bob/gemini-settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
gemini-settings/tmp/2315fccd1067c9601c4fd99b0ba64823b930e19a77654e5dd14adc8de804f888/chats/session-2026-01-22T18-00-073db49c.json

1019 lines
337 KiB
JSON
Raw Permalink Blame History

{
"sessionId": "073db49c-668a-4bbf-be79-c88c6188a84e",
"projectHash": "2315fccd1067c9601c4fd99b0ba64823b930e19a77654e5dd14adc8de804f888",
"startTime": "2026-01-22T18:01:59.725Z",
"lastUpdated": "2026-01-22T18:08:27.149Z",
"messages": [
{
"id": "1b74fcbd-39b0-4259-82d4-c2aa23f67b20",
"timestamp": "2026-01-22T18:01:59.725Z",
"type": "user",
"content": "Allow ecs cluster securty groups to access the normal ports on internal ALB"
},
{
"id": "886e768f-691c-4d14-be67-f678a9dfa970",
"timestamp": "2026-01-22T18:02:26.425Z",
"type": "gemini",
"content": "I will search for CloudFormation templates containing Security Group or Load Balancer definitions to identify where the changes should be made.",
"thoughts": [
{
"subject": "Identifying Configuration Sources",
"description": "I've located two potential CloudFormation templates: `mlcluster-vpc.template` and `mlcluster.template`. My next step is to examine their contents to pinpoint where the ECS cluster and ALB are defined. I'll need to identify which one handles security group rules, as I need to modify these to permit access to the standard ports on the internal ALB.",
"timestamp": "2026-01-22T18:02:12.675Z"
},
{
"subject": "Pinpointing Infrastructure Components",
"description": "I'm now shifting my focus to locate the relevant components within the user's project. Given the mention of an ECS cluster and an internal ALB, I'm initiating searches for \"ALB\", \"LoadBalancer\", \"SecurityGroup\", and \"ECS\" within the directory. This should reveal the infrastructure's configuration files, helping me pinpoint where security group modifications should be made to allow access to standard ports on the internal ALB. It seems the project primarily deals with MarkLogic, but there's a chance ECS is utilized.",
"timestamp": "2026-01-22T18:02:21.072Z"
},
{
"subject": "Searching Configuration Definitions",
"description": "I've decided to refine the search strategy. I'll search for \"AWS::EC2::SecurityGroup\" and \"AWS::ElasticLoadBalancingV2::LoadBalancer\" within the directory. This will help me quickly identify the CloudFormation templates or other configuration files that define the security groups and load balancers. After finding the definitions, I'll analyze how to modify the security group rules to allow access on \"normal ports.\" Simultaneously, I'm considering the possibility that \"normal ports\" refers to standard HTTP/HTTPS or MarkLogic-specific ports, given the context.",
"timestamp": "2026-01-22T18:02:26.153Z"
}
],
"tokens": {
"input": 18916,
"output": 56,
"cached": 0,
"thoughts": 526,
"tool": 0,
"total": 19498
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "search_file_content-1769104946411-bdf5b1e5822428",
"name": "search_file_content",
"args": {
"pattern": "AWS::EC2::SecurityGroup|AWS::ElasticLoadBalancingV2::LoadBalancer|ECS"
},
"result": [
{
"functionResponse": {
"id": "search_file_content-1769104946411-bdf5b1e5822428",
"name": "search_file_content",
"response": {
"output": "Found 40 matches for pattern \"AWS::EC2::SecurityGroup|AWS::ElasticLoadBalancingV2::LoadBalancer|ECS\" in path \".\":\n---\nFile: mlcluster-vpc.template\nL1267: Type: 'AWS::EC2::SecurityGroup'\nL1295: Type: 'AWS::EC2::SecurityGroupIngress'\nL1305: Type: 'AWS::EC2::SecurityGroup'\nL1617: Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n---\nFile: mlcmd/scripts/init-volume.xsh\nL105: _specs=<[ fn:tokenize($_SPEC, ':') ]>\nL106: message \"After tokenization: Specification = $_specs \"\nL107: if [ -n \"${_specs[1]}\" ]; then\nL110: if [ -n \"${_specs[2]}\" ]; then\nL113: if [ -n \"${_specs[4]}\" ]; then\nL116: if [ -n \"${_specs[4]}\" ] && [ -n \"${_specs[5]}\" ] && [ \"${_specs[4]}\" = 'io1' ]; then\nL119: if [ -n \"${_specs[4]}\" ] && [ -n \"${_specs[5]}\" ] && [ \"${_specs[4]}\" = 'gp3' ]; then\nL123: if [ -n \"${_specs[4]}\" ] && [ -n \"${_specs[6]}\" ] && [ \"${_specs[4]}\" = 'gp3' ]; then\nL137: $_snapshot_id ${_specs[1]} \\\nL138: $_size ${_specs[2]} \\\nL139: $_volume_type ${_specs[4]} \\\nL140: $_iops ${_specs[5]} \\\nL141: $_throughput ${_specs[6]} \\\n---\nFile: templates/ml-endpoint.template\nL38: Type: \"AWS::EC2::SecurityGroup::Id\"\n---\nFile: templates/ml-vpc.template\nL268: Type: 'AWS::EC2::SecurityGroup'\nL279: Type: 'AWS::EC2::SecurityGroupIngress'\n---\nFile: Makefile\nL17: mkdir -p $(RPMBUILD_DIR)/{BUILD,RPMS,SOURCES,SPECS,SRPMS}\nL20: # Copy the spec file to the SPECS directory\nL21: cp marklogic-mlcmd.spec $(RPMBUILD_DIR)/SPECS/\nL26: -ba $(RPMBUILD_DIR)/SPECS/$(PACKAGE_NAME).spec\n---\nFile: mlcluster.template\nL36: - ECSSecurityGroup\nL97: ECSSecurityGroup:\nL98: default: the security group the ecs cluster is in\nL793: ECSSecurityGroup:\nL794: Description: the security group the ECS cluster is in\nL795: Type: 'AWS::EC2::SecurityGroup::Id'\nL1235: Type: 'AWS::EC2::SecurityGroup'\nL1272: Type: 'AWS::EC2::SecurityGroupIngress'\nL1282: Type: 'AWS::EC2::SecurityGroup'\nL1284: GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\nL1290: SourceSecurityGroupId: !Ref ECSSecurityGroup\nL1294: SourceSecurityGroupId: !Ref ECSSecurityGroup\nL1298: SourceSecurityGroupId: !Ref ECSSecurityGroup\nL1300: Type: 'AWS::EC2::SecurityGroup'\nL1611: Type: AWS::ElasticLoadBalancingV2::LoadBalancer\nL1970: Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n---"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:02:26.835Z",
"resultDisplay": "Found 40 matches",
"displayName": "SearchText",
"description": "FAST, optimized search powered by `ripgrep`. PREFERRED over standard `run_shell_command(\"grep ...\")` due to better performance and automatic output limiting (max 20k matches).",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "7418c7c2-e529-4341-a358-cfadf3c11f12",
"timestamp": "2026-01-22T18:02:35.423Z",
"type": "gemini",
"content": "I will read the `mlcluster.template` file to understand the current security group configuration for the ECS cluster and the internal ALB.",
"thoughts": [
{
"subject": "Examining the Relevant Code",
"description": "I've been poring over the search results, and it seems that `mlcluster.template` is where the action is. I've pinpointed the `ECSSecurity Group` parameter definition, in particular, lines 97-98, and then found a matching security group definition that seems to allow access from that group (lines 1282-1298).",
"timestamp": "2026-01-22T18:02:30.906Z"
},
{
"subject": "Inspecting the Resources",
"description": "I'm deep in `mlcluster.template` again, focusing on the Security Group definitions. I've noted the typo, \"clsuter,\" and am digging into lines 1282-1298 to understand the existing ECS access rules. My immediate goal is to understand what \"normal ports\" mean in this context and whether the existing configuration addresses them or needs adjustments. I'm especially interested in ports 8000, 8001, and 8002, common MarkLogic ports.",
"timestamp": "2026-01-22T18:02:35.166Z"
}
],
"tokens": {
"input": 13105,
"output": 46,
"cached": 0,
"thoughts": 315,
"tool": 0,
"total": 13466
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769104955419-3a74d7246b2cb8",
"name": "read_file",
"args": {
"file_path": "mlcluster.template",
"offset": 1280,
"limit": 100
},
"result": [
{
"functionResponse": {
"id": "read_file-1769104955419-3a74d7246b2cb8",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1281-1380 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 1380.\n\n--- FILE CONTENT (truncated) ---\n InternalElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume1\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeA#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=1\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:02:35.444Z",
"resultDisplay": "Read lines 1281-1380 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "78cf01fc-3c17-4fcf-9aa9-11b57de8a322",
"timestamp": "2026-01-22T18:02:49.238Z",
"type": "gemini",
"content": "I will search for usage of `InternalElbSecurityGroup` within `mlcluster.template` to confirm it is attached to a Load Balancer that uses standard web ports (80/443).",
"thoughts": [
{
"subject": "Reviewing Security Groups",
"description": "I'm focused on the security group configuration within the `mlcluster.template` file. I've noted the `InternalElbSecurityGroup` resource and its current ingress rules. Specifically, the traffic allowed from the `ECSSecurityGroup` on ports 7998, 8000-8011, and 7997 (TCP). I'm now examining this against the request to allow the ECS cluster security groups access to the normal ports.",
"timestamp": "2026-01-22T18:02:41.597Z"
},
{
"subject": "Analyzing Port Requirements",
"description": "I've determined that \"normal ports\" likely refers to ports 80 and 443 for HTTP and HTTPS traffic. Therefore, my next action is to add these to the `InternalElbSecurityGroup` ingress rules within the `mlcluster.template` file. I'm referencing the existing rule structure to ensure proper formatting and integration of the new port configurations.",
"timestamp": "2026-01-22T18:02:47.988Z"
},
{
"subject": "Identifying ALB Connectivity",
"description": "I'm now focused on the context of the `InternalElbSecurityGroup`. I need to confirm its association with an Application Load Balancer (ALB) that handles standard web traffic. Therefore, I will search for instances where `InternalElbSecurityGroup` is used within the `mlcluster.template` file. This will help determine if the proposed additions to the ingress rules are accurate and appropriate for the intended functionality of the load balancer.",
"timestamp": "2026-01-22T18:02:48.953Z"
}
],
"tokens": {
"input": 14097,
"output": 59,
"cached": 12186,
"thoughts": 610,
"tool": 0,
"total": 14766
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "search_file_content-1769104969234-ad10c2a562428",
"name": "search_file_content",
"args": {
"pattern": "InternalElbSecurityGroup"
},
"result": [
{
"functionResponse": {
"id": "search_file_content-1769104969234-ad10c2a562428",
"name": "search_file_content",
"response": {
"output": "Found 7 matches for pattern \"InternalElbSecurityGroup\" in path \".\":\n---\nFile: mlcluster.template\nL1258: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1262: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1266: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1270: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1281: InternalElbSecurityGroup:\nL1972: - InternalElbSecurityGroup\nL1976: - !Ref InternalElbSecurityGroup\n---"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:02:49.284Z",
"resultDisplay": "Found 7 matches",
"displayName": "SearchText",
"description": "FAST, optimized search powered by `ripgrep`. PREFERRED over standard `run_shell_command(\"grep ...\")` due to better performance and automatic output limiting (max 20k matches).",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "bc5596d5-6bab-4ef8-8192-072f946f5c31",
"timestamp": "2026-01-22T18:03:02.742Z",
"type": "gemini",
"content": "I will read the `mlcluster.template` file around line 1970 to inspect the `AWS::ElasticLoadBalancingV2::LoadBalancer` resource and its listeners to confirm the ports in use.",
"thoughts": [
{
"subject": "Inspecting the Resources",
"description": "I'm currently focused on the AWS::ElasticLoadBalancingV2::LoadBalancer resource. My investigation led me to line 1970 of mlcluster.template. It looks like `InternalElbSecurityGroup` is a key property of this resource. I'm now exploring how this security group is being utilized.",
"timestamp": "2026-01-22T18:03:02.488Z"
},
{
"subject": "Examining the Dependencies",
"description": "I've determined that `InternalElbSecurityGroup` is a property of `AWS::ElasticLoadBalancingV2::LoadBalancer`, which confirms the initial findings. Currently, I am analyzing the Load Balancer's Listeners, focusing on the ports utilized. This step should reveal crucial information about the service's accessibility.",
"timestamp": "2026-01-22T18:03:02.489Z"
}
],
"tokens": {
"input": 14299,
"output": 64,
"cached": 11835,
"thoughts": 149,
"tool": 0,
"total": 14512
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769104982735-35785bf0f34058",
"name": "read_file",
"args": {
"offset": 1970,
"file_path": "mlcluster.template",
"limit": 100
},
"result": [
{
"functionResponse": {
"id": "read_file-1769104982735-35785bf0f34058",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1971-2027 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 2027.\n\n--- FILE CONTENT (truncated) ---\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:03:02.764Z",
"resultDisplay": "Read lines 1971-2027 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "37a70f53-9ad9-42aa-b593-91b965a32b96",
"timestamp": "2026-01-22T18:03:10.673Z",
"type": "gemini",
"content": "I will read `mlcluster.template` around line 1960 to confirm the logical ID of the Load Balancer defined near line 1970.",
"thoughts": [
{
"subject": "Considering Port Access",
"description": "I've been analyzing the network listeners and noticed `MarklogicInternal8011Listener` active on port 8011. Currently, ports 80 and 443 don't appear in the truncated output. The core of my focus right now is understanding the user's need for ECS cluster security group access to standard ports, given the initial findings.",
"timestamp": "2026-01-22T18:03:07.050Z"
},
{
"subject": "Verifying Listener Configurations",
"description": "I'm now investigating the potential existence of listeners on ports 80 and 443, despite not finding them initially. I'm focusing on the `AWS::ElasticLoadBalancingV2::Listener` resources associated with the internal ALB. My current approach involves inspecting the logical ID of the load balancer and reviewing the associated listener configurations, as this will clarify if 80 and 443 listeners are defined.",
"timestamp": "2026-01-22T18:03:10.431Z"
}
],
"tokens": {
"input": 15021,
"output": 54,
"cached": 11886,
"thoughts": 227,
"tool": 0,
"total": 15302
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769104990672-ea19ac88d30a78",
"name": "read_file",
"args": {
"limit": 20,
"file_path": "mlcluster.template",
"offset": 1960
},
"result": [
{
"functionResponse": {
"id": "read_file-1769104990672-ea19ac88d30a78",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1961-1980 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 1980.\n\n--- FILE CONTENT (truncated) ---\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:03:10.690Z",
"resultDisplay": "Read lines 1961-1980 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "3d7d131e-b926-4a31-a928-419340f42a04",
"timestamp": "2026-01-22T18:03:15.012Z",
"type": "gemini",
"content": "I will search for `LoadBalancerArn: !Ref InternalAlb` in `mlcluster.template` to identify all listeners attached to the internal load balancer.",
"thoughts": [
{
"subject": "Defining the Target",
"description": "Okay, I've confirmed that the logical ID for the target is indeed `InternalAlb`. My next step is to locate all associated listeners. I plan to use `LoadBalancerArn: !Ref InternalAlb` to identify these listeners.",
"timestamp": "2026-01-22T18:03:14.792Z"
}
],
"tokens": {
"input": 15361,
"output": 51,
"cached": 14762,
"thoughts": 34,
"tool": 0,
"total": 15446
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "search_file_content-1769104995010-27f30da7907728",
"name": "search_file_content",
"args": {
"pattern": "LoadBalancerArn: !Ref InternalAlb"
},
"result": [
{
"functionResponse": {
"id": "search_file_content-1769104995010-27f30da7907728",
"name": "search_file_content",
"response": {
"output": "Found 1 match for pattern \"LoadBalancerArn: !Ref InternalAlb\" in path \".\":\n---\nFile: mlcluster.template\nL2017: LoadBalancerArn: !Ref InternalAlb\n---"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:03:15.068Z",
"resultDisplay": "Found 1 match",
"displayName": "SearchText",
"description": "FAST, optimized search powered by `ripgrep`. PREFERRED over standard `run_shell_command(\"grep ...\")` due to better performance and automatic output limiting (max 20k matches).",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "421f94f0-2467-45d6-ab45-35bd7067602f",
"timestamp": "2026-01-22T18:03:34.597Z",
"type": "gemini",
"content": "I will add ingress rules for ports 80 and 443 to the `InternalElbSecurityGroup` in `mlcluster.template` to allow access from the ECS cluster, satisfying the request for \"normal ports\".",
"thoughts": [
{
"subject": "Refining Identification of Match",
"description": "I've located another instance of `MarklogicInternal8011Listener`, this time at line 2017. Previously, I had noted it around that line. Further analysis shows it's associated with a \"MultiZone\" condition within an AWS resource definition.",
"timestamp": "2026-01-22T18:03:22.932Z"
},
{
"subject": "Clarifying Listener Intentions",
"description": "Now, I'm examining the security group rules and how they relate to the listener. It seems the group permits traffic on ports 7998, 8000-8011, and 7997, all originating from `ECSSecurityGroup`. This is interesting; I'm trying to determine why they'd open up 8011 only. Perhaps more listeners will be created later.",
"timestamp": "2026-01-22T18:03:27.363Z"
},
{
"subject": "Defining Proposed Modifications",
"description": "I've confirmed the `InternalElbSecurityGroup` resource in `mlcluster.template` is the target. The current configuration already includes ingress rules, but notably *not* for ports 80 and 443. I'm now crafting the `replace` call to add ingress rules for these standard ports, ensuring proper indentation to maintain the YAML structure's integrity.",
"timestamp": "2026-01-22T18:03:28.836Z"
},
{
"subject": "Constructing Replacement YAML",
"description": "I'm now formulating the replacement YAML based on the user's intent to enable access via ports 80 and 443. The existing ingress rules in `InternalElbSecurityGroup` are being used as a template, and I will be appending the new rules to maintain structure. I'm focusing on the correct indentation to integrate these new rules. I'm confirming that this is definitely the right place based on the resource description and the user's instructions.",
"timestamp": "2026-01-22T18:03:34.350Z"
}
],
"tokens": {
"input": 15460,
"output": 428,
"cached": 14745,
"thoughts": 818,
"tool": 0,
"total": 16706
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "replace-1769105014594-6aa408750421b8",
"name": "replace",
"args": {
"new_string": " - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '80'\n ToPort: '80'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '443'\n ToPort: '443'\n SourceSecurityGroupId: !Ref ECSSecurityGroup",
"old_string": " - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup",
"file_path": "/Users/bob/git/dxw/marklogic-cf-templates/mlcluster.template",
"instruction": "Add ingress rules for ports 80 and 443 (HTTP/HTTPS) to InternalElbSecurityGroup to allow access from the ECS cluster."
},
"result": [
{
"functionResponse": {
"id": "replace-1769105014594-6aa408750421b8",
"name": "replace",
"response": {
"error": "[Operation Cancelled] Reason: User cancelled the operation."
