feat(deadline): add ThinkboxDockerImages construct

examples/deadline/All-In-AWS-Infrastructure-Basic/python/README.md

@@ -32,12 +32,22 @@ These instructions assume that your working directory is `examples/deadline/All-
     popd
     pip install ../../../../dist/python/aws-rfdk-<version>.tar.gz
     ```
-4.  Change the value of the `deadline_version` variable in `package/config.py` to specify the desired version of Deadline to be deployed to your render farm. RFDK is compatible with Deadline versions 10.1.9.x and later. To see the available versions of Deadline, consult the [Deadline release notes](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/release-notes.html). It is recommended to use the latest version of Deadline available when building your farm, but to pin this version when the farm is ready for production use. For example, to pin to the latest `10.1.12.x` release of Deadline, use:
+4.  You must read and accept the [AWS Thinkbox End-User License Agreement (EULA)](https://www.awsthinkbox.com/end-user-license-agreement) to deploy and run Deadline. To do so, change the value of the `accept_aws_thinkbox_eula` in `package/config.py`:
+
+    ```py
+    # Change this value to AwsThinkboxEulaAcceptance.USER_ACCEPTS_AWS_THINKBOX_EULA if you wish to accept the SSPL
+    # and proceed with Deadline deployment. Users must explicitly accept the AWS Thinkbox EULA before using the AWS
+    # Thinkbox Deadline container images.
+    #
+    # See https://www.awsthinkbox.com/end-user-license-agreement for the terms of the agreement.
+    self.accept_aws_thinkbox_eula: AwsThinkboxEulaAcceptance = AwsThinkboxEulaAcceptance.USER_REJECTS_AWS_THINKBOX_EULA
+    ```
+5.  Change the value of the `deadline_version` variable in `package/config.py` to specify the desired version of Deadline to be deployed to your render farm. RFDK is compatible with Deadline versions 10.1.9.x and later. To see the available versions of Deadline, consult the [Deadline release notes](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/release-notes.html). It is recommended to use the latest version of Deadline available when building your farm, but to pin this version when the farm is ready for production use. For example, to pin to the latest `10.1.12.x` release of Deadline, use:
 
     ```python
     self.deadline_version: str = '10.1.12'
     ```
-5.  Change the value of the `deadline_client_linux_ami_map` variable in `package/config.py` to include the region + AMI ID mapping of your EC2 AMI(s) with Deadline Worker. You can use the following AWS CLI query to find AMI ID's:
+6.  Change the value of the `deadline_client_linux_ami_map` variable in `package/config.py` to include the region + AMI ID mapping of your EC2 AMI(s) with Deadline Worker. You can use the following AWS CLI query to find AMI ID's:
     ```bash
     aws --region <region> ec2 describe-images \
     --owners 357466774442 \
@@ -53,17 +63,17 @@ These instructions assume that your working directory is `examples/deadline/All-
         'us-west-2': '<your ami id>'
     }
     ```
-6.  Create a binary secret in [SecretsManager](https://aws.amazon.com/secrets-manager/) that contains your [Usage-Based Licensing](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/aws-portal/licensing-setup.html?highlight=usage%20based%20licensing) certificates in a `.zip` file:
+7.  Create a binary secret in [SecretsManager](https://aws.amazon.com/secrets-manager/) that contains your [Usage-Based Licensing](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/aws-portal/licensing-setup.html?highlight=usage%20based%20licensing) certificates in a `.zip` file:
 
     ```bash
     aws secretsmanager create-secret --name <name> --secret-binary fileb://<path-to-zip-file>
     ```
-7.  The output from the previous step will contain the secret's ARN. Change the value of the `ubl_certificate_secret_arn` variable in `package/config.py` to the secret's ARN:
+8.  The output from the previous step will contain the secret's ARN. Change the value of the `ubl_certificate_secret_arn` variable in `package/config.py` to the secret's ARN:
 
     ```python
     self.ubl_certificate_secret_arn: str = '<your secret arn>'
     ```
-8.  Choose your UBL limits and change the value of the `ubl_licenses` variable in `package/config.py` accordingly. For example:
+9.  Choose your UBL limits and change the value of the `ubl_licenses` variable in `package/config.py` accordingly. For example:
 
     ```python
     self.ubl_licenses: List[UsageBasedLicense] = [
@@ -82,38 +92,38 @@ These instructions assume that your working directory is `examples/deadline/All-
     **Note:** The next two steps are optional. You may skip these if you do not need SSH access into your render farm.
 
