Update to 6.0.0

CCME Roles Stack

Warning

The CCME Roles Stack (CRS) template path has been updated:

  • (OLD) CCME < 6.0.0: management/templates/roles/ccme-roles.yaml

  • (NEW) CCME = 6.0.0: management/templates/roles/ccme.roles.stack.yaml

Deployment with AWS CloudFormation

The CCME Roles Stack (CRS) settings have been update. Refer to the CCME = 6.0.0 settings to create a new stack.

CCME < 6.0.0

CCME = 6.0.0

CustomIamPathPrefix

IamPathPrefix

EnableFSxS3Access

NetworkFsxS3Access

EnableRoute53Access

NetworkRoute53Access

FsxS3Buckets

NetworkFsxS3BucketsArnList

CCMEBucket

GlobalSourcesBucket

CCMEBucketSubfolder

GlobalSourcesKey

CCMEDataBucket

GlobalDataBucket

CCMESecretsPrefix

GlobalSecretsPrefix

CCMEClusterPrefix

ClusterPrefix

CCMEEfs

/

CCMEAdminSnsTopic

ClusterAdminSnsTopicArn

EnableKmsEncryption

/

CCMEKmsCMH

KmsCmhEbs

/

KmsDcvProxyEbs

CCMEKmsClusters

KmsClustersEbs

CCMEKmsAdditionalKey

KmsAdditionalKey

CCMEKmsFsx

KmsFileSystems

CCMEKmsS3

KmsS3

CCMEKmsSns

KmsSns

CCMEKmsSecrets

KmsSecrets

/

KmsCloudwatch

/

KmsLambda

Deployment with scripts

The settings of the roles configuration file roles.ccme.conf for the deployCCME.sh scripts have been updated.

  • Replace the existing settings from the previous version with the new ones

  • Add the new settings in case the setting did not exist in the previous version (noted /)

CCME < 6.0.0

CCME = 6.0.0

iam_path_prefix

iam_path_prefix

/

global_tags

ccme_bucket_path

global_sources_path

ccme_data_bucket

global_data_bucket

ccme_secret_prefix

global_secrets_prefix

enable_route53_access

network_route53_access

enable_fsx_s3_access

network_fsx_s3_access

fsx_s3_buckets

network_fsx_s3_buckets_arn_list

ccme_cluster_prefix

cluster_prefix

ccme_efs

/

ccme_admin_sns_topic_arn

cluster_admin_sns_topic_arn

enable_kms_encryption

kms_encryption

ccme_kms_cmh

kms_cmh_ebs

/

kms_dcv_proxy_ebs

ccme_kms_clusters

kms_clusters_ebs

/

kms_additional_key

ccme_kms_fsx

kms_file_systems

ccme_kms_s3

kms_s3

ccme_kms_sns

kms_sns

ccme_kms_secrets

kms_secrets

/

ccme_kms_cloudwatch

/

ccme_kms_lambda

Outputs

CCME < 6.0.0

CCME = 6.0.0

ccmeAlbLambdaRole

CustomLambdaResourcesRoleApplicationLoadBalancer

/

CustomLambdaResourcesRoleDcvProxyCertificate

/

DcvProxyAutoscalingGroupRole

/

DcvProxyInstanceProfile

/

ImageInstanceProfile

/

ImageInstanceRole

/

ImageLambdaCleanupRole

CCME Management Host

Warning

The CCME Management Host (CMH) template path has been updated:

  • CCME < 6.0.0: management/templates/management-host.ccme.yaml

  • (NEW) CCME = 6.0.0: management/templates/management/ccme.management.stack.yaml

Deployment with AWS CloudFormation

The CCME Management Host (CMH) settings have been update. Refer to the CCME = 6.0.0 settings to create a new stack.