}
}
}
],
"status": "cancelled",
"timestamp": "2026-01-22T18:04:04.151Z",
"resultDisplay": {
"fileDiff": "Index: mlcluster.template\n===================================================================\n--- mlcluster.template\tCurrent\n+++ mlcluster.template\tProposed\n@@ -1296,6 +1296,14 @@\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n+ - IpProtocol: tcp\n+ FromPort: '80'\n+ ToPort: '80'\n+ SourceSecurityGroupId: !Ref ECSSecurityGroup\n+ - IpProtocol: tcp\n+ FromPort: '443'\n+ ToPort: '443'\n+ SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n",
"fileName": "mlcluster.template",
"originalContent": "AWSTemplateFormatVersion: 2010-09-09\nDescription: Deploy a MarkLogic Cluster on AWS in existing VPC (Virtual Private Cloud).\nMetadata:\n version: 12.0.1\n binary: MarkLogic-12.0.1-rhel.x86_64.rpm\n AWS::CloudFormation::Interface:\n ParameterGroups:\n - Label:\n default: \"Resource Configuration\"\n Parameters:\n - IAMRole\n - VolumeSize\n - VolumeType\n - VolumeIOPS\n - VolumeThroughput\n - VolumeEncryption\n - VolumeEncryptionKey\n - InstanceType\n - SpotPrice\n - KeyName\n - NumberOfZones\n - NodesPerZone\n - AZ\n - LogSNS\n - Label:\n default: \"Network Configuration\"\n Parameters:\n - VPC\n - PublicSubnet1\n - PublicSubnet2\n - PublicSubnet3\n - PrivateSubnet1\n - PrivateSubnet2\n - PrivateSubnet3\n - ExternalAccessCidrIP\n - ECSSecurityGroup\n - Label:\n default: \"MarkLogic Configuration\"\n Parameters:\n - AdminUser\n - AdminPass\n - Licensee\n - LicenseKey\n ParameterLabels:\n AdminUser:\n default: Admin User\n AdminPass:\n default: Admin password\n Licensee:\n default: Licensee\n LicenseKey:\n default: License Key\n IAMRole:\n default: IAM Role\n LogSNS:\n default: Logging SNS ARN\n VolumeSize:\n default: Volume Size\n VolumeType:\n default: Volume Type\n VolumeIOPS:\n default: Volume Iops\n VolumeThroughput:\n default: Volume Throughput\n VolumeEncryption:\n default: Volume Encryption\n VolumeEncryptionKey:\n default: Volume Encryption Key ARN\n InstanceType:\n default: Instance Type\n SpotPrice:\n default: Spot Price\n KeyName:\n default: SSH Key Name\n NumberOfZones:\n default: Number of Zones\n NodesPerZone:\n default: Nodes per Zone\n AZ:\n default: Availability Zone\n VPC:\n default: VPC\n PublicSubnet1:\n default: Public Subnet 1\n PublicSubnet2:\n default: Public Subnet 2\n PublicSubnet3:\n default: Public Subnet 3\n PrivateSubnet1:\n default: Private Subnet 1\n PrivateSubnet2:\n default: Private Subnet 2\n PrivateSubnet3:\n default: Private Subnet 3\n ExternalAccessCidrIP:\n default: External IP address range for access to admin site\n ECSSecurityGroup:\n default: the security group the ecs cluster is in\nParameters:\n # resource configuration\n IAMRole:\n Description: IAM Role\n Type: String\n VolumeSize:\n Description: The EBS Data volume size (GB) for all nodes\n Type: Number\n MinValue: '10'\n MaxValue: '1000'\n Default: '50'\n VolumeType:\n Description: The EBS Data volume Type\n Type: String\n AllowedValues:\n - standard\n - gp2\n - gp3\n Default: gp3\n VolumeIOPS:\n Description: The number of I/O operations per second for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '3000'\n MaxValue: '16000'\n Default: '3000'\n VolumeThroughput:\n Description: The throughput to provision for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '125'\n MaxValue: '1000'\n Default: '125'\n VolumeEncryption:\n Description: Whether to enable volume encryption\n Type: String\n AllowedValues:\n - enable\n - disable\n Default: enable\n VolumeEncryptionKey:\n Description: The key ID of AWS KMS key to encrypt volumes - Optional\n Type: String\n Default: \"\"\n InstanceType:\n Description: Type of EC2 instance to launch\n Type: String\n Default: r5.4xlarge\n AllowedValues:\n - ---- Pay-As-You-Go and Bring-Your-Own-License ----\n - c3.xlarge\n - c3.2xlarge\n - c3.4xlarge\n - c3.8xlarge\n - c4.xlarge\n - c4.2xlarge\n - c4.4xlarge\n - c4.8xlarge\n - c5.xlarge\n - c5.2xlarge\n - c5.4xlarge\n - c5.9xlarge\n - c5.12xlarge\n - c5.18xlarge\n - c5.24xlarge\n - c5a.xlarge\n - c5a.2xlarge\n - c5a.4xlarge\n - c5a.8xlarge\n - c5a.12xlarge\n - c5a.16xlarge\n - c5a.24xlarge\n - c5ad.xlarge\n - c5ad.2xlarge\n - c5ad.4xlarge\n - c5ad.8xlarge\n - c5ad.12xlarge\n - c5ad.16xlarge\n - c5ad.24xlarge\n - c5d.xlarge\n - c5d.2xlarge\n - c5d.4xlarge\n - c5d.9xlarge\n - c5d.12xlarge\n - c5d.18xlarge\n - c5d.24xlarge\n - c5n.xlarge\n - c5n.2xlarge\n - c5n.4xlarge\n - c5n.9xlarge\n - c5n.18xlarge\n - c6a.xlarge\n - c6a.2xlarge\n - c6a.4xlarge\n - c6a.8xlarge\n - c6a.12xlarge\n - c6a.16xlarge\n - c6a.24xlarge\n - c6a.32xlarge\n - c6a.48xlarge\n - c6i.xlarge\n - c6i.2xlarge\n - c6i.4xlarge\n - c6i.8xlarge\n - c6i.12xlarge\n - c6i.16xlarge\n - c6i.24xlarge\n - c6i.32xlarge\n - c6id.xlarge\n - c6id.2xlarge\n - c6id.4xlarge\n - c6id.8xlarge\n - c6id.12xlarge\n - c6id.16xlarge\n - c6id.24xlarge\n - c6id.32xlarge\n - c7i.xlarge\n - c7i.2xlarge\n - c7i.4xlarge\n - c7i.8xlarge\n - c7i.12xlarge\n - c7i.16xlarge\n - c7i.24xlarge\n - c7i.48xlarge\n - c7i-flex.xlarge\n - c7i-flex.2xlarge\n - c7i-flex.4xlarge\n - c7i-flex.8xlarge\n - c7i-flex.12xlarge\n - c7i-flex.16xlarge\n - c7a.xlarge\n - c7a.2xlarge\n - c7a.4xlarge\n - c7a.8xlarge\n - c7a.12xlarge\n - c7a.16xlarge\n - c7a.24xlarge\n - c7a.32xlarge\n - c7a.48xlarge\n - c8i.xlarge\n - c8i.2xlarge\n - c8i.4xlarge\n - c8i.8xlarge\n - c8i.12xlarge\n - c8i.16xlarge\n - c8i.24xlarge\n - c8i.32xlarge\n - c8i.48xlarge\n - c8i.96xlarge\n - c8i-flex.xlarge\n - c8i-flex.2xlarge\n - c8i-flex.4xlarge\n - c8i-flex.8xlarge\n - c8i-flex.12xlarge\n - c8i-flex.16xlarge\n - i2.2xlarge\n - i2.4xlarge\n - i2.8xlarge\n - i2.xlarge\n - i3.xlarge\n - i3.2xlarge\n - i3.4xlarge\n - i3.8xlarge\n - i3.16xlarge\n - i3en.xlarge\n - i3en.2xlarge\n - i3en.3xlarge\n - i3en.6xlarge\n - i3en.12xlarge\n - i3en.24xlarge\n - i4i.xlarge\n - i4i.2xlarge\n - i4i.4xlarge\n - i4i.8xlarge\n - i4i.12xlarge\n - i4i.16xlarge\n - i4i.24xlarge\n - i4i.32xlarge\n - i7ie.xlarge\n - i7ie.2xlarge\n - i7ie.3xlarge\n - i7ie.6xlarge\n - i7ie.12xlarge\n - i7ie.18xlarge\n - i7ie.24xlarge\n - i7ie.48xlarge\n - m3.xlarge\n - m3.2xlarge\n - m4.xlarge\n - m4.2xlarge\n - m4.4xlarge\n - m4.10xlarge\n - m4.16xlarge\n - m5.xlarge\n - m5.2xlarge\n - m5.4xlarge\n - m5.8xlarge\n - m5.12xlarge\n - m5.16xlarge\n - m5.24xlarge\n - m5a.xlarge\n - m5a.2xlarge\n - m5a.4xlarge\n - m5a.8xlarge\n - m5a.12xlarge\n - m5a.16xlarge\n - m5a.24xlarge\n - m5d.xlarge\n - m5d.2xlarge\n - m5d.4xlarge\n - m5d.8xlarge\n - m5d.16xlarge\n - m5d.12xlarge\n - m5d.24xlarge\n - m5ad.xlarge\n - m5ad.2xlarge\n - m5ad.4xlarge\n - m5ad.8xlarge\n - m5ad.12xlarge\n - m5ad.16xlarge\n - m5ad.24xlarge\n - m5zn.xlarge\n - m5zn.2xlarge\n - m5zn.3xlarge\n - m5zn.6xlarge\n - m5zn.12xlarge\n - m5n.xlarge\n - m5n.2xlarge\n - m5n.4xlarge\n - m5n.8xlarge\n - m5n.12xlarge\n - m5n.16xlarge\n - m5n.24xlarge\n - m5dn.xlarge\n - m5dn.2xlarge\n - m5dn.4xlarge\n - m5dn.8xlarge\n - m5dn.12xlarge\n - m5dn.16xlarge\n - m5dn.24xlarge\n - m6a.xlarge\n - m6a.2xlarge\n - m6a.4xlarge\n - m6a.8xlarge\n - m6a.12xlarge\n - m6a.16xlarge\n - m6a.24xlarge\n - m6a.32xlarge\n - m6a.48xlarge\n - m6i.xlarge\n - m6i.2xlarge\n - m6i.4xlarge\n - m6i.8xlarge\n - m6i.12xlarge\n - m6i.16xlarge\n - m6i.24xlarge\n - m6i.32xlarge\n - m6id.xlarge\n - m6id.2xlarge\n - m6id.4xlarge\n - m6id.8xlarge\n - m6id.12xlarge\n - m6id.16xlarge\n - m6id.24xlarge\n - m6id.32xlarge\n - m7i.xlarge\n - m7i.2xlarge\n - m7i.4xlarge\n - m7i.8xlarge\n - m7i.12xlarge\n - m7i.16xlarge\n - m7i.24xlarge\n - m7i.48xlarge\n - m7i-flex.xlarge\n - m7i-flex.2xlarge\n - m7i-flex.4xlarge\n - m7i-flex.8xlarge\n - m7i-flex.12xlarge\n - m7i-flex.16xlarge\n - m7a.xlarge\n - m7a.2xlarge\n - m7a.4xlarge\n - m7a.8xlarge\n - m7a.12xlarge\n - m7a.16xlarge\n - m7a.24xlarge\n - m7a.32xlarge\n - m7a.48xlarge\n - m8a.xlarge\n - m8a.2xlarge\n - m8a.4xlarge\n - m8a.8xlarge\n - m8a.12xlarge\n - m8a.16xlarge\n - m8a.24xlarge\n - m8a.48xlarge\n - m8i.xlarge\n - m8i.2xlarge\n - m8i.4xlarge\n - m8i.8xlarge\n - m8i.12xlarge\n - m8i.16xlarge\n - m8i.24xlarge\n - m8i.32xlarge\n - m8i.48xlarge\n - m8i.96xlarge\n - m8i-flex.xlarge\n - m8i-flex.2xlarge\n - m8i-flex.4xlarge\n - m8i-flex.8xlarge\n - m8i-flex.12xlarge\n - m8i-flex.16xlarge\n - r3.xlarge\n - r3.2xlarge\n - r3.4xlarge\n - r3.8xlarge\n - r4.xlarge\n - r4.2xlarge\n - r4.4xlarge\n - r4.8xlarge\n - r4.16xlarge\n - r5.xlarge\n - r5.2xlarge\n - r5.4xlarge\n - r5.8xlarge\n - r5.12xlarge\n - r5.16xlarge\n - r5.24xlarge\n - r5a.xlarge\n - r5a.2xlarge\n - r5a.4xlarge\n - r5a.8xlarge\n - r5a.12xlarge\n - r5a.16xlarge\n - r5a.24xlarge\n - r5ad.xlarge\n - r5ad.2xlarge\n - r5ad.4xlarge\n - r5ad.8xlarge\n - r5ad.12xlarge\n - r5ad.16xlarge\n - r5ad.24xlarge\n - r5b.xlarge\n - r5b.2xlarge\n - r5b.4xlarge\n - r5b.8xlarge\n - r5b.12xlarge\n - r5b.16xlarge\n - r5b.24xlarge\n - r5d.xlarge\n - r5d.2xlarge\n - r5d.4xlarge\n - r5d.8xlarge\n - r5d.12xlarge\n - r5d.16xlarge\n - r5d.24xlarge\n - r5dn.xlarge\n - r5dn.2xlarge\n - r5dn.4xlarge\n - r5dn.8xlarge\n - r5dn.12xlarge\n - r5dn.16xlarge\n - r5dn.24xlarge\n - r5n.xlarge\n - r5n.2xlarge\n - r5n.4xlarge\n - r5n.8xlarge\n - r5n.12xlarge\n - r5n.16xlarge\n - r5n.24xlarge\n - r6a.xlarge\n - r6a.2xlarge\n - r6a.4xlarge\n - r6a.8xlarge\n - r6a.12xlarge\n - r6a.16xlarge\n - r6a.24xlarge\n - r6a.32xlarge\n - r6a.48xlarge\n - r6i.xlarge\n - r6i.2xlarge\n - r6i.4xlarge\n - r6i.8xlarge\n - r6i.12xlarge\n - r6i.16xlarge\n - r6i.24xlarge\n - r6i.32xlarge\n - r6id.xlarge\n - r6id.2xlarge\n - r6id.4xlarge\n - r6id.8xlarge\n - r6id.12xlarge\n - r6id.16xlarge\n - r6id.24xlarge\n - r6id.32xlarge\n - r7i.xlarge\n - r7i.2xlarge\n - r7i.4xlarge\n - r7i.8xlarge\n - r7i.12xlarge\n - r7i.16xlarge\n - r7i.24xlarge\n - r7i.48xlarge\n - r7iz.xlarge\n - r7iz.2xlarge\n - r7iz.4xlarge\n - r7iz.8xlarge\n - r7iz.12xlarge\n - r7iz.16xlarge\n - r7iz.32xlarge\n - r7a.xlarge\n - r7a.2xlarge\n - r7a.4xlarge\n - r7a.8xlarge\n - r7a.12xlarge\n - r7a.16xlarge\n - r7a.24xlarge\n - r7a.32xlarge\n - r7a.48xlarge\n - r8a.xlarge\n - r8a.2xlarge\n - r8a.4xlarge\n - r8a.8xlarge\n - r8a.12xlarge\n - r8a.16xlarge\n - r8a.24xlarge\n - r8a.48xlarge\n - r8i.xlarge\n - r8i.2xlarge\n - r8i.4xlarge\n - r8i.8xlarge\n - r8i.12xlarge\n - r8i.16xlarge\n - r8i.24xlarge\n - r8i.32xlarge\n - r8i.48xlarge\n - r8i.96xlarge\n - r8i-flex.xlarge\n - r8i-flex.2xlarge\n - r8i-flex.4xlarge\n - r8i-flex.8xlarge\n - r8i-flex.12xlarge\n - r8i-flex.16xlarge\n - x1.16xlarge\n - x1.32xlarge\n - x1e.xlarge\n - x1e.2xlarge\n - x1e.4xlarge\n - x1e.8xlarge\n - x1e.16xlarge\n - x1e.32xlarge\n - x2idn.16xlarge\n - x2idn.24xlarge\n - x2idn.32xlarge\n - x2iedn.xlarge\n - x2iedn.2xlarge\n - x2iedn.4xlarge\n - x2iedn.8xlarge\n - x2iedn.16xlarge\n - x2iedn.24xlarge\n - x2iedn.32xlarge\n - x2iezn.2xlarge\n - x2iezn.4xlarge\n - x2iezn.6xlarge\n - x2iezn.8xlarge\n - x2iezn.12xlarge\n - d2.xlarge\n - d2.2xlarge\n - d2.4xlarge\n - d2.8xlarge\n - d3.xlarge\n - d3.2xlarge\n - d3.4xlarge\n - d3.8xlarge\n - d3en.xlarge\n - d3en.2xlarge\n - d3en.4xlarge\n - d3en.6xlarge\n - d3en.8xlarge\n - d3en.12xlarge\n - dl1.24xlarge\n - h1.2xlarge\n - h1.4xlarge\n - h1.8xlarge\n - h1.16xlarge\n - inf1.xlarge\n - inf1.2xlarge\n - inf1.6xlarge\n - inf1.24xlarge\n - trn1.2xlarge\n - trn1.32xlarge\n - u-3tb1.56xlarge\n - u-6tb1.56xlarge\n - u-6tb1.112xlarge\n - u-9tb1.112xlarge\n - u-12tb1.112xlarge\n - u-18tb1.112xlarge\n - vt1.3xlarge\n - vt1.6xlarge\n - vt1.24xlarge\n - z1d.xlarge\n - z1d.2xlarge\n - z1d.3xlarge\n - z1d.6xlarge\n - z1d.12xlarge\n - -------------- Bring-Your-Own-License Only --------------\n - c3.large\n - c4.large\n - c5.metal\n - c5.large\n - c5a.large\n - c5ad.large\n - c5d.metal\n - c5d.large\n - c5n.large\n - c5n.metal\n - c6a.large\n - c6a.metal\n - c6i.large\n - c6i.metal\n - c6id.large\n - c6id.metal\n - c7i.large\n - c7i.metal-24xl\n - c7i.metal-48xl\n - c7i-flex.large\n - c7a.medium\n - c7a.large\n - c7a.metal-48xl\n - c8i.large\n - c8i.metal-48xl\n - c8i.metal-96xl\n - c8i-flex.large\n - i3.large\n - i3.metal\n - i3en.large\n - i3en.metal\n - i4i.large\n - i4i.metal\n - i7ie.large\n - i7ie.metal-24xl\n - i7ie.metal-48xl\n - m3.large\n - m3.medium\n - m4.large\n - m5.metal\n - m5.large\n - m5a.large\n - m5ad.large\n - m5d.metal\n - m5d.large\n - m5zn.large\n - m5zn.metal\n - m5n.large\n - m5n.metal\n - m5dn.large\n - m5dn.metal\n - m6a.large\n - m6a.metal\n - m6i.large\n - m6i.metal\n - m6id.large\n - m6id.metal\n - m7i.large\n - m7i.metal-24xl\n - m7i.metal-48xl\n - m7i-flex.large\n - m7a.medium\n - m7a.large\n - m7a.metal-48xl\n - m8a.medium\n - m8a.large\n - m8a.metal-24xl\n - m8a.metal-48xl\n - m8i.large\n - m8i.metal-48xl\n - m8i.metal-96xl\n - m8i-flex.large\n - r3.large\n - r4.large\n - r5.metal\n - r5.large\n - r5a.large\n - r5d.metal\n - r5ad.large\n - r5d.large\n - r5dn.large\n - r5dn.metal\n - r5b.large\n - r5b.metal\n - r5n.large\n - r5n.metal\n - r6a.large\n - r6a.metal\n - r6i.large\n - r6i.metal\n - r6id.large\n - r6id.metal\n - r7i.large\n - r7i.metal-24xl\n - r7i.metal-48xl\n - r7iz.large\n - r7iz.metal-16xl\n - r7iz.metal-32xl\n - r7a.medium\n - r7a.large\n - r7a.metal-48xl\n - r8a.medium\n - r8a.large\n - r8a.metal-24xl\n - r8a.metal-48xl\n - r8i.large\n - r8i.metal-48xl\n - r8i.metal-96xl\n - r8i-flex.large\n - t2.2xlarge\n - t2.large\n - t2.medium\n - t2.micro\n - t2.nano\n - t2.small\n - t2.xlarge\n - t3.2xlarge\n - t3.large\n - t3.medium\n - t3.micro\n - t3.nano\n - t3.small\n - t3.xlarge\n - t3a.2xlarge\n - t3a.large\n - t3a.medium\n - t3a.micro\n - t3a.nano\n - t3a.small\n - t3a.xlarge\n - x2idn.metal\n - x2iedn.metal\n - x2iezn.metal\n - z1d.metal\n - z1d.large\n SpotPrice:\n Description: Spot price for instances in USD/Hour - Optional/advanced\n Type: Number\n MinValue: '0'\n MaxValue: '2'\n Default: '0'\n KeyName:\n Description: Name of an existing EC2 KeyPair to enable SSH access to the instance\n Type: String\n NumberOfZones:\n Description: Total number of Availability Zones, which can be 1 or 3. Load balancer type depends on the number of zones selected. Select 3 zones for Application Load Balancer (OR) Select 1 zone for Classic Load Balancer.\n Type: Number\n AllowedValues:\n - 1\n - 3\n Default: 3\n NodesPerZone:\n Description: Total number of nodes per Zone. Set to 0 to shutdown/hibernate\n Type: Number\n MinValue: '0'\n MaxValue: '20'\n Default: '1'\n AZ:\n Description: The Availability Zones for VPC subnets. Accept either 1 zone or 3 zones. In the order of Subnet 1, Subnet 2 and Subnet 3 (if applicable).\n Type: 'List<AWS::EC2::AvailabilityZone::Name>'\n LogSNS:\n Description: SNS Topic for logging - optional/advanced.\n Type: String\n Default: none\n # network configuration\n VPC:\n Description: ID of an existing Virtual Private Cloud (VPC)\n Type: 'AWS::EC2::VPC::Id'\n PublicSubnet1:\n Description: The public subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet2:\n Description: The public subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet3:\n Description: The public subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet1:\n Description: The private subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet2:\n Description: The private subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet3:\n Description: The private subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n ExternalAccessCidrIP:\n Description: A CIDR IP range to allow external access from\n Type: String\n Default: 54.76.254.148/32\n ECSSecurityGroup:\n Description: the security group the ECS cluster is in\n Type: 'AWS::EC2::SecurityGroup::Id'\n\n # marklogic configuration\n AdminUser:\n Description: The MarkLogic administrator username\n Type: String\n AdminPass:\n Description: The MarkLogic administrator password\n Type: String\n NoEcho: 'true'\n AllowedPattern: >-\n ^(?!.*[*]).*$\n ConstraintDescription: Admin password must contain any characters except asterisk (*).\n Licensee:\n Description: The MarkLogic Licensee or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\n LicenseKey:\n Description: The MarkLogic License Key or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\nConditions:\n UseLogSNS: !Not [!Equals [!Ref LogSNS, \"none\"]]\n UseSpot: !Not\n - !Equals\n - !Ref SpotPrice\n - 0\n #MultiZone (3 zones) and SingleZone conditions used for the conditional resource creation based on number of zones selected.\n MultiZone:\n !Not [!Equals [!Ref NumberOfZones, 1]]\n SingleZone: !Equals [!Ref NumberOfZones, 1]\n PAYG:\n !Or [ !And [!Equals [!Ref LicenseKey, ''], !Equals [!Ref Licensee, '']], !And [!Equals [!Ref LicenseKey, 'none'], !Equals [!Ref Licensee, 'none']] ]\n UseVolumeEncryption: !Equals [!Ref VolumeEncryption, 'enable']\n HasCustomEBSKey: !Not [!Equals [!Ref VolumeEncryptionKey, '']]\n GP3: !Equals [!Ref VolumeType, 'gp3']\nMappings:\n Variable:\n LambdaPackageBucket:\n base: 'ml-db-lambda-'\n TemplateUrl:\n base: 'https://s3.amazonaws.com/marklogic-db-template-releases'\n S3Directory:\n base: '12.0.1'\n LicenseRegion2AMI:\n us-east-1:\n PAYGAl2023: ami-0198b8931e9597271\n BYOLAl2023: ami-0a8536507241f95b0\n us-east-2:\n PAYGAl2023: ami-0877b64dae8264415\n BYOLAl2023: ami-082cc98b2c01e486a\n us-west-1:\n PAYGAl2023: ami-07890fc78f4ddfa20\n BYOLAl2023: ami-05c9a962410c2821b\n us-west-2:\n PAYGAl2023: ami-0577eb149c9e0f53f\n BYOLAl2023: ami-0262dd8d014bf71ba\n eu-central-1:\n PAYGAl2023: ami-06348556399c8ab69\n BYOLAl2023: ami-00cb5a3527e7c0d11\n eu-west-1:\n PAYGAl2023: ami-0fa7bc44cd9ab1f85\n BYOLAl2023: ami-0bc2b4d46367806b0\n ap-south-1:\n PAYGAl2023: ami-0f481ba0a6819ced6\n BYOLAl2023: ami-00b59374107e5efb6\n ap-southeast-1:\n PAYGAl2023: ami-0c373c6c8a2316c80\n BYOLAl2023: ami-0b9bd265ef165a07b\n ap-southeast-2:\n PAYGAl2023: ami-0c65a907408226a3e\n BYOLAl2023: ami-02bad1ef2c6d4a91a\n ap-northeast-1:\n PAYGAl2023: ami-0254bc4adaf13e3b9\n BYOLAl2023: ami-07e8b312b1016bf67\n ap-northeast-2:\n PAYGAl2023: ami-05995b5f5807873d7\n BYOLAl2023: ami-0afd77ba0d7a0c129\n sa-east-1:\n PAYGAl2023: ami-05ec8fee12de236a5\n BYOLAl2023: ami-09d883ea308449555\n eu-west-2:\n PAYGAl2023: ami-0f5cff9d243f31521\n BYOLAl2023: ami-0588d104a52fbc326\n ca-central-1:\n PAYGAl2023: ami-0f34d118b23b51bf5\n BYOLAl2023: ami-0c78eccd03e957005\n eu-west-3:\n PAYGAl2023: ami-01fa9155eb17992c5\n BYOLAl2023: ami-0637199acc5327534\nResources:\n ManagedEniStack:\n Type: AWS::CloudFormation::Stack\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n NodesPerZone: !Ref NodesPerZone\n NumberOfZones: !Ref NumberOfZones\n Subnets: !If [MultiZone, !Join [',', [!Ref PrivateSubnet1, !Ref PrivateSubnet2, !Ref PrivateSubnet3]], !Ref PrivateSubnet1]\n ParentStackName: !Ref 'AWS::StackName'\n ParentStackId: !Ref 'AWS::StackId'\n SecurityGroup: !Ref InstanceSecurityGroup\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-managedeni.template']]\n TimeoutInMinutes: 5\n NodeMgrLambdaStack:\n Type: AWS::CloudFormation::Stack\n DependsOn: ManagedEniStack\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-nodemanager.template']]\n TimeoutInMinutes: 5\n MarklogicVolume1:\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [0, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupA-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c81032f7-b0ec-47ca-a236-e24d57b49ae3\n MarklogicVolume2:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [1, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupB-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: ddb55ae1-a00b-42ed-addd-5e03e4a2764b\n MarklogicVolume3:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [2, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupC-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 9094a65e-9d01-4c4c-9586-c33720e2cc9c\n MarkLogicDDBTable:\n Type: 'AWS::DynamoDB::Table'\n Properties:\n AttributeDefinitions:\n - AttributeName: node\n AttributeType: S\n KeySchema:\n - KeyType: HASH\n AttributeName: node\n ProvisionedThroughput:\n WriteCapacityUnits: '10'\n ReadCapacityUnits: '10'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e7190602-c2de-47ab-81e7-1315f8c01e2d\n #AutoScalingGroup used for SingleZone deployments that is connected to Classic Load Balancer.