     ---
-9.  Create an EC2 key pair to give you SSH access to the render farm:
+10. Create an EC2 key pair to give you SSH access to the render farm:
 
     ```bash
     aws ec2 create-key-pair --key-name <key-name>
     ```
-10. Change the value of the `key_pair_name` variable in `package/config.py` to your value for `<key-name>` in the previous step:
+11. Change the value of the `key_pair_name` variable in `package/config.py` to your value for `<key-name>` in the previous step:
 
     **Note:** Save the value of the `"KeyMaterial"` field as a file in a secure location. This is your private key that you can use to SSH into the render farm.
 
     ```python
     self.key_pair_name: Optional[str] = '<your key pair name>'
     ```
-11. Choose the type of database you would like to deploy (AWS DocumentDB or MongoDB).
+12. Choose the type of database you would like to deploy (AWS DocumentDB or MongoDB).
     If you would like to use MongoDB, you will need to accept the Mongo SSPL (see next step).
     Once you've decided on a database type, change the value of the `deploy_mongo_db` variable in `package/config.py` accordingly:
 
     ```python
     # True = MongoDB, False = Amazon DocumentDB
     self.deploy_mongo_db: bool = False
     ```
-12. If you set `deploy_mongo_db` to `True`, then you must accept the [SSPL license](https://www.mongodb.com/licensing/server-side-public-license) to successfully deploy MongoDB. To do so, change the value of `accept_sspl_license` in `package/config.py`:
+13. If you set `deploy_mongo_db` to `True`, then you must accept the [SSPL license](https://www.mongodb.com/licensing/server-side-public-license) to successfully deploy MongoDB. To do so, change the value of `accept_sspl_license` in `package/config.py`:
 
     ```python
     # To accept the MongoDB SSPL, change from USER_REJECTS_SSPL to USER_ACCEPTS_SSPL
     self.accept_sspl_license: MongoDbSsplLicenseAcceptance = MongoDbSsplLicenseAcceptance.USER_REJECTS_SSPL
     ```
-13. Deploy all the stacks in the sample app:
+14. Deploy all the stacks in the sample app:
 
     ```bash
     cdk deploy "*"
     ```
-14. Once you are finished with the sample app, you can tear it down by running:
+15. Once you are finished with the sample app, you can tear it down by running:
 
     ```bash
     cdk destroy "*"

examples/deadline/All-In-AWS-Infrastructure-Basic/python/package/app.py

@@ -107,7 +107,8 @@ def main():
         ubl_licenses=config.ubl_licenses,
         root_ca=security.root_ca,
         dns_zone=network.dns_zone,
-        deadline_version=config.deadline_version
+        deadline_version=config.deadline_version,
+        accept_aws_thinkbox_eula=config.accept_aws_thinkbox_eula
     )
     service = service_tier.ServiceTier(app, 'ServiceTier', props=service_props, env=env)
 

examples/deadline/All-In-AWS-Infrastructure-Basic/python/package/config.py

@@ -8,7 +8,10 @@
 )
 
 from aws_rfdk import MongoDbSsplLicenseAcceptance
-from aws_rfdk.deadline import UsageBasedLicense
+from aws_rfdk.deadline import (
+    AwsThinkboxEulaAcceptance,
+    UsageBasedLicense
+)
 
 
 class AppConfig:
@@ -18,6 +21,13 @@ class AppConfig:
     TODO: Fill these in with your own values.
     """
     def __init__(self):
+        # Change this value to AwsThinkboxEulaAcceptance.USER_ACCEPTS_AWS_THINKBOX_EULA if you wish to accept the SSPL
+        # and proceed with Deadline deployment. Users must explicitly accept the AWS Thinkbox EULA before using the AWS
+        # Thinkbox Deadline container images.
+        #
+        # See https://www.awsthinkbox.com/end-user-license-agreement for the terms of the agreement.
+        self.accept_aws_thinkbox_eula: AwsThinkboxEulaAcceptance = AwsThinkboxEulaAcceptance.USER_REJECTS_AWS_THINKBOX_EULA
+
         # The version of Deadline to use on the render farm. Leave as None for the latest release or specify a version
         # to pin to. Some examples of pinned version values are "10", "10.1", or "10.1.12"
         self.deadline_version: Optional[str] = None

examples/deadline/All-In-AWS-Infrastructure-Basic/python/package/lib/service_tier.py

