# Developer guide
This section provides [instructions for creating Third-Party Modules](create-third-party-modules-for-mcs.md), schemas for [module metadata](module-metadata-schema.md) and [module manifest](module-manifest-schema.md), [module parameters](module-parameters.md), and an [API reference](api-reference.md).
# Create Third-Party Modules for MCS
You can create your own third-party MCS modules by following these steps:
[Step 1: Design your Third-Party Module](step-1-design-you-third-party-module.md)
[Step 2: Create the CloudFormation template](step-2-create-the-cloudformation-template.md)
[Step 3: Create the assets referenced by the template](step-3-create-the-assets-referenced-by-the-template.md)
[Step 4: Create the module metadata](step-4-create-the-module-metadata.md)
[Step 5: Create the module manifest](step-5-create-the-module-manifest.md)
[Step 6: Create module intercommunication](step-6-create-module-intercommunication.md)
[Step 7: Create module instructions (optional)](step-7-create-module-instructions.md)
# Step 1: Design your Third-Party Module
Beneath the surface, an MCS module is a CloudFormation stack defined by a CloudFormation template. When the module is registered with MCS, it is added to a product portfolio in Service Catalog.
MCS needs additional details about the module, such as the module type (for example, Network, Identity, Workstation Management, Storage, or Custom), revision, and dependencies on resources from other modules. This metadata is necessary for module discovery and registration.
To define a module, you need:
+ A CloudFormation template
+ Assets referenced by the template
+ Module metadata (as part of the CloudFormation template)
+ Module revision manifest file
Conceptually, registered module data is referenced as follows:
```
Modular Cloud Studio on AWS
\
\ (Module)
\-------------> Module Revision Manifest
|
|(1.0.0)
+----------> AWS CloudFormation Template + Module Metadata
|\
|\---> CFN Resource Assets
|
|(2.0.0)
+----------> AWS CloudFormation Template + Module Metadata
|\
|\---> CFN Resource Assets
|
|(2.1.0)
+----------> AWS CloudFormation Template + Module Metadata
|\
|\---> CFN Resource Assets
|
|(3.0.0)
+----------> AWS CloudFormation Template + Module Metadata
Metadata
\
\---> CFN Resource Assets
```
# Step 2: Create the CloudFormation template
The CloudFormation template defines the infrastructure that makes up the module. When you register a new module, MCS uses [ValidateTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_ValidateTemplate.html) to validate the template and extract parameters. The template must be accessible so that MCS can fetch the template.
MCS fetches the CloudFormation template and generates a checksum to store along with the registration metadata. When the module is enabled, MCS verifies that the template still matches the checksum to ensure that it didn’t get corrupted or modified since it was registered. If the checksum doesn’t match, MCS reports the mismatch as an error, and the module isn’t enabled.
For instructions on how to create CloudFormation templates, see [Working with CloudFormation templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-guide.html) in the *AWS CloudFormation User Guide*.
# Step 3: Create the assets referenced by the template
The assets must be accessible so that the CloudFormation template can access the assets when deploying the stack. For example, the asset can be a public Amazon S3 object.
# Step 4: Create the module metadata
MCS needs additional metadata about a module that isn’t part of the native CloudFormation template. The module metadata is stored in the CloudFormation template in the [Metadata](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html) section. The metadata is stored with the template and no linkage is necessary with an external file.
The [module metadata schema](module-metadata-schema.md) requires the following additional information specific to MCS:
+ Module type
+ Module name
+ Dependencies on other modules
+ Module revision number
# Step 5: Create the module manifest
To track MCS module updates, you must list module revisions in an external [module manifest](module-manifest-schema.md) file. The module manifest must be accessible so that MCS can read it. There is only a single manifest file per module. When you publish a new revision of a module, update the manifest to reflect that a new revision is available.
The [module manifest schema](module-manifest-schema.md) must meet the following requirements:
+ Be in JSON format
+ Include the following:
+ Name of the module author/owner (company name)
+ Description text
+ Optional URL to the web page with more information about the module
+ Module name
+ Module category (Network, Identity, WorkstationManagement, Storage, PixelStreaming, or Custom)
+ Contain an array of revisions, each of which:
+ Specifies the URL(s) to the CloudFormation template:
+ Use `TemplateUrl` when the hub and spoke modules share the same template.