\n MarkLogicServerGroup:\n Condition: SingleZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup1:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup2:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet2\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp2\n Version: !GetAtt LaunchTemp2.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 87d75478-787a-41d5-bb21-9de6fe4b662e\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup3:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet3\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp3\n Version: !GetAtt LaunchTemp3.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: bbd8314a-6e59-4102-9ed5-232739dd0dfa\n InstanceSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n InstanceSecurityGroupIngress:\n Type: 'AWS::EC2::SecurityGroupIngress'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n IpProtocol: tcp\n FromPort: '0'\n ToPort: '65355'\n GroupId: !Ref InstanceSecurityGroup\n SourceSecurityGroupId: !Ref InstanceSecurityGroup\n InternalElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume1\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeA#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=1\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 2efb8cfb-df53-401d-8ff2-34af0dd25993\n LaunchTemp2:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume2\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeB#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c8296a50-a29e-4646-aa74-8f1b735a9a3f\n LaunchTemp3:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume3\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeC#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets:\n - !Ref PublicSubnet1\n - !If [MultiZone, !Ref PublicSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PublicSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8003\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8004\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8005\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8006\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8007\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8008\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicExternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n #Descriptions of the 9 Listeners for MultiZone deployments (3 zones). Each Listener connects Application Load Balancer to a TargetGroup with a particular port.\n AlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8000\n Protocol: HTTP\n AlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8001\n Protocol: HTTP\n AlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8002\n Protocol: HTTP\n AlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8003\n Protocol: HTTP\n AlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8004\n Protocol: HTTP\n AlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8005\n Protocol: HTTP\n AlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8006\n Protocol: HTTP\n AlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8007\n Protocol: HTTP\n AlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8008\n Protocol: HTTP\n MarklogicExternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - MarklogicExternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'",
"newContent": "AWSTemplateFormatVersion: 2010-09-09\nDescription: Deploy a MarkLogic Cluster on AWS in existing VPC (Virtual Private Cloud).\nMetadata:\n version: 12.0.1\n binary: MarkLogic-12.0.1-rhel.x86_64.rpm\n AWS::CloudFormation::Interface:\n ParameterGroups:\n - Label:\n default: \"Resource Configuration\"\n Parameters:\n - IAMRole\n - VolumeSize\n - VolumeType\n - VolumeIOPS\n - VolumeThroughput\n - VolumeEncryption\n - VolumeEncryptionKey\n - InstanceType\n - SpotPrice\n - KeyName\n - NumberOfZones\n - NodesPerZone\n - AZ\n - LogSNS\n - Label:\n default: \"Network Configuration\"\n Parameters:\n - VPC\n - PublicSubnet1\n - PublicSubnet2\n - PublicSubnet3\n - PrivateSubnet1\n - PrivateSubnet2\n - PrivateSubnet3\n - ExternalAccessCidrIP\n - ECSSecurityGroup\n - Label:\n default: \"MarkLogic Configuration\"\n Parameters:\n - AdminUser\n - AdminPass\n - Licensee\n - LicenseKey\n ParameterLabels:\n AdminUser:\n default: Admin User\n AdminPass:\n default: Admin password\n Licensee:\n default: Licensee\n LicenseKey:\n default: License Key\n IAMRole:\n default: IAM Role\n LogSNS:\n default: Logging SNS ARN\n VolumeSize:\n default: Volume Size\n VolumeType:\n default: Volume Type\n VolumeIOPS:\n default: Volume Iops\n VolumeThroughput:\n default: Volume Throughput\n VolumeEncryption:\n default: Volume Encryption\n VolumeEncryptionKey:\n default: Volume Encryption Key ARN\n InstanceType:\n default: Instance Type\n SpotPrice:\n default: Spot Price\n KeyName:\n default: SSH Key Name\n NumberOfZones:\n default: Number of Zones\n NodesPerZone:\n default: Nodes per Zone\n AZ:\n default: Availability Zone\n VPC:\n default: VPC\n PublicSubnet1:\n default: Public Subnet 1\n PublicSubnet2:\n default: Public Subnet 2\n PublicSubnet3:\n default: Public Subnet 3\n PrivateSubnet1:\n default: Private Subnet 1\n PrivateSubnet2:\n default: Private Subnet 2\n PrivateSubnet3:\n default: Private Subnet 3\n ExternalAccessCidrIP:\n default: External IP address range for access to admin site\n ECSSecurityGroup:\n default: the security group the ecs cluster is in\nParameters:\n # resource configuration\n IAMRole:\n Description: IAM Role\n Type: String\n VolumeSize:\n Description: The EBS Data volume size (GB) for all nodes\n Type: Number\n MinValue: '10'\n MaxValue: '1000'\n Default: '50'\n VolumeType:\n Description: The EBS Data volume Type\n Type: String\n AllowedValues:\n - standard\n - gp2\n - gp3\n Default: gp3\n VolumeIOPS:\n Description: The number of I/O operations per second for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '3000'\n MaxValue: '16000'\n Default: '3000'\n VolumeThroughput:\n Description: The throughput to provision for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '125'\n MaxValue: '1000'\n Default: '125'\n VolumeEncryption:\n Description: Whether to enable volume encryption\n Type: String\n AllowedValues:\n - enable\n - disable\n Default: enable\n VolumeEncryptionKey:\n Description: The key ID of AWS KMS key to encrypt volumes - Optional\n Type: String\n Default: \"\"\n InstanceType:\n Description: Type of EC2 instance to launch\n Type: String\n Default: r5.4xlarge\n AllowedValues:\n - ---- Pay-As-You-Go and Bring-Your-Own-License ----\n - c3.xlarge\n - c3.2xlarge\n - c3.4xlarge\n - c3.8xlarge\n - c4.xlarge\n - c4.2xlarge\n - c4.4xlarge\n - c4.8xlarge\n - c5.xlarge\n - c5.2xlarge\n - c5.4xlarge\n - c5.9xlarge\n - c5.12xlarge\n - c5.18xlarge\n - c5.24xlarge\n - c5a.xlarge\n - c5a.2xlarge\n - c5a.4xlarge\n - c5a.8xlarge\n - c5a.12xlarge\n - c5a.16xlarge\n - c5a.24xlarge\n - c5ad.xlarge\n - c5ad.2xlarge\n - c5ad.4xlarge\n - c5ad.8xlarge\n - c5ad.12xlarge\n - c5ad.16xlarge\n - c5ad.24xlarge\n - c5d.xlarge\n - c5d.2xlarge\n - c5d.4xlarge\n - c5d.9xlarge\n - c5d.12xlarge\n - c5d.18xlarge\n - c5d.24xlarge\n - c5n.xlarge\n - c5n.2xlarge\n - c5n.4xlarge\n - c5n.9xlarge\n - c5n.18xlarge\n - c6a.xlarge\n - c6a.2xlarge\n - c6a.4xlarge\n - c6a.8xlarge\n - c6a.12xlarge\n - c6a.16xlarge\n - c6a.24xlarge\n - c6a.32xlarge\n - c6a.48xlarge\n - c6i.xlarge\n - c6i.2xlarge\n - c6i.4xlarge\n - c6i.8xlarge\n - c6i.12xlarge\n - c6i.16xlarge\n - c6i.24xlarge\n - c6i.32xlarge\n - c6id.xlarge\n - c6id.2xlarge\n - c6id.4xlarge\n - c6id.8xlarge\n - c6id.12xlarge\n - c6id.16xlarge\n - c6id.24xlarge\n - c6id.32xlarge\n - c7i.xlarge\n - c7i.2xlarge\n - c7i.4xlarge\n - c7i.8xlarge\n - c7i.12xlarge\n - c7i.16xlarge\n - c7i.24xlarge\n - c7i.48xlarge\n - c7i-flex.xlarge\n - c7i-flex.2xlarge\n - c7i-flex.4xlarge\n - c7i-flex.8xlarge\n - c7i-flex.12xlarge\n - c7i-flex.16xlarge\n - c7a.xlarge\n - c7a.2xlarge\n - c7a.4xlarge\n - c7a.8xlarge\n - c7a.12xlarge\n - c7a.16xlarge\n - c7a.24xlarge\n - c7a.32xlarge\n - c7a.48xlarge\n - c8i.xlarge\n - c8i.2xlarge\n - c8i.4xlarge\n - c8i.8xlarge\n - c8i.12xlarge\n - c8i.16xlarge\n - c8i.24xlarge\n - c8i.32xlarge\n - c8i.48xlarge\n - c8i.96xlarge\n - c8i-flex.xlarge\n - c8i-flex.2xlarge\n - c8i-flex.4xlarge\n - c8i-flex.8xlarge\n - c8i-flex.12xlarge\n - c8i-flex.16xlarge\n - i2.2xlarge\n - i2.4xlarge\n - i2.8xlarge\n - i2.xlarge\n - i3.xlarge\n - i3.2xlarge\n - i3.4xlarge\n - i3.8xlarge\n - i3.16xlarge\n - i3en.xlarge\n - i3en.2xlarge\n - i3en.3xlarge\n - i3en.6xlarge\n - i3en.12xlarge\n - i3en.24xlarge\n - i4i.xlarge\n - i4i.2xlarge\n - i4i.4xlarge\n - i4i.8xlarge\n - i4i.12xlarge\n - i4i.16xlarge\n - i4i.24xlarge\n - i4i.32xlarge\n - i7ie.xlarge\n - i7ie.2xlarge\n - i7ie.3xlarge\n - i7ie.6xlarge\n - i7ie.12xlarge\n - i7ie.18xlarge\n - i7ie.24xlarge\n - i7ie.48xlarge\n - m3.xlarge\n - m3.2xlarge\n - m4.xlarge\n - m4.2xlarge\n - m4.4xlarge\n - m4.10xlarge\n - m4.16xlarge\n - m5.xlarge\n - m5.2xlarge\n - m5.4xlarge\n - m5.8xlarge\n - m5.12xlarge\n - m5.16xlarge\n - m5.24xlarge\n - m5a.xlarge\n - m5a.2xlarge\n - m5a.4xlarge\n - m5a.8xlarge\n - m5a.12xlarge\n - m5a.16xlarge\n - m5a.24xlarge\n - m5d.xlarge\n - m5d.2xlarge\n - m5d.4xlarge\n - m5d.8xlarge\n - m5d.16xlarge\n - m5d.12xlarge\n - m5d.24xlarge\n - m5ad.xlarge\n - m5ad.2xlarge\n - m5ad.4xlarge\n - m5ad.8xlarge\n - m5ad.12xlarge\n - m5ad.16xlarge\n - m5ad.24xlarge\n - m5zn.xlarge\n - m5zn.2xlarge\n - m5zn.3xlarge\n - m5zn.6xlarge\n - m5zn.12xlarge\n - m5n.xlarge\n - m5n.2xlarge\n - m5n.4xlarge\n - m5n.8xlarge\n - m5n.12xlarge\n - m5n.16xlarge\n - m5n.24xlarge\n - m5dn.xlarge\n - m5dn.2xlarge\n - m5dn.4xlarge\n - m5dn.8xlarge\n - m5dn.12xlarge\n - m5dn.16xlarge\n - m5dn.24xlarge\n - m6a.xlarge\n - m6a.2xlarge\n - m6a.4xlarge\n - m6a.8xlarge\n - m6a.12xlarge\n - m6a.16xlarge\n - m6a.24xlarge\n - m6a.32xlarge\n - m6a.48xlarge\n - m6i.xlarge\n - m6i.2xlarge\n - m6i.4xlarge\n - m6i.8xlarge\n - m6i.12xlarge\n - m6i.16xlarge\n - m6i.24xlarge\n - m6i.32xlarge\n - m6id.xlarge\n - m6id.2xlarge\n - m6id.4xlarge\n - m6id.8xlarge\n - m6id.12xlarge\n - m6id.16xlarge\n - m6id.24xlarge\n - m6id.32xlarge\n - m7i.xlarge\n - m7i.2xlarge\n - m7i.4xlarge\n - m7i.8xlarge\n - m7i.12xlarge\n - m7i.16xlarge\n - m7i.24xlarge\n - m7i.48xlarge\n - m7i-flex.xlarge\n - m7i-flex.2xlarge\n - m7i-flex.4xlarge\n - m7i-flex.8xlarge\n - m7i-flex.12xlarge\n - m7i-flex.16xlarge\n - m7a.xlarge\n - m7a.2xlarge\n - m7a.4xlarge\n - m7a.8xlarge\n - m7a.12xlarge\n - m7a.16xlarge\n - m7a.24xlarge\n - m7a.32xlarge\n - m7a.48xlarge\n - m8a.xlarge\n - m8a.2xlarge\n - m8a.4xlarge\n - m8a.8xlarge\n - m8a.12xlarge\n - m8a.16xlarge\n - m8a.24xlarge\n - m8a.48xlarge\n - m8i.xlarge\n - m8i.2xlarge\n - m8i.4xlarge\n - m8i.8xlarge\n - m8i.12xlarge\n - m8i.16xlarge\n - m8i.24xlarge\n - m8i.32xlarge\n - m8i.48xlarge\n - m8i.96xlarge\n - m8i-flex.xlarge\n - m8i-flex.2xlarge\n - m8i-flex.4xlarge\n - m8i-flex.8xlarge\n - m8i-flex.12xlarge\n - m8i-flex.16xlarge\n - r3.xlarge\n - r3.2xlarge\n - r3.4xlarge\n - r3.8xlarge\n - r4.xlarge\n - r4.2xlarge\n - r4.4xlarge\n - r4.8xlarge\n - r4.16xlarge\n - r5.xlarge\n - r5.2xlarge\n - r5.4xlarge\n - r5.8xlarge\n - r5.12xlarge\n - r5.16xlarge\n - r5.24xlarge\n - r5a.xlarge\n - r5a.2xlarge\n - r5a.4xlarge\n - r5a.8xlarge\n - r5a.12xlarge\n - r5a.16xlarge\n - r5a.24xlarge\n - r5ad.xlarge\n - r5ad.2xlarge\n - r5ad.4xlarge\n - r5ad.8xlarge\n - r5ad.12xlarge\n - r5ad.16xlarge\n - r5ad.24xlarge\n - r5b.xlarge\n - r5b.2xlarge\n - r5b.4xlarge\n - r5b.8xlarge\n - r5b.12xlarge\n - r5b.16xlarge\n - r5b.24xlarge\n - r5d.xlarge\n - r5d.2xlarge\n - r5d.4xlarge\n - r5d.8xlarge\n - r5d.12xlarge\n - r5d.16xlarge\n - r5d.24xlarge\n - r5dn.xlarge\n - r5dn.2xlarge\n - r5dn.4xlarge\n - r5dn.8xlarge\n - r5dn.12xlarge\n - r5dn.16xlarge\n - r5dn.24xlarge\n - r5n.xlarge\n - r5n.2xlarge\n - r5n.4xlarge\n - r5n.8xlarge\n - r5n.12xlarge\n - r5n.16xlarge\n - r5n.24xlarge\n - r6a.xlarge\n - r6a.2xlarge\n - r6a.4xlarge\n - r6a.8xlarge\n - r6a.12xlarge\n - r6a.16xlarge\n - r6a.24xlarge\n - r6a.32xlarge\n - r6a.48xlarge\n - r6i.xlarge\n - r6i.2xlarge\n - r6i.4xlarge\n - r6i.8xlarge\n - r6i.12xlarge\n - r6i.16xlarge\n - r6i.24xlarge\n - r6i.32xlarge\n - r6id.xlarge\n - r6id.2xlarge\n - r6id.4xlarge\n - r6id.8xlarge\n - r6id.12xlarge\n - r6id.16xlarge\n - r6id.24xlarge\n - r6id.32xlarge\n - r7i.xlarge\n - r7i.2xlarge\n - r7i.4xlarge\n - r7i.8xlarge\n - r7i.12xlarge\n - r7i.16xlarge\n - r7i.24xlarge\n - r7i.48xlarge\n - r7iz.xlarge\n - r7iz.2xlarge\n - r7iz.4xlarge\n - r7iz.8xlarge\n - r7iz.12xlarge\n - r7iz.16xlarge\n - r7iz.32xlarge\n - r7a.xlarge\n - r7a.2xlarge\n - r7a.4xlarge\n - r7a.8xlarge\n - r7a.12xlarge\n - r7a.16xlarge\n - r7a.24xlarge\n - r7a.32xlarge\n - r7a.48xlarge\n - r8a.xlarge\n - r8a.2xlarge\n - r8a.4xlarge\n - r8a.8xlarge\n - r8a.12xlarge\n - r8a.16xlarge\n - r8a.24xlarge\n - r8a.48xlarge\n - r8i.xlarge\n - r8i.2xlarge\n - r8i.4xlarge\n - r8i.8xlarge\n - r8i.12xlarge\n - r8i.16xlarge\n - r8i.24xlarge\n - r8i.32xlarge\n - r8i.48xlarge\n - r8i.96xlarge\n - r8i-flex.xlarge\n - r8i-flex.2xlarge\n - r8i-flex.4xlarge\n - r8i-flex.8xlarge\n - r8i-flex.12xlarge\n - r8i-flex.16xlarge\n - x1.16xlarge\n - x1.32xlarge\n - x1e.xlarge\n - x1e.2xlarge\n - x1e.4xlarge\n - x1e.8xlarge\n - x1e.16xlarge\n - x1e.32xlarge\n - x2idn.16xlarge\n - x2idn.24xlarge\n - x2idn.32xlarge\n - x2iedn.xlarge\n - x2iedn.2xlarge\n - x2iedn.4xlarge\n - x2iedn.8xlarge\n - x2iedn.16xlarge\n - x2iedn.24xlarge\n - x2iedn.32xlarge\n - x2iezn.2xlarge\n - x2iezn.4xlarge\n - x2iezn.6xlarge\n - x2iezn.8xlarge\n - x2iezn.12xlarge\n - d2.xlarge\n - d2.2xlarge\n - d2.4xlarge\n - d2.8xlarge\n - d3.xlarge\n - d3.2xlarge\n - d3.4xlarge\n - d3.8xlarge\n - d3en.xlarge\n - d3en.2xlarge\n - d3en.4xlarge\n - d3en.6xlarge\n - d3en.8xlarge\n - d3en.12xlarge\n - dl1.24xlarge\n - h1.2xlarge\n - h1.4xlarge\n - h1.8xlarge\n - h1.16xlarge\n - inf1.xlarge\n - inf1.2xlarge\n - inf1.6xlarge\n - inf1.24xlarge\n - trn1.2xlarge\n - trn1.32xlarge\n - u-3tb1.56xlarge\n - u-6tb1.56xlarge\n - u-6tb1.112xlarge\n - u-9tb1.112xlarge\n - u-12tb1.112xlarge\n - u-18tb1.112xlarge\n - vt1.3xlarge\n - vt1.6xlarge\n - vt1.24xlarge\n - z1d.xlarge\n - z1d.2xlarge\n - z1d.3xlarge\n - z1d.6xlarge\n - z1d.12xlarge\n - -------------- Bring-Your-Own-License Only --------------\n - c3.large\n - c4.large\n - c5.metal\n - c5.large\n - c5a.large\n - c5ad.large\n - c5d.metal\n - c5d.large\n - c5n.large\n - c5n.metal\n - c6a.large\n - c6a.metal\n - c6i.large\n - c6i.metal\n - c6id.large\n - c6id.metal\n - c7i.large\n - c7i.metal-24xl\n - c7i.metal-48xl\n - c7i-flex.large\n - c7a.medium\n - c7a.large\n - c7a.metal-48xl\n - c8i.large\n - c8i.metal-48xl\n - c8i.metal-96xl\n - c8i-flex.large\n - i3.large\n - i3.metal\n - i3en.large\n - i3en.metal\n - i4i.large\n - i4i.metal\n - i7ie.large\n - i7ie.metal-24xl\n - i7ie.metal-48xl\n - m3.large\n - m3.medium\n - m4.large\n - m5.metal\n - m5.large\n - m5a.large\n - m5ad.large\n - m5d.metal\n - m5d.large\n - m5zn.large\n - m5zn.metal\n - m5n.large\n - m5n.metal\n - m5dn.large\n - m5dn.metal\n - m6a.large\n - m6a.metal\n - m6i.large\n - m6i.metal\n - m6id.large\n - m6id.metal\n - m7i.large\n - m7i.metal-24xl\n - m7i.metal-48xl\n - m7i-flex.large\n - m7a.medium\n - m7a.large\n - m7a.metal-48xl\n - m8a.medium\n - m8a.large\n - m8a.metal-24xl\n - m8a.metal-48xl\n - m8i.large\n - m8i.metal-48xl\n - m8i.metal-96xl\n - m8i-flex.large\n - r3.large\n - r4.large\n - r5.metal\n - r5.large\n - r5a.large\n - r5d.metal\n - r5ad.large\n - r5d.large\n - r5dn.large\n - r5dn.metal\n - r5b.large\n - r5b.metal\n - r5n.large\n - r5n.metal\n - r6a.large\n - r6a.metal\n - r6i.large\n - r6i.metal\n - r6id.large\n - r6id.metal\n - r7i.large\n - r7i.metal-24xl\n - r7i.metal-48xl\n - r7iz.large\n - r7iz.metal-16xl\n - r7iz.metal-32xl\n - r7a.medium\n - r7a.large\n - r7a.metal-48xl\n - r8a.medium\n - r8a.large\n - r8a.metal-24xl\n - r8a.metal-48xl\n - r8i.large\n - r8i.metal-48xl\n - r8i.metal-96xl\n - r8i-flex.large\n - t2.2xlarge\n - t2.large\n - t2.medium\n - t2.micro\n - t2.nano\n - t2.small\n - t2.xlarge\n - t3.2xlarge\n - t3.large\n - t3.medium\n - t3.micro\n - t3.nano\n - t3.small\n - t3.xlarge\n - t3a.2xlarge\n - t3a.large\n - t3a.medium\n - t3a.micro\n - t3a.nano\n - t3a.small\n - t3a.xlarge\n - x2idn.metal\n - x2iedn.metal\n - x2iezn.metal\n - z1d.metal\n - z1d.large\n SpotPrice:\n Description: Spot price for instances in USD/Hour - Optional/advanced\n Type: Number\n MinValue: '0'\n MaxValue: '2'\n Default: '0'\n KeyName:\n Description: Name of an existing EC2 KeyPair to enable SSH access to the instance\n Type: String\n NumberOfZones:\n Description: Total number of Availability Zones, which can be 1 or 3. Load balancer type depends on the number of zones selected. Select 3 zones for Application Load Balancer (OR) Select 1 zone for Classic Load Balancer.\n Type: Number\n AllowedValues:\n - 1\n - 3\n Default: 3\n NodesPerZone:\n Description: Total number of nodes per Zone. Set to 0 to shutdown/hibernate\n Type: Number\n MinValue: '0'\n MaxValue: '20'\n Default: '1'\n AZ:\n Description: The Availability Zones for VPC subnets. Accept either 1 zone or 3 zones. In the order of Subnet 1, Subnet 2 and Subnet 3 (if applicable).\n Type: 'List<AWS::EC2::AvailabilityZone::Name>'\n LogSNS:\n Description: SNS Topic for logging - optional/advanced.\n Type: String\n Default: none\n # network configuration\n VPC:\n Description: ID of an existing Virtual Private Cloud (VPC)\n Type: 'AWS::EC2::VPC::Id'\n PublicSubnet1:\n Description: The public subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet2:\n Description: The public subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet3:\n Description: The public subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet1:\n Description: The private subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet2:\n Description: The private subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet3:\n Description: The private subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n ExternalAccessCidrIP:\n Description: A CIDR IP range to allow external access from\n Type: String\n Default: 54.76.254.148/32\n ECSSecurityGroup:\n Description: the security group the ECS cluster is in\n Type: 'AWS::EC2::SecurityGroup::Id'\n\n # marklogic configuration\n AdminUser:\n Description: The MarkLogic administrator username\n Type: String\n AdminPass:\n Description: The MarkLogic administrator password\n Type: String\n NoEcho: 'true'\n AllowedPattern: >-\n ^(?!.*[*]).*$\n ConstraintDescription: Admin password must contain any characters except asterisk (*).\n Licensee:\n Description: The MarkLogic Licensee or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\n LicenseKey:\n Description: The MarkLogic License Key or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\nConditions:\n UseLogSNS: !Not [!Equals [!Ref LogSNS, \"none\"]]\n UseSpot: !Not\n - !Equals\n - !Ref SpotPrice\n - 0\n #MultiZone (3 zones) and SingleZone conditions used for the conditional resource creation based on number of zones selected.