@@ -35,6 +35,7 @@
     X509CertificatePem
 )
 from aws_rfdk.deadline import (
+    AwsThinkboxEulaAcceptance,
     DatabaseConnection,
     RenderQueue,
     RenderQueueHostNameProps,
@@ -69,6 +70,8 @@ class ServiceTierProps(StackProps):
     dns_zone: IPrivateHostedZone
     # Version of Deadline to use
     deadline_version: str
+    # Whether the AWS Thinkbox End-User License Agreement is accepted or not
+    accept_aws_thinkbox_eula: AwsThinkboxEulaAcceptance
 
 
 class ServiceTier(Stack):
@@ -116,7 +119,7 @@ def __init__(self, scope: Construct, stack_id: str, *, props: ServiceTierProps,
         self.version = VersionQuery(
             self,
             'Version',
-            version=props.deadline_version,
+            version=props.deadline_version
         )
 
         repository = Repository(
@@ -126,13 +129,14 @@ def __init__(self, scope: Construct, stack_id: str, *, props: ServiceTierProps,
             database=props.database,
             file_system=props.file_system,
             repository_installation_timeout=Duration.minutes(20),
-            version=self.version,
+            version=self.version
         )
 
         images = ThinkboxDockerImages(
             self,
             'Images',
-            version=self.version
+            version=self.version,
+            user_aws_thinkbox_eula_acceptance=props.accept_aws_thinkbox_eula
         )
 
         server_cert = X509CertificatePem(

examples/deadline/All-In-AWS-Infrastructure-Basic/ts/README.md

@@ -18,12 +18,25 @@ These instructions assume that your working directory is `examples/deadline/All-
     ```
     yarn install
     ```
-3.  Change the value of the `deadlineVersion` variable in `bin/config.ts` to specify the desired version of Deadline to be deployed to your render farm. RFDK is compatible with Deadline versions 10.1.9.x and later. To see the available versions of Deadline, consult the [Deadline release notes](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/release-notes.html). It is recommended to use the latest version of Deadline available when building your farm, but to pin this version when the farm is ready for production use. For example, to pin to the latest `10.1.12.x` release of Deadline, use:
+3.  You must read and accept the [AWS Thinkbox End-User License Agreement (EULA)](https://www.awsthinkbox.com/end-user-license-agreement) to deploy and run Deadline. To do so, change the value of the `userAwsThinkboxEulaAcceptance` in `bin/config.ts`:
+
+    ```ts
+    /**
+     * Change this value to AwsThinkboxEulaAcceptance.USER_ACCEPTS_AWS_THINKBOX_EULA if you wish to accept the SSPL and
+     * proceed with Deadline deployment. Users must explicitly accept the AWS Thinkbox EULA before using the AWS Thinkbox
+     * Deadline container images.
+     *
+     * See https://www.awsthinkbox.com/end-user-license-agreement for the terms of the agreement.
+     */
+    public readonly userAwsThinkboxEulaAcceptance: AwsThinkboxEulaAcceptance = AwsThinkboxEulaAcceptance.USER_REJECTS_AWS_THINKBOX_EULA;
+    ```
+4.  Change the value of the `deadlineVersion` variable in `bin/config.ts` to specify the desired version of Deadline to be deployed to your render farm. RFDK is compatible with Deadline versions 10.1.9.x and later. To see the available versions of Deadline, consult the [Deadline release notes](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/release-notes.html). It is recommended to use the latest version of Deadline available when building your farm, but to pin this version when the farm is ready for production use. For example, to pin to the latest `10.1.12.x` release of Deadline, use:
 