+ Use `TemplateUrls` when the hub and spoke modules have separate templates, or for hub-only modules.
**Note**
**Note:** These two fields are mutually exclusive.
+ Includes the revision number.
+ Includes compatibility information specifying which revisions of MCS it is compatible with.
+ Contains details about what’s new in the revision.
When registering a new external module, the MCS admin user only requires the URL of the module manifest file. Optionally, the user can also specify a revision number to access a specific revision of the module. If the revision is not supplied, MCS assumes that the user needs the latest compatible revision of the module.
# Step 6: Create module intercommunication
To facilitate a pattern known as dynamic dependency loading, the configuration data is stored on the Systems Manager Parameter Store so that it can be lazy-loaded exactly when it is needed by an MCS module.
The following is the structure of all parameters output by MCS:
```
/{deployment_id}/{module_type}/{component}
```
+ **deployment\$1id** - This value is generated when MCS is first deployed and is configured on the Lambda function serving API requests. When deploying any module (including Third-Party Modules), the `deployment_id` is provided as a CloudFormation parameter. The `deployment_id` is always prefixed with `mcs-`.
+ **module\$1type** - This value is the type of the module providing the output. The same type can be used by multiple mutually-exclusive modules that provide the same output such as AWS Managed Microsoft AD, compared to unmanaged Microsoft Active Directory.
+ **component** - The name of the component providing the output. There could be one or multiple paths as part of this value.
As an example, see the following Managed Active Directory module with its input and output parameters (created after completing the steps to [Create Third-Party Modules for MCS](create-third-party-modules-for-mcs.md)):
+ MCS Managed Active Directory module - inputs:
```
/{deployment_id}/Network/VpcId
/{deployment_id}/Network/PrivateSubnet1/AZ
/{deployment_id}/Network/PrivateSubnet1/SubnetID
/{deployment_id}/Network/PrivateSubnet2/AZ
/{deployment_id}/Network/PrivateSubnet2/SubnetID
```
+ MCS Managed Active Directory module - outputs:
```
/{deployment_id}/Identity/ActiveDirectoryId
/{deployment_id}/Identity/ActiveDirectoryServerIP1
/{deployment_id}/Identity/ActiveDirectoryServerIP2
/{deployment_id}/Identity/ActiveDirectoryDomainName
/{deployment_id}/Identity/ActiveDirectorySecretArn
/{deployment_id}/Identity/DefaultActiveDirectoryLoginCredentials
/{deployment_id}/Identity/StudioAdminDirectoryLoginCredentials
```
For more information on parameters, see the [Module parameters](module-parameters.md) section
# Step 7: Create module instructions (optional)
This step allows you to provide custom, user-friendly instructions within the MCS interface, enhancing the user experience by offering clear guidance on module usage after enablement.
To implement module instructions, you’ll need to create an AWS Lambda function that returns instruction content. The Lambda function must be named with the prefix `MCSInstructionGenerationLambda-` and be referenced in your CloudFormation outputs with the key `InstructionGenerationLambdaArn`. Append your stack id (without hyphens) to the Lambda function name is recommended to ensure unique naming across multiple deployment in the same region.
The function can return either a plain string or a JSON object formatted as `{"content": "your instruction string"}`. A basic example implementation for reference:
```
TEMPLATE_FILE_NAME = "template.html"
def handler(event, context):
with open(
TEMPLATE_FILE_NAME,
"r",
encoding="utf-8") as f:
instructions = f.read()
return {"content": instructions}
```
When formatting your instructions, note that inline CSS is supported, but external CSS is not. HTML tags will inherit Cloudscape default styling. The maximum size for the instruction string is **250 KB**.
You can verify successful implementation when a "View" link appears in the module’s row on the UI after deployment. This feature enhances usability by providing context-specific documentation directly within the MCS interface, helping users better understand and use the module’s feature.
# Module metadata schema
```
$schema: http://json-schema.org/draft-04/schema#
title: Modular Cloud Studio on AWS Module Metadata
description: >-
Metadata for a Modular Cloud Studio on AWS module.
The module metadata is included in the metadata section of an AWS CloudFormation template.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
This schema describes how the template metadata must be formatted to describe a module.