\n MultiZone:\n !Not [!Equals [!Ref NumberOfZones, 1]]\n SingleZone: !Equals [!Ref NumberOfZones, 1]\n PAYG:\n !Or [ !And [!Equals [!Ref LicenseKey, ''], !Equals [!Ref Licensee, '']], !And [!Equals [!Ref LicenseKey, 'none'], !Equals [!Ref Licensee, 'none']] ]\n UseVolumeEncryption: !Equals [!Ref VolumeEncryption, 'enable']\n HasCustomEBSKey: !Not [!Equals [!Ref VolumeEncryptionKey, '']]\n GP3: !Equals [!Ref VolumeType, 'gp3']\nMappings:\n Variable:\n LambdaPackageBucket:\n base: 'ml-db-lambda-'\n TemplateUrl:\n base: 'https://s3.amazonaws.com/marklogic-db-template-releases'\n S3Directory:\n base: '12.0.1'\n LicenseRegion2AMI:\n us-east-1:\n PAYGAl2023: ami-0198b8931e9597271\n BYOLAl2023: ami-0a8536507241f95b0\n us-east-2:\n PAYGAl2023: ami-0877b64dae8264415\n BYOLAl2023: ami-082cc98b2c01e486a\n us-west-1:\n PAYGAl2023: ami-07890fc78f4ddfa20\n BYOLAl2023: ami-05c9a962410c2821b\n us-west-2:\n PAYGAl2023: ami-0577eb149c9e0f53f\n BYOLAl2023: ami-0262dd8d014bf71ba\n eu-central-1:\n PAYGAl2023: ami-06348556399c8ab69\n BYOLAl2023: ami-00cb5a3527e7c0d11\n eu-west-1:\n PAYGAl2023: ami-0fa7bc44cd9ab1f85\n BYOLAl2023: ami-0bc2b4d46367806b0\n ap-south-1:\n PAYGAl2023: ami-0f481ba0a6819ced6\n BYOLAl2023: ami-00b59374107e5efb6\n ap-southeast-1:\n PAYGAl2023: ami-0c373c6c8a2316c80\n BYOLAl2023: ami-0b9bd265ef165a07b\n ap-southeast-2:\n PAYGAl2023: ami-0c65a907408226a3e\n BYOLAl2023: ami-02bad1ef2c6d4a91a\n ap-northeast-1:\n PAYGAl2023: ami-0254bc4adaf13e3b9\n BYOLAl2023: ami-07e8b312b1016bf67\n ap-northeast-2:\n PAYGAl2023: ami-05995b5f5807873d7\n BYOLAl2023: ami-0afd77ba0d7a0c129\n sa-east-1:\n PAYGAl2023: ami-05ec8fee12de236a5\n BYOLAl2023: ami-09d883ea308449555\n eu-west-2:\n PAYGAl2023: ami-0f5cff9d243f31521\n BYOLAl2023: ami-0588d104a52fbc326\n ca-central-1:\n PAYGAl2023: ami-0f34d118b23b51bf5\n BYOLAl2023: ami-0c78eccd03e957005\n eu-west-3:\n PAYGAl2023: ami-01fa9155eb17992c5\n BYOLAl2023: ami-0637199acc5327534\nResources:\n ManagedEniStack:\n Type: AWS::CloudFormation::Stack\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n NodesPerZone: !Ref NodesPerZone\n NumberOfZones: !Ref NumberOfZones\n Subnets: !If [MultiZone, !Join [',', [!Ref PrivateSubnet1, !Ref PrivateSubnet2, !Ref PrivateSubnet3]], !Ref PrivateSubnet1]\n ParentStackName: !Ref 'AWS::StackName'\n ParentStackId: !Ref 'AWS::StackId'\n SecurityGroup: !Ref InstanceSecurityGroup\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-managedeni.template']]\n TimeoutInMinutes: 5\n NodeMgrLambdaStack:\n Type: AWS::CloudFormation::Stack\n DependsOn: ManagedEniStack\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-nodemanager.template']]\n TimeoutInMinutes: 5\n MarklogicVolume1:\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [0, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupA-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c81032f7-b0ec-47ca-a236-e24d57b49ae3\n MarklogicVolume2:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [1, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupB-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: ddb55ae1-a00b-42ed-addd-5e03e4a2764b\n MarklogicVolume3:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [2, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupC-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 9094a65e-9d01-4c4c-9586-c33720e2cc9c\n MarkLogicDDBTable:\n Type: 'AWS::DynamoDB::Table'\n Properties:\n AttributeDefinitions:\n - AttributeName: node\n AttributeType: S\n KeySchema:\n - KeyType: HASH\n AttributeName: node\n ProvisionedThroughput:\n WriteCapacityUnits: '10'\n ReadCapacityUnits: '10'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e7190602-c2de-47ab-81e7-1315f8c01e2d\n #AutoScalingGroup used for SingleZone deployments that is connected to Classic Load Balancer.\n MarkLogicServerGroup:\n Condition: SingleZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup1:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup2:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet2\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp2\n Version: !GetAtt LaunchTemp2.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 87d75478-787a-41d5-bb21-9de6fe4b662e\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup3:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet3\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp3\n Version: !GetAtt LaunchTemp3.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: bbd8314a-6e59-4102-9ed5-232739dd0dfa\n InstanceSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n InstanceSecurityGroupIngress:\n Type: 'AWS::EC2::SecurityGroupIngress'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n IpProtocol: tcp\n FromPort: '0'\n ToPort: '65355'\n GroupId: !Ref InstanceSecurityGroup\n SourceSecurityGroupId: !Ref InstanceSecurityGroup\n InternalElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '80'\n ToPort: '80'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '443'\n ToPort: '443'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume1\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeA#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=1\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 2efb8cfb-df53-401d-8ff2-34af0dd25993\n LaunchTemp2:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume2\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeB#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c8296a50-a29e-4646-aa74-8f1b735a9a3f\n LaunchTemp3:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume3\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeC#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets:\n - !Ref PublicSubnet1\n - !If [MultiZone, !Ref PublicSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PublicSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8003\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8004\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8005\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8006\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8007\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8008\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicExternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n #Descriptions of the 9 Listeners for MultiZone deployments (3 zones). Each Listener connects Application Load Balancer to a TargetGroup with a particular port.\n AlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8000\n Protocol: HTTP\n AlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8001\n Protocol: HTTP\n AlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8002\n Protocol: HTTP\n AlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8003\n Protocol: HTTP\n AlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8004\n Protocol: HTTP\n AlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8005\n Protocol: HTTP\n AlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8006\n Protocol: HTTP\n AlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8007\n Protocol: HTTP\n AlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8008\n Protocol: HTTP\n MarklogicExternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - MarklogicExternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'",
"filePath": "/Users/bob/git/dxw/marklogic-cf-templates/mlcluster.template"
},
"displayName": "Edit",
"description": "Replaces text within a file. By default, replaces a single occurrence, but can replace multiple occurrences when `expected_replacements` is specified. This tool requires providing significant context around the change to ensure precise targeting. Always use the read_file tool to examine the file's current content before attempting a text replacement.\n \n The user has the ability to modify the `new_string` content. If modified, this will be stated in the response.\n \n Expectation for required parameters:\n 1. `old_string` MUST be the exact literal text to replace (including all whitespace, indentation, newlines, and surrounding code etc.).\n 2. `new_string` MUST be the exact literal text to replace `old_string` with (also including all whitespace, indentation, newlines, and surrounding code etc.). Ensure the resulting code is correct and idiomatic and that `old_string` and `new_string` are different.\n 3. `instruction` is the detailed instruction of what needs to be changed. It is important to Make it specific and detailed so developers or large language models can understand what needs to be changed and perform the changes on their own if necessary. \n 4. NEVER escape `old_string` or `new_string`, that would break the exact literal text requirement.\n **Important:** If ANY of the above are not satisfied, the tool will fail. CRITICAL for `old_string`: Must uniquely identify the single instance to change. Include at least 3 lines of context BEFORE and AFTER the target text, matching whitespace and indentation precisely. If this string matches multiple locations, or does not match exactly, the tool will fail.\n 5. Prefer to break down complex and long changes into multiple smaller atomic calls to this tool. Always check the content of the file after changes or not finding a string to match.\n **Multiple replacements:** Set `expected_replacements` to the number of occurrences you want to replace. The tool will replace ALL occurrences that match `old_string` exactly. Ensure the number of replacements matches your expectation.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "54ccd573-d03a-4190-8d57-359c04c988f6",
"timestamp": "2026-01-22T18:04:04.157Z",
"type": "info",
"content": "Request cancelled."
},
{
"id": "de78a336-b63c-407e-a304-2993b3bb61b0",
"timestamp": "2026-01-22T18:04:44.775Z",
"type": "user",
"content": "i diont mean 80 and 443 I meant the other ports that are allowed on the external ALB."
},
{
"id": "e82893cd-af80-48c0-b6df-a3c951d58608",
"timestamp": "2026-01-22T18:04:59.206Z",
"type": "gemini",
"content": "I will read the `mlcluster.template` file to inspect all `AWS::ElasticLoadBalancingV2::Listener` resources to identify all ports used by the external ALB (`Alb`).",
"thoughts": [
{
"subject": "Discovering Port Details",
"description": "I'm now focused on the specific ports open on the `ExternalElbSecurityGroup`. The user's clarification about \"normal ports\" was key. My next step involves querying this security group directly to determine the allowed ingress rules and, consequently, the open ports. This is essential to understand the current configuration.",
"timestamp": "2026-01-22T18:04:49.656Z"
},
{
"subject": "Re-evaluating Port Configurations",
"description": "I've re-examined the `mlcluster.template` to confirm port configurations. I now see the `ElbSecurityGroup` and its allowed ports, particularly focusing on those beyond the standard HTTP/HTTPS. Now I need to ensure these specific ports are also allowed in the `InternalElbSecurityGroup` to maintain functionality. The previous output provides a clear reference.",
"timestamp": "2026-01-22T18:04:53.997Z"
},
{
"subject": "Identifying Configuration Discrepancies",
"description": "I've re-examined the `mlcluster.template` again, meticulously comparing the `ElbSecurityGroup`'s ingress rules with the `InternalElbSecurityGroup`. I initially missed that ports 7998, 8000-8011, and 7997 are already present in the `InternalElbSecurityGroup`. I'm now carefully checking for any further discrepancies, particularly regarding port 22 (SSH) and if it is indeed needed, bearing in mind the user's focus on \"normal ports.\"",
"timestamp": "2026-01-22T18:04:57.890Z"
},
{
"subject": "Identifying ALB Listener Ports",
"description": "I'm now carefully examining the `mlcluster.template` file. My goal is to pinpoint all ports that the external ALB, referenced as `Alb`, is listening on. This is critical to ensure that these \"normal ports\" are also configured correctly in the `InternalElbSecurityGroup`. I am focusing specifically on `AWS::ElasticLoadBalancingV2::Listener` resources to identify these ports. I'll make sure there aren't any other security groups or listeners that I missed.",
"timestamp": "2026-01-22T18:04:58.943Z"
}
],
"tokens": {
"input": 15940,
"output": 77,
"cached": 9737,
"thoughts": 994,
"tool": 0,
"total": 17011
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "search_file_content-1769105099203-f6e8e68fe12448",
"name": "search_file_content",
"args": {
"pattern": "Type: \"AWS::ElasticLoadBalancingV2::Listener\"|Type: AWS::ElasticLoadBalancingV2::Listener"
},
"result": [
{
"functionResponse": {
"id": "search_file_content-1769105099203-f6e8e68fe12448",
"name": "search_file_content",
"response": {
"output": "Found 20 matches for pattern \"Type: \"AWS::ElasticLoadBalancingV2::Listener\"|Type: AWS::ElasticLoadBalancingV2::Listener\" in path \".\":\n---\nFile: mlcluster-vpc.template\nL1843: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1856: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1869: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1882: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1895: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1908: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1921: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1934: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1947: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n---\nFile: mlcluster.template\nL1839: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1852: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1865: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1878: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1891: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1904: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1917: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1930: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1943: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL1956: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\nL2009: Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n---"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:04:59.265Z",
"resultDisplay": "Found 20 matches",
"displayName": "SearchText",
"description": "FAST, optimized search powered by `ripgrep`. PREFERRED over standard `run_shell_command(\"grep ...\")` due to better performance and automatic output limiting (max 20k matches).",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "ee62db44-6799-44bd-8f8e-ad94a46a84db",
"timestamp": "2026-01-22T18:05:03.352Z",
"type": "gemini",
"content": "I will read the `mlcluster.template` file from line 1839 to 2010 to inspect the listeners and identify which ports are configured for the external ALB (`Alb`).",
"thoughts": [
{
"subject": "Investigating Listeners Now",
"description": "I've zeroed in on the `mlcluster.template` file. Specifically, I'm poring over the listeners, beginning around line 1839. The goal is to correlate each listener with its respective ports and associated Application Load Balancer (ALB). This should give me a solid map of the network configuration.",
"timestamp": "2026-01-22T18:05:03.143Z"
}
],
"tokens": {
"input": 16501,
"output": 60,
"cached": 12458,
"thoughts": 55,
"tool": 0,
"total": 16616
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105103351-c581a297c99418",
"name": "read_file",
"args": {
"offset": 1830,
"file_path": "mlcluster.template",
"limit": 200
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105103351-c581a297c99418",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1831-2027 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 2027.\n\n--- FILE CONTENT (truncated) ---\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n #Descriptions of the 9 Listeners for MultiZone deployments (3 zones). Each Listener connects Application Load Balancer to a TargetGroup with a particular port.\n AlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8000\n Protocol: HTTP\n AlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8001\n Protocol: HTTP\n AlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8002\n Protocol: HTTP\n AlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8003\n Protocol: HTTP\n AlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8004\n Protocol: HTTP\n AlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8005\n Protocol: HTTP\n AlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8006\n Protocol: HTTP\n AlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8007\n Protocol: HTTP\n AlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8008\n Protocol: HTTP\n MarklogicExternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - MarklogicExternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:05:03.375Z",
"resultDisplay": "Read lines 1831-2027 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "83f3cfa3-538a-45bc-aca6-d708a212316f",
"timestamp": "2026-01-22T18:05:22.977Z",
"type": "gemini",
"content": "I will read `mlcluster-vpc.template` to check the `InternalElbSecurityGroup` definition and see if it's missing the ports that are present in `mlcluster.template`.",
"thoughts": [
{
"subject": "Analyzing ALB Listeners",
"description": "I've enumerated the listeners for the external ALB. Currently, I've identified listeners on ports 8000 through 8005. I'm moving on to identify the final listener's port. It seems like the setup will have a series of listeners.",
"timestamp": "2026-01-22T18:05:10.210Z"
},
{
"subject": "Revisiting Security Group Rules",
"description": "I am now reviewing the security group rules again, to make sure I'm not missing anything. It turns out the internal ALB's security group already allows access from the ECS cluster's security group for ports 8000-8011. This appears to satisfy the requirement to permit the ECS cluster to access the same ports on the internal ALB as are exposed on the external ALB.",
"timestamp": "2026-01-22T18:05:13.396Z"
},
{
"subject": "Assessing Security Rule Compliance",
"description": "I've examined the configuration, noting the external ALB security group's rules and comparing them to the internal ALB's. The internal ALB's security group *does* permit the ECS cluster's access to ports 8000-8011, aligning with requirements. It also already allows 7997 and 7998, so it appears the rule already matches the users requirements. I'm satisfied for now.",
"timestamp": "2026-01-22T18:05:17.480Z"
},
{
"subject": "Verifying Listener Consistency",
"description": "I'm now revisiting the external ALB listeners. I've confirmed ports 8000-8008 and 8011 are the relevant ones. I'm double-checking the security group rules again. It seems the internal ALB's security group already covers these ports for access from the ECS cluster, which is what the user requested. Therefore, the setup seems compliant.",
"timestamp": "2026-01-22T18:05:21.765Z"
},
{
"subject": "Reviewing VPC Template",
"description": "I'm now cross-referencing the `InternalElbSecurityGroup` in the main template against the VPC template. I need to make sure I am looking at the right component. It appears the VPC template also defines a security group, so I will analyze these definitions to find discrepancies. This is to verify the internal ALB security group rules are correctly configured.",
"timestamp": "2026-01-22T18:05:22.671Z"
}
],
"tokens": {
"input": 18298,
"output": 58,
"cached": 15884,
"thoughts": 1425,
"tool": 0,
"total": 19781
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "search_file_content-1769105122974-965f609d87cc08",
"name": "search_file_content",
"args": {
"pattern": "InternalElbSecurityGroup"
},
"result": [
{
"functionResponse": {
"id": "search_file_content-1769105122974-965f609d87cc08",
"name": "search_file_content",
"response": {
"output": "Found 7 matches for pattern \"InternalElbSecurityGroup\" in path \".\":\n---\nFile: mlcluster.template\nL1258: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1262: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1266: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1270: SourceSecurityGroupId: !Ref InternalElbSecurityGroup\nL1281: InternalElbSecurityGroup:\nL1972: - InternalElbSecurityGroup\nL1976: - !Ref InternalElbSecurityGroup\n---"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:05:23.030Z",
"resultDisplay": "Found 7 matches",
"displayName": "SearchText",
"description": "FAST, optimized search powered by `ripgrep`. PREFERRED over standard `run_shell_command(\"grep ...\")` due to better performance and automatic output limiting (max 20k matches).",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "56bea5f0-792f-44ed-9106-b6fd20e0f438",
"timestamp": "2026-01-22T18:05:28.975Z",
"type": "gemini",
"content": "I will read the `mlcluster-vpc.template` file around line 1617 to inspect the Load Balancer configuration and identify the security group being used.",
"thoughts": [
{
"subject": "Examining VPC Template",
"description": "My investigation narrowed quickly. A quick grep confirmed that the `mlcluster-vpc.template` lacks the `InternalElbSecurityGroup` references. I'm now cross-referencing this with the Load Balancer configurations, specifically looking for any alternate security group specifications.",