CCME < 6.0.0

CCME = 6.0.0

CCMEManagementInstanceProfile

IamManagementHostInstanceProfile

/

IamTaggingLambdaRole

CCMEManagementLambdaRole

IamAlbLambdaRole

/

IamDcvProxyLambdaCertificateRole

/

IamDcvProxyAsgRole

/

IamDcvProxyInstanceProfile

CCMEClusterLambdaRole

IamClusterLambdaRole

CCMEClusterHeadnodeInstanceProfile

IamClusterHeadnodeInstanceProfile

CCMEClusterComputenodeInstanceProfile

IamClusterComputenodeInstanceProfile

CCMEdebug

GlobalDebug

CCMEtimezone

GlobalTimezone

CCMEBucket

GlobalSourcesBucket

CCMEBucketSubfolder

GlobalSourcesKey

CCMEDataBucket

GlobalDataBucket

/

GlobalLoggingBucket

CCMELogsRetention

GlobalLogsRetention

CCMEvpcId

NetworkVpcId

CCMEpublicSubnetIdFirstAZ

NetworkAlbSubnetFirstAzId

CCMEpublicSubnetIdSecondAZ

NetworkAlbSubnetSecondAzId

CCMEprivateSubnetIdFirstAZ

NetworkPrivateSubnetFirstAzId

CCMEprivateSubnetIdSecondAZ

NetworkPrivateSubnetSecondAzId

PrivateSGSSHCidrBlock

NetworkIngressSecurityGroupsSshCidrBlock

CCMEAdditionalSG

NetworkAdditionalSecurityGroupId

CCMEProxy

NetworkProxy

CCMENoProxy

NetworkNoProxy

CCMERepositoryPip

NetworkPipRepository

CCMEAlbArn

AlbArn

CCMEAlbScheme

AlbScheme

CCMEAlbIngressCIDR

AlbIngressCidrBlock

CCMECertificate

AlbSslCertificate

/

DcvProxyAsgMinSize

/

DcvProxyAsgMaxSize

/

DcvProxyAsgDesiredSize

/

DcvProxyInstanceType

/

DcvProxyInstanceAmi

/

DcvProxyInstanceVolumeSize

CCMEAdUri

ActiveDirectoryUri

CCMEAdDirectoryName

ActiveDirectoryName

CCMEAdReadOnlyUserDN

ActiveDirectoryReadOnlyUserDn

CCMEAdReadOnlyUserPassword

ActiveDirectoryReadOnlyUserPasswordArn

CCMEAdAdminPassword

ActiveDirectoryAdminPasswordArn

CCMEAdEdition

ActiveDirectoryEdition

MgtHostInstanceType

ManagementHostInstanceType

MgtHostOs

ManagementHostOs

MgtHostAMI

ManagementHostAmi

MgtHostVolumeSize

ManagementHostVolumeSize

MgtHostKeyName

ManagementHostKeypairName

MgtHostElasticIP

ManagementHostElasticIP

CCMEAdGroupSudoer

ManagementHostSudoerGroupName

CCMEAdAuthorizedGroupName

ManagementHostAdAuthorizedGroupName

CCMEEnableKmsEncryption

/

CCMEKmsCMH

KmsCmhEbs

/

KmsDcvProxyEbs

CCMEKmsClusters

KmsClustersEbs

CCMEKmsFsx

KmsFileSystems

CCMEKmsS3

KmsS3

CCMEKmsSns

KmsSns

/

KmsCloudwatch

/

KmsLambda

Deployment with scripts

The settings of the roles configuration file deployment.ccme.conf for the deployCCME.sh scripts have been updated.

