameters # # @return [String] attr_accessor :name # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # What to monitor # # @return [Array] # @see BasketofKittens::alarms::dimensions attr_accessor :dimensions # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::alarms::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # @!endgroup end end class BasketofKittens class notifiers # A list of people or resources which should receive notifications class subscriptions # @!group Required parameters # **REQUIRED** - # The endpoint which should be subscribed to this notifier, typically an email address or SMS-enabled phone number. # # @return [String] attr_accessor :endpoint # @!endgroup # @!group Optional parameters # **Must be one of: `http, https, email, email-json, sms, sqs, application, lambda`** # # # @return [String] attr_accessor :type # @!endgroup end end end class BasketofKittens class notifiers # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # A stub for inline resource that generate SNS notifications in AWS. This should really be expanded. # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class notifiers # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # A list of people or resources which should receive notifications # # @return [Array] # @see BasketofKittens::notifiers::subscriptions attr_accessor :subscriptions # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::notifiers::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup end end class BasketofKittens class logs # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class logs # Create a filter on a CloudWachLogs log group. class filters # @!group Required parameters # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A search pattern that will match values in the log # # @return [String] attr_accessor :search_pattern # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A descriptive and easy to find name for the metric. This can be used to create Alarm(s) # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** - # A new or existing name space to add the metric to. Use the same namespace for all filters/metrics that are logically grouped together. Will be used to to create Alarm(s) # # @return [String] attr_accessor :namespace # **REQUIRED**, # **AWS & CLOUDFORMATION ONLY** # # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens # Log events using a cloud provider's log service. # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class logs # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::logs::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & CLOUDFORMATION ONLY**, # **Default: `14`**, # **Must be one of: `1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653`** - # +AWS+: The number of days to keep log events in the log group before deleting them. # ## +CLOUDFORMATION+: The number of days to keep log events in the log group before deleting them. # # @return [Integer] attr_accessor :retention_period # **AWS & CLOUDFORMATION ONLY**, # **Default: `false`** - # ## # # @return [Boolean] attr_accessor :enable_cloudtrail_logging # **AWS & CLOUDFORMATION ONLY** # Create a filter on a CloudWachLogs log group. # # @return [Array] # @see BasketofKittens::logs::filters attr_accessor :filters # @!endgroup end end class BasketofKittens class storage_pools # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class storage_pools # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class storage_pools class mount_points class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class storage_pools class mount_points class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::storage_pools::mount_points::vpc::habitat::tag] # @see BasketofKittens::storage_pools::mount_points::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points # Reference a 'vpcs' resource from this 'storage_pool' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::storage_pools::mount_points::vpc::tag] # @see BasketofKittens::storage_pools::mount_points::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::storage_pools::mount_points::vpc::habitat] # @see BasketofKittens::storage_pools::mount_points::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::vpc::subnets attr_accessor :subnets # @!endgroup end end end end class BasketofKittens class storage_pools class mount_points class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class storage_pools class mount_points class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::storage_pools::mount_points::add_firewall_rules::habitat::tag] # @see BasketofKittens::storage_pools::mount_points::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class storage_pools class mount_points # Reference a 'firewall_rules' resource from this 'storage_pool' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::storage_pools::mount_points::add_firewall_rules::tag] # @see BasketofKittens::storage_pools::mount_points::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::storage_pools::mount_points::add_firewall_rules::habitat] # @see BasketofKittens::storage_pools::mount_points::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end end class BasketofKittens class storage_pools class mount_points # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end end class BasketofKittens class storage_pools # Mount points for AWS EFS. class mount_points # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Default: `/efs`** - # The local directory this mount point will be mounted to # # @return [String] attr_accessor :directory # Reference a 'vpcs' resource from this 'storage_pool' resource # # @return [BasketofKittens::storage_pools::mount_points::vpc] # @see BasketofKittens::storage_pools::mount_points::vpc attr_accessor :vpc # Reference a 'firewall_rules' resource from this 'storage_pool' resource # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points::ingress_rules attr_accessor :ingress_rules # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** - # The private IP address to assign to the mount point. # # @return [String] attr_accessor :ip_address # @!endgroup end end end class BasketofKittens class storage_pools # Firewall rules to apply to our mountpoints class ingress_rules # @!group Optional parameters # **AWS ONLY** - # Other AWS Security Groups; resources that are associated with this group will have this rule applied to their traffic # # @return [Array] attr_accessor :sgs # **AWS ONLY** - # AWS Load Balancers which will have this rule applied to their traffic # # @return [Array] attr_accessor :lbs # @!endgroup end end end class BasketofKittens # Create a storage pool. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. class storage_pools # @!group Required parameters # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **REQUIRED** # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::storage_pools::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::storage_pools::dependencies attr_accessor :dependencies # **Default: `generalPurpose`**, # **Must be one of: `generalPurpose, maxIO`** - # The storage type / performance mode of this storage pool. Defaults to generalPurpose # # @return [String] attr_accessor :storage_type # Mount points for AWS EFS. # # @return [Array] # @see BasketofKittens::storage_pools::mount_points attr_accessor :mount_points # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** # Firewall rules to apply to our mountpoints # # @return [Array] # @see BasketofKittens::storage_pools::ingress_rules attr_accessor :ingress_rules # @!endgroup end end class BasketofKittens class functions # Zipped deployment package to upload to Lambda. You must specify either s3_bucket+s3_key or zip_file. class code # @!group Optional parameters # An S3 bucket where the deployment package can be found. Must be used in conjunction with s3_key. # # @return [String] attr_accessor :s3_bucket # Key in s3_bucket where the deployment package can be found. Must be used in conjunction with s3_bucket. # # @return [String] attr_accessor :s3_key # Specify an S3 object version for the deployment package, instead of the current default # # @return [String] attr_accessor :s3_object_version # Path to a zipped deployment package to upload. # # @return [String] attr_accessor :zip_file # @!endgroup end end end class BasketofKittens class functions class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class functions class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class functions class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::functions::vpc::habitat::tag] # @see BasketofKittens::functions::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class functions class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class functions # Reference a 'vpcs' resource from this 'function' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::functions::vpc::tag] # @see BasketofKittens::functions::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::functions::vpc::habitat] # @see BasketofKittens::functions::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::functions::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class functions # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class functions class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class functions class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class functions class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::functions::add_firewall_rules::habitat::tag] # @see BasketofKittens::functions::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class functions # Reference a 'firewall_rules' resource from this 'function' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::functions::add_firewall_rules::tag] # @see BasketofKittens::functions::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::functions::add_firewall_rules::habitat] # @see BasketofKittens::functions::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class functions # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end class BasketofKittens class functions # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class functions # Trigger for lambda function class triggers # @!group Required parameters # **REQUIRED**, # **Must be one of: `apigateway, events, s3, sns, sqs, dynamodb, kinesis, ses, cognito, alexa, iot`** - # The name of the AWS service that will trigger this function # # @return [String] attr_accessor :service # @!endgroup # @!group Optional parameters # The name of the API Gateway, Cloudwatch Event, or other event trigger object # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class functions # environment variables class environment_variable # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens # Create a cloud function. # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class functions # @!group Required parameters # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `nodejs, nodejs4.3, nodejs6.10, nodejs8.10, java8, python2.7, python3.6, dotnetcore1.0, dotnetcore2.0, dotnetcore2.1, nodejs4.3-edge, go1.x`** # # @return [String] attr_accessor :runtime # **REQUIRED**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **REQUIRED** - # The function within your code that Lambda calls to begin execution. For Node.js, it is the module-name.export value in your function. For Java, it can be package.class-name::handler or package.class-name. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/java-programming-model-handler-types.html # # @return [String] attr_accessor :handler # **REQUIRED** # Zipped deployment package to upload to Lambda. You must specify either s3_bucket+s3_key or zip_file. # # @return [BasketofKittens::functions::code] # @see BasketofKittens::functions::code attr_accessor :code # @!endgroup # @!group Optional parameters # Reference a 'vpcs' resource from this 'function' resource # # @return [BasketofKittens::functions::vpc] # @see BasketofKittens::functions::vpc attr_accessor :vpc # **Default: `3`** - # Maximum run time for an invocation of this function, in seconds # # @return [Integer] attr_accessor :timeout # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::functions::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Reference a 'firewall_rules' resource from this 'function' resource # # @return [Array] # @see BasketofKittens::functions::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::functions::ingress_rules attr_accessor :ingress_rules # **Default: `128`** - # Memory to allocation for function, in MB. The value must be a multiple of 64 MB. # # @return [Integer] attr_accessor :memory # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::functions::dependencies attr_accessor :dependencies # Trigger for lambda function # # @return [Array] # @see BasketofKittens::functions::triggers attr_accessor :triggers # environment variables # # @return [Array] # @see BasketofKittens::functions::environment_variable attr_accessor :environment_variable # Internal use. # # @return [String] attr_accessor :virtual_name # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: The name of an IAM role for our Lambda function to assume. Can refer to an existing IAM role, or a sibling 'role' resource in Mu. If not specified, will create a default role with permissions listed in `permissions` (and if none are listed, we will set `AWSLambdaBasicExecutionRole`). # # @return [String] attr_accessor :iam_role # **AWS ONLY**, # **Must be one of: `basic, kinesis, dynamo, sqs, network, xray`** - # A permission to add to our Lambda function's default role, corresponding to standard AWS policies (see https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html) # # @return [Array] attr_accessor :permissions # @!endgroup end end class BasketofKittens class endpoints class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class endpoints class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class endpoints class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::endpoints::vpc::habitat::tag] # @see BasketofKittens::endpoints::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class endpoints # Reference a 'vpcs' resource from this 'endpoint' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::endpoints::vpc::tag] # @see BasketofKittens::endpoints::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::endpoints::vpc::habitat] # @see BasketofKittens::endpoints::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # @!endgroup end end end class BasketofKittens class endpoints class methods class integrate_with class responses # +AWS+: One or more headers, used by the API Gateway integration response and filtered through the method response before returning to the client class headers # @!group Optional parameters # +AWS+: The name of a header to return, such as +Access-Control-Allow-Methods+ # # @return [String] attr_accessor :header # +AWS+: The string to map to this header (ex +GET,OPTIONS+) # # @return [String] attr_accessor :value # **Default: `true`** - # +AWS+: Indicate whether this header is required in order to return a response # # @return [Boolean] attr_accessor :required # @!endgroup end end end end end end class BasketofKittens class endpoints class methods class integrate_with class responses # +AWS+: Model for the body of our backend integration's response class body # @!group Optional parameters # +AWS+: An HTTP content type to match to a response, such as +application/json+. # # @return [String] attr_accessor :content_type # **Default: `false`** - # +AWS+: Whether this response should be considered an error # # @return [Boolean] attr_accessor :is_error # @!endgroup end end end end end end class BasketofKittens class endpoints class methods class integrate_with # +AWS+: Customize the response to the client for this method, by adding headers or transforming through a template. If not specified, we will default to returning an un-transformed HTTP 200 for this method. class responses # @!group Optional parameters # **Default: `200`** - # +AWS+: The HTTP status code to return # # @return [Integer] attr_accessor :code # +AWS+: One or more headers, used by the API Gateway integration response and filtered through the method response before returning to the client # # @return [Array] # @see BasketofKittens::endpoints::methods::integrate_with::responses::headers attr_accessor :headers # +AWS+: Model for the body of our backend integration's response # # @return [Array] # @see BasketofKittens::endpoints::methods::integrate_with::responses::body attr_accessor :body # @!endgroup end end end end end class BasketofKittens class endpoints class methods class integrate_with # +AWS+: A JSON-encoded string which represents a map of Velocity templates that are applied on the request payload based on the value of the +Content-Type+ header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. class request_templates # @!group Optional parameters # +AWS+: An HTTP content type to match with a template, such as +application/json+. # # @return [String] attr_accessor :content_type # +AWS+: A Velocity template to apply to our reques payload, encoded as a one-line string, like: "#set($allParams = $input.params())\n{\n\"url_data_json_encoded\":\"$input.params('url')\"\n}" # # @return [String] attr_accessor :template # @!endgroup end end end end end class BasketofKittens class endpoints class methods # +AWS+: Specify what application backend to invoke under this path/method combination class integrate_with # @!group Optional parameters # **Default: `false`** - # For HTTP or AWS integrations, specify whether the target is a proxy (((docs unclear, is that actually what this means?))) # # @return [Boolean] attr_accessor :proxy # **Must be one of: `GET, POST, PUT, HEAD, DELETE, CONNECT, OPTIONS, TRACE`** - # +AWS+: The HTTP method to use when contacting our integrated backend. If not specified, this will be set to match our front end. # # @return [String] attr_accessor :backend_http_method # +AWS+: For HTTP or HTTP_PROXY integrations, this should be a fully-qualified URL # # @return [String] attr_accessor :url # +AWS+: Customize the response to the client for this method, by adding headers or transforming through a template. If not specified, we will default to returning an un-transformed HTTP 200 for this method. # # @return [Array] # @see BasketofKittens::endpoints::methods::integrate_with::responses attr_accessor :responses # For AWS or AWS_PROXY integrations with a compatible Amazon resource outside of Mu, a full-qualified ARN such as `arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket=`bucket&Key=key` # # @return [String] attr_accessor :arn # +AWS+: A Mu resource name, for integrations with a sibling resource (e.g. a Function) # # @return [String] attr_accessor :name # **Default: `true`** - # +AWS+: When enabled, this will create an +OPTIONS+ method under this path with request and response header mappings that implement Cross-Origin Resource Sharing # # @return [Boolean] attr_accessor :cors # **Must be one of: `aws_generic, alarm, bucket, cache_cluster, collection, container_cluster, database, dnszone, endpoint, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, nosqldb, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # A Mu resource type, for integrations with a sibling resource (e.g. a function), or the string +aws_generic+, which we can use in combination with +aws_generic_action+ to integrate with arbitrary AWS services. # # @return [String] attr_accessor :type # +AWS+: For use when +type+ is set to +aws_generic+, this should specify the action to be performed in the style of an IAM policy action, e.g. +acm:ListCertificates+ for this integration to return a list of Certificate Manager SSL certificates. # # @return [String] attr_accessor :aws_generic_action # +AWS+: A Mu deploy id (e.g. DEMO-DEV-2014111400-NG), for integrations with a sibling resource (e.g. a Function) # # @return [String] attr_accessor :deploy_id # The name of an IAM role used to grant usage of other AWS artifacts for this integration. If not specified, we will automatically generate an appropriate role. # # @return [String] attr_accessor :iam_role # **Default: `WHEN_NO_MATCH`**, # **Must be one of: `WHEN_NO_MATCH, WHEN_NO_TEMPLATES, NEVER`** - # +AWS+: Specifies the pass-through behavior for incoming requests based on the +Content-Type+ header in the request, and the available mapping templates specified in +request_templates+. +WHEN_NO_MATCH+ passes the request body for unmapped content types through to the integration back end without transformation. +WHEN_NO_TEMPLATES+ allows pass-through when the integration has NO content types mapped to templates. +NEVER+ rejects unmapped content types with an HTTP +415+. # # @return [String] attr_accessor :passthrough_behavior # +AWS+: A JSON-encoded string which represents a map of Velocity templates that are applied on the request payload based on the value of the +Content-Type+ header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. # # @return [Array] # @see BasketofKittens::endpoints::methods::integrate_with::request_templates attr_accessor :request_templates # @!endgroup end end end end class BasketofKittens class endpoints # Method, as in HTTP method class methods # @!group Required parameters # **Default: `/`** - # The path underneath our endpoint at this invocation will be triggered # # @return [String] attr_accessor :path # **Default: `GET`**, # **Must be one of: `GET, POST, PUT, HEAD, DELETE, CONNECT, OPTIONS, TRACE`** # # @return [String] attr_accessor :type # **REQUIRED** # +AWS+: Specify what application backend to invoke under this path/method combination # # @return [BasketofKittens::endpoints::methods::integrate_with] # @see BasketofKittens::endpoints::methods::integrate_with attr_accessor :integrate_with # @!endgroup # @!group Optional parameters # **Default: `NONE`**, # **Must be one of: `NONE, CUSTOM, AWS_IAM, COGNITO_USER_POOLS`** # # @return [String] attr_accessor :auth # @!endgroup end end end class BasketofKittens class endpoints # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # Create a cloud API endpoint, e.g. Amazon API Gateway # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class endpoints # @!group Required parameters # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # @!endgroup # @!group Optional parameters # # @return [String] attr_accessor :iam_role # Reference a 'vpcs' resource from this 'endpoint' resource # # @return [BasketofKittens::endpoints::vpc] # @see BasketofKittens::endpoints::vpc attr_accessor :vpc # Method, as in HTTP method # # @return [Array] # @see BasketofKittens::endpoints::methods attr_accessor :methods # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::endpoints::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: The name of an environment under which to deploy our API. If not specified, will deploy to the name of the global Mu environment for this deployment. # # @return [String] attr_accessor :deploy_to # @!endgroup end end class BasketofKittens class container_clusters class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class container_clusters class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::vpc::habitat::tag] # @see BasketofKittens::container_clusters::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class container_clusters class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class container_clusters # Reference a 'vpcs' resource from this 'container_cluster' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::vpc::tag] # @see BasketofKittens::container_clusters::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::container_clusters::vpc::habitat] # @see BasketofKittens::container_clusters::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::container_clusters::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class container_clusters # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class container_clusters # Kubernetes-specific options # # +GOOGLE+: Kubernetes-specific options # class kubernetes # @!group Optional parameters # **Default: `1.13`** - # Version of Kubernetes control plane to deploy # # @return [String] attr_accessor :version # **Default: `30`** - # Maximum number of pods that can be deployed on any given worker node # # @return [Integer] attr_accessor :max_pods # +GOOGLE+: The version of Kubernetes to install on GKE worker nodes. # # @return [String] attr_accessor :nodeversion # **Default: `false`** - # +GOOGLE+: Enable alpha-quality Kubernetes features on this cluster # # @return [Boolean] attr_accessor :alpha # **Default: `false`** - # +GOOGLE+: Enable the Kubernetes Dashboard # # @return [Boolean] attr_accessor :dashboard # **Default: `true`** - # +GOOGLE+: Increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. # # @return [Boolean] attr_accessor :horizontal_pod_autoscaling # **Default: `true`** - # +GOOGLE+: HTTP (L7) load balancing controller addon, which makes it easy to set up HTTP load balancers for services in a cluster. # # @return [Boolean] attr_accessor :http_load_balancing # **Default: `false`** - # +GOOGLE+: Enable the Network Policy addon # # @return [Boolean] attr_accessor :network_policy_addon # @!endgroup end end end class BasketofKittens class container_clusters # Optional Kubernetes-specific resource descriptors to run with kubectl create|replace when grooming this cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/#understanding-kubernetes-objects class kubernetes_resources end end end class BasketofKittens class container_clusters # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. class ansible_vars end end end class BasketofKittens class container_clusters # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. class groomer_variables end end end class BasketofKittens class container_clusters class alarms # What to monitor class dimensions # @!group Required parameters # **REQUIRED**, # **Must be one of: `InstanceId, server, Server, DBInstanceIdentifier, database, Database, LoadBalancerName, loadbalancer, LoadBalancer, CacheClusterId, cache_cluster, CacheCluster, VolumeId, volume, Volume, BucketName, bucket, Bucket, TopicName, notification, Notification, AutoScalingGroupName, server_pool, ServerPool`** - # The type of resource we're checking # # @return [String] attr_accessor :cloud_class # @!endgroup # @!group Optional parameters # The cloud identifier of the resource the alarm is being created for. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment which we should monitor. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # The name of another resource in this stack with which to associate this alarm. # # @return [String] attr_accessor :name # @!endgroup end end end end class BasketofKittens class container_clusters # Create a CloudWatch Alarm. class alarms # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # The name of the attribute to monitor eg. CPUUtilization. # # @return [String] attr_accessor :metric_name # **REQUIRED**, # **Must be one of: `SampleCount, Average, Sum, Minimum, Maximum`** # # # @return [String] attr_accessor :statistic # **REQUIRED** - # The time, in seconds the 'statistic' is checked/tested. Must be multiples of 60 # # @return [Integer] attr_accessor :period # **REQUIRED** - # The number of times to repeat the 'period' before changing the state of an alarm. eg form 'OK' to 'ALARM' state # # @return [Integer] attr_accessor :evaluation_periods # **REQUIRED** - # The value the 'statistic' is compared to and action (eg 'alarm_actions') will be invoked # # @return [Integer] attr_accessor :threshold # **REQUIRED**, # **Must be one of: `GreaterThanOrEqualToThreshold, GreaterThanThreshold, LessThanThreshold, LessThanOrEqualToThreshold`** - # The arithmetic operation to use when comparing 'statistic' and 'threshold'. The 'statistic' value is used as the first operand # # @return [String] attr_accessor :comparison_operator # @!endgroup # @!group Optional parameters # # @return [Array] attr_accessor :ok_actions # # @return [Array] attr_accessor :alarm_actions # # @return [Array] attr_accessor :no_data_actions # The name of container 'metric_name' belongs to eg. 'AWS/EC2' # # @return [String] attr_accessor :namespace # What to monitor # # @return [Array] # @see BasketofKittens::container_clusters::alarms::dimensions attr_accessor :dimensions # **Must be one of: `Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, nil`** - # Associated with the 'metric' # # @return [String] attr_accessor :unit # Rather to send notifications when the alarm state changes # # @return [Boolean] attr_accessor :enable_notifications # **Default: `mu-default`** - # The name of the notification group. Will be created if it doesn't exist. We use / create a default one if not specified. NOTE: because we can't confirm subscription to a group programmatically, you should use an existing group # # @return [String] attr_accessor :notification_group # **Default: `email`**, # **Must be one of: `http, https, email, email-json, sms, sqs, application`** - # What type of notification endpoint will the notification be sent to. defaults to 'email' # # @return [String] attr_accessor :notification_type # The endpoint the notification will be sent to. eg. if notification_type is 'email'/'email-json' the endpoint will be the email address. A confirmation email will be sent to this email address if a new notification_group is created, if not specified and notification_type is set to 'email' we will use the mu-master email address # # @return [String] attr_accessor :notification_endpoint # @!endgroup end end end class BasketofKittens class container_clusters class active_directory # Vault used to store the credentials for the domain join user class domain_join_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `join_domain`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class container_clusters class active_directory # Vault used to store the credentials for the domain admin user class domain_admin_vault # @!group Optional parameters # **Default: `active_directory`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `domain_admin`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # **Default: `password`** - # The field within the Vault item where the password for these credentials resides # # @return [String] attr_accessor :password_field # **Default: `username`** - # The field where the user name for these credentials resides # # @return [String] attr_accessor :username_field # @!endgroup end end end end class BasketofKittens class container_clusters # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. class active_directory # @!group Required parameters # **REQUIRED** - # The full name Active Directory domain to join # # @return [String] attr_accessor :domain_name # **REQUIRED** - # The short (NetBIOS) Active Directory domain to join # # @return [String] attr_accessor :short_domain_name # **REQUIRED** - # IP address of a domain controller # # @return [Array] attr_accessor :domain_controllers # **REQUIRED** # Vault used to store the credentials for the domain join user # # @return [BasketofKittens::container_clusters::active_directory::domain_join_vault] # @see BasketofKittens::container_clusters::active_directory::domain_join_vault attr_accessor :domain_join_vault # **REQUIRED** # Vault used to store the credentials for the domain admin user # # @return [BasketofKittens::container_clusters::active_directory::domain_admin_vault] # @see BasketofKittens::container_clusters::active_directory::domain_admin_vault attr_accessor :domain_admin_vault # @!endgroup # @!group Optional parameters # A custom hostname for your domain controller. mu_windows_name will be used if not specified. Do not specify when joining a Domain-Node # # @return [String] attr_accessor :domain_controller_hostname # **Default: `join`**, # **Must be one of: `join, create, add_controller`** - # Rather to join, create or add a Domain Controller # # @return [String] attr_accessor :domain_operation # SID of a known domain. Used to help Linux clients map uids and gids properly with SSSD. # # @return [String] attr_accessor :domain_sid # **Default: `domain_node`**, # **Must be one of: `domain_node, domain_controller`** - # If the node will be a domain controller or a domain node # # @return [String] attr_accessor :node_type # The OU to which to add this computer when joining the domain. # # @return [String] attr_accessor :computer_ou # @!endgroup end end end class BasketofKittens class container_clusters # One or more Load Balancers with which this instance should register. class loadbalancers # @!group Optional parameters # The name of a MU loadbalancer object, which should also defined in this stack. This will be added as a dependency. # # @return [String] attr_accessor :concurrent_load_balancer # The DNS name of an existing Elastic Load Balancer. Must be in the same region as this deployment. # # @return [String] attr_accessor :existing_load_balancer # @!endgroup end end end class BasketofKittens class container_clusters class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class container_clusters class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::add_firewall_rules::habitat::tag] # @see BasketofKittens::container_clusters::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class container_clusters # Reference a 'firewall_rules' resource from this 'server' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::add_firewall_rules::tag] # @see BasketofKittens::container_clusters::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::container_clusters::add_firewall_rules::habitat] # @see BasketofKittens::container_clusters::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class container_clusters # Assign a specific IP to this instance once it's ready. class static_ip # @!group Optional parameters # **Must match pattern `^\d+\.\d+\.\d+\.\d+$`** # # @return [String] attr_accessor :ip # **Default: `true`** # # @return [Boolean] attr_accessor :assign_ip # @!endgroup end end end class BasketofKittens class container_clusters # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. class userdata_script # @!group Required parameters # **REQUIRED** - # A local path or URL to a file which will be loaded and passed to the instance. Relative paths will be resolved from the current working directory of the deploy tool when invoked. # # @return [String] attr_accessor :path # @!endgroup # @!group Optional parameters # **Default: `true`** - # Assume that this script is an ERB template and parse it as one before passing to the instance. # # @return [Boolean] attr_accessor :use_erb # **Default: `false`** - # Omit the standard Mu userdata entirely in favor of this custom script (normally we'd run both). # # @return [Boolean] attr_accessor :skip_std # @!endgroup end end end class BasketofKittens class container_clusters # Set Windows nodes' local administrator password to a value specified in a Chef Vault. class windows_auth_vault # @!group Required parameters # **Default: `windows`** - # The vault where these credentials reside # # @return [String] attr_accessor :vault # **Default: `credentials`** - # The vault item where these credentials reside # # @return [String] attr_accessor :item # @!endgroup # @!group Optional parameters # **Default: `password`** - # The field within the Vault item where the password for Windows local Administrator user is stored # # @return [String] attr_accessor :password_field # **Default: `ec2config_password`** - # The field within the Vault item where the password for the EC2config service user is stored # # @return [String] attr_accessor :ec2config_password_field # **Default: `sshd_password`** - # The field within the Vault item where the password for the Cygwin/SSH service user is stored # # @return [String] attr_accessor :sshd_password_field # @!endgroup end end end class BasketofKittens class container_clusters # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end class BasketofKittens class container_clusters # Chef Node structure artifact for mu-tools cookbook. class application_attributes end end end class BasketofKittens class container_clusters # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. class secrets end end end class BasketofKittens class container_clusters # Chef Vault items to which this node should be granted access. class vault_access # @!group Required parameters # **REQUIRED** - # The Vault to which this node should be granted access. # # @return [String] attr_accessor :vault # **REQUIRED** - # The item within the Vault to which this node should be granted access. # # @return [String] attr_accessor :item # @!endgroup end end end class BasketofKittens class container_clusters # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node class existing_deploys # @!group Optional parameters # **Must be one of: `server, database, storage_pool, cache_cluster`** - # The type of resource we will parse metdata for # # @return [String] attr_accessor :cloud_type # The cloud identifier of the resource from which you would like to add metadata to this deployment. eg - i-d96eca0d. Must use either 'cloud_id' OR 'mu_name' AND 'deploy_id' # # @return [String] attr_accessor :cloud_id # The full name of a resource in a foreign deployment from which we should add the metdata to this deployment. You should also include 'deploy_id' so we will be able to identifiy a single resource. Use either 'cloud_id' OR 'mu_name' and 'deploy_id' # # @return [String] attr_accessor :mu_name # Should be used with 'mu_name' to identifiy a single resource. # # @return [String] attr_accessor :deploy_id # @!endgroup end end end class BasketofKittens class container_clusters # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class container_clusters class volumes class docker_volume_configuration # Custom metadata to add to your Docker volume. class labels end end end end end class BasketofKittens class container_clusters class volumes class docker_volume_configuration # A map of Docker driver-specific options passed through. This parameter maps to +DriverOpts+ in the Create a volume section of the Docker Remote API and the +xxopt+ option to docker volume create . class driver_opts end end end end end class BasketofKittens class container_clusters class volumes # This parameter is specified when you are using +docker+ volumes. Docker volumes are only supported when you are using the EC2 launch type. To use bind mounts, specify a +host+ volume instead. class docker_volume_configuration # @!group Optional parameters # **AWS ONLY**, # **Default: `true`** - # Create the Docker volume if it does not already exist. # # @return [Boolean] attr_accessor :autoprovision # **AWS ONLY** - # The Docker volume driver to use. Note that Windows containers can only use the +local+ driver. This parameter maps to +Driver+ in the Create a volume section of the Docker Remote API and the +xxdriver+ option to docker volume create. # # @return [String] attr_accessor :driver # **AWS ONLY** # Custom metadata to add to your Docker volume. # # @return [BasketofKittens::container_clusters::volumes::docker_volume_configuration::labels] # @see BasketofKittens::container_clusters::volumes::docker_volume_configuration::labels attr_accessor :labels # **AWS ONLY** # A map of Docker driver-specific options passed through. This parameter maps to +DriverOpts+ in the Create a volume section of the Docker Remote API and the +xxopt+ option to docker volume create . # # @return [BasketofKittens::container_clusters::volumes::docker_volume_configuration::driver_opts] # @see BasketofKittens::container_clusters::volumes::docker_volume_configuration::driver_opts attr_accessor :driver_opts # @!endgroup end end end end class BasketofKittens class container_clusters # Define one or more volumes which can then be referenced by the +mount_points+ parameter inside +containers+. +docker+ volumes are not valid for Fargate clusters. See also https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html class volumes # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # Name this volume so it can be referenced by containers. # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `docker, host`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **AWS ONLY** # This parameter is specified when you are using +docker+ volumes. Docker volumes are only supported when you are using the EC2 launch type. To use bind mounts, specify a +host+ volume instead. # # @return [BasketofKittens::container_clusters::volumes::docker_volume_configuration] # @see BasketofKittens::container_clusters::volumes::docker_volume_configuration attr_accessor :docker_volume_configuration # **AWS ONLY** - # If specified, and the +type+ of this volume is +host+, data will be stored in the container host in this location and will persist after containers associated with it stop running. # # @return [String] attr_accessor :host_volume_source_path # @!endgroup end end end class BasketofKittens class container_clusters class containers class role # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **AWS ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **AWS ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class container_clusters class containers class role class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **AWS ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **AWS ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class container_clusters class containers class role # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **AWS ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **AWS ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **AWS ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **AWS ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **AWS ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **AWS ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **AWS ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::containers::role::habitat::tag] # @see BasketofKittens::container_clusters::containers::role::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class container_clusters class containers # Reference a 'roles' resource from this 'container_cluster' resource class role # @!group Required parameters # **AWS ONLY**, # **Default: `roles`**, # **Must be one of: `roles`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **AWS ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **AWS ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **AWS ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **AWS ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **AWS ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **AWS ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::containers::role::tag] # @see BasketofKittens::container_clusters::containers::role::tag attr_accessor :tag # **AWS ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::container_clusters::containers::role::habitat] # @see BasketofKittens::container_clusters::containers::role::habitat attr_accessor :habitat # @!endgroup end end end end class BasketofKittens class container_clusters class containers class linux_parameters # The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. class capabilities # @!group Optional parameters # **AWS ONLY**, # **Must be one of: `ALL, AUDIT_CONTROL, AUDIT_WRITE, BLOCK_SUSPEND, CHOWN, DAC_OVERRIDE, DAC_READ_SEARCH, FOWNER, FSETID, IPC_LOCK, IPC_OWNER, KILL, LEASE, LINUX_IMMUTABLE, MAC_ADMIN, MAC_OVERRIDE, MKNOD, NET_ADMIN, NET_BIND_SERVICE, NET_BROADCAST, NET_RAW, SETFCAP, SETGID, SETPCAP, SETUID, SYS_ADMIN, SYS_BOOT, SYS_CHROOT, SYS_MODULE, SYS_NICE, SYS_PACCT, SYS_PTRACE, SYS_RAWIO, SYS_RESOURCE, SYS_TIME, SYS_TTY_CONFIG, SYSLOG, WAKE_ALARM`** - # This parameter maps to +CapAdd+ in the Create a container section of the Docker Remote API and the +--cap-add+ option to docker run. Not valid for Fargate clusters. # # @return [Array] attr_accessor :add # **AWS ONLY**, # **Must be one of: `ALL, AUDIT_CONTROL, AUDIT_WRITE, BLOCK_SUSPEND, CHOWN, DAC_OVERRIDE, DAC_READ_SEARCH, FOWNER, FSETID, IPC_LOCK, IPC_OWNER, KILL, LEASE, LINUX_IMMUTABLE, MAC_ADMIN, MAC_OVERRIDE, MKNOD, NET_ADMIN, NET_BIND_SERVICE, NET_BROADCAST, NET_RAW, SETFCAP, SETGID, SETPCAP, SETUID, SYS_ADMIN, SYS_BOOT, SYS_CHROOT, SYS_MODULE, SYS_NICE, SYS_PACCT, SYS_PTRACE, SYS_RAWIO, SYS_RESOURCE, SYS_TIME, SYS_TTY_CONFIG, SYSLOG, WAKE_ALARM`** - # This parameter maps to +CapDrop+ in the Create a container section of the Docker Remote API and the +--cap-drop+ option to docker run. # # @return [Array] attr_accessor :drop # @!endgroup end end end end end class BasketofKittens class container_clusters class containers class linux_parameters # Host devices to expose to the container. class devices # @!group Optional parameters # **AWS ONLY** - # The path for the device on the host container instance. # # @return [String] attr_accessor :host_path # **AWS ONLY** - # The path inside the container at which to expose the host device. # # @return [String] attr_accessor :container_path # **AWS ONLY** - # The explicit permissions to provide to the container for the device. By default, the container has permissions for +read+, +write+, and +mknod+ for the device. # # @return [Array] attr_accessor :permissions # @!endgroup end end end end end class BasketofKittens class container_clusters class containers class linux_parameters # A tmpfs device to expost to the container. This parameter maps to the +--tmpfs+ option to docker run. Not valid for Fargate clusters. class tmpfs # @!group Optional parameters # **AWS ONLY** - # The absolute file path where the tmpfs volume is to be mounted. # # @return [String] attr_accessor :container_path # **AWS ONLY** - # The size (in MiB) of the tmpfs volume. # # @return [Integer] attr_accessor :size # **AWS ONLY**, # **Must be one of: `defaults, ro, rw, suid, nosuid, dev, nodev, exec, noexec, sync, async, dirsync, remount, mand, nomand, atime, noatime, diratime, nodiratime, bind, rbind, unbindable, runbindable, private, rprivate, shared, rshared, slave, rslave, relatime, norelatime, strictatime, nostrictatime, mode, uid, gid, nr_inodes, nr_blocks, mpol`** - # tmpfs volume mount options # # @return [Array] attr_accessor :mount_options # @!endgroup end end end end end class BasketofKittens class container_clusters class containers # Linux-specific options that are applied to the container, such as Linux KernelCapabilities. class linux_parameters # @!group Optional parameters # **AWS ONLY** - # Run an +init+ process inside the container that forwards signals and reaps processes. This parameter maps to the +--init+ option to docker run. # # @return [Boolean] attr_accessor :init_process_enabled # **AWS ONLY** - # The value for the size (in MiB) of the +/dev/shm+ volume. This parameter maps to the +--shm-size+ option to docker run. Not valid for Fargate clusters. # # @return [Integer] attr_accessor :shared_memory_size # **AWS ONLY** # The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. # # @return [BasketofKittens::container_clusters::containers::linux_parameters::capabilities] # @see BasketofKittens::container_clusters::containers::linux_parameters::capabilities attr_accessor :capabilities # **AWS ONLY** # Host devices to expose to the container. # # @return [Array] # @see BasketofKittens::container_clusters::containers::linux_parameters::devices attr_accessor :devices # **AWS ONLY** # A tmpfs device to expost to the container. This parameter maps to the +--tmpfs+ option to docker run. Not valid for Fargate clusters. # # @return [Array] # @see BasketofKittens::container_clusters::containers::linux_parameters::tmpfs attr_accessor :tmpfs # @!endgroup end end end end class BasketofKittens class container_clusters class containers # A key/value map of labels to add to the container. This parameter maps to +Labels+ in the Create a container section of the Docker Remote API and the +--label+ option to docker run. class docker_labels end end end end class BasketofKittens class container_clusters class containers # The health check command and associated configuration parameters for the container. This parameter maps to +HealthCheck+ in the Create a container section of the Docker Remote API and the +HEALTHCHECK+ parameter of docker run. class health_check # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # A string array representing the command that the container runs to determine if it is healthy. # # @return [Array] attr_accessor :command # @!endgroup # @!group Optional parameters # **AWS ONLY** - # The time period in seconds between each health check execution. # # @return [Integer] attr_accessor :interval # **AWS ONLY** - # The time period in seconds to wait for a health check to succeed before it is considered a failure. # # @return [Integer] attr_accessor :timeout # **AWS ONLY** - # The number of times to retry a failed health check before the container is considered unhealthy. # # @return [Integer] attr_accessor :retries # **AWS ONLY** - # The optional grace period within which to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. # # @return [Integer] attr_accessor :start_period # @!endgroup end end end end class BasketofKittens class container_clusters class containers # The environment variables to pass to a container. This parameter maps to +Env+ in the Create a container section of the Docker Remote API and the +--env+ option to docker run. class environment # @!group Optional parameters # **AWS ONLY** # # @return [String] attr_accessor :name # **AWS ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class containers # Special requirements for this container. As of this writing, +GPU+ is the only valid option. class resource_requirements # @!group Required parameters # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `GPU`** - # Special requirements for this container. As of this writing, +GPU+ is the only valid option. # # @return [String] attr_accessor :type # **REQUIRED**, # **AWS ONLY** - # The number of physical GPUs the Amazon ECS container agent will reserve for the container. # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class containers # A list of namespaced kernel parameters to set in the container. This parameter maps to +Sysctls+ in the Create a container section of the Docker Remote API and the +--sysctl+ option to docker run. class system_controls # @!group Optional parameters # **AWS ONLY** - # The namespaced kernel parameter for which to set a +value+. # # @return [String] attr_accessor :namespace # **AWS ONLY** - # The value for the namespaced kernel parameter specified in +namespace+. # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class containers # This parameter maps to +Ulimits+ in the Create a container section of the Docker Remote API and the +--ulimit+ option to docker run. class ulimits # @!group Required parameters # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `core, cpu, data, fsize, locks, memlock, msgqueue, nice, nofile, nproc, rss, rtprio, rttime, sigpending, stack`** - # The ulimit parameter to set. # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS ONLY** - # The soft limit for the ulimit type. # # @return [Integer] attr_accessor :soft_limit # **REQUIRED**, # **AWS ONLY** - # The hard limit for the ulimit type. # # @return [Integer] attr_accessor :hard_limit # @!endgroup end end end end class BasketofKittens class container_clusters class containers # A list of hostnames and IP address mappings to append to the +/etc/hosts+ file on the container. This parameter maps to ExtraHosts in the +Create+ a container section of the Docker Remote API and the +--add-host+ option to docker run. class extra_hosts # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :hostname # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :ip_address # @!endgroup end end end end class BasketofKittens class container_clusters class containers # See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html class secrets # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # The value to set as the environment variable on the container. # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS ONLY** - # The secret to expose to the container. # # @return [String] attr_accessor :value_from # @!endgroup end end end end class BasketofKittens class container_clusters class containers # The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. class depends_on # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :container_name # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `START, COMPLETE, SUCCESS, HEALTHY`** # # @return [String] attr_accessor :condition # @!endgroup end end end end class BasketofKittens class container_clusters class containers # The mount points for data volumes in your container. This parameter maps to +Volumes+ in the Create a container section of the Docker Remote API and the +--volume+ option to docker run. class mount_points # @!group Optional parameters # **AWS ONLY** - # The name of the +volume+ to mount, defined under the +volumes+ section of our parent +container_cluster+ (if the volume is not defined, an ephemeral bind host volume will be allocated). # # @return [String] attr_accessor :source_volume # **AWS ONLY** - # The container-side path where this volume must be mounted # # @return [String] attr_accessor :container_path # **AWS ONLY**, # **Default: `false`** - # Mount the volume read-only # # @return [Boolean] attr_accessor :read_only # @!endgroup end end end end class BasketofKittens class container_clusters class containers # Data volumes to mount from another container. This parameter maps to +VolumesFrom+ in the Create a container section of the Docker Remote API and the +--volumes-from+ option to docker run. class volumes_from # @!group Optional parameters # **AWS ONLY** - # The name of another container within the same task definition from which to mount volumes. # # @return [String] attr_accessor :source_container # **AWS ONLY**, # **Default: `false`** - # If this value is +true+, the container has read-only access to the volume. # # @return [Boolean] attr_accessor :read_only # @!endgroup end end end end class BasketofKittens class container_clusters class containers # The Amazon Resource Name (ARN) of a secret containing the private repository credentials. class repository_credentials # @!group Optional parameters # **AWS ONLY** - # The Amazon Resource Name (ARN) of a secret containing the private repository credentials. # # @return [String] attr_accessor :credentials_parameter # @!endgroup end end end end class BasketofKittens class container_clusters class containers # Mappings of ports between the container instance and the host instance. This parameter maps to +PortBindings+ in the Create a container section of the Docker Remote API and the +--publish+ option to docker run. class port_mappings # @!group Optional parameters # **AWS ONLY** - # The port number on the container that is bound to the user-specified or automatically assigned host port. # # @return [Integer] attr_accessor :container_port # **AWS ONLY** - # The port number on the container instance to reserve for your container. This should not be specified for Fargate clusters, nor for ECS clusters deployed into VPCs. # # @return [Integer] attr_accessor :host_port # **AWS ONLY**, # **Default: `tcp`**, # **Must be one of: `tcp, udp`** - # The protocol used for the port mapping. # # @return [String] attr_accessor :protocol # @!endgroup end end end end class BasketofKittens class container_clusters class containers class log_configuration # Per-driver configuration options. See also: https://docs.aws.amazon.com/sdkforruby/api/Aws/ECS/Types/ContainerDefinition.html#log_configuration-instance_method class options end end end end end class BasketofKittens class container_clusters class containers # Where to send container logs. If not specified, Mu will create a CloudWatch Logs output channel. See also: https://docs.aws.amazon.com/sdkforruby/api/Aws/ECS/Types/ContainerDefinition.html#log_configuration-instance_method class log_configuration # @!group Required parameters # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `json-file, syslog, journald, gelf, fluentd, awslogs, splunk`** - # Type of logging facility to use for container logs. # # @return [String] attr_accessor :log_driver # @!endgroup # @!group Optional parameters # **AWS ONLY** # Per-driver configuration options. See also: https://docs.aws.amazon.com/sdkforruby/api/Aws/ECS/Types/ContainerDefinition.html#log_configuration-instance_method # # @return [BasketofKittens::container_clusters::containers::log_configuration::options] # @see BasketofKittens::container_clusters::containers::log_configuration::options attr_accessor :options # @!endgroup end end end end class BasketofKittens class container_clusters class containers # Load Balancers to associate with the container services class loadbalancers # @!group Optional parameters # **AWS ONLY** - # Name of the loadbalancer to associate # # @return [String] attr_accessor :name # **AWS ONLY** - # container port to map to the loadbalancer # # @return [Integer] attr_accessor :container_port # @!endgroup end end end end class BasketofKittens class container_clusters # A container image to run on this cluster. class containers # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # The name of a container. If you are linking multiple containers together in a task definition, the name of one container can be entered in the +links+ of another container to connect the containers. This parameter maps to +name+ in the Create a container section of the Docker Remote API and the +--name+ option to docker run. # # @return [String] attr_accessor :name # **REQUIRED**, # **AWS ONLY** - # A Docker image to run, as a shorthand name for a public Dockerhub image or a full URL to a private container repository (+repository-url/image:tag+ or repository-url/image@digest). See +repository_credentials+ to specify authentication for a container repository. # # @return [String] attr_accessor :image # @!endgroup # @!group Optional parameters # **AWS ONLY** - # The Service of which this container will be a component. Default behavior, if unspecified, is to create a service with the name of this container definition and assume they map 1:1. # # @return [String] attr_accessor :service # **AWS ONLY**, # **Default: `256`** - # CPU to allocate for this container/task. This parameter maps to +CpuShares+ in the Create a container section of the Docker Remote API and the +--cpu-shares+ option to docker run. Not all +cpu+ and +memory+ combinations are valid, particularly when using Fargate, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html # # @return [Integer] attr_accessor :cpu # **AWS ONLY**, # **Default: `512`** - # Hard limit of memory to allocate for this container/task. Not all +cpu+ and +memory+ combinations are valid, particularly when using Fargate, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-cpu-memory-error.html # # @return [Integer] attr_accessor :memory # **AWS ONLY**, # **Default: `512`** - # Soft limit of memory to allocate for this container/task. This parameter maps to +MemoryReservation+ in the Create a container section of the Docker Remote API and the +--memory-reservation+ option to docker run. # # @return [Integer] attr_accessor :memory_reservation # **AWS ONLY** # Reference a 'roles' resource from this 'container_cluster' resource # # @return [BasketofKittens::container_clusters::containers::role] # @see BasketofKittens::container_clusters::containers::role attr_accessor :role # **AWS ONLY**, # **Default: `true`** - # Flag this container as essential or non-essential to its parent task. If the container fails and is marked essential, the parent task will also be marked as failed. # # @return [Boolean] attr_accessor :essential # **AWS ONLY** - # Set this container's local hostname. If not specified, will inherit the name of the parent task. Not valid for Fargate clusters. This parameter maps to +Hostname+ in the Create a container section of the Docker Remote API and the +--hostname+ option to docker run. # # @return [String] attr_accessor :hostname # **AWS ONLY** - # The system-level user to use when executing commands inside this container # # @return [String] attr_accessor :user # **AWS ONLY** - # The working directory in which to run commands inside the container. # # @return [String] attr_accessor :working_directory # **AWS ONLY** - # This parameter maps to +NetworkDisabled+ in the Create a container section of the Docker Remote API. # # @return [Boolean] attr_accessor :disable_networking # **AWS ONLY** - # When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to +Privileged+ in the Create a container section of the Docker Remote API and the +--privileged+ option to docker run. Not valid for Fargate clusters. # # @return [Boolean] attr_accessor :privileged # **AWS ONLY** - # This parameter maps to +ReadonlyRootfs+ in the Create a container section of the Docker Remote API and the +--read-only+ option to docker run. # # @return [Boolean] attr_accessor :readonly_root_filesystem # **AWS ONLY** - # When this parameter is +true+, this allows you to deploy containerized applications that require +stdin+ or a +tty+ to be allocated. This parameter maps to +OpenStdin+ in the Create a container section of the Docker Remote API and the +--interactive+ option to docker run. # # @return [Boolean] attr_accessor :interactive # **AWS ONLY** - # When this parameter is true, a TTY is allocated. This parameter maps to +Tty+ in the Create a container section of the Docker Remote API and the +--tty+ option to docker run. # # @return [Boolean] attr_accessor :pseudo_terminal # **AWS ONLY** - # Time duration to wait before giving up on containers which have been specified with +depends_on+ for this one. # # @return [Integer] attr_accessor :start_timeout # **AWS ONLY** - # Time duration to wait before the container is forcefully killed if it doesn't exit normally on its own. # # @return [Integer] attr_accessor :stop_timeout # **AWS ONLY** - # The +link+ parameter allows containers to communicate with each other without the need for port mappings. Only supported if the network mode of a task definition is set to +bridge+. The +name:internalName+ construct is analogous to +name:alias+ in Docker links. # # @return [Array] attr_accessor :links # **AWS ONLY** - # The entry point that is passed to the container. This parameter maps to +Entrypoint+ in the Create a container section of the Docker Remote API and the +--entrypoint+ option to docker run. # # @return [Array] attr_accessor :entry_point # **AWS ONLY** - # This parameter maps to +Cmd+ in the Create a container section of the Docker Remote API and the +COMMAND+ parameter to docker run. # # @return [Array] attr_accessor :command # **AWS ONLY** - # A list of DNS servers that are presented to the container. This parameter maps to +Dns+ in the Create a container section of the Docker Remote API and the +--dns+ option to docker run. # # @return [Array] attr_accessor :dns_servers # **AWS ONLY** - # A list of DNS search domains that are presented to the container. This parameter maps to +DnsSearch+ in the Create a container section of the Docker Remote API and the +--dns-search+ option to docker run. # # @return [Array] attr_accessor :dns_search_domains # **AWS ONLY** # Linux-specific options that are applied to the container, such as Linux KernelCapabilities. # # @return [BasketofKittens::container_clusters::containers::linux_parameters] # @see BasketofKittens::container_clusters::containers::linux_parameters attr_accessor :linux_parameters # **AWS ONLY** # A key/value map of labels to add to the container. This parameter maps to +Labels+ in the Create a container section of the Docker Remote API and the +--label+ option to docker run. # # @return [BasketofKittens::container_clusters::containers::docker_labels] # @see BasketofKittens::container_clusters::containers::docker_labels attr_accessor :docker_labels # **AWS ONLY** - # A list of strings to provide custom labels for SELinux and AppArmor multi-level security systems. This field is not valid for containers in tasks using the Fargate launch type. This parameter maps to +SecurityOpt+ in the Create a container section of the Docker Remote API and the +--security-opt+ option to docker run. # # @return [Array] attr_accessor :docker_security_options # **AWS ONLY** # The health check command and associated configuration parameters for the container. This parameter maps to +HealthCheck+ in the Create a container section of the Docker Remote API and the +HEALTHCHECK+ parameter of docker run. # # @return [BasketofKittens::container_clusters::containers::health_check] # @see BasketofKittens::container_clusters::containers::health_check attr_accessor :health_check # **AWS ONLY** # The environment variables to pass to a container. This parameter maps to +Env+ in the Create a container section of the Docker Remote API and the +--env+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::environment attr_accessor :environment # **AWS ONLY** # Special requirements for this container. As of this writing, +GPU+ is the only valid option. # # @return [Array] # @see BasketofKittens::container_clusters::containers::resource_requirements attr_accessor :resource_requirements # **AWS ONLY** # A list of namespaced kernel parameters to set in the container. This parameter maps to +Sysctls+ in the Create a container section of the Docker Remote API and the +--sysctl+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::system_controls attr_accessor :system_controls # **AWS ONLY** # This parameter maps to +Ulimits+ in the Create a container section of the Docker Remote API and the +--ulimit+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::ulimits attr_accessor :ulimits # **AWS ONLY** # A list of hostnames and IP address mappings to append to the +/etc/hosts+ file on the container. This parameter maps to ExtraHosts in the +Create+ a container section of the Docker Remote API and the +--add-host+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::extra_hosts attr_accessor :extra_hosts # **AWS ONLY** # See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html # # @return [Array] # @see BasketofKittens::container_clusters::containers::secrets attr_accessor :secrets # **AWS ONLY** # The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. # # @return [Array] # @see BasketofKittens::container_clusters::containers::depends_on attr_accessor :depends_on # **AWS ONLY** # The mount points for data volumes in your container. This parameter maps to +Volumes+ in the Create a container section of the Docker Remote API and the +--volume+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::mount_points attr_accessor :mount_points # **AWS ONLY** # Data volumes to mount from another container. This parameter maps to +VolumesFrom+ in the Create a container section of the Docker Remote API and the +--volumes-from+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::volumes_from attr_accessor :volumes_from # **AWS ONLY** # The Amazon Resource Name (ARN) of a secret containing the private repository credentials. # # @return [BasketofKittens::container_clusters::containers::repository_credentials] # @see BasketofKittens::container_clusters::containers::repository_credentials attr_accessor :repository_credentials # **AWS ONLY** # Mappings of ports between the container instance and the host instance. This parameter maps to +PortBindings+ in the Create a container section of the Docker Remote API and the +--publish+ option to docker run. # # @return [Array] # @see BasketofKittens::container_clusters::containers::port_mappings attr_accessor :port_mappings # **AWS ONLY** # Where to send container logs. If not specified, Mu will create a CloudWatch Logs output channel. See also: https://docs.aws.amazon.com/sdkforruby/api/Aws/ECS/Types/ContainerDefinition.html#log_configuration-instance_method # # @return [BasketofKittens::container_clusters::containers::log_configuration] # @see BasketofKittens::container_clusters::containers::log_configuration attr_accessor :log_configuration # **AWS ONLY** # Load Balancers to associate with the container services # # @return [Array] # @see BasketofKittens::container_clusters::containers::loadbalancers attr_accessor :loadbalancers # @!endgroup end end end class BasketofKittens class container_clusters # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines class metadata # @!group Required parameters # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **GOOGLE ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class container_clusters class service_account # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class container_clusters class service_account class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class container_clusters class service_account # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::service_account::habitat::tag] # @see BasketofKittens::container_clusters::service_account::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class container_clusters # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. class service_account # @!group Required parameters # **GOOGLE ONLY**, # **Default: `users`**, # **Must be one of: `users`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::container_clusters::service_account::tag] # @see BasketofKittens::container_clusters::service_account::tag attr_accessor :tag # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::container_clusters::service_account::habitat] # @see BasketofKittens::container_clusters::service_account::habitat attr_accessor :habitat # @!endgroup end end end class BasketofKittens class container_clusters # +GOOGLE+: Set a GKE cluster to be private, that is segregated into its own hidden VPC. class private_cluster # @!group Optional parameters # **GOOGLE ONLY**, # **Default: `true`** - # Whether GKE worker nodes have internal IP addresses only. # # @return [Boolean] attr_accessor :private_nodes # **GOOGLE ONLY**, # **Default: `false`** - # Whether the GKE Kubernetes master's internal IP address is used as the cluster endpoint. # # @return [Boolean] attr_accessor :private_master # **GOOGLE ONLY**, # **Default: `172.20.0.0/28`**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # The private IP address range to use for the GKE master's network # # @return [String] attr_accessor :master_ip_block # @!endgroup end end end class BasketofKittens class container_clusters # +GOOGLE+: If set, GKE will create a new subnetwork specifically for this cluster class custom_subnet # @!group Optional parameters # **GOOGLE ONLY** - # Set a custom name for the generated subnet # # @return [String] attr_accessor :name # **GOOGLE ONLY**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # The IP address range of the worker nodes in this cluster, in CIDR notation # # @return [String] attr_accessor :node_ip_block # @!endgroup end end end class BasketofKittens class container_clusters # GKE's Master authorized networks functionality class authorized_networks end end end class BasketofKittens # Create a cluster of container hosts. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class container_clusters # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED** - # Type of container host instances to use. Equivalent to 'size' parameter in Server or ServerPool # # @return [String] attr_accessor :instance_type # **REQUIRED**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # @!endgroup # @!group Optional parameters # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Reference a 'vpcs' resource from this 'container_cluster' resource # # @return [BasketofKittens::container_clusters::vpc] # @see BasketofKittens::container_clusters::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::container_clusters::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **Default: `2`** - # ## +GOOGLE+: In GKE, this value is ignored if +min_size+ and +max_size+ are set. # ## +GOOGLE+: In GKE, this value is ignored if +min_size+ and +max_size+ are set. # # @return [Integer] attr_accessor :instance_count # Enable worker cluster scaling and set the minimum number of workers to this value. This value is ignored for platforms which abstract scaling activity, such as AWS Fargate. # ## +GOOGLE+: In GKE, this is the minimum number of nodes *per availability zone*, when scaling is enabled. Setting +min_size+ and +max_size+ enables scaling. # # @return [Integer] attr_accessor :min_size # Enable worker cluster scaling and set the maximum number of workers to this value. This value is ignored for platforms which abstract scaling activity, such as AWS Fargate. # ## +GOOGLE+: In GKE, this is the maximum number of nodes *per availability zone*, when scaling is enabled. Setting +min_size+ and +max_size+ enables scaling. # # @return [Integer] attr_accessor :max_size # Kubernetes-specific options ## # ## +GOOGLE+: Kubernetes-specific options ## # # @return [BasketofKittens::container_clusters::kubernetes] # @see BasketofKittens::container_clusters::kubernetes attr_accessor :kubernetes # Optional Kubernetes-specific resource descriptors to run with kubectl create|replace when grooming this cluster. See https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/#understanding-kubernetes-objects # # @return [Array] # @see BasketofKittens::container_clusters::kubernetes_resources attr_accessor :kubernetes_resources # **Default: `linux`**, # **Must be one of: `linux, windows, centos, ubuntu, centos6, ubuntu14, win2k12, win2k12r2, win2k16, centos7, rhel7, rhel71, amazon, Linux, Windows`** - # Helps select default AMIs, and enables correct grooming behavior based on operating system type. # ## +AWS+: The platform to choose for worker nodes. # ## +AZURE+: The OS platform to deploy for workers and containers. # # @return [String] attr_accessor :platform # **Default: `all_private`** - # Worker nodes inherit the main cluster VPC configuration by default. This parameter allows targeting the worker node-cluster to a different class of subnets # # @return [String] attr_accessor :instance_subnet_pref # When using Ansible as a groomer, this will insert a +vars+ tree into the playbook for this node. # # @return [BasketofKittens::container_clusters::ansible_vars] # @see BasketofKittens::container_clusters::ansible_vars attr_accessor :ansible_vars # **Default: `false`** - # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. # # @return [Boolean] attr_accessor :scrub_mu_isms # **Default: `false`** - # Bootstrap asynchronously via the Momma Cat daemon instead of during the main deployment process # # @return [Boolean] attr_accessor :async_groom # **Default: `Chef`**, # **Must be one of: `Chef, Ansible`** # # @return [String] attr_accessor :groomer # **Default: `true`** - # For groomer implementations which support automatically fetching roles/recipes/manifests from a public library, such as Ansible Galaxy, this will toggle this behavior on or off. # # @return [Boolean] attr_accessor :groomer_autofetch # **Default: `true`** - # Whether to run a host configuration agent, e.g. Chef, when bootstrapping # # @return [Boolean] attr_accessor :groom # Metadata variables to expose to Groomer clients, under a top-level key named +mu+. Same thing as +application_attributes+, but with a name that makes a modicum of sense. # # @return [BasketofKittens::container_clusters::groomer_variables] # @see BasketofKittens::container_clusters::groomer_variables attr_accessor :groomer_variables # **Default: `1800`** - # Maximum execution time for a groomer run # # @return [Integer] attr_accessor :groomer_timeout # **Default: `false`** - # Remove pre-existing groomer agents from node before bootstrapping. Especially useful for image builds. # # @return [Boolean] attr_accessor :scrub_groomer # Create a CloudWatch Alarm. # # @return [Array] # @see BasketofKittens::container_clusters::alarms attr_accessor :alarms # Integrate this node into an Active Directory domain. On Linux, will configure Winbind and PAM for system-level AD authentication. # # @return [BasketofKittens::container_clusters::active_directory] # @see BasketofKittens::container_clusters::active_directory attr_accessor :active_directory # Assign extra private IP addresses to this server. # # @return [Integer] attr_accessor :add_private_ips # **Default: `false`** - # Node bootstrapping normally runs an internal recipe that does a full system update. This is very slow for testing, so let's have an option to disable it. # # @return [Boolean] attr_accessor :skipinitialupdates # **Default: `false`** - # If true, chef-client will automatically re-run on nodes of the same type when this instance has finished grooming. Use, for example, to add new members to a database cluster in an autoscale group by sharing data in Chef's node structures. # # @return [Boolean] attr_accessor :sync_siblings # **Default: `true`** - # Wait for DNS record to propagate in DNS Zone. # # @return [Boolean] attr_accessor :dns_sync_wait # One or more Load Balancers with which this instance should register. # # @return [Array] # @see BasketofKittens::container_clusters::loadbalancers attr_accessor :loadbalancers # Reference a 'firewall_rules' resource from this 'server' resource # # @return [Array] # @see BasketofKittens::container_clusters::add_firewall_rules attr_accessor :add_firewall_rules # Assign a specific IP to this instance once it's ready. # # @return [BasketofKittens::container_clusters::static_ip] # @see BasketofKittens::container_clusters::static_ip attr_accessor :static_ip # **Default: `true`** - # Turn off network-level routing paranoia. Set this false to make a NAT do its thing. # # @return [Boolean] attr_accessor :src_dst_check # **Default: `false`** - # Associate public IP address? # # @return [Boolean] attr_accessor :associate_public_ip # A script to be run during the bootstrap process. Typically used to preconfigure Windows instances. # # @return [BasketofKittens::container_clusters::userdata_script] # @see BasketofKittens::container_clusters::userdata_script attr_accessor :userdata_script # **Default: `Administrator`** - # Use an alternate Windows account for Administrator functions. Will change the name of the Administrator account, if it has not already been done. # # @return [String] attr_accessor :windows_admin_username # Set Windows nodes' local administrator password to a value specified in a Chef Vault. # # @return [BasketofKittens::container_clusters::windows_auth_vault] # @see BasketofKittens::container_clusters::windows_auth_vault attr_accessor :windows_auth_vault # **Default: `root`** - # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # ## +GOOGLE+: Account to use when connecting via ssh. Google Cloud images don't come with predefined remote access users, and some don't work with our usual default of +root+, so we recommend using some other (non-root) username. # # @return [String] attr_accessor :ssh_user # **Default: `true`** # # @return [Boolean] attr_accessor :use_cloud_provider_windows_password # A list of +groomer+ recipes/roles/scripts to run, using naming conventions specific to the appropriate grooming layer. In +Chef+, this corresponds to a node's +run_list+ attribute, and entries should be of the form role[rolename] or recipe[recipename]. In +Ansible+, it should be a list of roles (+rolename+), which Mu will use to generate a custom Playbook for the deployment. # # @return [Array] attr_accessor :run_list # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::container_clusters::ingress_rules attr_accessor :ingress_rules # Chef Node structure artifact for mu-tools cookbook. # # @return [BasketofKittens::container_clusters::application_attributes] # @see BasketofKittens::container_clusters::application_attributes attr_accessor :application_attributes # JSON artifact to be stored in Chef Vault for this node. Note that these values will still be stored in plain text local to the MU server, but only accessible to nodes via Vault. # # @return [BasketofKittens::container_clusters::secrets] # @see BasketofKittens::container_clusters::secrets attr_accessor :secrets # Chef Vault items to which this node should be granted access. # # @return [Array] # @see BasketofKittens::container_clusters::vault_access attr_accessor :vault_access # Existing deploys that will be loaded into the new deployment metadata. This metadata will be saved on the Chef node # # @return [Array] # @see BasketofKittens::container_clusters::existing_deploys attr_accessor :existing_deploys # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::container_clusters::dependencies attr_accessor :dependencies # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS & AZURE ONLY**, # **Default: `ECS`**, # **Must be one of: `ECS, EKS, Fargate, Kubernetes, OpenShift, Swarm, DC/OS`** - # +AWS+: The AWS container platform to deploy # ## +AZURE+: The Azure container platform to deploy. Currently only +Kubernetes+ is supported. # # @return [String] attr_accessor :flavor # **AWS ONLY**, # **Default: `false`** - # +AWS+: Enable worker nodes with GPU capabilities # # @return [Boolean] attr_accessor :gpu # **AWS ONLY** - # +AWS+: The Amazon EC2 AMI on which to base this cluster's container hosts. Will use the default appropriate for the platform, if not specified. Only valid for EKS and ECS flavors. # # @return [String] attr_accessor :ami_id # **AWS ONLY**, # **Must be one of: `api, audit, authenticator, controllerManager, scheduler`** - # Cluster CloudWatch logs to enable for EKS clusters. # # @return [Array] attr_accessor :logging # **AWS ONLY** # Define one or more volumes which can then be referenced by the +mount_points+ parameter inside +containers+. +docker+ volumes are not valid for Fargate clusters. See also https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html # # @return [Array] # @see BasketofKittens::container_clusters::volumes attr_accessor :volumes # **AWS ONLY** # A container image to run on this cluster. # # @return [Array] # @see BasketofKittens::container_clusters::containers attr_accessor :containers # **GOOGLE ONLY**, # **Default: `true`** - # +GOOGLE+: Automatically upgrade worker nodes during maintenance windows # # @return [Boolean] attr_accessor :auto_upgrade # **GOOGLE ONLY**, # **Default: `true`** - # +GOOGLE+: Automatically replace worker nodes which fail health checks # # @return [Boolean] attr_accessor :auto_repair # **GOOGLE ONLY** - # +GOOGLE+: The number of local SSD disks to be attached to workers. See https://cloud.google.com/compute/docs/disks/local-ssd#local_ssd_limits # # @return [Integer] attr_accessor :local_ssd_count # **GOOGLE ONLY** # Custom key-value pairs to be added to the metadata of Google Cloud virtual machines # # @return [Array] # @see BasketofKittens::container_clusters::metadata attr_accessor :metadata # **GOOGLE ONLY** # +GOOGLE+: An existing service account to use instead of the default one generated by Mu during the deployment process. # # @return [BasketofKittens::container_clusters::service_account] # @see BasketofKittens::container_clusters::service_account attr_accessor :service_account # **GOOGLE ONLY** - # API scopes to make available to this resource's service account. # # @return [Array] attr_accessor :scopes # **GOOGLE ONLY** # +GOOGLE+: Set a GKE cluster to be private, that is segregated into its own hidden VPC. # # @return [BasketofKittens::container_clusters::private_cluster] # @see BasketofKittens::container_clusters::private_cluster attr_accessor :private_cluster # **GOOGLE ONLY** # +GOOGLE+: If set, GKE will create a new subnetwork specifically for this cluster # # @return [BasketofKittens::container_clusters::custom_subnet] # @see BasketofKittens::container_clusters::custom_subnet attr_accessor :custom_subnet # **GOOGLE ONLY**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # +GOOGLE+: The IP address range of the container pods in this cluster, in CIDR notation # # @return [String] attr_accessor :pod_ip_block # **GOOGLE ONLY** - # +GOOGLE+: The name of the secondary range to be used for the pod CIDR block # # @return [String] attr_accessor :pod_ip_block_name # **GOOGLE ONLY**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # +GOOGLE+: The IP address range of the services in this cluster, in CIDR notation # # @return [String] attr_accessor :services_ip_block # **GOOGLE ONLY** - # +GOOGLE+: The name of the secondary range to be used for the services CIDR block # # @return [String] attr_accessor :services_ip_block_name # **GOOGLE ONLY** - # +GOOGLE+: Whether alias IPs will be used for pod IPs in the cluster. Will be automatically enabled for functionality, such as +private_cluster+, which requires it. # # @return [Boolean] attr_accessor :ip_aliases # **GOOGLE ONLY**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # +GOOGLE+: The IP address range of any Cloud TPUs in this cluster, in CIDR notation # # @return [String] attr_accessor :tpu_ip_block # **GOOGLE & AZURE ONLY**, # **Default: `100`** - # +GOOGLE+: Size of the disk attached to each worker, specified in GB. The smallest allowed disk size is 10GB # ## +AZURE+: Size of the disk attached to each worker, specified in GB. The smallest allowed disk size is 30, the largest 1024. # # @return [Integer] attr_accessor :disk_size_gb # **GOOGLE ONLY** - # +GOOGLE+: Minimum CPU platform to be used by workers. The instances may be scheduled on the specified or newer CPU platform. Applicable values are the friendly names of CPU platforms, such as minCpuPlatform: 'Intel Haswell' or minCpuPlatform: 'Intel Sandy Bridge'. # # @return [String] attr_accessor :min_cpu_platform # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: Whether the workers are created as preemptible VM instances. See: https://cloud.google.com/compute/docs/instances/preemptible for more information about preemptible VM instances. # # @return [Boolean] attr_accessor :preemptible # **GOOGLE ONLY**, # **Default: `COS`**, # **Must be one of: `UBUNTU, COS_CONTAINERD, UBUNTU_CONTAINERD, COS`** - # +GOOGLE+: The image type to use for workers. Note that for a given image type, the latest version of it will be used. # # @return [String] attr_accessor :image_type # **GOOGLE ONLY** - # +GOOGLE+: Target a specific availability zone for this cluster # # @return [String] attr_accessor :availability_zone # **GOOGLE ONLY**, # **Must match pattern `^\d\d:\d\d$`** - # +GOOGLE+: The preferred daily time to perform node maintenance. Time format should be in [RFC3339](http://www.ietf.org/rfc/rfc3339.txt) format +HH:MM+ GMT. # # @return [String] attr_accessor :preferred_maintenance_window # **GOOGLE ONLY**, # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # +GOOGLE+: The IP address range of the container pods in this cluster, in CIDR notation # # @return [String] attr_accessor :pod_ip_range # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: Enable the ability to use Cloud TPUs in this cluster. # # @return [Boolean] attr_accessor :tpu # **GOOGLE ONLY**, # **Default: `kubernetes`**, # **Must be one of: `basic, kubernetes, none`** - # +GOOGLE+: The +logging.googleapis.com+ and +monitoring.googleapis.com+ facilities that this cluster should use to write logs and metrics. # # @return [String] attr_accessor :log_facility # **GOOGLE ONLY** - # +GOOGLE+: Enables Basic Auth for a GKE cluster with string as the master username # # @return [String] attr_accessor :master_user # **GOOGLE ONLY** # GKE's Master authorized networks functionality # # @return [Array] # @see BasketofKittens::container_clusters::authorized_networks attr_accessor :authorized_networks # **GOOGLE ONLY** - # +GOOGLE+: Target a specific Availability Zone for the GKE master. If not set, we will choose one which has the most current versions of Kubernetes available. # # @return [String] attr_accessor :master_az # **AZURE ONLY**, # **Default: `30`** - # +AZURE+: Maximum number of pods allowed on this cluster # # @return [Integer] attr_accessor :max_pods # **AZURE ONLY** - # +AZURE+: DNS name prefix to use with the hosted Kubernetes API server FQDN. Will default to the global +appname+ value if not specified. # # @return [String] attr_accessor :dns_prefix # @!endgroup end end class BasketofKittens class search_domains class vpc # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class search_domains class vpc class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class search_domains class vpc # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::search_domains::vpc::habitat::tag] # @see BasketofKittens::search_domains::vpc::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class search_domains class vpc # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. class subnets # @!group Optional parameters # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # **Must match pattern `^[^=]+=.+`** - # Identify this subnet by a tag (key=value). Note that this tag must not match more than one resource. # # @return [String] attr_accessor :tag # @!endgroup end end end end class BasketofKittens class search_domains # Reference a 'vpcs' resource from this 'search_domain' resource class vpc # @!group Required parameters # **Default: `vpcs`**, # **Must be one of: `vpcs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::search_domains::vpc::tag] # @see BasketofKittens::search_domains::vpc::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::search_domains::vpc::habitat] # @see BasketofKittens::search_domains::vpc::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :vpc_id # Alias for name # # @return [String] attr_accessor :vpc_name # **Default: `all_private`** - # When auto-discovering VPC resources, this specifies target subnets for this resource. Special keywords: public, private, any, all, all_public, all_private, all. Using the name of a route table defined elsewhere in this BoK will behave like 'all_.' # # @return [String] attr_accessor :subnet_pref # # @return [String] attr_accessor :subnet_name # # @return [String] attr_accessor :subnet_id # Extra subnets to which to attach this {MU::Cloud::AWS::Server}. Extra network interfaces will be created to accomodate these attachments. # # @return [Array] # @see BasketofKittens::search_domains::vpc::subnets attr_accessor :subnets # @!endgroup end end end class BasketofKittens class search_domains # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class search_domains class add_firewall_rules # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end class BasketofKittens class search_domains class add_firewall_rules class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class search_domains class add_firewall_rules # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::search_domains::add_firewall_rules::habitat::tag] # @see BasketofKittens::search_domains::add_firewall_rules::habitat::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class search_domains # Reference a 'firewall_rules' resource from this 'search_domain' resource class add_firewall_rules # @!group Required parameters # **Default: `firewall_rules`**, # **Must be one of: `firewall_rules`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::search_domains::add_firewall_rules::tag] # @see BasketofKittens::search_domains::add_firewall_rules::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::search_domains::add_firewall_rules::habitat] # @see BasketofKittens::search_domains::add_firewall_rules::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :rule_id # Alias for name # # @return [String] attr_accessor :rule_name # @!endgroup end end end class BasketofKittens class search_domains # Network ingress and/or egress rules. class ingress_rules # @!group Optional parameters # # @return [String] attr_accessor :port_range # # @return [Integer] attr_accessor :port # **Default: `tcp`**, # **Must be one of: `udp, tcp, icmp`** # # @return [String] attr_accessor :proto # # @return [Boolean] attr_accessor :ingress # **Default: `false`** # # @return [Boolean] attr_accessor :egress # String description of this firewall rule, where supported # # @return [String] attr_accessor :comment # **Must match pattern `^\d+\.\d+\.\d+\.\d+/[0-9]{1,2}$`** - # CIDR-formatted IP block, e.g. 1.2.3.4/32 # # @return [Array] attr_accessor :hosts # @!endgroup end end end class BasketofKittens class search_domains # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class search_domains # +AWS+: An IAM policy document for access to ElasticSearch. Our parser expects this to be defined inline like the rest of your YAML/JSON Basket of Kittens, not as raw JSON. For guidance on ElasticSearch IAM capabilities, see: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html class access_policies end end end class BasketofKittens class search_domains # +AWS+: Key => Value strings pairs that pass certain configuration options to Elasticsearch. For a list of supported values, see https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-createupdatedomains.html#es-createdomain-configure-advanced-options class advanced_options end end end class BasketofKittens class search_domains # +AWS+: Options to specify the Cognito user and identity pools for Kibana authentication. For more information, see http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html class cognito # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # Amazon Cognito user pool. Looks like 'us-east-1:69e2223c-2c74-42ca-9b27-1037fcb60b91'. See https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html # # @return [String] attr_accessor :user_pool_id # **REQUIRED**, # **AWS ONLY** - # Amazon Cognito identity pool. Looks like 'us-east-1_eSwWA1VGY'. See https://docs.aws.amazon.com/cognito/latest/developerguide/identity-pools.html # # @return [String] attr_accessor :identity_pool_id # @!endgroup # @!group Optional parameters # **AWS ONLY** - # An IAM role that has the AmazonESCognitoAccess policy attached. If not specified, one will be generated automatically. # # @return [String] attr_accessor :role_arn # @!endgroup end end end class BasketofKittens # Set up a cloud provider managed Elastic Search cluster. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. class search_domains # @!group Optional parameters # **Must match pattern `^[a-z][a-z0-9\-]+$`** - # ## # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Reference a 'vpcs' resource from this 'search_domain' resource # # @return [BasketofKittens::search_domains::vpc] # @see BasketofKittens::search_domains::vpc attr_accessor :vpc # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::search_domains::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Reference a 'firewall_rules' resource from this 'search_domain' resource # # @return [Array] # @see BasketofKittens::search_domains::add_firewall_rules attr_accessor :add_firewall_rules # Network ingress and/or egress rules. # # @return [Array] # @see BasketofKittens::search_domains::ingress_rules attr_accessor :ingress_rules # **Default: `1`** # # @return [Integer] attr_accessor :instance_count # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::search_domains::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Default: `7.1`** - # +AWS+: A supported ElasticSearch version for the region of this SearchDomain. Known versions from us-east-1: 7.1, 6.8, 6.7, 6.5, 6.4, 6.3, 6.2, 6.0, 5.6, 5.5, 5.3, 5.1, 2.3, 1.5 # # @return [String] attr_accessor :elasticsearch_version # **AWS ONLY**, # **Default: `c5.large.elasticsearch`** - # +AWS+: A supported ElasticSearch instance type for the region of this SearchDomain. Known types from us-east-1: c5.large.elasticsearch, c5.xlarge.elasticsearch, c5.2xlarge.elasticsearch, c5.4xlarge.elasticsearch, c5.9xlarge.elasticsearch, c5.18xlarge.elasticsearch, i3.large.elasticsearch, i3.xlarge.elasticsearch, i3.2xlarge.elasticsearch, i3.4xlarge.elasticsearch, i3.8xlarge.elasticsearch, i3.16xlarge.elasticsearch, m5.large.elasticsearch, m5.xlarge.elasticsearch, m5.2xlarge.elasticsearch, m5.4xlarge.elasticsearch, m5.12xlarge.elasticsearch, r5.large.elasticsearch, r5.xlarge.elasticsearch, r5.2xlarge.elasticsearch, r5.4xlarge.elasticsearch, r5.12xlarge.elasticsearch, t2.small.elasticsearch, t2.medium.elasticsearch, c4.large.elasticsearch, c4.xlarge.elasticsearch, c4.2xlarge.elasticsearch, c4.4xlarge.elasticsearch, c4.8xlarge.elasticsearch, i2.xlarge.elasticsearch, i2.2xlarge.elasticsearch, m4.large.elasticsearch, m4.xlarge.elasticsearch, m4.2xlarge.elasticsearch, m4.4xlarge.elasticsearch, m4.10xlarge.elasticsearch, r4.large.elasticsearch, r4.xlarge.elasticsearch, r4.2xlarge.elasticsearch, r4.4xlarge.elasticsearch, r4.8xlarge.elasticsearch, r4.16xlarge.elasticsearch, m3.medium.elasticsearch, m3.large.elasticsearch, m3.xlarge.elasticsearch, m3.2xlarge.elasticsearch, r3.large.elasticsearch, r3.xlarge.elasticsearch, r3.2xlarge.elasticsearch, r3.4xlarge.elasticsearch, r3.8xlarge.elasticsearch. # # @return [String] attr_accessor :instance_type # **AWS ONLY**, # **Default: `0`** - # +AWS+: Separate, dedicated master node(s), over and above the search instances specified in instance_count. # # @return [Integer] attr_accessor :dedicated_masters # **AWS ONLY** # +AWS+: An IAM policy document for access to ElasticSearch. Our parser expects this to be defined inline like the rest of your YAML/JSON Basket of Kittens, not as raw JSON. For guidance on ElasticSearch IAM capabilities, see: https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-ac.html # # @return [BasketofKittens::search_domains::access_policies] # @see BasketofKittens::search_domains::access_policies attr_accessor :access_policies # **AWS ONLY** - # +AWS+: Instance type for dedicated master nodes, if any were requested. Will default to match instance_type. # # @return [String] attr_accessor :master_instance_type # **AWS ONLY**, # **Default: `standard`**, # **Must be one of: `standard, gp2, io1, none`** - # +AWS+: Type of EBS storage to use for cluster nodes. If 'none' is specified, EBS storage will not be used, but this is only valid for certain instance types. # # @return [String] attr_accessor :ebs_type # **AWS ONLY** - # +AWS+: Specifies the IOPD for a Provisioned IOPS EBS volume (SSD). Must specify ebs_type for this to take effect. # # @return [Integer] attr_accessor :ebs_iops # **AWS ONLY**, # **Default: `20`** - # +AWS+: Specifies the size (GB) of EBS storage. Must specify ebs_type for this to take effect. # # @return [Integer] attr_accessor :ebs_size # **AWS ONLY**, # **Default: `23`** - # +AWS+: Clock hour (UTC) to begin daily snapshots # # @return [Integer] attr_accessor :snapshot_hour # **AWS ONLY** - # +AWS+: If specified, will attempt to enable encryption at rest with this KMS Key ID # # @return [String] attr_accessor :kms_encryption_key_id # **AWS ONLY**, # **Default: `false`** - # +AWS+: Spread search instances across Availability Zones to facilitate replica index sharding for greater resilience. Note that you also must use the native Elasticsearch API to create replica shards for your cluster. Zone awareness requires an even number of instances in the instance count. # # @return [Boolean] attr_accessor :zone_aware # **AWS ONLY** - # +AWS+: The ARN of a CloudWatch Log Group to which we we'll send slow index and search logs. If not specified, a log group will be generated. # # @return [String] attr_accessor :slow_logs # **AWS ONLY** # +AWS+: Key => Value strings pairs that pass certain configuration options to Elasticsearch. For a list of supported values, see https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-createupdatedomains.html#es-createdomain-configure-advanced-options # # @return [BasketofKittens::search_domains::advanced_options] # @see BasketofKittens::search_domains::advanced_options attr_accessor :advanced_options # **AWS ONLY** # +AWS+: Options to specify the Cognito user and identity pools for Kibana authentication. For more information, see http://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-cognito-auth.html # # @return [BasketofKittens::search_domains::cognito] # @see BasketofKittens::search_domains::cognito attr_accessor :cognito # @!endgroup end end class BasketofKittens class msg_queues # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :key # **REQUIRED** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class msg_queues # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class msg_queues # +AWS+: Target queue for messages that can't be processed (consumed) successfully. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html class failqueue # @!group Optional parameters # **AWS ONLY** - # Create a separate MsgQueue on the fly. # # @return [Boolean] attr_accessor :create # **AWS ONLY**, # **Default: `10`** - # Number of times a message should fail before being sent to this queue. Must be between 1 and 1000. # # @return [Integer] attr_accessor :retries_before_fail # **AWS ONLY** - # The name of a sibling SQS resource in this deploy, or the cloud identifier or URL of a pre-existing one # # @return [String] attr_accessor :name # @!endgroup end end end class BasketofKittens class msg_queues # +AWS+: Use an Amazon KMS key to encrypt and decrypt messages in the background. This feature is not available in all regions. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms class kms # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # KMS key to use for encryption and decryption # # @return [String] attr_accessor :key_id # **AWS ONLY**, # **Default: `5 minutes`** - # The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling AWS KMS again. You can specify a string like '5m' or '2 hours'. # # @return [String] attr_accessor :key_reuse_period # @!endgroup end end end class BasketofKittens # Set up a cloud provider queueing service. # # `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. class msg_queues # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::msg_queues::tags attr_accessor :tags # **Default: `true`** - # Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::msg_queues::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Default: `256`** - # +AWS+: Maximum size of messages in this queue, in kB. Must be between 1 and 256. # # @return [Integer] attr_accessor :max_msg_size # **AWS ONLY**, # **Default: `4 days`** - # +AWS+: The length of time for which Amazon SQS retains a message. Assumed to be in seconds, unless you specify a string like '4d' or 'five hours'. Must be between 1 minute and 14 days. # # @return [String] attr_accessor :retain # **AWS ONLY**, # **Default: `0 seconds`** - # +AWS+: Delay delivery by up to 15 minutes. You can specify a string like '1m' or '600 seconds'. # # @return [String] attr_accessor :delay # **AWS ONLY**, # **Default: `0 seconds`** - # +AWS+: The length of time, for which a ReceiveMessage action waits for a message to arrive, between 0 and 20 seconds. You can specify a string like '5s' or '20 seconds'. # # @return [String] attr_accessor :receive_timeout # **AWS ONLY**, # **Default: `30 seconds`** - # +AWS+: The length of time during which Amazon SQS prevents other consumers from receiving and processing a message after another consumer has received it. Must be between 0 seconds and 12 hours. You can specify a string like '5 minutes' or '3 hours'. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html # # @return [String] attr_accessor :visibility_timeout # **AWS ONLY**, # **Default: `false`** - # +AWS+: Designate this queue as a FIFO queue. Messages in this queue must explicitly specify MessageGroupId. This cannot be changed once instantiated. This feature is not available in all regions. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-understanding-logic # # @return [Boolean] attr_accessor :fifo # **AWS ONLY**, # **Default: `false`** - # +AWS+: Enables content-based deduplication. When ContentBasedDeduplication is in effect, messages with identical content sent within the deduplication interval are treated as duplicates and only one copy of the message is delivered. This feature is not available in all regions. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing # # @return [Boolean] attr_accessor :dedup # **AWS ONLY** # +AWS+: Target queue for messages that can't be processed (consumed) successfully. See also: https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html # # @return [BasketofKittens::msg_queues::failqueue] # @see BasketofKittens::msg_queues::failqueue attr_accessor :failqueue # **AWS ONLY** # +AWS+: Use an Amazon KMS key to encrypt and decrypt messages in the background. This feature is not available in all regions. https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms # # @return [BasketofKittens::msg_queues::kms] # @see BasketofKittens::msg_queues::kms attr_accessor :kms # @!endgroup end end class BasketofKittens class users # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class users # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class users # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens class users class roles class role # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class users class roles class role class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class users class roles class role # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::users::roles::role::habitat::tag] # @see BasketofKittens::users::roles::role::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class users class roles # Reference a 'roles' resource from this 'user' resource class role # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `roles`**, # **Must be one of: `roles`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::users::roles::role::tag] # @see BasketofKittens::users::roles::role::tag attr_accessor :tag # **GOOGLE & AZURE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::users::roles::role::habitat] # @see BasketofKittens::users::roles::role::habitat attr_accessor :habitat # @!endgroup end end end end class BasketofKittens class users class roles class projects # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class users class roles # Reference a 'habitats' resource from this 'user' resource class projects # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::users::roles::projects::tag] # @see BasketofKittens::users::roles::projects::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class users class roles class folders # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE & AZURE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class users class roles # Reference a 'folders' resource from this 'user' resource class folders # @!group Required parameters # **GOOGLE & AZURE ONLY**, # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE & AZURE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE & AZURE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE & AZURE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE & AZURE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE & AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE & AZURE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE & AZURE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::users::roles::folders::tag] # @see BasketofKittens::users::roles::folders::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class users # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. class roles # @!group Optional parameters # **GOOGLE & AZURE ONLY** # Reference a 'roles' resource from this 'user' resource # # @return [BasketofKittens::users::roles::role] # @see BasketofKittens::users::roles::role attr_accessor :role # **GOOGLE & AZURE ONLY** # Reference a 'habitats' resource from this 'user' resource # # @return [Array] # @see BasketofKittens::users::roles::projects attr_accessor :projects # **GOOGLE & AZURE ONLY** # Reference a 'folders' resource from this 'user' resource # # @return [Array] # @see BasketofKittens::users::roles::folders attr_accessor :folders # **GOOGLE & AZURE ONLY** - # Either an organization cloud identifier, like +organizations/123456789012+, or the name of set of Mu credentials listed in +mu.yaml+, which can be used as an alias to the organization to which they authenticate. # # @return [Array] attr_accessor :organizations # @!endgroup end end end class BasketofKittens # Set up a cloud provider user or machine account # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class users # @!group Required parameters # **REQUIRED** - # The name of the account to create or associate. # ## +AWS+: A plain IAM user. If the user already exists, we will operate on that existing user. Otherwise, we will attempt to create a new user. AWS IAM does not distinguish between human user accounts and machine accounts. # ## +GOOGLE+: If the +type+ of this account is not +service+, this can include an optional @domain component (foo@example.com), which is equivalent to the +domain+ configuration option. The following rules apply to +directory+ (non-service) accounts only: # #If the domain portion is not specified, and we manage exactly one GSuite or Cloud Identity domain, we will attempt to create the user in that domain. # #If we do not manage any domains, and none are specified, we will assume @gmail.com for the domain and attempt to bind an existing external GMail user to roles under our jurisdiction. # #If the domain portion is specified, and our credentials can manage that domain via GSuite or Cloud Identity, we will attempt to create the user in that domain. # #If it is a domain we do not manage, we will attempt to bind an existing external user from that domain to roles under our jurisdiction. # #If we are binding (rather than creating) a user and no roles are specified, we will default to +roles/viewer+ at the organization scope. If our credentials do not manage an organization, we will grant this role in our default project. # # # ## +AZURE+: The name of a account to create. Currently, +service+ is the only account type we support in Azure. # # @return [String] attr_accessor :name # **Default: `interactive`**, # **Must be one of: `interactive, service`** - # Indicates whether to create or associate an account meant for interactive human use, or for a machine or service. # ## +GOOGLE+: 'interactive' will either attempt to bind an existing user to a role under our jurisdiction, or create a new directory user, depending on the domain of the user specified and whether we manage any directories; 'service' will create a service account and generate API keys. # ## +AZURE+: 'service' will create a service account (machine credentials) and generate API keys # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Default: `true`** - # If we attempt to create or associate a user that already exists, simply modify that user in-place and use it, rather than throwing an error. If this flag is set, the user will *not* be deleted on cleanup, nor will we overwrite any existing tags on cloud platforms that support user tagging. # # @return [Boolean] attr_accessor :use_if_exists # For supported platforms and user types, require the user to reset their password on their next login. Our default behavior is to set this flag when initially creating an account. Setting it explicitly +true+ will set this flag on every subsequent +groom+ of the user, which may not be desired behavior. # # @return [Boolean] attr_accessor :force_password_change # **Default: `false`** - # Create a set of cloud API keys for this user. Keys will be shared via Scratchpad for one-time retrieval. # # @return [Boolean] attr_accessor :create_api_key # **Default: `false`** - # Leave the user intact during the cleanup process. If we are re-using an existing user, rather than creating one ourselves, this option has no effect- that user will always be left intact. # # @return [Boolean] attr_accessor :preserve_on_cleanup # One or more groups to associate with this user. If there is a 'group' resource defined with this name in this Basket of Kittens, we will use that; if not, and if there is an existing cloud provider group in the appropriate account/project that matches, we will use that; if neither of those exists, we will implicitly create a matching group if it had been declared in this Basket of Kittens. # # @return [Array] attr_accessor :groups # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::users::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY**, # **Must match pattern `^\/(?:[^\/]+(?:\/[^\/]+)*\/$)?`** - # +AWS+: AWS IAM users can be namespaced with a path (ex: +/organization/unit/user+). If not specified, and if we do not see a matching existing user under +/+ with +use_if_exists+ set, we will prepend the deploy identifier to the path of users we create. Ex: +/IAMTESTS-DEV-2018112910-GR/myuser+. # # @return [String] attr_accessor :path # **AWS ONLY** # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::users::tags attr_accessor :tags # **AWS ONLY**, # **Default: `true`** - # +AWS+: Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **AWS ONLY**, # **Default: `false`** - # +AWS+: Instead of creating/updating a user account with # the exact name specified in the 'name' field, generate a unique-per-deploy Mu- #style long name, like +IAMTESTS-DEV-2018112815-IS-USER-FOO+ # # @return [Boolean] attr_accessor :unique_name # **AWS ONLY**, # **Default: `false`** - # +AWS+: Generate a password for this user, for use logging into the AWS Console. It will be shared via Scratchpad for one-time retrieval. # # @return [Boolean] attr_accessor :create_console_password # **AWS ONLY** # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::users::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** - # +GOOGLE+: If creating or binding an +interactive+ user, this is the domain of which the user should be a member. This can instead be embedded in the {name} field: +foo@example.com+. # # @return [String] attr_accessor :domain # **GOOGLE ONLY** - # +GOOGLE+: Optionally set the +given_name+ field of a +directory+ account. Ignored for +service+ accounts. # # @return [String] attr_accessor :given_name # **GOOGLE ONLY** - # +GOOGLE+: Alias for +given_name+ # # @return [String] attr_accessor :first_name # **GOOGLE ONLY** - # +GOOGLE+: Optionally set the +family_name+ field of a +directory+ account. Ignored for +service+ accounts. # # @return [String] attr_accessor :family_name # **GOOGLE ONLY** - # +GOOGLE+: Alias for +family_name+ # # @return [String] attr_accessor :last_name # **GOOGLE ONLY** - # +GOOGLE+: Canonical email address for a +directory+ user. If not specified, will be set to +name@domain+. # # @return [String] attr_accessor :email # **GOOGLE ONLY** - # +GOOGLE+: Explicitly flag this user as originating from an external domain. This should always autodetect correctly. # # @return [Boolean] attr_accessor :external # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: If the user is +interactive+ and resides in a domain we manage, set their +is_admin+ flag. # # @return [Boolean] attr_accessor :admin # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: If the user is +interactive+ and resides in a domain we manage, this can be used to lock their account. # # @return [Boolean] attr_accessor :suspend # **GOOGLE & AZURE ONLY** # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. # # @return [Array] # @see BasketofKittens::users::roles attr_accessor :roles # **AZURE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # # @return [String] attr_accessor :region # @!endgroup end end class BasketofKittens class groups # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class groups # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens class groups class roles class role # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class groups class roles class role class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class groups class roles class role # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::groups::roles::role::habitat::tag] # @see BasketofKittens::groups::roles::role::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class groups class roles # Reference a 'roles' resource from this 'group' resource class role # @!group Required parameters # **GOOGLE ONLY**, # **Default: `roles`**, # **Must be one of: `roles`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::groups::roles::role::tag] # @see BasketofKittens::groups::roles::role::tag attr_accessor :tag # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::groups::roles::role::habitat] # @see BasketofKittens::groups::roles::role::habitat attr_accessor :habitat # @!endgroup end end end end class BasketofKittens class groups class roles class projects # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class groups class roles # Reference a 'habitats' resource from this 'group' resource class projects # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::groups::roles::projects::tag] # @see BasketofKittens::groups::roles::projects::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class groups class roles class folders # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class groups class roles # Reference a 'folders' resource from this 'group' resource class folders # @!group Required parameters # **GOOGLE ONLY**, # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::groups::roles::folders::tag] # @see BasketofKittens::groups::roles::folders::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class groups # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. class roles # @!group Optional parameters # **GOOGLE ONLY** # Reference a 'roles' resource from this 'group' resource # # @return [BasketofKittens::groups::roles::role] # @see BasketofKittens::groups::roles::role attr_accessor :role # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'group' resource # # @return [Array] # @see BasketofKittens::groups::roles::projects attr_accessor :projects # **GOOGLE ONLY** # Reference a 'folders' resource from this 'group' resource # # @return [Array] # @see BasketofKittens::groups::roles::folders attr_accessor :folders # **GOOGLE ONLY** - # Either an organization cloud identifier, like +organizations/123456789012+, or the name of set of Mu credentials listed in +mu.yaml+, which can be used as an alias to the organization to which they authenticate. # # @return [Array] attr_accessor :organizations # @!endgroup end end end class BasketofKittens # Set up a cloud provider group for containing accounts/groups # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # `Google`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class groups # @!group Required parameters # **REQUIRED** - # ## +GOOGLE+: This can include an optional @domain component (foo@example.com). # #If the domain portion is not specified, and we manage exactly one GSuite or Cloud Identity domain, we will attempt to create the group in that domain. # #If we do not manage any domains, and none are specified, we will assume @googlegroups.com for the domain and attempt to bind an existing external Google Group to roles under our jurisdiction. # #If the domain portion is specified, and our credentials can manage that domain via GSuite or Cloud Identity, we will attempt to create the group in that domain. # #If it is a domain we do not manage, we will attempt to bind an existing external group from that domain to roles under our jurisdiction. # #If we are binding (rather than creating) a group and no roles are specified, we will default to +roles/viewer+ at the organization scope. If our credentials do not manage an organization, we will grant this role in our default project. # # # ## +GOOGLE+: This can include an optional @domain component (foo@example.com). # #If the domain portion is not specified, and we manage exactly one GSuite or Cloud Identity domain, we will attempt to create the group in that domain. # #If we do not manage any domains, and none are specified, we will assume @googlegroups.com for the domain and attempt to bind an existing external Google Group to roles under our jurisdiction. # #If the domain portion is specified, and our credentials can manage that domain via GSuite or Cloud Identity, we will attempt to create the group in that domain. # #If it is a domain we do not manage, we will attempt to bind an existing external group from that domain to roles under our jurisdiction. # #If we are binding (rather than creating) a group and no roles are specified, we will default to +roles/viewer+ at the organization scope. If our credentials do not manage an organization, we will grant this role in our default project. # # # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # One or more user accounts to add to this group. # # @return [Array] attr_accessor :members # **Default: `false`** - # Our +members+ list, by default, only adds the listed accounts to the group. If +purge_extra_members+ is +true+, it will remove any users that are not our list. Use with caution when managing groups created manually or managed by other applications. # # @return [Boolean] attr_accessor :purge_extra_members # **Default: `true`** - # If we attempt to create or associate a group that already exists, simply group that user in-place and use it, rather than throwing an error. If this flag is set, the group will *not* be deleted on cleanup. # # @return [Boolean] attr_accessor :use_if_exists # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::groups::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** - # +AWS+: Instead of creating/updating a group with # the exact name specified in the 'name' field, generate a unique-per-deploy Mu- #style long name, like +IAMTESTS-DEV-2018112815-IS-GROUP-FOO+. This parameter will automatically be set to +true+ if it is left unspecified and +use_if_exists+ is set to +false+. # # @return [Boolean] attr_accessor :unique_name # **AWS ONLY**, # **Must match pattern `^\/(?:[^\/]+(?:\/[^\/]+)*\/$)?`** - # +AWS+: AWS IAM groups can be namespaced with a path (ex: +/organization/unit/group+). If not specified, and if we do not see a matching existing group under +/+ with +use_if_exists+ set, we will prepend the deploy identifier to the path of groups we create. Ex: +/IAMTESTS-DEV-2018112910-GR/mygroup+. # # @return [String] attr_accessor :path # **AWS ONLY** # A key (name) with a value that is an Amazon-compatible policy document. See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::groups::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** - # +GOOGLE+: The domain from which the group originates or in which it should be created. This can instead be embedded in the {name} field: +foo@example.com+. # # @return [String] attr_accessor :domain # **GOOGLE ONLY** - # +GOOGLE+: Explicitly flag this group as originating from an external domain. This should always autodetect correctly. # # @return [Boolean] attr_accessor :external # **GOOGLE ONLY** # One or more Google IAM roles to associate with this entity. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only role, but each container in which it is granted to the entity in question. # # @return [Array] # @see BasketofKittens::groups::roles attr_accessor :roles # @!endgroup end end class BasketofKittens class roles class policies # Entities to which this policy will grant or deny access. class targets # @!group Required parameters # **REQUIRED** - # Either the name of a sibling Mu resource in this stack (used in conjunction with +entity_type+), or the full cloud identifier for a resource, such as an ARN in Amazon Web Services. # # @return [String] attr_accessor :identifier # @!endgroup # @!group Optional parameters # **Must be one of: `alarm, bucket, cache_cluster, collection, container_cluster, database, dnszone, endpoint, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, nosqldb, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # A Mu resource type, used when referencing a sibling Mu resource in this stack with +identifier+. # # @return [String] attr_accessor :type # # @return [String] attr_accessor :path # @!endgroup end end end end class BasketofKittens class roles class policies # +AWS+: One or more conditions under which to apply this policy. See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html class conditions # @!group Required parameters # **REQUIRED** - # +AWS+: A comparison to make, like +DateGreaterThan+ or +IpAddress+. # # @return [String] attr_accessor :comparison # **REQUIRED** - # +AWS+: The variable which we will compare, like +aws:CurrentTime+ or +aws:SourceIp+. # # @return [String] attr_accessor :variable # **REQUIRED** - # +AWS+: Value(s) to which we will compare our variable, like +2013-08-16T15:00:00Z+ or +192.0.2.0/24+. # # @return [Array] attr_accessor :values # @!endgroup end end end end class BasketofKittens class roles # Policies which grant or deny permissions. class policies # @!group Required parameters # **REQUIRED** - # A unique name for this policy # # @return [String] attr_accessor :name # **REQUIRED** - # Permissions to grant or deny. Valid permission strings are cloud-specific. # # @return [Array] attr_accessor :permissions # **REQUIRED** # Entities to which this policy will grant or deny access. # # @return [Array] # @see BasketofKittens::roles::policies::targets attr_accessor :targets # @!endgroup # @!group Optional parameters # **Default: `allow`**, # **Must be one of: `allow, deny`** # # @return [String] attr_accessor :flag # +AWS+: One or more conditions under which to apply this policy. See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html # # @return [Array] # @see BasketofKittens::roles::policies::conditions attr_accessor :conditions # @!endgroup end end end class BasketofKittens class roles # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class roles # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. class tags # @!group Required parameters # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :key # **REQUIRED**, # **AWS ONLY** # # @return [String] attr_accessor :value # @!endgroup end end end class BasketofKittens class roles # Entities which are permitted to assume this role. Can be services, IAM objects, or other Mu resources. class can_assume # @!group Required parameters # **REQUIRED**, # **AWS ONLY**, # **Must be one of: `service, aws, federated, alarm, bucket, cache_cluster, collection, container_cluster, database, dnszone, endpoint, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, nosqldb, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # Type of entity which will be permitted to assume this role. See +entity_id+ for details. # # @return [String] attr_accessor :entity_type # **REQUIRED**, # **AWS ONLY** - # An identifier appropriate for the +entity_type+ which is allowed to assume this role- see details for valid formats. # #**service**: The name of a service which is allowed to assume this role, such as +ec2.amazonaws.com+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-service.html#roles-creatingrole-service-api. For an unofficial list of service names, see https://gist.github.com/shortjared/4c1e3fe52bdfa47522cfe5b41e5d6f22 # #**alarm, bucket, cache_cluster, collection, container_cluster, database, dnszone, endpoint, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, nosqldb, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc**: A resource of one of these Mu types, declared elsewhere in this stack with a name specified in +entity_id+, for which Mu will attempt to resolve the appropriate *aws* or *service* identifier. # #**aws**: An ARN which should be permitted to assume this role, often another role like +arn:aws:iam::AWS-account-ID:role/role-name+ or a specific user session such as +arn:aws:sts::AWS-account-ID:assumed-role/role-name/role-session-name+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#Principal_specifying # #**federated**: A federated identity provider, such as +accounts.google.com+ or +arn:aws:iam::AWS-account-ID:saml-provider/provider-name+. See also https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#Principal_specifying # # @return [String] attr_accessor :entity_id # @!endgroup # @!group Optional parameters # **AWS ONLY**, # **Default: `basic`**, # **Must be one of: `basic, saml, web`** - # https://docs.aws.amazon.com/STS/latest/APIReference/API_Operations.html # # @return [String] attr_accessor :assume_method # @!endgroup end end end class BasketofKittens class roles # A key (name) with a value that is a raw Amazon-compatible policy document. This is not the recommended method for granting permissions- we suggest listing +roles+ for the user instead. See https://docs.aws.amazon.com/IAM/latest/RoleGuide/access_policies_examples.html for example policies. class iam_policies end end end class BasketofKittens class roles class bindings class entity # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class roles class bindings class entity class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class roles class bindings class entity # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::roles::bindings::entity::habitat::tag] # @see BasketofKittens::roles::bindings::entity::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class roles class bindings # Reference a resource from this 'config' resource class entity # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY**, # **Must be one of: `folders, habitats, collections, databases, dnszones, firewall_rules, loadbalancers, servers, server_pools, vpcs, cache_clusters, alarms, notifiers, logs, storage_pools, functions, endpoints, container_clusters, search_domains, msg_queues, users, groups, roles, buckets, nosqldbs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::roles::bindings::entity::tag] # @see BasketofKittens::roles::bindings::entity::tag attr_accessor :tag # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::roles::bindings::entity::habitat] # @see BasketofKittens::roles::bindings::entity::habitat attr_accessor :habitat # @!endgroup end end end end class BasketofKittens class roles class bindings class projects # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class roles class bindings # Reference a 'habitats' resource from this 'config' resource class projects # @!group Required parameters # **GOOGLE ONLY**, # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::roles::bindings::projects::tag] # @see BasketofKittens::roles::bindings::projects::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class roles class bindings class folders # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # **GOOGLE ONLY** - # The tag or label key to search against # # @return [String] attr_accessor :key # **GOOGLE ONLY** - # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class roles class bindings # Reference a 'folders' resource from this 'config' resource class folders # @!group Required parameters # **GOOGLE ONLY**, # **Default: `folders`**, # **Must be one of: `folders`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **GOOGLE ONLY** - # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # **GOOGLE ONLY** - # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **GOOGLE ONLY** - # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # **GOOGLE ONLY** - # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **GOOGLE ONLY**, # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **GOOGLE ONLY**, # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **GOOGLE ONLY** # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::roles::bindings::folders::tag] # @see BasketofKittens::roles::bindings::folders::tag attr_accessor :tag # @!endgroup end end end end class BasketofKittens class roles # One or more entities (+user+, +group+, etc) to associate with this role. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only the target entity, but each container in which it is granted to the entity in question. class bindings # @!group Optional parameters # **GOOGLE ONLY** # Reference a resource from this 'config' resource # # @return [BasketofKittens::roles::bindings::entity] # @see BasketofKittens::roles::bindings::entity attr_accessor :entity # **GOOGLE ONLY** # Reference a 'habitats' resource from this 'config' resource # # @return [Array] # @see BasketofKittens::roles::bindings::projects attr_accessor :projects # **GOOGLE ONLY** # Reference a 'folders' resource from this 'config' resource # # @return [Array] # @see BasketofKittens::roles::bindings::folders attr_accessor :folders # **GOOGLE ONLY** - # Either an organization cloud identifier, like +organizations/123456789012+, or the name of set of Mu credentials, which can be used as an alias to the organization to which they authenticate. # # @return [Array] attr_accessor :organizations # @!endgroup end end end class BasketofKittens # Set up a cloud provider role for mapping permissions to other entities # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. class roles # @!group Optional parameters # **Must match pattern `^[a-zA-Z0-9_\-]+$`** - # The name of a cloud provider role to create ## # # @return [String] attr_accessor :name # Import pre-fabricated roles/policies from the cloud provider into this role. # # @return [Array] attr_accessor :import # Policies which grant or deny permissions. # # @return [Array] # @see BasketofKittens::roles::policies attr_accessor :policies # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::roles::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **AWS ONLY** # Tags to apply to this resource. Will apply at the cloud provider level and in node groomers, where applicable. # # @return [Array] # @see BasketofKittens::roles::tags attr_accessor :tags # **AWS ONLY**, # **Default: `true`** - # +AWS+: Tag the resource with our optional tags (+MU-HANDLE+, +MU-MASTER-NAME+, +MU-OWNER+). # # @return [Boolean] attr_accessor :optional_tags # **AWS ONLY**, # **Default: `false`** - # +AWS+: Normally we namespace IAM roles with a +path+ set to match our +deploy_id+; this disables that behavior. Temporary workaround for a bug in EKS/IAM integration. # # @return [Boolean] attr_accessor :strip_path # **AWS ONLY**, # **Default: `false`** - # +AWS+: Do not create a role, but simply create the policies specified in +policies+ and/or +iam_policies+ for direct attachment to other entities. # # @return [Boolean] attr_accessor :bare_policies # **AWS ONLY** # Entities which are permitted to assume this role. Can be services, IAM objects, or other Mu resources. # # @return [Array] # @see BasketofKittens::roles::can_assume attr_accessor :can_assume # **AWS ONLY** # A key (name) with a value that is a raw Amazon-compatible policy document. This is not the recommended method for granting permissions- we suggest listing +roles+ for the user instead. See https://docs.aws.amazon.com/IAM/latest/RoleGuide/access_policies_examples.html for example policies. # # @return [Array] # @see BasketofKittens::roles::iam_policies attr_accessor :iam_policies # **GOOGLE ONLY** - # +GOOGLE+: A human readable name for this role. If not specified, will default to our long-form deploy-generated name. # # @return [String] attr_accessor :display_name # **GOOGLE ONLY**, # **Must be one of: `directory, org, project, canned`** - # +GOOGLE+: Google effectively has four types of roles: # #+directory+: An admin role in GSuite or Cloud Identity # #+org+: A custom organization-level IAM role. Note that these are only valid in GSuite or Cloud Identity environments # #+project+: A custom project-level IAM role. # #+canned+: A reference to one of the standard pre-defined IAM roles, usually only declared to apply {bindings} to other artifacts. # #If this value is not specified, and the role name matches the name of an existing +canned+ role, we will assume it should be +canned+. If it does not, and we have credentials which map to a valid organization, we will assume +org+; if the credentials do not map to an organization, we will assume +project+. # # @return [String] attr_accessor :role_source # **GOOGLE ONLY** - # +GOOGLE+: Detailed human-readable description of this role's purpose # # @return [String] attr_accessor :description # **GOOGLE ONLY** # One or more entities (+user+, +group+, etc) to associate with this role. IAM roles in Google can be associated at the project (+Habitat+), folder, or organization level, so we must specify not only the target entity, but each container in which it is granted to the entity in question. # # @return [Array] # @see BasketofKittens::roles::bindings attr_accessor :bindings # @!endgroup end end class BasketofKittens class buckets class policies # Entities to which this policy will grant or deny access. class targets # @!group Required parameters # **REQUIRED** - # Either the name of a sibling Mu resource in this stack (used in conjunction with +entity_type+), or the full cloud identifier for a resource, such as an ARN in Amazon Web Services. # # @return [String] attr_accessor :identifier # @!endgroup # @!group Optional parameters # **Must be one of: `alarm, bucket, cache_cluster, collection, container_cluster, database, dnszone, endpoint, firewall_rule, folder, function, group, habitat, loadbalancer, log, msg_queue, nosqldb, notifier, role, search_domain, server, server_pool, storage_pool, user, vpc`** - # A Mu resource type, used when referencing a sibling Mu resource in this stack with +identifier+. # # @return [String] attr_accessor :type # Target this policy to a path or child resource of the object to which we are granting or denying permissions, such as a key or wildcard in an S3 or Cloud Storage bucket. # # @return [String] attr_accessor :path # @!endgroup end end end end class BasketofKittens class buckets class policies class grant_to # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end class BasketofKittens class buckets class policies class grant_to class habitat # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. class tag # @!group Optional parameters # The tag or label key to search against # # @return [String] attr_accessor :key # The tag or label value to match # # @return [String] attr_accessor :value # @!endgroup end end end end end end class BasketofKittens class buckets class policies class grant_to # Reference a 'habitats' resource from this 'config' resource class habitat # @!group Required parameters # **Default: `habitats`**, # **Must be one of: `habitats`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::buckets::policies::grant_to::habitat::tag] # @see