The Module property is required and serves as the root of the Module Metadata.
Any additional properties are allowed as part of AWS CloudFormation Metadata.
type: object
additionalProperties: true
required:
- Module
properties:
Module:
$ref: '#/definitions/Module'
definitions:
Module:
title: Module
description: Root of Modular Cloud Studio on AWS Module Metadata
type: object
additionalProperties: false
required:
- MetadataType
- MetadataVersion
- Revision
properties:
MetadataType:
description: Indicates that this is Modular Cloud Studio on AWS Metadata
type: string
enum:
- Modular Cloud Studio on AWS
MetadataVersion:
title: Metadata version
description: >-
Version of this metadata. 2024-01-23 is the only supported version.
type: string
enum:
2024-01-23
Revision:
title: Revision identifier
description: Semantic version that is unique from all other revisions.
type: string
Inputs:
title: Inputs - optional
description: Parameters this module depends on from other modules.
type: array
minItems: 1
items:
$ref: '#/definitions/Input'
Outputs:
title: Outputs - optional
description: Parameters this module creates to share with other modules.
type: array
minItems: 1
items:
$ref: '#/definitions/Output'
Input:
title: Input
description: Required input parameter from SSM parameter store.
type: object
additionalProperties: false
required:
- Name
- Type
properties:
Name:
$ref: '#/definitions/ParameterName'
Type:
$ref: '#/definitions/ParameterType'
Remote: $ref: '#/definitions/RemoteParameter
Description:
type: string
minLength: 1
maxLength: 1024
Output:
title: Output
description: Output parameter this modules creates in SSM parameter store.
type: object
additionalProperties: false
required:
- Name
- Type
properties:
Name:
$ref: '#/definitions/ParameterName'
Type:
$ref: '#/definitions/ParameterType'
Description:
type: string
minLength: 1
maxLength: 1024
ParameterName:
title: Name
description: >-
The name of the parameter this module creates or depends on. Parameters are AWS Systems Manager (SSM) parameters so the names follow the constraints for a SSM parameter name.
This name is almost a fully qualified name. Each Modular Cloud Studio on AWS deployment generates a unique deployment ID that must be used as the root of the parameter name. This name includes only the part of the fully qualified name that follows the deployment ID. For example, if the fully qualified parameter name is as follows...
'/mcs-123abc46def/Network/VPC/vpc-id'
...this name value should be as follows...
'/Network/VPC/vpc-id'
It must begin with a slash character ('/') followed the category, then a slash character ('/'), then the rest of the name.
type: string
minLength: 2
maxLength: 512
pattern:
'^/(Network|Identity|WorkstationManagement|Storage|PixelStreaming|Core)(/[a-zA-Z0-9_.-]+)\{1,14}$'
ParameterType:
title: Type
description: Data type of the parameter.
type: string
maxLength: 128
enum:
- 'ssm:string'
RemoteParameter:
title: Remote
description: Set this property to True if a Spoke module has a dependency on a parameter in the Hub region.
type: boolean
default: false
```
# Module manifest schema
```
$schema: http://json-schema.org/draft-04/schema#
title: Modular Cloud Studio on AWS Module Manifest
description: >-
A Module Manifest describes a module that can be registered with Modular Cloud
Studio on AWS.
It lists all available revisions of the module describing where to find them.
type: object
additionalProperties: false
required:
- $manifest
- $manifestVersion
- Name
- Description
- Owner
- Category
- Revisions
properties:
$manifest:
title: Manifest
description: Indicates that this is a Modular Cloud Studio on AWS Manifest
type: string
enum:
- Modular Cloud Studio on AWS
$manifestVersion:
title: Manifest version
description: Version of this manifest. 2024-01-23 is the only supported version.
type: string
enum:
2024-01-23
Name:
title: Module name
description: An easily identifiable name for the module.
type: string
maxLength: 8191
pattern: '^[a-zA-Z0-9]+(?:\s[a-zA-Z0-9]+)*$'
Description:
title: Module description
description: >-
A description of the module that helps consumers understand what it does.
type: string
maxLength: 8191
Owner:
title: Owner
description: The person or organization that publishes this module.