     ```ts
     public readonly deadlineVersion: string = '10.1.12';
     ```
-4.  Change the value of the `deadlineClientLinuxAmiMap` variable in `bin/config.ts` to include the region + AMI ID mapping of your EC2 AMI(s) with Deadline Worker. You can use the following AWS CLI query to find AMI ID's:
+
+5.  Change the value of the `deadlineClientLinuxAmiMap` variable in `bin/config.ts` to include the region + AMI ID mapping of your EC2 AMI(s) with Deadline Worker. You can use the following AWS CLI query to find AMI ID's:
     ```
     aws --region <region> ec2 describe-images \
     --owners 357466774442 \
@@ -46,17 +59,17 @@ These instructions assume that your working directory is `examples/deadline/All-
     **Note:** The next three steps are for setting up usage based licensing and are optional. You may skip these if you do not need to use licenses for rendering.
 
     ---
-5.  Create a binary secret in [SecretsManager](https://aws.amazon.com/secrets-manager/) that contains your [Usage-Based Licensing](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/aws-portal/licensing-setup.html?highlight=usage%20based%20licensing) certificates in a `.zip` file:
+6.  Create a binary secret in [SecretsManager](https://aws.amazon.com/secrets-manager/) that contains your [Usage-Based Licensing](https://docs.thinkboxsoftware.com/products/deadline/10.1/1_User%20Manual/manual/aws-portal/licensing-setup.html?highlight=usage%20based%20licensing) certificates in a `.zip` file:
 
     ```
     aws secretsmanager create-secret --name <name> --secret-binary fileb://<path-to-zip-file>
     ```
-6.  The output from the previous step will contain the secret's ARN. Change the value of the `ublCertificatesSecretArn` variable in `bin/config.ts` to the secret's ARN:
+7.  The output from the previous step will contain the secret's ARN. Change the value of the `ublCertificatesSecretArn` variable in `bin/config.ts` to the secret's ARN:
 
     ```ts
     public readonly ublCertificatesSecretArn: string = '<your-secret-arn>';
     ```
-7.  Choose your UBL limits and change the value of the `ublLicenses` variable in `bin/config.ts` accordingly. For example:
+8.  Choose your UBL limits and change the value of the `ublLicenses` variable in `bin/config.ts` accordingly. For example:
 
     ```ts
     public readonly ublLicenses: UsageBasedLicense[] = [
@@ -75,33 +88,33 @@ These instructions assume that your working directory is `examples/deadline/All-
     **Note:** The next two steps are for allowing SSH access to your render farm and are optional. You may skip these if you do not need SSH access into your render farm.
 
     ---
-8.  Create an EC2 key pair to give you SSH access to the render farm:
+9.  Create an EC2 key pair to give you SSH access to the render farm:
 
     ```
     aws ec2 create-key-pair --key-name <key-name>
     ```
-9.  Change the value of the `keyPairName` variable in `bin/config.ts` to your value for `<key-name>` in the previous step:
+10. Change the value of the `keyPairName` variable in `bin/config.ts` to your value for `<key-name>` in the previous step:
 
     **Note:** Save the value of the `"KeyMaterial"` field as a file in a secure location. This is your private key that you can use to SSH into the render farm.
 
     ```ts
     public readonly keyPairName: string = '<key-name>';
     ```
-10. Choose the type of database you would like to deploy (AWS DocumentDB or MongoDB).
+11. Choose the type of database you would like to deploy (AWS DocumentDB or MongoDB).
     If you would like to use MongoDB, you will need to accept the Mongo SSPL (see next step).
     Once you've decided on a database type, change the value of the `deployMongoDB` variable in `bin/config.ts` accordingly:
 
     ```ts
     // true = MongoDB, false = Amazon DocumentDB
     public readonly deployMongoDB: boolean = false;
     ```
-11. If you set `deployMongoDB` to `true`, then you must accept the [SSPL license](https://www.mongodb.com/licensing/server-side-public-license) to successfully deploy MongoDB. To do so, change the value of `acceptSsplLicense` in `bin/config.ts`:
+12. If you set `deployMongoDB` to `true`, then you must accept the [SSPL license](https://www.mongodb.com/licensing/server-side-public-license) to successfully deploy MongoDB. To do so, change the value of `acceptSsplLicense` in `bin/config.ts`:
 