"timestamp": "2026-01-22T18:05:27.625Z"
},
{
"subject": "Inspecting Template Details",
"description": "I have isolated the AWS::ElasticLoadBalancingV2::LoadBalancer configuration in the VPC template. Now, I'm analyzing the surrounding code around line 1617. I'm focusing on the security group settings to understand how the internal load balancer is configured, and whether `InternalElbSecurityGroup` is referenced in the actual LB config.",
"timestamp": "2026-01-22T18:05:28.728Z"
}
],
"tokens": {
"input": 18498,
"output": 56,
"cached": 15005,
"thoughts": 122,
"tool": 0,
"total": 18676
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105128972-968e579aa4e6c",
"name": "read_file",
"args": {
"offset": 1600,
"limit": 100,
"file_path": "mlcluster-vpc.template"
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105128972-968e579aa4e6c",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1601-1700 of 1972 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 1700.\n\n--- FILE CONTENT (truncated) ---\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - VpcStack\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets: \n - !GetAtt [VpcStack, Outputs.PublicSubnet1Id]\n - !If [MultiZone, !GetAtt [VpcStack, Outputs.PublicSubnet2Id], !Ref 'AWS::NoValue']\n - !If [MultiZone, !GetAtt [VpcStack, Outputs.PublicSubnet3Id], !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n DependsOn:\n - VpcStack\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !GetAtt [VpcStack, Outputs.VpcId]\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n DependsOn:\n - VpcStack\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !GetAtt [VpcStack, Outputs.VpcId]\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n DependsOn:\n - VpcStack\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:05:28.998Z",
"resultDisplay": "Read lines 1601-1700 of 1972 from mlcluster-vpc.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "1016eddd-970d-4cb5-a3c6-17b3f57c36c1",
"timestamp": "2026-01-22T18:05:44.389Z",
"type": "gemini",
"content": "I will read the `ElbSecurityGroup` definition in `mlcluster.template` again to confirm the allowed ports.",
"thoughts": [
{
"subject": "Investigating the Templates",
"description": "I'm now examining `mlcluster.template` based on the user's feedback, as it's the only one that includes both an `InternalAlb` and an `InternalElbSecurityGroup`. I am verifying the user's assumption of needing internal access. I am focused on the architecture.",
"timestamp": "2026-01-22T18:05:33.754Z"
},
{
"subject": "Assessing Port Access",
"description": "I'm now diving into the specifics of port access, focusing on the `InternalElbSecurityGroup` in `mlcluster.template`. I was checking whether the ports allowed on the external ALB (8000-8011) are also accessible through the internal security group, and have verified they are. Now I'm considering the user's intent: Are they expecting the Internal ALB to explicitly list all external ALB listeners, or is the security group not working as expected? I am checking the yaml code now.",
"timestamp": "2026-01-22T18:05:36.616Z"
},
{
"subject": "Confirming the Scope",
"description": "I'm now revisiting the user's request, focusing on the implications of the `ECSSecurityGroup`. My current hypothesis is the user needs to explicitly allow egress traffic from the ECS cluster security group to the `InternalElbSecurityGroup`. I am now checking the definition of `ECSSecurityGroup` in `mlcluster.template` to confirm whether the egress rules are sufficient or need modification.",
"timestamp": "2026-01-22T18:05:39.569Z"
},
{
"subject": "Revisiting Security Groups",
"description": "I've re-examined the `mlcluster.template`, and confirmed the `InternalElbSecurityGroup` *does* allow access to ports 8000-8011, which matches the external ALB. I'm now considering if the user desires the addition of listeners to the Internal ALB to explicitly match the external ALB's ports, or if the user is looking at the egress rules from the `ECSSecurityGroup`. My next step is a deep dive into the `ECSSecurityGroup` and its relationship with the internal ALB.",
"timestamp": "2026-01-22T18:05:44.139Z"
},
{
"subject": "Examining Egress Rules",
"description": "I am now deep in the analysis of the user's intent, particularly regarding the `ECSSecurityGroup`. Based on the evidence, I think the user may want to enable traffic from the ECS cluster security group to the `InternalElbSecurityGroup` on ports other than 8011, which is the only port explicitly listening. The focus now is on what specific port range or ports the user has in mind, and if it is already covered. I am verifying the `InternalElbSecurityGroup` once more.",
"timestamp": "2026-01-22T18:05:44.141Z"
}
],
"tokens": {
"input": 19631,
"output": 44,
"cached": 18177,
"thoughts": 1147,
"tool": 0,
"total": 20822
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105144386-1020ef08cf64",
"name": "read_file",
"args": {
"offset": 1292,
"file_path": "mlcluster.template",
"limit": 50
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105144386-1020ef08cf64",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1293-1342 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 1342.\n\n--- FILE CONTENT (truncated) ---\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:05:44.411Z",
"resultDisplay": "Read lines 1293-1342 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "b427f7a8-7d3d-4734-baf1-0a1c22bca0de",
"timestamp": "2026-01-22T18:06:05.740Z",
"type": "gemini",
"content": "I will read `mlcluster.template` around line 1600 to inspect the `AlbTargetGroup1` definition and confirm it can be used with the Internal ALB.",
"thoughts": [
{
"subject": "Investigating Port Conflicts",
"description": "I'm currently working through the port configurations. It seems the internal and external port mappings align perfectly, but the user's request introduces confusion. They want the ECS cluster to access normal ports on the internal ALB. Need to determine how the current port mappings interact with this requirement, especially if there is an issue.",
"timestamp": "2026-01-22T18:05:54.343Z"
},
{
"subject": "Deciphering User Intent",
"description": "I've hit a wall. The port configurations seem correct, mirroring each other, yet the user's request introduces an enigma. They want the ECS cluster to use \"normal ports\" on the internal ALB, mirroring the external ALB's allowed ports. I'm leaning toward missing listeners on the internal ALB as the root cause, since the security groups already allow the traffic.",
"timestamp": "2026-01-22T18:05:58.125Z"
},
{
"subject": "Resolving Listener Deficiencies",
"description": "It seems the user's intent is clarified. After carefully analyzing the configurations, I believe the core issue lies in the Internal ALB lacking listeners for ports 8000-8008, despite the Security Groups permitting traffic. The external ALB has these ports enabled, so I will now focus on mirroring this configuration. I plan to add Target Groups and corresponding Listeners on the internal ALB. Should I reuse the external ALB's target groups, or create new ones? Further analysis is needed.",
"timestamp": "2026-01-22T18:06:00.583Z"
},
{
"subject": "Confirming Listener Requirements",
"description": "I've meticulously analyzed the configurations, and my hypothesis is now firm. The user wants the Internal ALB to expose ports 8000-8008, mirroring the external setup. Despite correct security group rules, the Internal ALB lacks listeners for these ports. The solution involves creating Internal ALB listeners, each forwarding traffic to the existing external ALB's target groups, effectively reusing the target groups and aligning the port exposures.",
"timestamp": "2026-01-22T18:06:03.450Z"
},
{
"subject": "Confirming Target Group Reuse",
"description": "My latest analysis centers on the possibility of reusing the existing target groups (`AlbTargetGroup1` through `AlbTargetGroup9`) for the Internal ALB. These are used by the external listeners. After reviewing the template, I confirmed that the target groups are, in fact, reusable. I've decided to duplicate the existing listeners, but for the Internal ALB, forwarding traffic to the existing external ALB's target groups on ports 8000-8008.",
"timestamp": "2026-01-22T18:06:05.497Z"
}
],
"tokens": {
"input": 20272,
"output": 56,
"cached": 17562,
"thoughts": 1222,
"tool": 0,
"total": 21550
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105165730-6948ce5267d4b",
"name": "read_file",
"args": {
"limit": 100,
"offset": 1600,
"file_path": "mlcluster.template"
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105165730-6948ce5267d4b",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 1601-1700 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 1700.\n\n--- FILE CONTENT (truncated) ---\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets:\n - !Ref PublicSubnet1\n - !If [MultiZone, !Ref PublicSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PublicSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8003\n Protocol: HTTP\n TargetGroupAttributes:"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:06:05.778Z",
"resultDisplay": "Read lines 1601-1700 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "b9b30b21-5240-4806-818a-bd397d03f344",
"timestamp": "2026-01-22T18:06:14.840Z",
"type": "gemini",
"content": "I will read the last 50 lines of `mlcluster.template` to identify the correct position to insert the new listeners, ensuring they are placed before the `Outputs` section.",
"thoughts": [
{
"subject": "Reviewing Reusability and Alignment",
"description": "I've confirmed the reusability of standard Target Groups like `AlbTargetGroup1`. My current focus is expanding the template to include `InternalAlbListener` configurations, specifically mirroring existing `AlbListener` setups but connected to `InternalAlb`.",
"timestamp": "2026-01-22T18:06:12.361Z"
},
{
"subject": "Determining Placement & Sequence",
"description": "I've located the correct insertion point for the `InternalAlbListener` configurations; it's right before the `Outputs` section. The plan is to insert the listeners after `MarklogicInternal8011Listener` to maintain order and structure. I will verify the existing listener configurations to ensure proper mirroring and alignment before proceeding with the addition.",
"timestamp": "2026-01-22T18:06:14.606Z"
}
],
"tokens": {
"input": 21386,
"output": 57,
"cached": 17096,
"thoughts": 264,
"tool": 0,
"total": 21707
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105174839-94ba9cdd48d768",
"name": "read_file",
"args": {
"file_path": "mlcluster.template",
"limit": 50,
"offset": 2000
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105174839-94ba9cdd48d768",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 2001-2027 of 2027 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 2027.\n\n--- FILE CONTENT (truncated) ---\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:06:14.862Z",
"resultDisplay": "Read lines 2001-2027 of 2027 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "be77ac74-cc42-47de-8dbd-4c607a295d7b",
"timestamp": "2026-01-22T18:06:35.620Z",
"type": "gemini",
"content": "I will add listeners for ports 8000-8008 to the Internal ALB in `mlcluster.template`, enabling ECS cluster access to these services via the internal load balancer.",
"thoughts": [
{
"subject": "Defining Listener Structure",
"description": "I'm currently focused on the structure for the listener creation. I've decided to insert new listeners before the `Outputs:` section in the configuration. Now, I'm generating the YAML needed for nine listeners, each on a different port. My initial approach is to define a base structure for a listener and then iterate, modifying port numbers as needed.",
"timestamp": "2026-01-22T18:06:20.547Z"
},
{
"subject": "Building Listener Configurations",
"description": "I'm now generating the YAML for all nine listeners. Each is configured to forward to a specific target group. I'm using a base template and modifying the port and target group references for each iteration, ensuring all depend on the internal ALB.",
"timestamp": "2026-01-22T18:06:22.803Z"
},
{
"subject": "Refining YAML Generation",
"description": "I'm deep in the process of generating the YAML config. I'm using a loop to create the nine listeners, focusing on the `InternalAlbListenerX` format. Each listener will have dependencies on `InternalAlb` and the corresponding target group. Now, I'm working through the properties, defining default actions for each listener. The port number will increment for each, ranging from 8000 to 8008, all using HTTP protocol.",
"timestamp": "2026-01-22T18:06:25.773Z"
},
{
"subject": "Completing YAML Insertion",
"description": "I'm finalizing the YAML creation by generating all nine listeners based on the provided template and replacing the `Outputs:` section in the config. Each listener will have dependencies on the internal ALB and a corresponding target group, ensuring proper routing. I'm focusing on the `DependsOn` attribute, to make sure all components are created in the right order.",
"timestamp": "2026-01-22T18:06:27.742Z"
}
],
"tokens": {
"input": 21782,
"output": 1013,
"cached": 19864,
"thoughts": 939,
"tool": 0,
"total": 23734
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "replace-1769105195619-1a2c07576ccd38",
"name": "replace",
"args": {
"file_path": "/Users/bob/git/dxw/marklogic-cf-templates/mlcluster.template",
"old_string": "Outputs:",
"instruction": "Add InternalAlbListener1 through InternalAlbListener9 to the template before the Outputs section. These listeners should be attached to InternalAlb and forward to AlbTargetGroup1 through AlbTargetGroup9, mirroring the configuration of AlbListener1 through AlbListener9 but for the internal load balancer. Each listener corresponds to a port from 8000 to 8008.",
"new_string": " InternalAlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8000\n Protocol: HTTP\n InternalAlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8001\n Protocol: HTTP\n InternalAlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8002\n Protocol: HTTP\n InternalAlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8003\n Protocol: HTTP\n InternalAlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8004\n Protocol: HTTP\n InternalAlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8005\n Protocol: HTTP\n InternalAlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8006\n Protocol: HTTP\n InternalAlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8007\n Protocol: HTTP\n InternalAlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8008\n Protocol: HTTP\nOutputs:"
},
"result": [
{
"functionResponse": {
"id": "replace-1769105195619-1a2c07576ccd38",
"name": "replace",
"response": {
"output": "Successfully modified file: /Users/bob/git/dxw/marklogic-cf-templates/mlcluster.template (1 replacements)."
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:06:45.042Z",
"resultDisplay": {
"fileDiff": "Index: mlcluster.template\n===================================================================\n--- mlcluster.template\tCurrent\n+++ mlcluster.template\tProposed\n@@ -2017,6 +2017,123 @@\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\n+ InternalAlbListener1:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup1\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup1\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8000\n+ Protocol: HTTP\n+ InternalAlbListener2:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup2\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup2\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8001\n+ Protocol: HTTP\n+ InternalAlbListener3:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup3\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup3\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8002\n+ Protocol: HTTP\n+ InternalAlbListener4:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup4\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup4\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8003\n+ Protocol: HTTP\n+ InternalAlbListener5:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup5\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup5\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8004\n+ Protocol: HTTP\n+ InternalAlbListener6:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup6\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup6\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8005\n+ Protocol: HTTP\n+ InternalAlbListener7:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup7\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup7\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8006\n+ Protocol: HTTP\n+ InternalAlbListener8:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup8\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup8\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8007\n+ Protocol: HTTP\n+ InternalAlbListener9:\n+ Condition: MultiZone\n+ Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n+ DependsOn:\n+ - InternalAlb\n+ - AlbTargetGroup9\n+ Properties:\n+ DefaultActions:\n+ - TargetGroupArn: !Ref AlbTargetGroup9\n+ Type: forward\n+ LoadBalancerArn: !Ref InternalAlb\n+ Port: 8008\n+ Protocol: HTTP\n Outputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n",
"fileName": "mlcluster.template",
"filePath": "/Users/bob/git/dxw/marklogic-cf-templates/mlcluster.template",