type: string
maxLength: 8191
Category:
title: Module category
description: |-
One of the supported module categories:
* Network
* Identity
* WorkstationManagement
* Storage
* PixelStreaming
* Custom
type: string
enum:
- Network
- Identity
- WorkstationManagement
- Storage
- PixelStreaming
- Custom
SupportDescription:
title: Support description - optional
description: >-
The description of how users should use the email contact and support link.
type: string
maxLength: 8191
SupportEmail:
title: Support email - optional
description: The email address to report issues with the module.
type: string
maxLength: 254
SupportUrl:
title: Support URL - optional
description: >-
The URL to a site where users can find support information or file tickets.
type: string
pattern: '^https?://'
maxLength: 2083
Revisions:
title: Module revisions
description: List of all available module revisions.
type: array
minItems: 1
uniqueItems: true
items:
$ref: '#/definitions/ModuleRevision'
definitions:
ModuleRevision:
description: >-
Details about where to find a specific revision of the module.
type: object
additionalProperties: false
required:
- Revision
- SupportedRegions
- Compatibility
minProperties: 4
maxProperties: 4
additionalProperties: false
properties:
Revision:
title: Revision identifier
description: Semantic version that is unique from all other revisions. Check https://regex101.com/r/vkijKf/1/ for more information
type: string
pattern: '^(0|[1-9]\\d*)(\\.(0|[1-9]\\d*)){1,2}$'
TemplateUrl:
title: Template URL
description: |-
The URL of the AWS CloudFormation template in Amazon S3.
pattern: '^https://'
maxLength: 2083
TemplateUrls:
title: Template URLs
description: >-
The URLs of the AWS CloudFormation templates for hub and spoke modules in Amazon S3. The Spoke property is optional and not used for hub-only modules.
type: object
required:
- Hub
properties:
Hub:
title: Hub Template URL
description: >-
The URL of the AWS CloudFormation template for the hub module in Amazon S3.
type: string
pattern: ^https://
maxLength: 2083
Spoke:
title: Spoke Template URL
description: >-
The URL of the AWS CloudFormation template for the spoke module in Amazon S3.
type: string
pattern: ^https://
maxLength: 2083
SupportedRegions:
title: Supported regions
description: >-
A module may depend on AWS services that are not available in all AWS
regions. A module must explicitly specify which AWS regions are supported.
type: array
minItems: 1
uniqueItems: true
items:
type: string
Compatibility:
$ref: '#/definitions/Compatibility'
Compatibility:
title: Compatibility
description: >-
If a revision is compatible with specific versions of Modular Cloud Studio
on AWS, it can optionally include a compatibility specification.
type: object
additionalProperties: false
required:
- MinimumMcsVersion
- MaximumMcsVersion
properties:
MinimumMcsVersion:
title: Minimum Modular Cloud Studio on AWS version
description: >-
Semantic Versioning identifier of the earliest version of Modular Cloud
Studio on AWS that this revision of the module is compatible with.
type: string
minLength: 1
pattern: '^(0|[1-9]\d*)(\.(0|[1-9]\d*)){1,2}$'
MaximumMcsVersion:
title: Maximum Modular Cloud Studio on AWS version
description: >-
Semantic Versioning identifier of the latest version of Modular Cloud
Studio on AWS that this revision of the module is compatible with.