  • Replace the existing settings from the previous version with the new ones

  • Add the new settings in case the setting did not exist in the previous version (noted /)

CCME < 6.0.0

CCME = 6.0.0

management_stack_role

iam_management_stack_role

ccme_management_instance_profile

iam_management_instance_profile

/

iam_tagging_lambda_certificate_role

ccme_management_lambda_role

iam_application_load_balancer_lambda_role

/

iam_dcv_proxy_lambda_certificate_role

/

iam_dcv_proxy_asg_role

/

iam_dcv_proxy_instance_profile

ccme_cluster_lambda_role

iam_cluster_lambda_role

ccme_cluster_headnode_instance_profile

iam_cluster_headnode_instance_profile

ccme_cluster_compute_instance_profile

iam_cluster_compute_instance_profile

debug

global_debug

timezone

global_timezone

ccme_bucket_path

global_sources_path

ccme_data_bucket

global_data_bucket

/

global_logging_bucket

ccme_logs_retention_in_days

global_logs_retention_in_days

tags

global_tags

vpc

network_vpc_id

public_subnets

network_alb_subnets

private_subnets

network_private_subnets

/

network_ingress_security_groups_ssh_cidr_block

additional_security_group

network_additional_security_group

ccme_proxy

network_proxy

ccme_no_proxy

network_no_proxy

ccme_repository_pip

network_pip_repository

application_load_balancer_arn

application_load_balancer_arn

application_load_balancer_scheme

application_load_balancer_scheme

application_load_balancer_ingress_cidr

application_load_balancer_ingress_cidr_block

alb_ssl_certificate

application_load_balancer_ssl_certificate

/

dcv_proxy_asg_min_size

/

dcv_proxy_asg_max_size

/

dcv_proxy_asg_desired_size

/

dcv_proxy_instance_type

/

dcv_proxy_instance_ami

/

dcv_proxy_instance_volume_size

active_directory_uri

active_directory_uri

active_directory_name

active_directory_name

active_directory_read_only_user_dn

active_directory_read_only_user_dn

active_directory_read_only_user_password_secret_arn

active_directory_read_only_user_password_secret_arn

active_directory_admin_password_secret_arn

active_directory_admin_password_secret_arn

/

active_directory_edition

management_host_instance_type

management_host_instance_type

management_host_os

management_host_os

/

management_host_ami

/

management_host_volume_size

management_host_keypair

management_host_keypair_name

management_host_ip

management_host_elastic_ip

management_host_sudo_group

management_host_sudoer_group_name

management_host_authorized_group

management_host_authorized_group_name

enable_kms_encryption

kms_encryption

ccme_kms_cmh

kms_cmh_ebs

/

kms_dcv_proxy_ebs

ccme_kms_clusters

kms_clusters_ebs

ccme_kms_additional_key

/

ccme_kms_fsx

kms_file_systems

ccme_kms_s3

kms_s3

ccme_kms_sns

kms_sns

/

kms_cloudwatch

/

kms_lambda

Outputs

CCME < 6.0.0

CCME = 6.0.0

ccmeActiveDirectoryReadOnlyUser

ccmeActiveDirectoryReadOnlyUserDn

ccmeAlbLambdaArn

ccmeLambdaAlbArn

ccmeAlbLogGroupArn

ccmeLambdaAlbLogGroupArn

ccmeAlbSnsArn

ccmeLambdaAlbSnsArn

ccmeMgtHostInstanceId

ccmeManagementHostInstanceId

ccmeCmhLaunchTemplateId

ccmeManagementHostLaunchTemplateId

ccmeMgtHostPrivateIP

ccmeManagementHostPrivateIp

ccmeMgtHostPublicIP

ccmeManagementHostPublicIp

ccmeMgtHostUser

ccmeManagementHostUser

ccmeCmhLogGroupArn

ccmeManagementLogGroupArn

ccmeFrontSG

ccmeSecurityGroupFrontId

ccmePrivateSG

ccmeSecurityGroupManagementId

/

ccmeSecurityGroupServicesId

/

ccmeSecurityGroupHeadNodesId

ccmeComputeSG

ccmeSecurityGroupComputeNodesId

ccmePrivateSubnetIdFirstAZ

ccmeSubnetIdPrivateFirstAz

ccmePrivateSubnetIdSecondAZ

ccmeSubnetIdPrivateSecondAz

ccmePublicSubnetIdFirstAZ

ccmeSubnetIdPublicFirstAz

ccmePublicSubnetIdSecondAZ

ccmeSubnetIdPublicSecondAz