     ```ts
     // To accept the MongoDB SSPL, change from USER_REJECTS_SSPL to USER_ACCEPTS_SSPL
     public readonly acceptSsplLicense: MongoDbSsplLicenseAcceptance = MongoDbSsplLicenseAcceptance.USER_REJECTS_SSPL;
     ```
-12. Build the `aws-rfdk` package, and then build the sample app. There is some magic in the way yarn workspaces and lerna packages work that will link the built `aws-rfdk` from the base directory as the dependency to be used in the example's directory:
+13. Build the `aws-rfdk` package, and then build the sample app. There is some magic in the way yarn workspaces and lerna packages work that will link the built `aws-rfdk` from the base directory as the dependency to be used in the example's directory:
     ```bash
     # Navigate to the root directory of the RFDK repository (assumes you started in the example's directory)
     pushd ../../../..
@@ -114,12 +127,12 @@ These instructions assume that your working directory is `examples/deadline/All-
     # Run the example's build
     yarn build
     ```
-13. Deploy all the stacks in the sample app:
+14. Deploy all the stacks in the sample app:
 
     ```
     cdk deploy "*"
     ```
-14. Once you are finished with the sample app, you can tear it down by running:
+15. Once you are finished with the sample app, you can tear it down by running:
 
     ```
     cdk destroy "*"

examples/deadline/All-In-AWS-Infrastructure-Basic/ts/bin/app.ts

@@ -105,6 +105,7 @@ const service = new ServiceTier(app, 'ServiceTier', {
   ublLicenses: config.ublLicenses,
   rootCa: security.rootCa,
   dnsZone: network.dnsZone,
+  acceptAwsThinkboxEula: config.acceptAwsThinkboxEula,
 });
 
 // -------------------- //

examples/deadline/All-In-AWS-Infrastructure-Basic/ts/bin/config.ts

@@ -6,13 +6,23 @@
 import 'source-map-support/register';
 import { UsageBasedLicense } from 'aws-rfdk/deadline';
 import { MongoDbSsplLicenseAcceptance } from 'aws-rfdk';
+import { AwsThinkboxEulaAcceptance } from 'aws-rfdk/deadline';
 
 /**
  * Configuration values for the sample app.
  *
  * TODO: Fill these in with your own values.
  */
 class AppConfig {
+  /**
+   * Change this value to AwsThinkboxEulaAcceptance.USER_ACCEPTS_AWS_THINKBOX_EULA if you wish to accept the SSPL and
+   * proceed with Deadline deployment. Users must explicitly accept the AWS Thinkbox EULA before using the AWS Thinkbox
+   * Deadline container images.
+   *
+   * See https://www.awsthinkbox.com/end-user-license-agreement for the terms of the agreement.
+   */
+  public readonly acceptAwsThinkboxEula: AwsThinkboxEulaAcceptance = AwsThinkboxEulaAcceptance.USER_ACCEPTS_AWS_THINKBOX_EULA;
+
   /**
    * The version of Deadline to use on the render farm. Some examples of pinned version values are "10", "10.1", or
    * "10.1.12"

examples/deadline/All-In-AWS-Infrastructure-Basic/ts/lib/service-tier.ts

@@ -21,6 +21,7 @@ import {
   X509CertificatePem,
 } from 'aws-rfdk';
 import {
+  AwsThinkboxEulaAcceptance,
   DatabaseConnection,
   RenderQueue,
   Repository,
@@ -81,6 +82,11 @@ export interface ServiceTierProps extends cdk.StackProps {
    * @default The latest available release of Deadline is used
    */
   readonly deadlineVersion?: string;
+
+  /**
+   * Whether the AWS Thinkbox End-User License Agreement is accepted or not
+   */
+  readonly acceptAwsThinkboxEula: AwsThinkboxEulaAcceptance;
 }
 
 /**
@@ -152,6 +158,7 @@ export class ServiceTier extends cdk.Stack {
 
     const images = new ThinkboxDockerImages(this, 'Images', {
       version: this.version,
+      userAwsThinkboxEulaAcceptance: props.acceptAwsThinkboxEula,
     });
 
     const serverCert = new X509CertificatePem(this, 'RQCert', {