AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS::AmazonMQ::Broker

A broker is a message broker environment running on Amazon MQ. It is the basic building block of Amazon MQ.

The AWS::AmazonMQ::Broker resource lets you create Amazon MQ brokers, add configuration changes or modify users for the specified broker, return information about the specified broker, and delete the specified broker. For more information, see Amazon MQ Basic Elements in the Amazon MQ Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::AmazonMQ::Broker", "Properties" : { "AutoMinorVersionUpgrade" : Boolean, "BrokerName" : String, "Users" : [ User, ... ], "Configuration" : ConfigurationId, "DeploymentMode" : String, "EngineType" : String, "EngineVersion" : String, "HostInstanceType" : String, "Logs" : LogsConfiguration, "MaintenanceWindowStartTime" : MaintenanceWindow, "PubliclyAccessible" : Boolean, "SecurityGroups" : [ String, ... ], "SubnetIds" : [ String, ... ], "Tags" : [ Resource Tag, ... ] } }

YAML

Type: "AWS::AmazonMQ::Broker" Properties: AutoMinorVersionUpgrade: Boolean BrokerName: String Users: - User Configuration: ConfigurationId DeploymentMode: String EngineType: String EngineVersion: String HostInstanceType: String Logs: LogsConfiguration MaintenanceWindowStartTime: MaintenanceWindow PubliclyAccessible: Boolean SecurityGroups: - String SubnetIds: - String Tags: - Resource Tag

Properties

AutoMinorVersionUpgrade

Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions. The automatic upgrades occur during the maintenance window of the broker or after a manual broker reboot.

Required: Yes

Type: Boolean

Update requires: No interruption

BrokerName

The name of the broker. This value must be unique in your AWS account, 1-50 characters long, must contain only letters, numbers, dashes, and underscores, and must not contain whitespaces, brackets, wildcard characters, or special characters.

Required: Yes

Type: String

Update requires: Replacement

Users

The list of all ActiveMQ usernames for the specified broker.

Required: Yes

Type: List of User property types

Update requires: Some interruptions

Configuration

The broker configuration. If no configuration exists for a broker, Amazon MQ creates a default configuration.

Note

You can use AWS CloudFormation to modify—but not delete—an Amazon MQ configuration.

Required: No

Type: ConfigurationId

Update requires: Some interruptions

DeploymentMode

The deployment mode of the broker. SINGLE_INSTANCE creates a single-instance broker in a single Availability Zone. ACTIVE_STANDBY_MULTI_AZ creates an active/standby broker for high availability.

Required: Yes

Type: String

Update requires: Replacement

EngineType

The type of broker engine.

Note

Currently, Amazon MQ supports only ACTIVEMQ.

Required: Yes

Type: String

Update requires: Replacement

EngineVersion

The version of the broker engine.

Note

For a list of supported engine versions, see: Broker Engine.

Required: Yes

Type: String

Update requires: Some interruptions

HostInstanceType

The broker's instance type. For more information, see Instance Types in the Amazon MQ Developer Guide.

Required: Yes

Type: String

Update requires: Replacement

Logs

The Amazon CloudWatch Logs configuration for the broker.

Required: No

Type: LogsConfiguration

Update requires: Some interruptions

MaintenanceWindowStartTime

The parameters that determine the WeeklyStartTime.

Required: No

Type: MaintenanceWindow

Update requires: Replacement

PubliclyAccessible

Enables connections from applications outside of the VPC that hosts the broker's subnets.

Required: Yes

Type: Boolean

Update requires: Replacement

SecurityGroups

The list of rules (1 minimum, 125 maximum) that authorize connections to brokers.

Required: No

Type: List of String values

Update requires: Replacement

SubnetIds

The list of groups (2 maximum) that define which subnets and IP ranges the broker can use from different Availability Zones. A SINGLE_INSTANCE deployment requires one subnet (for example, the default subnet). An ACTIVE_STANDBY_MULTI_AZ deployment requires two subnets.

Required: No

Type: List of String values

Update requires: Replacement

Tags

An array of key-value pairs. For more information, see Using Cost Allocation Tags in the AWS Billing and Cost Management User Guide.

Required: No

Type: List of Resource Tag

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of an AWS::AmazonMQ::Broker resource to the intrinsic Ref function, the function returns the Amazon MQ broker ID. For example:

b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

Arn

The Amazon Resource Name (ARN) of the Amazon MQ broker.

arn:aws:mq:us-east-2:123456789012:broker:MyBroker:b-1234a5b6-78cd-901e-2fgh-3i45j6k178l9
ConfigurationId

The unique ID that Amazon MQ generates for the configuration.

c-1234a5b6-78cd-901e-2fgh-3i45j6k178l9
ConfigurationRevision

The revision number of the configuration.

1
IpAddresses

The IP addresses of each broker instance as a list of strings.

['198.51.100.2', '203.0.113.9']
MqttEndpoints

The MQTT endpoints of each broker instance as a list of strings.

mqtt+ssl://b-4aada85d-a80c-4be0-9d30-e344a01b921e-1.mq.eu-central-amazonaws.com:8883
OpenWireEndpoints

The OpenWire endpoints of each broker instance as a list of strings.

ssl://b-4aada85d-a80c-4be0-9d30-e344a01b921e-1.mq.eu-central-amazonaws.com:61617
AmqpEndpoints

The AMQP endpoints of each broker instance as a list of strings.

amqp+ssl://b-4aada85d-a80c-4be0-9d30-e344a01b921e-1.mq.eu-central-amazonaws.com:5671
StompEndpoints

The STOMP endpoints of each broker instance as a list of strings.

stomp+ssl://b-4aada85d-a80c-4be0-9d30-e344a01b921e-1.mq.eu-central-amazonaws.com:61614
WssEndpoints

The WSS endpoints of each broker instance as a list of strings.

wss://b-4aada85d-a80c-4be0-9d30-e344a01b921e-1.mq.eu-central-amazonaws.com:61619

For more information about using Fn::GetAtt, see Fn::GetAtt.