"originalContent": "AWSTemplateFormatVersion: 2010-09-09\nDescription: Deploy a MarkLogic Cluster on AWS in existing VPC (Virtual Private Cloud).\nMetadata:\n version: 12.0.1\n binary: MarkLogic-12.0.1-rhel.x86_64.rpm\n AWS::CloudFormation::Interface:\n ParameterGroups:\n - Label:\n default: \"Resource Configuration\"\n Parameters:\n - IAMRole\n - VolumeSize\n - VolumeType\n - VolumeIOPS\n - VolumeThroughput\n - VolumeEncryption\n - VolumeEncryptionKey\n - InstanceType\n - SpotPrice\n - KeyName\n - NumberOfZones\n - NodesPerZone\n - AZ\n - LogSNS\n - Label:\n default: \"Network Configuration\"\n Parameters:\n - VPC\n - PublicSubnet1\n - PublicSubnet2\n - PublicSubnet3\n - PrivateSubnet1\n - PrivateSubnet2\n - PrivateSubnet3\n - ExternalAccessCidrIP\n - ECSSecurityGroup\n - Label:\n default: \"MarkLogic Configuration\"\n Parameters:\n - AdminUser\n - AdminPass\n - Licensee\n - LicenseKey\n ParameterLabels:\n AdminUser:\n default: Admin User\n AdminPass:\n default: Admin password\n Licensee:\n default: Licensee\n LicenseKey:\n default: License Key\n IAMRole:\n default: IAM Role\n LogSNS:\n default: Logging SNS ARN\n VolumeSize:\n default: Volume Size\n VolumeType:\n default: Volume Type\n VolumeIOPS:\n default: Volume Iops\n VolumeThroughput:\n default: Volume Throughput\n VolumeEncryption:\n default: Volume Encryption\n VolumeEncryptionKey:\n default: Volume Encryption Key ARN\n InstanceType:\n default: Instance Type\n SpotPrice:\n default: Spot Price\n KeyName:\n default: SSH Key Name\n NumberOfZones:\n default: Number of Zones\n NodesPerZone:\n default: Nodes per Zone\n AZ:\n default: Availability Zone\n VPC:\n default: VPC\n PublicSubnet1:\n default: Public Subnet 1\n PublicSubnet2:\n default: Public Subnet 2\n PublicSubnet3:\n default: Public Subnet 3\n PrivateSubnet1:\n default: Private Subnet 1\n PrivateSubnet2:\n default: Private Subnet 2\n PrivateSubnet3:\n default: Private Subnet 3\n ExternalAccessCidrIP:\n default: External IP address range for access to admin site\n ECSSecurityGroup:\n default: the security group the ecs cluster is in\nParameters:\n # resource configuration\n IAMRole:\n Description: IAM Role\n Type: String\n VolumeSize:\n Description: The EBS Data volume size (GB) for all nodes\n Type: Number\n MinValue: '10'\n MaxValue: '1000'\n Default: '50'\n VolumeType:\n Description: The EBS Data volume Type\n Type: String\n AllowedValues:\n - standard\n - gp2\n - gp3\n Default: gp3\n VolumeIOPS:\n Description: The number of I/O operations per second for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '3000'\n MaxValue: '16000'\n Default: '3000'\n VolumeThroughput:\n Description: The throughput to provision for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '125'\n MaxValue: '1000'\n Default: '125'\n VolumeEncryption:\n Description: Whether to enable volume encryption\n Type: String\n AllowedValues:\n - enable\n - disable\n Default: enable\n VolumeEncryptionKey:\n Description: The key ID of AWS KMS key to encrypt volumes - Optional\n Type: String\n Default: \"\"\n InstanceType:\n Description: Type of EC2 instance to launch\n Type: String\n Default: r5.4xlarge\n AllowedValues:\n - ---- Pay-As-You-Go and Bring-Your-Own-License ----\n - c3.xlarge\n - c3.2xlarge\n - c3.4xlarge\n - c3.8xlarge\n - c4.xlarge\n - c4.2xlarge\n - c4.4xlarge\n - c4.8xlarge\n - c5.xlarge\n - c5.2xlarge\n - c5.4xlarge\n - c5.9xlarge\n - c5.12xlarge\n - c5.18xlarge\n - c5.24xlarge\n - c5a.xlarge\n - c5a.2xlarge\n - c5a.4xlarge\n - c5a.8xlarge\n - c5a.12xlarge\n - c5a.16xlarge\n - c5a.24xlarge\n - c5ad.xlarge\n - c5ad.2xlarge\n - c5ad.4xlarge\n - c5ad.8xlarge\n - c5ad.12xlarge\n - c5ad.16xlarge\n - c5ad.24xlarge\n - c5d.xlarge\n - c5d.2xlarge\n - c5d.4xlarge\n - c5d.9xlarge\n - c5d.12xlarge\n - c5d.18xlarge\n - c5d.24xlarge\n - c5n.xlarge\n - c5n.2xlarge\n - c5n.4xlarge\n - c5n.9xlarge\n - c5n.18xlarge\n - c6a.xlarge\n - c6a.2xlarge\n - c6a.4xlarge\n - c6a.8xlarge\n - c6a.12xlarge\n - c6a.16xlarge\n - c6a.24xlarge\n - c6a.32xlarge\n - c6a.48xlarge\n - c6i.xlarge\n - c6i.2xlarge\n - c6i.4xlarge\n - c6i.8xlarge\n - c6i.12xlarge\n - c6i.16xlarge\n - c6i.24xlarge\n - c6i.32xlarge\n - c6id.xlarge\n - c6id.2xlarge\n - c6id.4xlarge\n - c6id.8xlarge\n - c6id.12xlarge\n - c6id.16xlarge\n - c6id.24xlarge\n - c6id.32xlarge\n - c7i.xlarge\n - c7i.2xlarge\n - c7i.4xlarge\n - c7i.8xlarge\n - c7i.12xlarge\n - c7i.16xlarge\n - c7i.24xlarge\n - c7i.48xlarge\n - c7i-flex.xlarge\n - c7i-flex.2xlarge\n - c7i-flex.4xlarge\n - c7i-flex.8xlarge\n - c7i-flex.12xlarge\n - c7i-flex.16xlarge\n - c7a.xlarge\n - c7a.2xlarge\n - c7a.4xlarge\n - c7a.8xlarge\n - c7a.12xlarge\n - c7a.16xlarge\n - c7a.24xlarge\n - c7a.32xlarge\n - c7a.48xlarge\n - c8i.xlarge\n - c8i.2xlarge\n - c8i.4xlarge\n - c8i.8xlarge\n - c8i.12xlarge\n - c8i.16xlarge\n - c8i.24xlarge\n - c8i.32xlarge\n - c8i.48xlarge\n - c8i.96xlarge\n - c8i-flex.xlarge\n - c8i-flex.2xlarge\n - c8i-flex.4xlarge\n - c8i-flex.8xlarge\n - c8i-flex.12xlarge\n - c8i-flex.16xlarge\n - i2.2xlarge\n - i2.4xlarge\n - i2.8xlarge\n - i2.xlarge\n - i3.xlarge\n - i3.2xlarge\n - i3.4xlarge\n - i3.8xlarge\n - i3.16xlarge\n - i3en.xlarge\n - i3en.2xlarge\n - i3en.3xlarge\n - i3en.6xlarge\n - i3en.12xlarge\n - i3en.24xlarge\n - i4i.xlarge\n - i4i.2xlarge\n - i4i.4xlarge\n - i4i.8xlarge\n - i4i.12xlarge\n - i4i.16xlarge\n - i4i.24xlarge\n - i4i.32xlarge\n - i7ie.xlarge\n - i7ie.2xlarge\n - i7ie.3xlarge\n - i7ie.6xlarge\n - i7ie.12xlarge\n - i7ie.18xlarge\n - i7ie.24xlarge\n - i7ie.48xlarge\n - m3.xlarge\n - m3.2xlarge\n - m4.xlarge\n - m4.2xlarge\n - m4.4xlarge\n - m4.10xlarge\n - m4.16xlarge\n - m5.xlarge\n - m5.2xlarge\n - m5.4xlarge\n - m5.8xlarge\n - m5.12xlarge\n - m5.16xlarge\n - m5.24xlarge\n - m5a.xlarge\n - m5a.2xlarge\n - m5a.4xlarge\n - m5a.8xlarge\n - m5a.12xlarge\n - m5a.16xlarge\n - m5a.24xlarge\n - m5d.xlarge\n - m5d.2xlarge\n - m5d.4xlarge\n - m5d.8xlarge\n - m5d.16xlarge\n - m5d.12xlarge\n - m5d.24xlarge\n - m5ad.xlarge\n - m5ad.2xlarge\n - m5ad.4xlarge\n - m5ad.8xlarge\n - m5ad.12xlarge\n - m5ad.16xlarge\n - m5ad.24xlarge\n - m5zn.xlarge\n - m5zn.2xlarge\n - m5zn.3xlarge\n - m5zn.6xlarge\n - m5zn.12xlarge\n - m5n.xlarge\n - m5n.2xlarge\n - m5n.4xlarge\n - m5n.8xlarge\n - m5n.12xlarge\n - m5n.16xlarge\n - m5n.24xlarge\n - m5dn.xlarge\n - m5dn.2xlarge\n - m5dn.4xlarge\n - m5dn.8xlarge\n - m5dn.12xlarge\n - m5dn.16xlarge\n - m5dn.24xlarge\n - m6a.xlarge\n - m6a.2xlarge\n - m6a.4xlarge\n - m6a.8xlarge\n - m6a.12xlarge\n - m6a.16xlarge\n - m6a.24xlarge\n - m6a.32xlarge\n - m6a.48xlarge\n - m6i.xlarge\n - m6i.2xlarge\n - m6i.4xlarge\n - m6i.8xlarge\n - m6i.12xlarge\n - m6i.16xlarge\n - m6i.24xlarge\n - m6i.32xlarge\n - m6id.xlarge\n - m6id.2xlarge\n - m6id.4xlarge\n - m6id.8xlarge\n - m6id.12xlarge\n - m6id.16xlarge\n - m6id.24xlarge\n - m6id.32xlarge\n - m7i.xlarge\n - m7i.2xlarge\n - m7i.4xlarge\n - m7i.8xlarge\n - m7i.12xlarge\n - m7i.16xlarge\n - m7i.24xlarge\n - m7i.48xlarge\n - m7i-flex.xlarge\n - m7i-flex.2xlarge\n - m7i-flex.4xlarge\n - m7i-flex.8xlarge\n - m7i-flex.12xlarge\n - m7i-flex.16xlarge\n - m7a.xlarge\n - m7a.2xlarge\n - m7a.4xlarge\n - m7a.8xlarge\n - m7a.12xlarge\n - m7a.16xlarge\n - m7a.24xlarge\n - m7a.32xlarge\n - m7a.48xlarge\n - m8a.xlarge\n - m8a.2xlarge\n - m8a.4xlarge\n - m8a.8xlarge\n - m8a.12xlarge\n - m8a.16xlarge\n - m8a.24xlarge\n - m8a.48xlarge\n - m8i.xlarge\n - m8i.2xlarge\n - m8i.4xlarge\n - m8i.8xlarge\n - m8i.12xlarge\n - m8i.16xlarge\n - m8i.24xlarge\n - m8i.32xlarge\n - m8i.48xlarge\n - m8i.96xlarge\n - m8i-flex.xlarge\n - m8i-flex.2xlarge\n - m8i-flex.4xlarge\n - m8i-flex.8xlarge\n - m8i-flex.12xlarge\n - m8i-flex.16xlarge\n - r3.xlarge\n - r3.2xlarge\n - r3.4xlarge\n - r3.8xlarge\n - r4.xlarge\n - r4.2xlarge\n - r4.4xlarge\n - r4.8xlarge\n - r4.16xlarge\n - r5.xlarge\n - r5.2xlarge\n - r5.4xlarge\n - r5.8xlarge\n - r5.12xlarge\n - r5.16xlarge\n - r5.24xlarge\n - r5a.xlarge\n - r5a.2xlarge\n - r5a.4xlarge\n - r5a.8xlarge\n - r5a.12xlarge\n - r5a.16xlarge\n - r5a.24xlarge\n - r5ad.xlarge\n - r5ad.2xlarge\n - r5ad.4xlarge\n - r5ad.8xlarge\n - r5ad.12xlarge\n - r5ad.16xlarge\n - r5ad.24xlarge\n - r5b.xlarge\n - r5b.2xlarge\n - r5b.4xlarge\n - r5b.8xlarge\n - r5b.12xlarge\n - r5b.16xlarge\n - r5b.24xlarge\n - r5d.xlarge\n - r5d.2xlarge\n - r5d.4xlarge\n - r5d.8xlarge\n - r5d.12xlarge\n - r5d.16xlarge\n - r5d.24xlarge\n - r5dn.xlarge\n - r5dn.2xlarge\n - r5dn.4xlarge\n - r5dn.8xlarge\n - r5dn.12xlarge\n - r5dn.16xlarge\n - r5dn.24xlarge\n - r5n.xlarge\n - r5n.2xlarge\n - r5n.4xlarge\n - r5n.8xlarge\n - r5n.12xlarge\n - r5n.16xlarge\n - r5n.24xlarge\n - r6a.xlarge\n - r6a.2xlarge\n - r6a.4xlarge\n - r6a.8xlarge\n - r6a.12xlarge\n - r6a.16xlarge\n - r6a.24xlarge\n - r6a.32xlarge\n - r6a.48xlarge\n - r6i.xlarge\n - r6i.2xlarge\n - r6i.4xlarge\n - r6i.8xlarge\n - r6i.12xlarge\n - r6i.16xlarge\n - r6i.24xlarge\n - r6i.32xlarge\n - r6id.xlarge\n - r6id.2xlarge\n - r6id.4xlarge\n - r6id.8xlarge\n - r6id.12xlarge\n - r6id.16xlarge\n - r6id.24xlarge\n - r6id.32xlarge\n - r7i.xlarge\n - r7i.2xlarge\n - r7i.4xlarge\n - r7i.8xlarge\n - r7i.12xlarge\n - r7i.16xlarge\n - r7i.24xlarge\n - r7i.48xlarge\n - r7iz.xlarge\n - r7iz.2xlarge\n - r7iz.4xlarge\n - r7iz.8xlarge\n - r7iz.12xlarge\n - r7iz.16xlarge\n - r7iz.32xlarge\n - r7a.xlarge\n - r7a.2xlarge\n - r7a.4xlarge\n - r7a.8xlarge\n - r7a.12xlarge\n - r7a.16xlarge\n - r7a.24xlarge\n - r7a.32xlarge\n - r7a.48xlarge\n - r8a.xlarge\n - r8a.2xlarge\n - r8a.4xlarge\n - r8a.8xlarge\n - r8a.12xlarge\n - r8a.16xlarge\n - r8a.24xlarge\n - r8a.48xlarge\n - r8i.xlarge\n - r8i.2xlarge\n - r8i.4xlarge\n - r8i.8xlarge\n - r8i.12xlarge\n - r8i.16xlarge\n - r8i.24xlarge\n - r8i.32xlarge\n - r8i.48xlarge\n - r8i.96xlarge\n - r8i-flex.xlarge\n - r8i-flex.2xlarge\n - r8i-flex.4xlarge\n - r8i-flex.8xlarge\n - r8i-flex.12xlarge\n - r8i-flex.16xlarge\n - x1.16xlarge\n - x1.32xlarge\n - x1e.xlarge\n - x1e.2xlarge\n - x1e.4xlarge\n - x1e.8xlarge\n - x1e.16xlarge\n - x1e.32xlarge\n - x2idn.16xlarge\n - x2idn.24xlarge\n - x2idn.32xlarge\n - x2iedn.xlarge\n - x2iedn.2xlarge\n - x2iedn.4xlarge\n - x2iedn.8xlarge\n - x2iedn.16xlarge\n - x2iedn.24xlarge\n - x2iedn.32xlarge\n - x2iezn.2xlarge\n - x2iezn.4xlarge\n - x2iezn.6xlarge\n - x2iezn.8xlarge\n - x2iezn.12xlarge\n - d2.xlarge\n - d2.2xlarge\n - d2.4xlarge\n - d2.8xlarge\n - d3.xlarge\n - d3.2xlarge\n - d3.4xlarge\n - d3.8xlarge\n - d3en.xlarge\n - d3en.2xlarge\n - d3en.4xlarge\n - d3en.6xlarge\n - d3en.8xlarge\n - d3en.12xlarge\n - dl1.24xlarge\n - h1.2xlarge\n - h1.4xlarge\n - h1.8xlarge\n - h1.16xlarge\n - inf1.xlarge\n - inf1.2xlarge\n - inf1.6xlarge\n - inf1.24xlarge\n - trn1.2xlarge\n - trn1.32xlarge\n - u-3tb1.56xlarge\n - u-6tb1.56xlarge\n - u-6tb1.112xlarge\n - u-9tb1.112xlarge\n - u-12tb1.112xlarge\n - u-18tb1.112xlarge\n - vt1.3xlarge\n - vt1.6xlarge\n - vt1.24xlarge\n - z1d.xlarge\n - z1d.2xlarge\n - z1d.3xlarge\n - z1d.6xlarge\n - z1d.12xlarge\n - -------------- Bring-Your-Own-License Only --------------\n - c3.large\n - c4.large\n - c5.metal\n - c5.large\n - c5a.large\n - c5ad.large\n - c5d.metal\n - c5d.large\n - c5n.large\n - c5n.metal\n - c6a.large\n - c6a.metal\n - c6i.large\n - c6i.metal\n - c6id.large\n - c6id.metal\n - c7i.large\n - c7i.metal-24xl\n - c7i.metal-48xl\n - c7i-flex.large\n - c7a.medium\n - c7a.large\n - c7a.metal-48xl\n - c8i.large\n - c8i.metal-48xl\n - c8i.metal-96xl\n - c8i-flex.large\n - i3.large\n - i3.metal\n - i3en.large\n - i3en.metal\n - i4i.large\n - i4i.metal\n - i7ie.large\n - i7ie.metal-24xl\n - i7ie.metal-48xl\n - m3.large\n - m3.medium\n - m4.large\n - m5.metal\n - m5.large\n - m5a.large\n - m5ad.large\n - m5d.metal\n - m5d.large\n - m5zn.large\n - m5zn.metal\n - m5n.large\n - m5n.metal\n - m5dn.large\n - m5dn.metal\n - m6a.large\n - m6a.metal\n - m6i.large\n - m6i.metal\n - m6id.large\n - m6id.metal\n - m7i.large\n - m7i.metal-24xl\n - m7i.metal-48xl\n - m7i-flex.large\n - m7a.medium\n - m7a.large\n - m7a.metal-48xl\n - m8a.medium\n - m8a.large\n - m8a.metal-24xl\n - m8a.metal-48xl\n - m8i.large\n - m8i.metal-48xl\n - m8i.metal-96xl\n - m8i-flex.large\n - r3.large\n - r4.large\n - r5.metal\n - r5.large\n - r5a.large\n - r5d.metal\n - r5ad.large\n - r5d.large\n - r5dn.large\n - r5dn.metal\n - r5b.large\n - r5b.metal\n - r5n.large\n - r5n.metal\n - r6a.large\n - r6a.metal\n - r6i.large\n - r6i.metal\n - r6id.large\n - r6id.metal\n - r7i.large\n - r7i.metal-24xl\n - r7i.metal-48xl\n - r7iz.large\n - r7iz.metal-16xl\n - r7iz.metal-32xl\n - r7a.medium\n - r7a.large\n - r7a.metal-48xl\n - r8a.medium\n - r8a.large\n - r8a.metal-24xl\n - r8a.metal-48xl\n - r8i.large\n - r8i.metal-48xl\n - r8i.metal-96xl\n - r8i-flex.large\n - t2.2xlarge\n - t2.large\n - t2.medium\n - t2.micro\n - t2.nano\n - t2.small\n - t2.xlarge\n - t3.2xlarge\n - t3.large\n - t3.medium\n - t3.micro\n - t3.nano\n - t3.small\n - t3.xlarge\n - t3a.2xlarge\n - t3a.large\n - t3a.medium\n - t3a.micro\n - t3a.nano\n - t3a.small\n - t3a.xlarge\n - x2idn.metal\n - x2iedn.metal\n - x2iezn.metal\n - z1d.metal\n - z1d.large\n SpotPrice:\n Description: Spot price for instances in USD/Hour - Optional/advanced\n Type: Number\n MinValue: '0'\n MaxValue: '2'\n Default: '0'\n KeyName:\n Description: Name of an existing EC2 KeyPair to enable SSH access to the instance\n Type: String\n NumberOfZones:\n Description: Total number of Availability Zones, which can be 1 or 3. Load balancer type depends on the number of zones selected. Select 3 zones for Application Load Balancer (OR) Select 1 zone for Classic Load Balancer.\n Type: Number\n AllowedValues:\n - 1\n - 3\n Default: 3\n NodesPerZone:\n Description: Total number of nodes per Zone. Set to 0 to shutdown/hibernate\n Type: Number\n MinValue: '0'\n MaxValue: '20'\n Default: '1'\n AZ:\n Description: The Availability Zones for VPC subnets. Accept either 1 zone or 3 zones. In the order of Subnet 1, Subnet 2 and Subnet 3 (if applicable).\n Type: 'List<AWS::EC2::AvailabilityZone::Name>'\n LogSNS:\n Description: SNS Topic for logging - optional/advanced.\n Type: String\n Default: none\n # network configuration\n VPC:\n Description: ID of an existing Virtual Private Cloud (VPC)\n Type: 'AWS::EC2::VPC::Id'\n PublicSubnet1:\n Description: The public subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet2:\n Description: The public subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet3:\n Description: The public subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet1:\n Description: The private subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet2:\n Description: The private subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet3:\n Description: The private subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n ExternalAccessCidrIP:\n Description: A CIDR IP range to allow external access from\n Type: String\n Default: 54.76.254.148/32\n ECSSecurityGroup:\n Description: the security group the ECS cluster is in\n Type: 'AWS::EC2::SecurityGroup::Id'\n\n # marklogic configuration\n AdminUser:\n Description: The MarkLogic administrator username\n Type: String\n AdminPass:\n Description: The MarkLogic administrator password\n Type: String\n NoEcho: 'true'\n AllowedPattern: >-\n ^(?!.*[*]).*$\n ConstraintDescription: Admin password must contain any characters except asterisk (*).\n Licensee:\n Description: The MarkLogic Licensee or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\n LicenseKey:\n Description: The MarkLogic License Key or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\nConditions:\n UseLogSNS: !Not [!Equals [!Ref LogSNS, \"none\"]]\n UseSpot: !Not\n - !Equals\n - !Ref SpotPrice\n - 0\n #MultiZone (3 zones) and SingleZone conditions used for the conditional resource creation based on number of zones selected.\n MultiZone:\n !Not [!Equals [!Ref NumberOfZones, 1]]\n SingleZone: !Equals [!Ref NumberOfZones, 1]\n PAYG:\n !Or [ !And [!Equals [!Ref LicenseKey, ''], !Equals [!Ref Licensee, '']], !And [!Equals [!Ref LicenseKey, 'none'], !Equals [!Ref Licensee, 'none']] ]\n UseVolumeEncryption: !Equals [!Ref VolumeEncryption, 'enable']\n HasCustomEBSKey: !Not [!Equals [!Ref VolumeEncryptionKey, '']]\n GP3: !Equals [!Ref VolumeType, 'gp3']\nMappings:\n Variable:\n LambdaPackageBucket:\n base: 'ml-db-lambda-'\n TemplateUrl:\n base: 'https://s3.amazonaws.com/marklogic-db-template-releases'\n S3Directory:\n base: '12.0.1'\n LicenseRegion2AMI:\n us-east-1:\n PAYGAl2023: ami-0198b8931e9597271\n BYOLAl2023: ami-0a8536507241f95b0\n us-east-2:\n PAYGAl2023: ami-0877b64dae8264415\n BYOLAl2023: ami-082cc98b2c01e486a\n us-west-1:\n PAYGAl2023: ami-07890fc78f4ddfa20\n BYOLAl2023: ami-05c9a962410c2821b\n us-west-2:\n PAYGAl2023: ami-0577eb149c9e0f53f\n BYOLAl2023: ami-0262dd8d014bf71ba\n eu-central-1:\n PAYGAl2023: ami-06348556399c8ab69\n BYOLAl2023: ami-00cb5a3527e7c0d11\n eu-west-1:\n PAYGAl2023: ami-0fa7bc44cd9ab1f85\n BYOLAl2023: ami-0bc2b4d46367806b0\n ap-south-1:\n PAYGAl2023: ami-0f481ba0a6819ced6\n BYOLAl2023: ami-00b59374107e5efb6\n ap-southeast-1:\n PAYGAl2023: ami-0c373c6c8a2316c80\n BYOLAl2023: ami-0b9bd265ef165a07b\n ap-southeast-2:\n PAYGAl2023: ami-0c65a907408226a3e\n BYOLAl2023: ami-02bad1ef2c6d4a91a\n ap-northeast-1:\n PAYGAl2023: ami-0254bc4adaf13e3b9\n BYOLAl2023: ami-07e8b312b1016bf67\n ap-northeast-2:\n PAYGAl2023: ami-05995b5f5807873d7\n BYOLAl2023: ami-0afd77ba0d7a0c129\n sa-east-1:\n PAYGAl2023: ami-05ec8fee12de236a5\n BYOLAl2023: ami-09d883ea308449555\n eu-west-2:\n PAYGAl2023: ami-0f5cff9d243f31521\n BYOLAl2023: ami-0588d104a52fbc326\n ca-central-1:\n PAYGAl2023: ami-0f34d118b23b51bf5\n BYOLAl2023: ami-0c78eccd03e957005\n eu-west-3:\n PAYGAl2023: ami-01fa9155eb17992c5\n BYOLAl2023: ami-0637199acc5327534\nResources:\n ManagedEniStack:\n Type: AWS::CloudFormation::Stack\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n NodesPerZone: !Ref NodesPerZone\n NumberOfZones: !Ref NumberOfZones\n Subnets: !If [MultiZone, !Join [',', [!Ref PrivateSubnet1, !Ref PrivateSubnet2, !Ref PrivateSubnet3]], !Ref PrivateSubnet1]\n ParentStackName: !Ref 'AWS::StackName'\n ParentStackId: !Ref 'AWS::StackId'\n SecurityGroup: !Ref InstanceSecurityGroup\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-managedeni.template']]\n TimeoutInMinutes: 5\n NodeMgrLambdaStack:\n Type: AWS::CloudFormation::Stack\n DependsOn: ManagedEniStack\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-nodemanager.template']]\n TimeoutInMinutes: 5\n MarklogicVolume1:\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [0, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupA-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c81032f7-b0ec-47ca-a236-e24d57b49ae3\n MarklogicVolume2:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [1, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupB-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: ddb55ae1-a00b-42ed-addd-5e03e4a2764b\n MarklogicVolume3:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [2, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupC-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 9094a65e-9d01-4c4c-9586-c33720e2cc9c\n MarkLogicDDBTable:\n Type: 'AWS::DynamoDB::Table'\n Properties:\n AttributeDefinitions:\n - AttributeName: node\n AttributeType: S\n KeySchema:\n - KeyType: HASH\n AttributeName: node\n ProvisionedThroughput:\n WriteCapacityUnits: '10'\n ReadCapacityUnits: '10'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e7190602-c2de-47ab-81e7-1315f8c01e2d\n #AutoScalingGroup used for SingleZone deployments that is connected to Classic Load Balancer.\n MarkLogicServerGroup:\n Condition: SingleZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup1:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup2:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet2\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp2\n Version: !GetAtt LaunchTemp2.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 87d75478-787a-41d5-bb21-9de6fe4b662e\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup3:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet3\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp3\n Version: !GetAtt LaunchTemp3.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: bbd8314a-6e59-4102-9ed5-232739dd0dfa\n InstanceSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n InstanceSecurityGroupIngress:\n Type: 'AWS::EC2::SecurityGroupIngress'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n IpProtocol: tcp\n FromPort: '0'\n ToPort: '65355'\n GroupId: !Ref InstanceSecurityGroup\n SourceSecurityGroupId: !Ref InstanceSecurityGroup\n InternalElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume1\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeA#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=1\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 2efb8cfb-df53-401d-8ff2-34af0dd25993\n LaunchTemp2:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume2\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeB#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c8296a50-a29e-4646-aa74-8f1b735a9a3f\n LaunchTemp3:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume3\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeC#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets:\n - !Ref PublicSubnet1\n - !If [MultiZone, !Ref PublicSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PublicSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8003\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8004\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8005\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8006\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8007\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8008\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicExternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n #Descriptions of the 9 Listeners for MultiZone deployments (3 zones). Each Listener connects Application Load Balancer to a TargetGroup with a particular port.\n AlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8000\n Protocol: HTTP\n AlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8001\n Protocol: HTTP\n AlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8002\n Protocol: HTTP\n AlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8003\n Protocol: HTTP\n AlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8004\n Protocol: HTTP\n AlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8005\n Protocol: HTTP\n AlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8006\n Protocol: HTTP\n AlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8007\n Protocol: HTTP\n AlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8008\n Protocol: HTTP\n MarklogicExternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - MarklogicExternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'",