type: string
minLength: 1
pattern: '^(0|[1-9]\d*)(\.(0|[1-9]\d*)){1,2}$'
```
# Module parameters
Managed VPC - Hub
```
Outputs:
- SSM parameter store
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PublicSubnet1/AZ
- /Network/PublicSubnet1/SubnetID
- /Network/PublicSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Network/PublicSubnet2/AZ
- /Network/PublicSubnet2/SubnetID
- /Network/PublicSubnet2/RouteTableID
```
Managed VPC - Spoke
```
Inputs:
- SSM parameter store
- /Core/MCSStack/Name
- /Core/HubRegion
- /Network/VpcId (Remote)
- /Network/VpcCidr (Remote)
Outputs:
- SSM parameter store
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PublicSubnet1/AZ
- /Network/PublicSubnet1/SubnetID
- /Network/PublicSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Network/PublicSubnet2/AZ
- /Network/PublicSubnet2/SubnetID
- /Network/PublicSubnet2/RouteTableID
```
Unmanaged VPC
```
Inputs:
- SSM Parameter Store
- /Core/HubRegion
- /Core/MCSStack/Name
Outputs:
- SSM Parameter Store
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PublicSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PublicSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PublicSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PublicSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PublicSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Network/PublicSubnet2/RouteTableID
```
Managed Active Directory - Hub
```
Inputs:
- SSM Parameter Store
- /Network/VpcId
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
Outputs:
- SSM Parameter Store
- /Identity/ActiveDirectoryId
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- /Identity/McsModulesActiveDirectorySecretArn
- Secrets Manager
- /Identity/DefaultAdminActiveDirectoryLoginCredentials
- /Identity/StudioAdminActiveDirectoryLoginCredentials
- /Identity/AdConnectorServiceAccountActiveDirectoryLoginCredentials
- /Identity/McsModulesServiceAccountActiveDirectoryLoginCredentials
```
Managed Active Directory - Spoke
```
Inputs:
- SSM Parameter Store
- /Core/HubRegion
- /Network/VpcId
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/RouteTableID
- /Network/VpcCidr (Remote)
- /Identity/ActiveDirectoryId (Remote)
- /Identity/ActiveDirectoryServerIP1 (Remote)
- /Identity/ActiveDirectoryServerIP2 (Remote)
- /Identity/ActiveDirectoryDomainName (Remote)
- Secrets Manager
- /Identity/McsModulesServiceAccountActiveDirectoryLoginCredentials (Remote)
Outputs:
- SSM Parameter Store
- /Identity/ActiveDirectoryId
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- /Identity/McsModulesActiveDirectorySecretArn
- Secrets Manager
- /Identity/McsModulesServiceAccountActiveDirectoryLoginCredentials
```
Unmanaged Active Directory
```
Outputs:
- SSM Parameter Store
- /Identity/ActiveDirectoryId
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- /Identity/McsModulesActiveDirectorySecretArn
- /Identity/Region
- Secrets Manager
- /Identity/McsModulesServiceAccountActiveDirectoryLoginCredentials
```
Leostream Broker - Hub
```
Inputs:
- SSM Parameter Store
- /Core/Tag/Key
- /Core/Tag/Value/Linux
- /Core/Tag/Value/Windows
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- /Identity/McsModulesActiveDirectorySecretArn
Outputs:
- SSM Parameter Store
- /WorkstationManagement/Leostream/DNSName
- /WorkstationManagement/CustomResource/AmiAutomationLambda/ARN
- /WorkstationManagement/ImageBuilder/InstanceProfile/Name
- /WorkstationManagement/Leostream/Database/Credentials
- /WorkstationManagement/Workstation/Windows/AMI-Id
- /WorkstationManagement/Workstation/Linux/AMI-Id
- /WorkstationManagement/Leostream/API/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/BrokerInstanceRoleArn
- /WorkstationManagement/Leostream/RDS/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/BrokerHostedZoneId
- /WorkstationManagement/Leostream/BrokerHostedZoneId
- /WorkstationManagement/Leostream/BrokerSecurityGroupId
- /WorkstationManagement/WorkstationSecurityGroupId
- /WorkstationManagement/Leostream/DatabaseSecurityGroupId
- /WorkstationManagement/Workstation/Windows/AMI-Deployed
- /WorkstationManagement/Workstation/Linux/AMI-Deployed
- /WorkstationManagement/Leostream/BrokerLoadBalancerArn
- /WorkstationManagement/Leostream/BrokerLoadBalancerSecurityGroupId