BasketofKittens::buckets::policies::grant_to::habitat::tag attr_accessor :tag # @!endgroup end end end end end class BasketofKittens class buckets class policies # Entities to which this policy will grant or deny access. class grant_to # @!group Optional parameters # Cloud identifier of a resource we want to reference, typically used when leveraging resources not managed by MU # # @return [String] attr_accessor :id # The short (internal Mu) name of a resource we're attempting to reference. Typically used when referring to a sibling resource elsewhere in the same deploy, or in another known Mu deploy in conjunction with +deploy_id+. # # @return [String] attr_accessor :name # **Must be one of: `folders, habitats, collections, databases, dnszones, firewall_rules, loadbalancers, servers, server_pools, vpcs, cache_clusters, alarms, notifiers, logs, storage_pools, functions, endpoints, container_clusters, search_domains, msg_queues, users, groups, roles, buckets, nosqldbs`** - # The resource type we're attempting to reference. # # @return [String] attr_accessor :type # Our target resource should be found in this Mu deploy. # # @return [String] attr_accessor :deploy_id # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # If the target resource supports tagging and our resource implementations +find+ method supports it, we can attempt to locate it by tag. # # @return [BasketofKittens::buckets::policies::grant_to::tag] # @see BasketofKittens::buckets::policies::grant_to::tag attr_accessor :tag # Reference a 'habitats' resource from this 'config' resource # # @return [BasketofKittens::buckets::policies::grant_to::habitat] # @see BasketofKittens::buckets::policies::grant_to::habitat attr_accessor :habitat # Alias for id # # @return [String] attr_accessor :identifier # @!endgroup end end end end class BasketofKittens class buckets class policies # +AWS+: One or more conditions under which to apply this policy. See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html class conditions # @!group Required parameters # **REQUIRED** - # +AWS+: A comparison to make, like +DateGreaterThan+ or +IpAddress+. # # @return [String] attr_accessor :comparison # **REQUIRED** - # +AWS+: The variable which we will compare, like +aws:CurrentTime+ or +aws:SourceIp+. # # @return [String] attr_accessor :variable # **REQUIRED** - # +AWS+: Value(s) to which we will compare our variable, like +2013-08-16T15:00:00Z+ or +192.0.2.0/24+. # # @return [Array] attr_accessor :values # @!endgroup end end end end class BasketofKittens class buckets # Policies which grant or deny permissions. class policies # @!group Required parameters # **REQUIRED** - # A unique name for this policy # # @return [String] attr_accessor :name # @!endgroup # @!group Optional parameters # **Default: `allow`**, # **Must be one of: `allow, deny`** # # @return [String] attr_accessor :flag # Permissions to grant or deny. Valid permission strings are cloud-specific. # # @return [Array] attr_accessor :permissions # Entities to which this policy will grant or deny access. # # @return [Array] # @see BasketofKittens::buckets::policies::targets attr_accessor :targets # Entities to which this policy will grant or deny access. # # @return [Array] # @see BasketofKittens::buckets::policies::grant_to attr_accessor :grant_to # +AWS+: One or more conditions under which to apply this policy. See also: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html # # @return [Array] # @see BasketofKittens::buckets::policies::conditions attr_accessor :conditions # @!endgroup end end end class BasketofKittens class buckets # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens # A simple storage bucket, like Google Cloud Storage or Amazon S3. # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # `Google`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class buckets # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Default: `false`** - # Enable object versioning on this bucket. # # @return [Boolean] attr_accessor :versioning # **Default: `false`** - # Enable web service on this bucket. # # @return [Boolean] attr_accessor :web # **Default: `error.html`** - # If +web_enabled+, return this object for error conditions (such as a +404+) supported by the cloud provider. # # @return [String] attr_accessor :web_error_object # **Default: `index.html`** - # If +web_enabled+, return this object when "diretory" (a path not ending in a key/object) is invoked. # # @return [String] attr_accessor :web_index_object # Policies which grant or deny permissions. # # @return [Array] # @see BasketofKittens::buckets::policies attr_accessor :policies # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::buckets::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **AWS ONLY**, # **Default: `private`**, # **Must be one of: `private, public-read, public-read-write, authenticated-read`** # # # @return [String] attr_accessor :acl # **AWS & GOOGLE ONLY**, # **Default: `STANDARD`**, # **Must be one of: `STANDARD, REDUCED_REDUNDANCY, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, MULTI_REGIONAL, REGIONAL, NEARLINE, COLDLINE, DURABLE_REDUCED_AVAILABILITY`** - # ## # # @return [String] attr_accessor :storage_class # **GOOGLE ONLY**, # **Default: `false`** - # +GOOGLE+: Disables object-level access controls in favor of bucket-wide policies # # @return [Boolean] attr_accessor :bucket_wide_acls # @!endgroup end end class BasketofKittens class nosqldbs # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. class dependencies # @!group Required parameters # **REQUIRED** # # @return [String] attr_accessor :name # **REQUIRED**, # **Must be one of: `folder, habitat, collection, database, dnszone, firewall_rule, loadbalancer, server, server_pool, vpc, cache_cluster, alarm, notifier, log, storage_pool, function, endpoint, container_cluster, search_domain, msg_queue, user, group, role, bucket, nosqldb`** # # @return [String] attr_accessor :type # @!endgroup # @!group Optional parameters # **Must be one of: `create, groom`** - # Which part of the creation process of the resource we depend on should we wait for before starting our own creation? Defaults are usually sensible, but sometimes you want, say, a Server to wait on another Server to be completely ready (through its groom phase) before starting up. # # @return [String] attr_accessor :phase # **Default: `false`** - # By default, it's assumed that we want to wait on our parents' creation phase, in addition to whatever is declared in this stanza. Setting this flag will bypass waiting on our parent resource's creation, so that our create or groom phase can instead depend only on the parent's groom phase. # # @return [Boolean] attr_accessor :no_create_wait # @!endgroup end end end class BasketofKittens class nosqldbs # Fields for data we'll be storing in this database, somewhat akin to SQL columns. Note that all attributes declared here must be a +primary_partition+, +primary_sort+, or named in a +secondary_index+. class attributes # @!group Optional parameters # **AWS ONLY** - # The name of this attribute # # @return [String] attr_accessor :name # **AWS ONLY**, # **Must be one of: `S, N, B`** - # The type of attribute; S = String, N = Number, B = Binary # # @return [String] attr_accessor :type # **AWS ONLY**, # **Default: `false`** # # @return [Boolean] attr_accessor :primary_partition # **AWS ONLY**, # **Default: `false`** # # @return [Boolean] attr_accessor :primary_sort # @!endgroup end end end class BasketofKittens class nosqldbs class secondary_indexes # The set of attributes to return for queries against this index. class projection # @!group Optional parameters # **AWS ONLY**, # **Default: `ALL`**, # **Must be one of: `ALL, KEYS_ONLY, INCLUDE`** # # @return [String] attr_accessor :type # **AWS ONLY** - # The name of an extra attribute to include in results for queries against this index # # @return [Array] attr_accessor :non_key_attributes # @!endgroup end end end end class BasketofKittens class nosqldbs class secondary_indexes # Define the key for this index, which most be composed of one or more declared +attributes+ for this table. See also: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SecondaryIndexes.html class key_schema # @!group Optional parameters # **AWS ONLY**, # **Must be one of: `HASH, RANGE`** # # @return [String] attr_accessor :type # **AWS ONLY** - # This must refer to a declared +attribute+ by name # # @return [String] attr_accessor :attribute # @!endgroup end end end end class BasketofKittens class nosqldbs # An index with a partition key and a sort key that can be different from those on the base table; queries on the index can span all of the data in the base table, across all partitions class secondary_indexes # @!group Required parameters # **REQUIRED**, # **AWS ONLY** - # A name for this index # # @return [String] attr_accessor :index_name # **REQUIRED** # **AWS ONLY** # The set of attributes to return for queries against this index. # # @return [BasketofKittens::nosqldbs::secondary_indexes::projection] # @see BasketofKittens::nosqldbs::secondary_indexes::projection attr_accessor :projection # **REQUIRED** # **AWS ONLY** # Define the key for this index, which most be composed of one or more declared +attributes+ for this table. See also: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SecondaryIndexes.html # # @return [Array] # @see BasketofKittens::nosqldbs::secondary_indexes::key_schema attr_accessor :key_schema # @!endgroup # @!group Optional parameters # **AWS ONLY**, # **Default: `global`**, # **Must be one of: `global, local`** - # Whether to create a global or local secondary index. See also: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/SecondaryIndexes.html # # @return [String] attr_accessor :type # **AWS ONLY** - # Provisioned read throughput. Only valid for global secondary indexes. Defaults to the read capacity of the whole table. # # @return [Integer] attr_accessor :read_capacity # **AWS ONLY** - # Provisioned write throughput. Only valid for global secondary indexes. Defaults to the read capacity of the whole table. # # @return [Integer] attr_accessor :write_capacity # @!endgroup end end end class BasketofKittens # A simple storage bucket, like Google Cloud Storage or Amazon S3. # # `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. class nosqldbs # @!group Optional parameters # # @return [String] attr_accessor :name # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # Internal use. # # @return [String] attr_accessor :virtual_name # Declare other objects which this resource requires. This resource will wait until the others are available to create itself. # # @return [Array] # @see BasketofKittens::nosqldbs::dependencies attr_accessor :dependencies # **Must be one of: `AWS, CloudFormation, Google, Azure`** # # @return [String] attr_accessor :cloud # **AWS ONLY** # Fields for data we'll be storing in this database, somewhat akin to SQL columns. Note that all attributes declared here must be a +primary_partition+, +primary_sort+, or named in a +secondary_index+. # # @return [Array] # @see BasketofKittens::nosqldbs::attributes attr_accessor :attributes # **AWS ONLY**, # **Default: `1`** - # +AWS+: Provisioned read throughput. See also: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html # # @return [Integer] attr_accessor :read_capacity # **AWS ONLY**, # **Default: `1`** - # +AWS+: Provisioned write throughput. See also: https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html # # @return [Integer] attr_accessor :write_capacity # **AWS ONLY**, # **Must be one of: `NEW_IMAGE, OLD_IMAGE, NEW_AND_OLD_IMAGES, KEYS_ONLY`** - # +AWS+: If specified, enables a streaming log of changes to this DynamoDB table. See also https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Streams.html # # @return [String] attr_accessor :stream # **AWS ONLY** # An index with a partition key and a sort key that can be different from those on the base table; queries on the index can span all of the data in the base table, across all partitions # # @return [Array] # @see BasketofKittens::nosqldbs::secondary_indexes attr_accessor :secondary_indexes # @!endgroup end end # A MU application stack, consisting of at least one resource. class BasketofKittens # @!group Required parameters # **REQUIRED** - # A name for your application stack. Should be short, but easy to differentiate from other applications. # # @return [String] attr_accessor :appname # **REQUIRED** # Administrative contacts for this application stack. Will be automatically set to invoking Mu user, if not specified. # # @return [Array] # @see BasketofKittens::admins attr_accessor :admins # @!endgroup # @!group Optional parameters # When 'cloud' is set to 'CloudFormation,' use this flag to strip out Mu-specific artifacts (tags, standard userdata, naming conventions, etc) to yield a clean, source-agnostic template. Setting this flag here will override declarations in individual resources. # # @return [Boolean] attr_accessor :scrub_mu_isms # **GOOGLE ONLY**: The project into which to deploy resources # # @return [String] attr_accessor :project # **GOOGLE ONLY**: Billing account ID to associate with a newly-created Google Project. If not specified, will attempt to locate a billing account associated with the default project for our credentials. # # @return [String] attr_accessor :billing_acct # **Must be one of: `us-east-1, ap-northeast-1, ap-northeast-2, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-2, us-west-1, us-west-2, asia-east1, asia-east2, asia-northeast1, asia-northeast2, asia-south1, asia-southeast1, australia-southeast1, europe-north1, europe-west1, europe-west2, europe-west3, europe-west4, europe-west6, northamerica-northeast1, southamerica-east1, us-central1, us-east1, us-east4, us-west1, us-west2, eastasia, southeastasia, centralus, eastus, eastus2, westus, northcentralus, southcentralus, northeurope, westeurope, japanwest, japaneast, brazilsouth, australiaeast, australiasoutheast, southindia, centralindia, westindia, canadacentral, canadaeast, uksouth, ukwest, westcentralus, westus2, koreacentral, koreasouth, francecentral, francesouth, australiacentral, australiacentral2, uaecentral, uaenorth, southafricanorth, southafricawest, switzerlandnorth, switzerlandwest, germanynorth, germanywestcentral, norwaywest, norwayeast`** # # @return [String] attr_accessor :region # Specify a non-default set of credentials to use when authenticating to cloud provider APIs, as listed in `mu.yaml` under each provider's subsection. If # # @return [String] attr_accessor :credentials # **Default: `false`** - # For resources which span regions, restrict to regions inside the United States # # @return [Boolean] attr_accessor :us_only # CloudFormation-specific. Define Conditions as in http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/conditions-section-structure.html. Arguments must use the cloudCode() macro. # # @return [Array] # @see BasketofKittens::conditions attr_accessor :conditions # Parameters to be substituted elsewhere in this Basket of Kittens as ERB variables (<%= varname %>) # # @return [Array] # @see BasketofKittens::parameters attr_accessor :parameters # Set up a cloud provider folder/OU for containing other account-level resources ## ## `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # @return [Array] # @see BasketofKittens::folders attr_accessor :folders # Generate a cloud habitat (AWS account, Google Cloud project, Azure Directory, etc) ## ## `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::habitats attr_accessor :habitats # Create an Amazon CloudFormation stack. ## ## `AWS`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::collections attr_accessor :collections # Create a dedicated database server. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::databases attr_accessor :databases # Create a DNS zone in Route 53. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::dnszones attr_accessor :dnszones # Create network-level access controls. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::firewall_rules attr_accessor :firewall_rules # Create Load Balancers ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::loadbalancers attr_accessor :loadbalancers # Create individual server instances. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::servers attr_accessor :servers # Create scalable pools of identical servers. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # @return [Array] # @see BasketofKittens::server_pools attr_accessor :server_pools # Create Virtual Private Clouds with custom public or private subnets. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::vpcs attr_accessor :vpcs # Create cache cluster(s). ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::cache_clusters attr_accessor :cache_clusters # Cloud platform monitoring alarms ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::alarms attr_accessor :alarms # A stub for inline resource that generate SNS notifications in AWS. This should really be expanded. ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::notifiers attr_accessor :notifiers # Log events using a cloud provider's log service. ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. ## ## `CloudFormation`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::logs attr_accessor :logs # Create a storage pool. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # @return [Array] # @see BasketofKittens::storage_pools attr_accessor :storage_pools # Create a cloud function. ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::functions attr_accessor :functions # Create a cloud API endpoint, e.g. Amazon API Gateway ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::endpoints attr_accessor :endpoints # Create a cluster of container hosts. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::container_clusters attr_accessor :container_clusters # Set up a cloud provider managed Elastic Search cluster. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # @return [Array] # @see BasketofKittens::search_domains attr_accessor :search_domains # Set up a cloud provider queueing service. ## ## `AWS`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. # # @return [Array] # @see BasketofKittens::msg_queues attr_accessor :msg_queues # Set up a cloud provider user or machine account ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::users attr_accessor :users # Set up a cloud provider group for containing accounts/groups ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. ## ## `Google`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::groups attr_accessor :groups # Set up a cloud provider role for mapping permissions to other entities ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. ## ## `Google`: This implementation is considered **RELEASE** quality. It covers all major API features and has been tested with real-world applications. ## ## `Azure`: This implementation is **ALPHA** quality. It is experimental, may be missing significant functionality, and has not been widely tested. # # @return [Array] # @see BasketofKittens::roles attr_accessor :roles # A simple storage bucket, like Google Cloud Storage or Amazon S3. ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. ## ## `Google`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::buckets attr_accessor :buckets # A simple storage bucket, like Google Cloud Storage or Amazon S3. ## ## `AWS`: This implementation is **BETA** quality. It is substantially complete, but may be missing some functionality or have some features which are untested. # # @return [Array] # @see BasketofKittens::nosqldbs attr_accessor :nosqldbs # @!endgroup end end end