Examples

Basic Amazon MQ Broker

The following example creates a basic Amazon MQ broker with one user that belongs to a group.

Note

We don't recommend including plaintext passwords in AWS CloudFormation templates. To securely retrieve your user credentials, add a Ref to your template. For example, you can create a Lambda function and use it to retrieve encrypted credentials stored in a DynamoDB table. For more information, see Using AWS Lambda with Amazon DynamoDB in the AWS Lambda Developer Guide.

JSON

{ "Description": "Create a basic AmazonMQ broker", "Resources": { "BasicBroker": { "Type": "AWS::AmazonMQ::Broker", "Properties": { "AutoMinorVersionUpgrade": "false", "BrokerName": "MyBasicBroker", "DeploymentMode": "SINGLE_INSTANCE", "EngineType": "ActiveMQ", "EngineVersion": "5.15.0", "HostInstanceType": "mq.t2.micro", "PubliclyAccessible": "true", "Users": [ { "ConsoleAccess": "true", "Groups": [ "MyGroup" ], "Password" : { "Ref" : "AmazonMqPassword" }, "Username" : { "Ref" : "AmazonMqUsername" } } ] } } } }

YAML

--- Description: "Create a basic AmazonMQ broker" Resources: BasicBroker: Type: "AWS::AmazonMQ::Broker" Properties: AutoMinorVersionUpgrade: "false" BrokerName: MyBasicBroker DeploymentMode: SINGLE_INSTANCE EngineType: ActiveMQ EngineVersion: "5.15.0" HostInstanceType: mq.t2.micro PubliclyAccessible: "true" Users: - ConsoleAccess: "true" Groups: - MyGroup Password: Ref: "BrokerPassword" Username: Ref: "BrokerUsername"

Complex Amazon MQ Broker

The following example creates a complex Amazon MQ broker with two users that don't belong to a group and one user that belongs in a group.

Note

We don't recommend including plaintext passwords in AWS CloudFormation templates. To securely retrieve your user credentials, add a Ref to your template. For example, you can create a Lambda function and use it to retrieve encrypted credentials stored in a DynamoDB table. For more information, see Using AWS Lambda with Amazon DynamoDB in the AWS Lambda Developer Guide.

JSON

{ "Description": "Create a complex AmazonMQ broker", "Resources": { "ComplexBroker": { "Type": "AWS::AmazonMQ::Broker", "Properties": { "AutoMinorVersionUpgrade": "false", "BrokerName": "MyComplexBroker", "Configuration": { "Id": { "Ref": "Configuration1" }, "Revision" : { "Fn::GetAtt": ["Configuration1", "Revision"] } }, "DeploymentMode": "SINGLE_INSTANCE", "EngineType": "ActiveMQ", "EngineVersion": "5.15.0", "HostInstanceType": "mq.t2.micro", "Logs": { "General": true, "Audit": false }, "MaintenanceWindowStartTime": { "DayOfWeek": "Monday", "TimeOfDay": "22:45", "TimeZone": "America/Los_Angeles" }, "PubliclyAccessible": "true", "SecurityGroups": [ "sg-a1b234cd", "sg-e5f678gh" ], "SubnetIds": [ "subnet-12a3b45c", "subnet-67d8e90f" ], "Users": [{ "ConsoleAccess": "true", "Password" : { "Ref" : "AmazonMqPassword1" }, "Username" : { "Ref" : "AmazonMqUsername1" } }, { "Password" : { "Ref" : "AmazonMqPassword2" }, "Username" : { "Ref" : "AmazonMqUsername2" } }, { "Groups": [ "MyGroup1", "MyGroup2" ], "Password" : { "Ref" : "AmazonMqPassword3" }, "Username" : { "Ref" : "AmazonMqUsername3" } }] } } } }

YAML

--- Description: "Create a complex AmazonMQ broker" Resources: ComplexBroker: Type: "AWS::AmazonMQ::Broker" Properties: AutoMinorVersionUpgrade: "false" BrokerName: MyComplexBroker Configuration: Id: !GetAtt Configuration1.Id Revision: !GetAtt Configuration1.Revision DeploymentMode: SINGLE_INSTANCE EngineType: ActiveMQ EngineVersion: "5.15.0" HostInstanceType: mq.t2.micro Logs: General: "true" Audit: "false" MaintenanceWindowStartTime: DayOfWeek: Monday TimeOfDay: "22:45" TimeZone: America/Los_Angeles PubliclyAccessible: "true" SecurityGroups: - "sg-a1b234cd" - "sg-e5f678gh" SubnetIds: - "subnet-12a3b45c" - "subnet-67d8e90f" Users: - ConsoleAccess: "true" Password: Ref: "BrokerPassword1" Username: Ref: "BrokerUsername1" - Password: Ref: "BrokerPassword2" Username: Ref: "BrokerUsername2" - Groups: - MyGroup1 - MyGroup2 Password: Ref: "BrokerPassword3" Username: Ref: "BrokerUsername3"