- /WorkstationManagement/Leostream/BrokerHttpsListenerArn
- Secrets Manager
- /WorkstationManagement/Leostream/Console/AdminUserCredentials
- /WorkstationManagement/Leostream/API/ServiceUserCredentials
```
Leostream Broker - Spoke
```
Inputs:
- SSM Parameter Store
- /Core/HubRegion
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- /Identity/ActiveDirectorySecretArn
- /WorkstationManagement/Leostream/DNSName (Remote)
- /WorkstationManagement/ImageBuilder/InstanceProfile/Name (Remote)
- /WorkstationManagement/Workstation/Windows/AMI-Id (Remote)
- /WorkstationManagement/Workstation/Linux/AMI-Id (Remote)
- /WorkstationManagement/Leostream/BrokerInstanceRoleArn (Remote)
- /WorkstationManagement/Leostream/BrokerSecurityGroupId (Remote)
- /WorkstationManagement/WorkstationSecurityGroupId (Remote)
- /WorkstationManagement/Leostream/DatabaseSecurityGroupId (Remote)
- /WorkstationManagement/Workstation/Windows/AMI-Deployed (Remote)
- /WorkstationManagement/Workstation/Linux/AMI-Deployed (Remote)
- /WorkstationManagement/Leostream/BrokerHostedZoneId (Remote)
- Secrets Manager
- /WorkstationManagement/Leostream/API/ServiceUserCredentials (Remote)
- /WorkstationManagement/Leostream/Database/Credentials (Remote)
- /WorkstationManagement/Leostream/Console/AdminUserCredentials (Remote)
Outputs
- SSM Parameter Store
- /WorkstationManagement/Leostream/DNSName
- /WorkstationManagement/ImageBuilder/InstanceProfile/Name
- /WorkstationManagement/Leostream/API/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/RDS/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/Console/AdminUserCredentials/SecretArn
- Secrets Manager
- /WorkstationManagement/Leostream/API/ServiceUserCredentials
- /WorkstationManagement/Leostream/Database/Credentials
- /WorkstationManagement/Leostream/Console/AdminUserCredentials
```
Leostream Gateway with Amazon DCV - Hub
```
Inputs:
- SSM Parameter Store
- /WorkstationManagement/Leostream/DNSName
- /WorkstationManagement/Leostream/API/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/RDS/ServiceUserCredentials/SecretArn
- /WorkstationManagement/ImageBuilder/InstanceProfile/Name
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /WorkstationManagement/Leostream/BrokerLoadBalancerArn
- /WorkstationManagement/Leostream/BrokerLoadBalancerSecurityGroupId
- /WorkstationManagement/Leostream/BrokerHttpsListenerArn
- /Identity/ActiveDirectoryDomainName
- Secrets Manager
- /Identity/StudioAdminActiveDirectoryLoginCredentials
- /WorkstationManagement/Leostream/Console/AdminUserCredentials
Outputs:
- SSM Parameter Store
- /PixelStreaming/AmazonDcv/PublicDomain
- /PixelStreaming/AmazonDcv/LeostreamGateway/AMI-Id
```
Leostream Gateway with Amazon DCV - Spoke
```
Inputs:
- SSM Parameter Store
- /Core/HubRegion
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /WorkstationManagement/Leostream/DNSName
- /WorkstationManagement/Leostream/API/ServiceUserCredentials/SecretArn
- /WorkstationManagement/Leostream/RDS/ServiceUserCredentials/SecretArn
- /PixelStreaming/AmazonDcv/PublicDomain (Remote)
- /PixelStreaming/AmazonDcv/LeostreamGateway/AMI-Id (Remote)
Outputs:
- SSM Parameter Store
- /PixelStreaming/AmazonDcv/PublicDomain
```
FSx for Windows File Server
```
Inputs:
- SSM Parameter Store
- /Network/VpcId
- /Network/VpcCidr
- /Network/PrivateSubnet1/AZ
- /Network/PrivateSubnet1/SubnetID
- /Network/PrivateSubnet1/RouteTableID
- /Network/PrivateSubnet2/AZ
- /Network/PrivateSubnet2/SubnetID
- /Network/PrivateSubnet2/RouteTableID
- /Identity/ActiveDirectoryServerIP1
- /Identity/ActiveDirectoryServerIP2
- /Identity/ActiveDirectoryDomainName
- Secrets Manager
- /Identity/McsModulesServiceAccountActiveDirectoryLoginCredentials
Outputs:
- SSM Parameter Store
- /Storage/FSxWindowsFile/FSxWindowsname
- /Storage/FSxWindowsFile/FSxResourceARN
```
Spoke Region Infrastructure
```
Inputs:
- SSM Parameter Store
- /Core/MCSStack/Name (Remote)
- /Core/AdminEmail (Remote)
- /Core/Tag/Key (Remote)
- /Core/Tag/Value/Linux (Remote)
- /Core/Tag/Value/Windows (Remote)
Outputs:
- SSM Parameter Store
- /Core/HubOrSpoke
- /Core/HubRegion
- /Core/Tag/Key
- /Core/Tag/Value/Linux
- /Core/Tag/Value/Windows
- /Core/MCSStack/Name
- /Core/MyApplication/Tag
- /Core/AdminEmail
```
# API reference
This section provides an API reference for the MCS solution.