"newContent": "AWSTemplateFormatVersion: 2010-09-09\nDescription: Deploy a MarkLogic Cluster on AWS in existing VPC (Virtual Private Cloud).\nMetadata:\n version: 12.0.1\n binary: MarkLogic-12.0.1-rhel.x86_64.rpm\n AWS::CloudFormation::Interface:\n ParameterGroups:\n - Label:\n default: \"Resource Configuration\"\n Parameters:\n - IAMRole\n - VolumeSize\n - VolumeType\n - VolumeIOPS\n - VolumeThroughput\n - VolumeEncryption\n - VolumeEncryptionKey\n - InstanceType\n - SpotPrice\n - KeyName\n - NumberOfZones\n - NodesPerZone\n - AZ\n - LogSNS\n - Label:\n default: \"Network Configuration\"\n Parameters:\n - VPC\n - PublicSubnet1\n - PublicSubnet2\n - PublicSubnet3\n - PrivateSubnet1\n - PrivateSubnet2\n - PrivateSubnet3\n - ExternalAccessCidrIP\n - ECSSecurityGroup\n - Label:\n default: \"MarkLogic Configuration\"\n Parameters:\n - AdminUser\n - AdminPass\n - Licensee\n - LicenseKey\n ParameterLabels:\n AdminUser:\n default: Admin User\n AdminPass:\n default: Admin password\n Licensee:\n default: Licensee\n LicenseKey:\n default: License Key\n IAMRole:\n default: IAM Role\n LogSNS:\n default: Logging SNS ARN\n VolumeSize:\n default: Volume Size\n VolumeType:\n default: Volume Type\n VolumeIOPS:\n default: Volume Iops\n VolumeThroughput:\n default: Volume Throughput\n VolumeEncryption:\n default: Volume Encryption\n VolumeEncryptionKey:\n default: Volume Encryption Key ARN\n InstanceType:\n default: Instance Type\n SpotPrice:\n default: Spot Price\n KeyName:\n default: SSH Key Name\n NumberOfZones:\n default: Number of Zones\n NodesPerZone:\n default: Nodes per Zone\n AZ:\n default: Availability Zone\n VPC:\n default: VPC\n PublicSubnet1:\n default: Public Subnet 1\n PublicSubnet2:\n default: Public Subnet 2\n PublicSubnet3:\n default: Public Subnet 3\n PrivateSubnet1:\n default: Private Subnet 1\n PrivateSubnet2:\n default: Private Subnet 2\n PrivateSubnet3:\n default: Private Subnet 3\n ExternalAccessCidrIP:\n default: External IP address range for access to admin site\n ECSSecurityGroup:\n default: the security group the ecs cluster is in\nParameters:\n # resource configuration\n IAMRole:\n Description: IAM Role\n Type: String\n VolumeSize:\n Description: The EBS Data volume size (GB) for all nodes\n Type: Number\n MinValue: '10'\n MaxValue: '1000'\n Default: '50'\n VolumeType:\n Description: The EBS Data volume Type\n Type: String\n AllowedValues:\n - standard\n - gp2\n - gp3\n Default: gp3\n VolumeIOPS:\n Description: The number of I/O operations per second for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '3000'\n MaxValue: '16000'\n Default: '3000'\n VolumeThroughput:\n Description: The throughput to provision for a gp3 volume. This parameter is only applicable for a gp3 volume\n Type: Number\n MinValue: '125'\n MaxValue: '1000'\n Default: '125'\n VolumeEncryption:\n Description: Whether to enable volume encryption\n Type: String\n AllowedValues:\n - enable\n - disable\n Default: enable\n VolumeEncryptionKey:\n Description: The key ID of AWS KMS key to encrypt volumes - Optional\n Type: String\n Default: \"\"\n InstanceType:\n Description: Type of EC2 instance to launch\n Type: String\n Default: r5.4xlarge\n AllowedValues:\n - ---- Pay-As-You-Go and Bring-Your-Own-License ----\n - c3.xlarge\n - c3.2xlarge\n - c3.4xlarge\n - c3.8xlarge\n - c4.xlarge\n - c4.2xlarge\n - c4.4xlarge\n - c4.8xlarge\n - c5.xlarge\n - c5.2xlarge\n - c5.4xlarge\n - c5.9xlarge\n - c5.12xlarge\n - c5.18xlarge\n - c5.24xlarge\n - c5a.xlarge\n - c5a.2xlarge\n - c5a.4xlarge\n - c5a.8xlarge\n - c5a.12xlarge\n - c5a.16xlarge\n - c5a.24xlarge\n - c5ad.xlarge\n - c5ad.2xlarge\n - c5ad.4xlarge\n - c5ad.8xlarge\n - c5ad.12xlarge\n - c5ad.16xlarge\n - c5ad.24xlarge\n - c5d.xlarge\n - c5d.2xlarge\n - c5d.4xlarge\n - c5d.9xlarge\n - c5d.12xlarge\n - c5d.18xlarge\n - c5d.24xlarge\n - c5n.xlarge\n - c5n.2xlarge\n - c5n.4xlarge\n - c5n.9xlarge\n - c5n.18xlarge\n - c6a.xlarge\n - c6a.2xlarge\n - c6a.4xlarge\n - c6a.8xlarge\n - c6a.12xlarge\n - c6a.16xlarge\n - c6a.24xlarge\n - c6a.32xlarge\n - c6a.48xlarge\n - c6i.xlarge\n - c6i.2xlarge\n - c6i.4xlarge\n - c6i.8xlarge\n - c6i.12xlarge\n - c6i.16xlarge\n - c6i.24xlarge\n - c6i.32xlarge\n - c6id.xlarge\n - c6id.2xlarge\n - c6id.4xlarge\n - c6id.8xlarge\n - c6id.12xlarge\n - c6id.16xlarge\n - c6id.24xlarge\n - c6id.32xlarge\n - c7i.xlarge\n - c7i.2xlarge\n - c7i.4xlarge\n - c7i.8xlarge\n - c7i.12xlarge\n - c7i.16xlarge\n - c7i.24xlarge\n - c7i.48xlarge\n - c7i-flex.xlarge\n - c7i-flex.2xlarge\n - c7i-flex.4xlarge\n - c7i-flex.8xlarge\n - c7i-flex.12xlarge\n - c7i-flex.16xlarge\n - c7a.xlarge\n - c7a.2xlarge\n - c7a.4xlarge\n - c7a.8xlarge\n - c7a.12xlarge\n - c7a.16xlarge\n - c7a.24xlarge\n - c7a.32xlarge\n - c7a.48xlarge\n - c8i.xlarge\n - c8i.2xlarge\n - c8i.4xlarge\n - c8i.8xlarge\n - c8i.12xlarge\n - c8i.16xlarge\n - c8i.24xlarge\n - c8i.32xlarge\n - c8i.48xlarge\n - c8i.96xlarge\n - c8i-flex.xlarge\n - c8i-flex.2xlarge\n - c8i-flex.4xlarge\n - c8i-flex.8xlarge\n - c8i-flex.12xlarge\n - c8i-flex.16xlarge\n - i2.2xlarge\n - i2.4xlarge\n - i2.8xlarge\n - i2.xlarge\n - i3.xlarge\n - i3.2xlarge\n - i3.4xlarge\n - i3.8xlarge\n - i3.16xlarge\n - i3en.xlarge\n - i3en.2xlarge\n - i3en.3xlarge\n - i3en.6xlarge\n - i3en.12xlarge\n - i3en.24xlarge\n - i4i.xlarge\n - i4i.2xlarge\n - i4i.4xlarge\n - i4i.8xlarge\n - i4i.12xlarge\n - i4i.16xlarge\n - i4i.24xlarge\n - i4i.32xlarge\n - i7ie.xlarge\n - i7ie.2xlarge\n - i7ie.3xlarge\n - i7ie.6xlarge\n - i7ie.12xlarge\n - i7ie.18xlarge\n - i7ie.24xlarge\n - i7ie.48xlarge\n - m3.xlarge\n - m3.2xlarge\n - m4.xlarge\n - m4.2xlarge\n - m4.4xlarge\n - m4.10xlarge\n - m4.16xlarge\n - m5.xlarge\n - m5.2xlarge\n - m5.4xlarge\n - m5.8xlarge\n - m5.12xlarge\n - m5.16xlarge\n - m5.24xlarge\n - m5a.xlarge\n - m5a.2xlarge\n - m5a.4xlarge\n - m5a.8xlarge\n - m5a.12xlarge\n - m5a.16xlarge\n - m5a.24xlarge\n - m5d.xlarge\n - m5d.2xlarge\n - m5d.4xlarge\n - m5d.8xlarge\n - m5d.16xlarge\n - m5d.12xlarge\n - m5d.24xlarge\n - m5ad.xlarge\n - m5ad.2xlarge\n - m5ad.4xlarge\n - m5ad.8xlarge\n - m5ad.12xlarge\n - m5ad.16xlarge\n - m5ad.24xlarge\n - m5zn.xlarge\n - m5zn.2xlarge\n - m5zn.3xlarge\n - m5zn.6xlarge\n - m5zn.12xlarge\n - m5n.xlarge\n - m5n.2xlarge\n - m5n.4xlarge\n - m5n.8xlarge\n - m5n.12xlarge\n - m5n.16xlarge\n - m5n.24xlarge\n - m5dn.xlarge\n - m5dn.2xlarge\n - m5dn.4xlarge\n - m5dn.8xlarge\n - m5dn.12xlarge\n - m5dn.16xlarge\n - m5dn.24xlarge\n - m6a.xlarge\n - m6a.2xlarge\n - m6a.4xlarge\n - m6a.8xlarge\n - m6a.12xlarge\n - m6a.16xlarge\n - m6a.24xlarge\n - m6a.32xlarge\n - m6a.48xlarge\n - m6i.xlarge\n - m6i.2xlarge\n - m6i.4xlarge\n - m6i.8xlarge\n - m6i.12xlarge\n - m6i.16xlarge\n - m6i.24xlarge\n - m6i.32xlarge\n - m6id.xlarge\n - m6id.2xlarge\n - m6id.4xlarge\n - m6id.8xlarge\n - m6id.12xlarge\n - m6id.16xlarge\n - m6id.24xlarge\n - m6id.32xlarge\n - m7i.xlarge\n - m7i.2xlarge\n - m7i.4xlarge\n - m7i.8xlarge\n - m7i.12xlarge\n - m7i.16xlarge\n - m7i.24xlarge\n - m7i.48xlarge\n - m7i-flex.xlarge\n - m7i-flex.2xlarge\n - m7i-flex.4xlarge\n - m7i-flex.8xlarge\n - m7i-flex.12xlarge\n - m7i-flex.16xlarge\n - m7a.xlarge\n - m7a.2xlarge\n - m7a.4xlarge\n - m7a.8xlarge\n - m7a.12xlarge\n - m7a.16xlarge\n - m7a.24xlarge\n - m7a.32xlarge\n - m7a.48xlarge\n - m8a.xlarge\n - m8a.2xlarge\n - m8a.4xlarge\n - m8a.8xlarge\n - m8a.12xlarge\n - m8a.16xlarge\n - m8a.24xlarge\n - m8a.48xlarge\n - m8i.xlarge\n - m8i.2xlarge\n - m8i.4xlarge\n - m8i.8xlarge\n - m8i.12xlarge\n - m8i.16xlarge\n - m8i.24xlarge\n - m8i.32xlarge\n - m8i.48xlarge\n - m8i.96xlarge\n - m8i-flex.xlarge\n - m8i-flex.2xlarge\n - m8i-flex.4xlarge\n - m8i-flex.8xlarge\n - m8i-flex.12xlarge\n - m8i-flex.16xlarge\n - r3.xlarge\n - r3.2xlarge\n - r3.4xlarge\n - r3.8xlarge\n - r4.xlarge\n - r4.2xlarge\n - r4.4xlarge\n - r4.8xlarge\n - r4.16xlarge\n - r5.xlarge\n - r5.2xlarge\n - r5.4xlarge\n - r5.8xlarge\n - r5.12xlarge\n - r5.16xlarge\n - r5.24xlarge\n - r5a.xlarge\n - r5a.2xlarge\n - r5a.4xlarge\n - r5a.8xlarge\n - r5a.12xlarge\n - r5a.16xlarge\n - r5a.24xlarge\n - r5ad.xlarge\n - r5ad.2xlarge\n - r5ad.4xlarge\n - r5ad.8xlarge\n - r5ad.12xlarge\n - r5ad.16xlarge\n - r5ad.24xlarge\n - r5b.xlarge\n - r5b.2xlarge\n - r5b.4xlarge\n - r5b.8xlarge\n - r5b.12xlarge\n - r5b.16xlarge\n - r5b.24xlarge\n - r5d.xlarge\n - r5d.2xlarge\n - r5d.4xlarge\n - r5d.8xlarge\n - r5d.12xlarge\n - r5d.16xlarge\n - r5d.24xlarge\n - r5dn.xlarge\n - r5dn.2xlarge\n - r5dn.4xlarge\n - r5dn.8xlarge\n - r5dn.12xlarge\n - r5dn.16xlarge\n - r5dn.24xlarge\n - r5n.xlarge\n - r5n.2xlarge\n - r5n.4xlarge\n - r5n.8xlarge\n - r5n.12xlarge\n - r5n.16xlarge\n - r5n.24xlarge\n - r6a.xlarge\n - r6a.2xlarge\n - r6a.4xlarge\n - r6a.8xlarge\n - r6a.12xlarge\n - r6a.16xlarge\n - r6a.24xlarge\n - r6a.32xlarge\n - r6a.48xlarge\n - r6i.xlarge\n - r6i.2xlarge\n - r6i.4xlarge\n - r6i.8xlarge\n - r6i.12xlarge\n - r6i.16xlarge\n - r6i.24xlarge\n - r6i.32xlarge\n - r6id.xlarge\n - r6id.2xlarge\n - r6id.4xlarge\n - r6id.8xlarge\n - r6id.12xlarge\n - r6id.16xlarge\n - r6id.24xlarge\n - r6id.32xlarge\n - r7i.xlarge\n - r7i.2xlarge\n - r7i.4xlarge\n - r7i.8xlarge\n - r7i.12xlarge\n - r7i.16xlarge\n - r7i.24xlarge\n - r7i.48xlarge\n - r7iz.xlarge\n - r7iz.2xlarge\n - r7iz.4xlarge\n - r7iz.8xlarge\n - r7iz.12xlarge\n - r7iz.16xlarge\n - r7iz.32xlarge\n - r7a.xlarge\n - r7a.2xlarge\n - r7a.4xlarge\n - r7a.8xlarge\n - r7a.12xlarge\n - r7a.16xlarge\n - r7a.24xlarge\n - r7a.32xlarge\n - r7a.48xlarge\n - r8a.xlarge\n - r8a.2xlarge\n - r8a.4xlarge\n - r8a.8xlarge\n - r8a.12xlarge\n - r8a.16xlarge\n - r8a.24xlarge\n - r8a.48xlarge\n - r8i.xlarge\n - r8i.2xlarge\n - r8i.4xlarge\n - r8i.8xlarge\n - r8i.12xlarge\n - r8i.16xlarge\n - r8i.24xlarge\n - r8i.32xlarge\n - r8i.48xlarge\n - r8i.96xlarge\n - r8i-flex.xlarge\n - r8i-flex.2xlarge\n - r8i-flex.4xlarge\n - r8i-flex.8xlarge\n - r8i-flex.12xlarge\n - r8i-flex.16xlarge\n - x1.16xlarge\n - x1.32xlarge\n - x1e.xlarge\n - x1e.2xlarge\n - x1e.4xlarge\n - x1e.8xlarge\n - x1e.16xlarge\n - x1e.32xlarge\n - x2idn.16xlarge\n - x2idn.24xlarge\n - x2idn.32xlarge\n - x2iedn.xlarge\n - x2iedn.2xlarge\n - x2iedn.4xlarge\n - x2iedn.8xlarge\n - x2iedn.16xlarge\n - x2iedn.24xlarge\n - x2iedn.32xlarge\n - x2iezn.2xlarge\n - x2iezn.4xlarge\n - x2iezn.6xlarge\n - x2iezn.8xlarge\n - x2iezn.12xlarge\n - d2.xlarge\n - d2.2xlarge\n - d2.4xlarge\n - d2.8xlarge\n - d3.xlarge\n - d3.2xlarge\n - d3.4xlarge\n - d3.8xlarge\n - d3en.xlarge\n - d3en.2xlarge\n - d3en.4xlarge\n - d3en.6xlarge\n - d3en.8xlarge\n - d3en.12xlarge\n - dl1.24xlarge\n - h1.2xlarge\n - h1.4xlarge\n - h1.8xlarge\n - h1.16xlarge\n - inf1.xlarge\n - inf1.2xlarge\n - inf1.6xlarge\n - inf1.24xlarge\n - trn1.2xlarge\n - trn1.32xlarge\n - u-3tb1.56xlarge\n - u-6tb1.56xlarge\n - u-6tb1.112xlarge\n - u-9tb1.112xlarge\n - u-12tb1.112xlarge\n - u-18tb1.112xlarge\n - vt1.3xlarge\n - vt1.6xlarge\n - vt1.24xlarge\n - z1d.xlarge\n - z1d.2xlarge\n - z1d.3xlarge\n - z1d.6xlarge\n - z1d.12xlarge\n - -------------- Bring-Your-Own-License Only --------------\n - c3.large\n - c4.large\n - c5.metal\n - c5.large\n - c5a.large\n - c5ad.large\n - c5d.metal\n - c5d.large\n - c5n.large\n - c5n.metal\n - c6a.large\n - c6a.metal\n - c6i.large\n - c6i.metal\n - c6id.large\n - c6id.metal\n - c7i.large\n - c7i.metal-24xl\n - c7i.metal-48xl\n - c7i-flex.large\n - c7a.medium\n - c7a.large\n - c7a.metal-48xl\n - c8i.large\n - c8i.metal-48xl\n - c8i.metal-96xl\n - c8i-flex.large\n - i3.large\n - i3.metal\n - i3en.large\n - i3en.metal\n - i4i.large\n - i4i.metal\n - i7ie.large\n - i7ie.metal-24xl\n - i7ie.metal-48xl\n - m3.large\n - m3.medium\n - m4.large\n - m5.metal\n - m5.large\n - m5a.large\n - m5ad.large\n - m5d.metal\n - m5d.large\n - m5zn.large\n - m5zn.metal\n - m5n.large\n - m5n.metal\n - m5dn.large\n - m5dn.metal\n - m6a.large\n - m6a.metal\n - m6i.large\n - m6i.metal\n - m6id.large\n - m6id.metal\n - m7i.large\n - m7i.metal-24xl\n - m7i.metal-48xl\n - m7i-flex.large\n - m7a.medium\n - m7a.large\n - m7a.metal-48xl\n - m8a.medium\n - m8a.large\n - m8a.metal-24xl\n - m8a.metal-48xl\n - m8i.large\n - m8i.metal-48xl\n - m8i.metal-96xl\n - m8i-flex.large\n - r3.large\n - r4.large\n - r5.metal\n - r5.large\n - r5a.large\n - r5d.metal\n - r5ad.large\n - r5d.large\n - r5dn.large\n - r5dn.metal\n - r5b.large\n - r5b.metal\n - r5n.large\n - r5n.metal\n - r6a.large\n - r6a.metal\n - r6i.large\n - r6i.metal\n - r6id.large\n - r6id.metal\n - r7i.large\n - r7i.metal-24xl\n - r7i.metal-48xl\n - r7iz.large\n - r7iz.metal-16xl\n - r7iz.metal-32xl\n - r7a.medium\n - r7a.large\n - r7a.metal-48xl\n - r8a.medium\n - r8a.large\n - r8a.metal-24xl\n - r8a.metal-48xl\n - r8i.large\n - r8i.metal-48xl\n - r8i.metal-96xl\n - r8i-flex.large\n - t2.2xlarge\n - t2.large\n - t2.medium\n - t2.micro\n - t2.nano\n - t2.small\n - t2.xlarge\n - t3.2xlarge\n - t3.large\n - t3.medium\n - t3.micro\n - t3.nano\n - t3.small\n - t3.xlarge\n - t3a.2xlarge\n - t3a.large\n - t3a.medium\n - t3a.micro\n - t3a.nano\n - t3a.small\n - t3a.xlarge\n - x2idn.metal\n - x2iedn.metal\n - x2iezn.metal\n - z1d.metal\n - z1d.large\n SpotPrice:\n Description: Spot price for instances in USD/Hour - Optional/advanced\n Type: Number\n MinValue: '0'\n MaxValue: '2'\n Default: '0'\n KeyName:\n Description: Name of an existing EC2 KeyPair to enable SSH access to the instance\n Type: String\n NumberOfZones:\n Description: Total number of Availability Zones, which can be 1 or 3. Load balancer type depends on the number of zones selected. Select 3 zones for Application Load Balancer (OR) Select 1 zone for Classic Load Balancer.\n Type: Number\n AllowedValues:\n - 1\n - 3\n Default: 3\n NodesPerZone:\n Description: Total number of nodes per Zone. Set to 0 to shutdown/hibernate\n Type: Number\n MinValue: '0'\n MaxValue: '20'\n Default: '1'\n AZ:\n Description: The Availability Zones for VPC subnets. Accept either 1 zone or 3 zones. In the order of Subnet 1, Subnet 2 and Subnet 3 (if applicable).\n Type: 'List<AWS::EC2::AvailabilityZone::Name>'\n LogSNS:\n Description: SNS Topic for logging - optional/advanced.\n Type: String\n Default: none\n # network configuration\n VPC:\n Description: ID of an existing Virtual Private Cloud (VPC)\n Type: 'AWS::EC2::VPC::Id'\n PublicSubnet1:\n Description: The public subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet2:\n Description: The public subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PublicSubnet3:\n Description: The public subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three public subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet1:\n Description: The private subnet 1 in the VPC. This subnet must reside within the first selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet2:\n Description: The private subnet 2 in the VPC. This subnet must reside within the second selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n PrivateSubnet3:\n Description: The private subnet 3 in the VPC. This subnet must reside within the third selected Availability Zone (AZ). You must provide values for all three private subnets. If you only select one AZ, the second and third subnets will be ignored.\n Type: 'AWS::EC2::Subnet::Id'\n ExternalAccessCidrIP:\n Description: A CIDR IP range to allow external access from\n Type: String\n Default: 54.76.254.148/32\n ECSSecurityGroup:\n Description: the security group the ECS cluster is in\n Type: 'AWS::EC2::SecurityGroup::Id'\n\n # marklogic configuration\n AdminUser:\n Description: The MarkLogic administrator username\n Type: String\n AdminPass:\n Description: The MarkLogic administrator password\n Type: String\n NoEcho: 'true'\n AllowedPattern: >-\n ^(?!.*[*]).*$\n ConstraintDescription: Admin password must contain any characters except asterisk (*).\n Licensee:\n Description: The MarkLogic Licensee or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\n LicenseKey:\n Description: The MarkLogic License Key or 'none'. Provide none/none to choose \"Pay as you Go\"/Enterprise version. Provide valid Licensee/Licensekey to choose BYOL/developer version.\n Type: String\n Default: none\nConditions:\n UseLogSNS: !Not [!Equals [!Ref LogSNS, \"none\"]]\n UseSpot: !Not\n - !Equals\n - !Ref SpotPrice\n - 0\n #MultiZone (3 zones) and SingleZone conditions used for the conditional resource creation based on number of zones selected.\n MultiZone:\n !Not [!Equals [!Ref NumberOfZones, 1]]\n SingleZone: !Equals [!Ref NumberOfZones, 1]\n PAYG:\n !Or [ !And [!Equals [!Ref LicenseKey, ''], !Equals [!Ref Licensee, '']], !And [!Equals [!Ref LicenseKey, 'none'], !Equals [!Ref Licensee, 'none']] ]\n UseVolumeEncryption: !Equals [!Ref VolumeEncryption, 'enable']\n HasCustomEBSKey: !Not [!Equals [!Ref VolumeEncryptionKey, '']]\n GP3: !Equals [!Ref VolumeType, 'gp3']\nMappings:\n Variable:\n LambdaPackageBucket:\n base: 'ml-db-lambda-'\n TemplateUrl:\n base: 'https://s3.amazonaws.com/marklogic-db-template-releases'\n S3Directory:\n base: '12.0.1'\n LicenseRegion2AMI:\n us-east-1:\n PAYGAl2023: ami-0198b8931e9597271\n BYOLAl2023: ami-0a8536507241f95b0\n us-east-2:\n PAYGAl2023: ami-0877b64dae8264415\n BYOLAl2023: ami-082cc98b2c01e486a\n us-west-1:\n PAYGAl2023: ami-07890fc78f4ddfa20\n BYOLAl2023: ami-05c9a962410c2821b\n us-west-2:\n PAYGAl2023: ami-0577eb149c9e0f53f\n BYOLAl2023: ami-0262dd8d014bf71ba\n eu-central-1:\n PAYGAl2023: ami-06348556399c8ab69\n BYOLAl2023: ami-00cb5a3527e7c0d11\n eu-west-1:\n PAYGAl2023: ami-0fa7bc44cd9ab1f85\n BYOLAl2023: ami-0bc2b4d46367806b0\n ap-south-1:\n PAYGAl2023: ami-0f481ba0a6819ced6\n BYOLAl2023: ami-00b59374107e5efb6\n ap-southeast-1:\n PAYGAl2023: ami-0c373c6c8a2316c80\n BYOLAl2023: ami-0b9bd265ef165a07b\n ap-southeast-2:\n PAYGAl2023: ami-0c65a907408226a3e\n BYOLAl2023: ami-02bad1ef2c6d4a91a\n ap-northeast-1:\n PAYGAl2023: ami-0254bc4adaf13e3b9\n BYOLAl2023: ami-07e8b312b1016bf67\n ap-northeast-2:\n PAYGAl2023: ami-05995b5f5807873d7\n BYOLAl2023: ami-0afd77ba0d7a0c129\n sa-east-1:\n PAYGAl2023: ami-05ec8fee12de236a5\n BYOLAl2023: ami-09d883ea308449555\n eu-west-2:\n PAYGAl2023: ami-0f5cff9d243f31521\n BYOLAl2023: ami-0588d104a52fbc326\n ca-central-1:\n PAYGAl2023: ami-0f34d118b23b51bf5\n BYOLAl2023: ami-0c78eccd03e957005\n eu-west-3:\n PAYGAl2023: ami-01fa9155eb17992c5\n BYOLAl2023: ami-0637199acc5327534\nResources:\n ManagedEniStack:\n Type: AWS::CloudFormation::Stack\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n NodesPerZone: !Ref NodesPerZone\n NumberOfZones: !Ref NumberOfZones\n Subnets: !If [MultiZone, !Join [',', [!Ref PrivateSubnet1, !Ref PrivateSubnet2, !Ref PrivateSubnet3]], !Ref PrivateSubnet1]\n ParentStackName: !Ref 'AWS::StackName'\n ParentStackId: !Ref 'AWS::StackId'\n SecurityGroup: !Ref InstanceSecurityGroup\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-managedeni.template']]\n TimeoutInMinutes: 5\n NodeMgrLambdaStack:\n Type: AWS::CloudFormation::Stack\n DependsOn: ManagedEniStack\n Properties:\n NotificationARNs:\n - !If\n - UseLogSNS\n - !Ref LogSNS\n - !Ref 'AWS::NoValue'\n Parameters:\n S3Bucket: !Join [ \"\", [!FindInMap [Variable,\"LambdaPackageBucket\",\"base\"], !Ref 'AWS::Region']]\n S3Directory: !FindInMap [Variable,\"S3Directory\",\"base\"]\n TemplateURL: !Join ['/', [!FindInMap [Variable,\"TemplateUrl\",\"base\"],!FindInMap [Variable,\"S3Directory\",\"base\"],'ml-nodemanager.template']]\n TimeoutInMinutes: 5\n MarklogicVolume1:\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [0, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupA-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c81032f7-b0ec-47ca-a236-e24d57b49ae3\n MarklogicVolume2:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [1, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupB-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: ddb55ae1-a00b-42ed-addd-5e03e4a2764b\n MarklogicVolume3:\n Condition: MultiZone\n Type: 'AWS::EC2::Volume'\n Properties:\n AvailabilityZone: !Select [2, !Ref AZ]\n Size: !Ref VolumeSize\n Tags:\n - Key: Name\n Value: MarkLogic-GroupC-Host1-Volume0\n VolumeType: !Ref VolumeType\n Iops: !If [GP3, !Ref VolumeIOPS, !Ref 'AWS::NoValue']\n Throughput: !If [GP3, !Ref VolumeThroughput, !Ref 'AWS::NoValue']\n Encrypted: !If [UseVolumeEncryption, 'true', 'false']\n KmsKeyId: !If [HasCustomEBSKey, !Ref VolumeEncryptionKey, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 9094a65e-9d01-4c4c-9586-c33720e2cc9c\n MarkLogicDDBTable:\n Type: 'AWS::DynamoDB::Table'\n Properties:\n AttributeDefinitions:\n - AttributeName: node\n AttributeType: S\n KeySchema:\n - KeyType: HASH\n AttributeName: node\n ProvisionedThroughput:\n WriteCapacityUnits: '10'\n ReadCapacityUnits: '10'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e7190602-c2de-47ab-81e7-1315f8c01e2d\n #AutoScalingGroup used for SingleZone deployments that is connected to Classic Load Balancer.