@aws-accelerator/config
    Preparing search index...

    Interface ILaunchTemplateConfig

    CustomizationsConfig / AppConfigItem | Ec2FirewallConfig / LaunchTemplateConfig / NetworkInterfaceItemConfig

    Configure a launch template for the application.

    https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestLaunchTemplateData.html

    launchTemplate:
      name: appA-lt
      blockDeviceMappings:
        - deviceName: /dev/xvda
          ebs:
            deleteOnTermination: true
            encrypted: true
            # this kms key is in security-config.yaml under keyManagementService
            kmsKeyId: key1
      securityGroups:
        # security group is from network-config.yaml under the same vpc
        - SharedServices-Main-Rsyslog-sg
      # Key pair should exist in that account and region
      keyName: keyName
      # this instance profile is in iam-config.yaml under roleSets
      iamInstanceProfile: EC2-Default-SSM-AD-Role
      # Local or public SSM parameter store lookup for Image ID
      imageId: ${ACCEL_LOOKUP::ImageId:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2}
      instanceType: t3.xlarge
      # IMDSv2 is enabled by default. Disable it by setting this to false.
      enforceImdsv2: true
      networkInterfaces:
        - deleteOnTermination: true
          description: secondary network interface
          deviceIndex: 1
          groups:
            # security group is from network-config.yaml under the same vpc
            - SharedServices-Main-Rsyslog-sg
          networkCardIndex: 1
          # subnet is from network-config.yaml under the same vpc
          subnetId: SharedServices-App-A
      # this path is relative to the config repository and the content should be in regular text.
      # Its encoded in base64 before passing in to launch Template
      userData: appConfigs/appA/launchTemplate/userData.sh
    interface ILaunchTemplateConfig {
        name: string;
        blockDeviceMappings?: IBlockDeviceMappingItem[];
        securityGroups?: string[];
        keyPair?: string;
        iamInstanceProfile?: string;
        imageId: string;
        instanceType: string;
        enforceImdsv2?: boolean;
        networkInterfaces?: INetworkInterfaceItem[];
        userData?: string;
    }
    Index

    Properties

    name blockDeviceMappings? securityGroups? keyPair? iamInstanceProfile? imageId instanceType enforceImdsv2? networkInterfaces? userData?

    Properties

    name: string

    Name of Launch Template

    blockDeviceMappings?: IBlockDeviceMappingItem[]

    The block device mapping.

    securityGroups?: string[]

    One or more security group names. These should be created under the VPC in network-config.yaml

    keyPair?: string

    The name of the key pair. LZA does not create keypair. This should exist in the account/region or else deployment will fail.

    iamInstanceProfile?: string

    Name of the instance profile created by accelerator in iam-config.yaml under roleSets

    imageId: string

    Valid AMI ID or a reference to ssm parameter store to get AMI ID. If ssm parameter is referenced it should follow the pattern ${ACCEL_LOOKUP::ImageId:/path/to/ssm/parameter/for/ami}

    For example to get the latest x86_64 amazon linux 2 ami, the value would be ${ACCEL_LOOKUP::ImageId:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2}

    instanceType: string

    Valid instance type which can be launched in the target account and region.

    enforceImdsv2?: boolean

    By default, IMDSv2 is enabled. Disable it by setting this to false.

    networkInterfaces?: INetworkInterfaceItem[]

    One or more network interfaces. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.

    userData?: string

    Path to user data. The path is relative to the config repository and the content should be in regular text. It is encoded in base64 before passing in to Launch Template

    If defining user data for an EC2 firewall instance or AutoScaling group, you may use the variable ${ACCEL_LOOKUP::S3:BUCKET:firewall-config} in order to dynamically resolve the name of the S3 bucket where S3 firewall configurations are stored by the accelerator. This bucket is used when the configFile, configDir or licenseFile properties are defined for a firewall.

    Ec2FirewallAutoScalingGroupConfig | Ec2FirewallInstanceConfig

    Settings

    Member Visibility

    On This Page

    Properties