## POST /modules/deregistered
### Body parameter schema
```
{
"module_name": "string"
}
```
**Parameters**
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| **body** | body | object | true | none |
| ⇒ **module\$1name** | body | string | false | none |
## POST /modules/disabled
### Body parameter schema
**Parameters**
```
{
"disable": {
"name": "string",
"servicecatalogProvisionedProductId": "string",
"moduleRegion": "string",
"regionType": "string"
}
}
```
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| body | body | object | true | none |
| ⇒ disable | body | object | false | none |
| ⇒⇒ name | body | string | false | none |
| ⇒⇒ servicecatalogProvisionedProductId | body | string | false | none |
| ⇒⇒ moduleRegion | body | string | false | none |
| ⇒⇒ regionType | body | string | false | none |
## GET /modules/enabled
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ **name** | string | false | none | none |
| ⇒ **servicecatalogProvisionedProductId** | string | false | none | none |
| ⇒ **version** | string | false | none | none |
| ⇒ **region** | string | false | none | none |
| ⇒ **category** | string | false | none | none |
| ⇒ **lastUpdateTime** | string | false | none | none |
| ⇒\$1creationTime\$1 | string | false | none | none |
| ⇒ **status** | string | false | none | none |
| ⇒ **cloudformationInputParameters** | [object] | false | none | none |
| ⇒⇒ **Value** | string | false | none | none |
| ⇒⇒ **Key** | string | false | none | none |
| ⇒ **consoleUrl** | string | false | none | none |
| ⇒ **stackId** | string | false | none | none |
| ⇒ **activeDependents** | [string] | false | none | none |
| ⇒ **regionType** | string | false | none | none |
| ⇒ **moduleRegionCategory** | string | false | none | none |
## POST /modules/enabled
### Body parameter schema
```
{
"module": {
"name": "string",
"version": "string",
"region": "string",
"regionType": "string",
"tags": {
"useMCSTags": true,
"customTags": [
{
"Key": "string",
"Value": "string"
}
]
},
"inputParameters": [
{
"Key": "string",
"Value": "string"
}
]
}
}
```
**Parameters**
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| body | body | object | true | none |
| ⇒ module | body | object | false | none |
| ⇒⇒ name | body | string | false | none |
| ⇒⇒ version | body | string | false | none |
| ⇒⇒ region | body | string | false | none |
| ⇒⇒ regionType | body | string | false | none |
| ⇒⇒ tags | body | object | false | none |
| ⇒⇒⇒ useMCSTags | body | boolean | false | If set to `true`, non-internal tags from MCS Core stack are used. |
| ⇒⇒⇒ customTags | body | [object] | false | This field is ignored if **useMCSTags** is set to `true`. Otherwise, the tags from this field will are used. |
| ⇒⇒⇒⇒ Key | body | string | false | none |
| ⇒⇒⇒⇒ Value | body | string | false | none |
| ⇒⇒ inputParameters | body | [object] | false | none |
| ⇒⇒⇒ Key | body | string | false | none |
| ⇒⇒⇒Value | body | string | false | none |
## GET /modules/partner
### Example responses
**200 response**
| **Name** | **Meaning** | **Description** | **Schema** |
| --- | --- | --- | --- |
| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | 200 response | Inline |
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ modules | [object] | false | none | none |
| ⇒⇒ name | string | false | none | none |
| ⇒⇒ displayName | string | false | none | none |
| ⇒⇒ category | string | false | none | none |
| ⇒⇒ manifestUrl | string | false | none | none |
| ⇒⇒ status | string | false | none | none |
| ⇒⇒ createAt | string | false | none | none |
| ⇒⇒ updatedAt | string | false | none | none |
| ⇒⇒ isCustom | boolean | false | none | none |
| ⇒ last\$1updated\$1date | string | false | none | none |
## PUT /modules/partner/sync
### Body parameter schema
Request body must be empty
### Example responses
**202 response**
| **Name** | **Meaning** | **Description** | **Schema** |
| --- | --- | --- | --- |
| 202 | [Accepted](https://tools.ietf.org/html/rfc7231#section-6.3.3) | Partner module synchronization started successfully. | Inline |