\n MarkLogicServerGroup:\n Condition: SingleZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup1:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet1\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp1\n Version: !GetAtt LaunchTemp1.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 31621dd0-4b18-4dcd-b443-db9cef64ebb1\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup2:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet2\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp2\n Version: !GetAtt LaunchTemp2.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 87d75478-787a-41d5-bb21-9de6fe4b662e\n #AutoScalingGroup used for MultiZone deployments (3 zones) that is connected to Application Load Balancer via 9 TargetGroups.\n #All of the instances in this AutoScalingGroup will be registered to all 9 TargetGroups.\n MarkLogicServerGroup3:\n Condition: MultiZone\n Type: 'AWS::AutoScaling::AutoScalingGroup'\n DependsOn:\n - ManagedEniStack\n - NodeMgrLambdaStack\n - AlbTargetGroup1\n - AlbTargetGroup2\n - AlbTargetGroup3\n - AlbTargetGroup4\n - AlbTargetGroup5\n - AlbTargetGroup6\n - AlbTargetGroup7 \n - AlbTargetGroup8\n - AlbTargetGroup9\n - MarklogicExternal8011\n - MarklogicInternal8011\n Properties:\n VPCZoneIdentifier:\n - !Ref PrivateSubnet3\n LaunchTemplate: \n LaunchTemplateId: !Ref LaunchTemp3\n Version: !GetAtt LaunchTemp3.LatestVersionNumber\n MinSize: '0'\n MaxSize: !Ref NodesPerZone\n DesiredCapacity: !Ref NodesPerZone\n Cooldown: '300'\n HealthCheckType: EC2\n HealthCheckGracePeriod: '300'\n NotificationConfiguration: !If\n - UseLogSNS\n - TopicARN: !Ref LogSNS\n NotificationTypes:\n - 'autoscaling:EC2_INSTANCE_LAUNCH'\n - 'autoscaling:EC2_INSTANCE_LAUNCH_ERROR'\n - 'autoscaling:EC2_INSTANCE_TERMINATE'\n - 'autoscaling:EC2_INSTANCE_TERMINATE_ERROR'\n - !Ref 'AWS::NoValue'\n Tags:\n - Key: marklogic:stack:name\n Value: !Ref 'AWS::StackName'\n PropagateAtLaunch: 'true'\n - Key: marklogic:stack:id\n Value: !Ref 'AWS::StackId'\n PropagateAtLaunch: 'true'\n LifecycleHookSpecificationList:\n - LifecycleTransition: 'autoscaling:EC2_INSTANCE_LAUNCHING'\n LifecycleHookName: NodeManager\n HeartbeatTimeout: 4800\n NotificationTargetARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrSnsArn]\n RoleARN: !GetAtt [NodeMgrLambdaStack, Outputs.NodeMgrIamArn]\n TargetGroupARNs:\n - !Ref AlbTargetGroup1\n - !Ref AlbTargetGroup2\n - !Ref AlbTargetGroup3\n - !Ref AlbTargetGroup4\n - !Ref AlbTargetGroup5\n - !Ref AlbTargetGroup6\n - !Ref AlbTargetGroup7\n - !Ref AlbTargetGroup8\n - !Ref AlbTargetGroup9\n - !Ref MarklogicExternal8011\n - !Ref MarklogicInternal8011\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: bbd8314a-6e59-4102-9ed5-232739dd0dfa\n InstanceSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref ElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n - IpProtocol: tcp\n FromPort: '7999'\n ToPort: '7999'\n SourceSecurityGroupId: !Ref InternalElbSecurityGroup\n InstanceSecurityGroupIngress:\n Type: 'AWS::EC2::SecurityGroupIngress'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n IpProtocol: tcp\n FromPort: '0'\n ToPort: '65355'\n GroupId: !Ref InstanceSecurityGroup\n SourceSecurityGroupId: !Ref InstanceSecurityGroup\n InternalElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Allow access from ECS clsuter to internal ALB for marklogic cluster.\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n SourceSecurityGroupId: !Ref ECSSecurityGroup\n ElbSecurityGroup:\n Type: 'AWS::EC2::SecurityGroup'\n Properties:\n GroupDescription: Enable SSH access and HTTP access on the inbound port\n VpcId: !Ref VPC\n SecurityGroupIngress:\n - IpProtocol: tcp\n FromPort: '22'\n ToPort: '22'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7998'\n ToPort: '7998'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '8000'\n ToPort: '8011'\n CidrIp: !Ref ExternalAccessCidrIP\n - IpProtocol: tcp\n FromPort: '7997'\n ToPort: '7997'\n CidrIp: !Ref ExternalAccessCidrIP\n LaunchTemp1:\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume1\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeA#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=1\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 2efb8cfb-df53-401d-8ff2-34af0dd25993\n LaunchTemp2:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume2\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeB#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: c8296a50-a29e-4646-aa74-8f1b735a9a3f\n LaunchTemp3:\n Condition: MultiZone\n Type: 'AWS::EC2::LaunchTemplate'\n DependsOn:\n - InstanceSecurityGroup\n Properties:\n LaunchTemplateData:\n BlockDeviceMappings:\n - DeviceName: /dev/xvda\n Ebs:\n VolumeSize: 40\n - DeviceName: /dev/sdf\n NoDevice: true\n Ebs: {}\n KeyName: !Ref KeyName\n ImageId: !If [PAYG, !FindInMap [LicenseRegion2AMI,!Ref 'AWS::Region',\"PAYGAl2023\"], !FindInMap [LicenseRegion2AMI, !Ref 'AWS::Region', \"BYOLAl2023\"]]\n UserData: !Base64\n 'Fn::Join':\n - ''\n - - MARKLOGIC_CLUSTER_NAME=\n - !Ref MarkLogicDDBTable\n - |+\n\n - MARKLOGIC_EBS_VOLUME=\n - !Ref MarklogicVolume3\n - ',:'\n - !Ref VolumeSize\n - '::'\n - !Ref VolumeType\n - ':'\n - !If\n - GP3\n - !Ref VolumeIOPS\n - ''\n - ':'\n - !If\n - GP3\n - !Ref VolumeThroughput\n - ''\n - |\n :,*\n - |\n MARKLOGIC_NODE_NAME=NodeC#\n - MARKLOGIC_ADMIN_USERNAME=\n - !Ref AdminUser\n - |+\n\n - MARKLOGIC_ADMIN_PASSWORD=\n - !Ref AdminPass\n - |+\n\n - |\n MARKLOGIC_CLUSTER_MASTER=0\n - MARKLOGIC_LICENSEE=\n - !Ref Licensee\n - |+\n\n - MARKLOGIC_LICENSE_KEY=\n - !Ref LicenseKey\n - |+\n\n - MARKLOGIC_LOG_SNS=\n - !Ref LogSNS\n - |+\n\n - MARKLOGIC_AWS_SWAP_SIZE=\n - 32\n - |+\n\n - !If\n - UseVolumeEncryption\n - !Join\n - ''\n - - 'MARKLOGIC_EBS_KEY='\n - !If\n - HasCustomEBSKey\n - !Ref VolumeEncryptionKey\n - 'default'\n - ''\n\n SecurityGroupIds:\n - !Ref InstanceSecurityGroup\n InstanceType: !Ref InstanceType\n IamInstanceProfile: \n Name: !Ref IAMRole\n MetadataOptions:\n HttpTokens: required\n InstanceMarketOptions: !If\n - UseSpot\n - MarketType: spot \n SpotOptions: \n MaxPrice: !Ref SpotPrice\n - !Ref 'AWS::NoValue'\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: 7fa68c90-39bc-4874-ad20-8cd8c974ed52\n #Application Load Balancer description for MultiZone deployments (3 zones).\n Alb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - ElbSecurityGroup\n Properties: \n SecurityGroups: \n - !Ref ElbSecurityGroup\n Subnets:\n - !Ref PublicSubnet1\n - !If [MultiZone, !Ref PublicSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PublicSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 9 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n AlbTargetGroup1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8000\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8001\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8002\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8003\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8004\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8005\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8006\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8007\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n AlbTargetGroup9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8008\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicExternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n #Descriptions of the 9 Listeners for MultiZone deployments (3 zones). Each Listener connects Application Load Balancer to a TargetGroup with a particular port.\n AlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8000\n Protocol: HTTP\n AlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8001\n Protocol: HTTP\n AlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8002\n Protocol: HTTP\n AlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8003\n Protocol: HTTP\n AlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8004\n Protocol: HTTP\n AlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8005\n Protocol: HTTP\n AlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8006\n Protocol: HTTP\n AlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8007\n Protocol: HTTP\n AlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8008\n Protocol: HTTP\n MarklogicExternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - Alb\n - MarklogicExternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicExternal8011\n Type: forward\n LoadBalancerArn: !Ref Alb\n Port: 8011\n Protocol: HTTP\n #Application Load Balancer description for MultiZone deployments (3 zones).\n InternalAlb:\n Condition: MultiZone\n Type: AWS::ElasticLoadBalancingV2::LoadBalancer\n DependsOn:\n - InternalElbSecurityGroup\n Properties: \n Scheme: internal\n SecurityGroups: \n - !Ref InternalElbSecurityGroup\n Subnets:\n - !Ref PrivateSubnet1\n - !If [MultiZone, !Ref PrivateSubnet2, !Ref 'AWS::NoValue']\n - !If [MultiZone, !Ref PrivateSubnet3, !Ref 'AWS::NoValue']\n Metadata:\n 'AWS::CloudFormation::Designer':\n id: e188e71e-5f01-4816-896e-9bd30b9a96c1\n #Descriptions of the 1 TargetGroups for MultiZone deployments (3 zones). TargetGroups route requests to registered targets.\n #Health checks are performed on each TargetGroup.\n MarklogicInternal8011:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::TargetGroup\"\n Properties:\n HealthCheckIntervalSeconds: 10\n HealthCheckTimeoutSeconds: 5\n HealthyThresholdCount: 3\n HealthCheckPort: 7997\n UnhealthyThresholdCount: 5\n Port: 8011\n Protocol: HTTP\n TargetGroupAttributes:\n - Key: stickiness.enabled\n Value: true\n - Key: stickiness.type\n Value: lb_cookie\n - Key: stickiness.lb_cookie.duration_seconds\n Value: 3600\n - Key: deregistration_delay.timeout_seconds\n Value: 60\n VpcId: !Ref VPC\n MarklogicInternal8011Listener:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - MarklogicInternal8011\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref MarklogicInternal8011\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8011\n Protocol: HTTP\n InternalAlbListener1:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8000\n Protocol: HTTP\n InternalAlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8001\n Protocol: HTTP\n InternalAlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8002\n Protocol: HTTP\n InternalAlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8003\n Protocol: HTTP\n InternalAlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8004\n Protocol: HTTP\n InternalAlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8005\n Protocol: HTTP\n InternalAlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8006\n Protocol: HTTP\n InternalAlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8007\n Protocol: HTTP\n InternalAlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8008\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'",
"diffStat": {
"model_added_lines": 117,
"model_removed_lines": 0,
"model_added_chars": 2988,
"model_removed_chars": 0,
"user_added_lines": 0,
"user_removed_lines": 2026,
"user_added_chars": 0,
"user_removed_chars": 56408
},
"isNewFile": false
},
"displayName": "Edit",
"description": "Replaces text within a file. By default, replaces a single occurrence, but can replace multiple occurrences when `expected_replacements` is specified. This tool requires providing significant context around the change to ensure precise targeting. Always use the read_file tool to examine the file's current content before attempting a text replacement.\n \n The user has the ability to modify the `new_string` content. If modified, this will be stated in the response.\n \n Expectation for required parameters:\n 1. `old_string` MUST be the exact literal text to replace (including all whitespace, indentation, newlines, and surrounding code etc.).\n 2. `new_string` MUST be the exact literal text to replace `old_string` with (also including all whitespace, indentation, newlines, and surrounding code etc.). Ensure the resulting code is correct and idiomatic and that `old_string` and `new_string` are different.\n 3. `instruction` is the detailed instruction of what needs to be changed. It is important to Make it specific and detailed so developers or large language models can understand what needs to be changed and perform the changes on their own if necessary. \n 4. NEVER escape `old_string` or `new_string`, that would break the exact literal text requirement.\n **Important:** If ANY of the above are not satisfied, the tool will fail. CRITICAL for `old_string`: Must uniquely identify the single instance to change. Include at least 3 lines of context BEFORE and AFTER the target text, matching whitespace and indentation precisely. If this string matches multiple locations, or does not match exactly, the tool will fail.\n 5. Prefer to break down complex and long changes into multiple smaller atomic calls to this tool. Always check the content of the file after changes or not finding a string to match.\n **Multiple replacements:** Set `expected_replacements` to the number of occurrences you want to replace. The tool will replace ALL occurrences that match `old_string` exactly. Ensure the number of replacements matches your expectation.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "42550df0-f9e1-4949-938b-5525f0346f2a",
"timestamp": "2026-01-22T18:06:51.103Z",
"type": "gemini",
"content": "I will read the end of `mlcluster.template` to verify that the new listeners have been correctly added and the indentation is valid.",
"thoughts": [
{
"subject": "Mapping the Listeners",
"description": "I've just finished the configuration for the Internal ALB, specifically adding the listeners for ports 8000 through 8008. This ensures the ECS cluster security groups can now access those ports as requested, clarifying that the standard ports, 80 and 443, weren't the target.",
"timestamp": "2026-01-22T18:06:48.885Z"
},
{
"subject": "Validating the Configuration",
"description": "I've confirmed the `InternalElbSecurityGroup` rules and `InternalAlb` listeners now align with the user's intent. The Internal ALB listens on ports 8000-8008, matching the external ALB's target groups, and the security group permits access. I am double-checking the file's formatting for one last validation pass.",
"timestamp": "2026-01-22T18:06:50.827Z"
}
],
"tokens": {
"input": 22839,
"output": 47,
"cached": 19560,
"thoughts": 229,
"tool": 0,
"total": 23115
},
"model": "gemini-3-pro-preview",
"toolCalls": [
{
"id": "read_file-1769105211101-710a3b0f2fdc98",
"name": "read_file",
"args": {
"offset": 2020,
"limit": 150,
"file_path": "mlcluster.template"
},
"result": [
{
"functionResponse": {
"id": "read_file-1769105211101-710a3b0f2fdc98",
"name": "read_file",
"response": {
"output": "\nIMPORTANT: The file content has been truncated.\nStatus: Showing lines 2021-2144 of 2144 total lines.\nAction: To read more of the file, you can use the 'offset' and 'limit' parameters in a subsequent 'read_file' call. For example, to read the next section of the file, use offset: 2144.\n\n--- FILE CONTENT (truncated) ---\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup1\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup1\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8000\n Protocol: HTTP\n InternalAlbListener2:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup2\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup2\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8001\n Protocol: HTTP\n InternalAlbListener3:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup3\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup3\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8002\n Protocol: HTTP\n InternalAlbListener4:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup4\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup4\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8003\n Protocol: HTTP\n InternalAlbListener5:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup5\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup5\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8004\n Protocol: HTTP\n InternalAlbListener6:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup6\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup6\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8005\n Protocol: HTTP\n InternalAlbListener7:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup7\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup7\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8006\n Protocol: HTTP\n InternalAlbListener8:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup8\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup8\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8007\n Protocol: HTTP\n InternalAlbListener9:\n Condition: MultiZone\n Type: \"AWS::ElasticLoadBalancingV2::Listener\"\n DependsOn:\n - InternalAlb\n - AlbTargetGroup9\n Properties:\n DefaultActions:\n - TargetGroupArn: !Ref AlbTargetGroup9\n Type: forward\n LoadBalancerArn: !Ref InternalAlb\n Port: 8008\n Protocol: HTTP\nOutputs:\n URL:\n Description: The URL of the MarkLogic Cluster\n Value: !Join\n - ''\n - - 'http://'\n - !If [MultiZone, !GetAtt [Alb, DNSName], !GetAtt [ManagedEniStack, Outputs.ENI]]\n - ':8001'"
}
}
}
],
"status": "success",
"timestamp": "2026-01-22T18:06:51.124Z",
"resultDisplay": "Read lines 2021-2144 of 2144 from mlcluster.template",
"displayName": "ReadFile",
"description": "Reads and returns the content of a specified file. If the file is large, the content will be truncated. The tool's response will clearly indicate if truncation has occurred and will provide details on how to read more of the file using the 'offset' and 'limit' parameters. Handles text, images (PNG, JPG, GIF, WEBP, SVG, BMP), audio files (MP3, WAV, AIFF, AAC, OGG, FLAC), and PDF files. For text files, it can read specific line ranges.",
"renderOutputAsMarkdown": true
}
]
},
{
"id": "6f585033-e21b-42f4-b3b2-49e1fbba1f4d",
"timestamp": "2026-01-22T18:06:54.891Z",
"type": "gemini",
"content": "I have added listeners for ports 8000 through 8008 to the Internal ALB in `mlcluster.template`. These listeners are configured to forward traffic to the corresponding target groups (`AlbTargetGroup1` through `AlbTargetGroup9`), mirroring the configuration of the external ALB. This ensures that the internal ALB exposes the same service ports as the external ALB, allowing access from the ECS cluster as requested.\n\nThe `InternalElbSecurityGroup` was already configured to allow ingress from `ECSSecurityGroup` on these ports (8000-8011), so no changes were needed there.",
"thoughts": [
{
"subject": "Evaluating the formatting",
"description": "I've checked the indentation, and it seems to be spot-on. I feel good about this; I am confident in the approach. My next step will be to relay this to the user.",
"timestamp": "2026-01-22T18:06:54.473Z"
}
],
"tokens": {
"input": 23924,
"output": 130,
"cached": 22507,
"thoughts": 21,
"tool": 0,
"total": 24075
},
"model": "gemini-3-pro-preview"
}
],
"summary": "Allow ECS access to internal ALB ports"
}
Reference in New Issue View Git Blame Copy Permalink