| 409 | [Conflict](https://tools.ietf.org/html/rfc7231#section-6.5.8) | Partner modules are being synchronized and/or registered by another process. | Inline |
| 502 | [Bad Gateway](https://tools.ietf.org/html/rfc7231#section-6.6.3) | An error occurred with the remote server hosting the partner module manifests. | Inline |
## GET /modules/registered
### Example responses
**200 response**
| **Name** | **Meaning** | **Description** | **Schema** |
| --- | --- | --- | --- |
| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | 200 response | Inline |
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ name | string | false | none | none |
| ⇒ version | string | false | none | none |
| ⇒ status | string | false | none | none |
| ⇒ category | string | false | none | none |
| ⇒ serviceCatalogPortfolioId | string | false | none | none |
| ⇒ serviceCatalogProductId | string | false | none | none |
| ⇒ inputParametersLocal | [string] | false | none | none |
| ⇒ inputParametersHub | [string] | false | none | none |
| ⇒ regionType | string | false | none | none |
| ⇒ isExternal | boolean | false | none | none |
## POST /modules/registered
### Body parameter schema
```
{
"params": {
"manifestUrl": "string",
"revision": "string"
}
}
```
**Parameters**
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| body | body | object | true | none |
| ⇒ params | body | object | false | none |
| ⇒⇒ manifestUrl | body | string | false | none |
| ⇒⇒ revision | body | string | false | none |
### Example responses
**200 response**
| **Status** | **Meaning** | **Description** | **Schema** |
| --- | --- | --- | --- |
| 200 | [OK](https://tools.ietf.org/html/rfc7231#section-6.3.1) | 200 response | Inline |
## GET /modules/registered/inputs
### Parameters
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| name | query | string | true | none |
| version | query | string | true | none |
| region | query | string | true | none |
| regionType | query | string | true | Either HUB or SPOKE |
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ cloudformationInputKeys | [object] | false | none | none |
| ⇒⇒ name | string | false | none | none |
| ⇒⇒ category | string | false | none | none |
| ⇒⇒ constraints | object | false | none | none |
| ⇒⇒⇒ allowedPattern | string | false | none | none |
| ⇒⇒⇒ allowedValues | [string] | false | none | none |
| ⇒⇒ default | string | false | none | none |
| ⇒⇒ description | string | false | none | none |
| ⇒ mcsTags | [object] | false | none | none |
| ⇒⇒ key | string | false | none | none |
| ⇒⇒ value | string | false | none | none |
## GET /modules/validate
### Parameters
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| manifest\$1url | query | string | true | none |
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ data | object | false | none | Represents the manifest JSON file defined in the developer guide |
## GET /regions
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ regions | [object] | false | none | none |
| ⇒⇒ name | string | false | none | none |
| ⇒⇒ isHub | boolean | false | none | none |
| ⇒⇒ enablementStatus | string | false | none | none |
| ⇒⇒ provisionedProductId | string | false | none | none |
| ⇒⇒ dateEnabled | string | false | none | none |
## PUT /regions
### Body parameter schema
```
{
"region": {
"name": "string",
"enablementStatus": "string"
}
}
```
**Parameters**
| **Name** | **In** | **Type** | **Required** | **Description** |
| --- | --- | --- | --- | --- |
| body | body | object | true | none |
| ⇒ region | body | object | false | none |
| ⇒⇒ name | body | string | false | none |
| ⇒⇒ enablementStatus | body | string | false | none |
### Response schema
**Status code 200**
| **Name** | **Type** | **Required** | **Restrictions** | **Description** |
| --- | --- | --- | --- | --- |
| ⇒ regions | object | false | none | none |
| ⇒⇒ name | string | false | none | none |
| ⇒⇒ isHub | string | false | none | none |
| ⇒⇒ enablementStatus | string | false | none | none |
| ⇒⇒ provisionedProductId | string | false | none | none |
| ⇒⇒ dateEnabled | string | false | none | none |