-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathec2rds.yaml
242 lines (227 loc) · 6.02 KB
/
ec2rds.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
AWSTemplateFormatVersion: "2010-09-09"
Description: VPC + EC2 + RDS
Mappings:
RegionMap:
us-east-1:
Linux2: ami-0be2609ba883822ec
us-east-2:
Linux2: ami-0a0ad6b70e61be944
us-west-1:
Linux2: ami-03130878b60947df3
us-west-2:
Linux2: ami-0a36eb8fadc976275
ap-northeast-1:
Linux2: ami-01748a72bed07727c
ap-northeast-2:
Linux2: ami-0094965d55b3bb1ff
Parameters:
KeyName:
Description: Name of KeyPair
Type: AWS::EC2::KeyPair::KeyName
AZpublic:
Description: AvailabilityZone for public
Type: AWS::EC2::AvailabilityZone::Name
AZprivate1:
Description: AvailabilityZone for private
Type: AWS::EC2::AvailabilityZone::Name
AZprivate2:
Description: AvailabilityZone for private
Type: AWS::EC2::AvailabilityZone::Name
VPCCidr:
Description: Cidr Block for VPC
Type: String
Default: 10.0.0.0/16
PublicSubnetCidr:
Description: Cidr Block for Public Subnet
Type: String
Default: 10.0.0.0/24
PrivateSubnet1Cidr:
Description: Cidr Block for Private Subnet 1
Type: String
Default: 10.0.10.0/24
PrivateSubnet2Cidr:
Description: Cidr Block for Private Subnet 2
Type: String
Default: 10.0.20.0/24
DBInstanceID:
Default: dbinstance
Description: Database Instance Name
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: Must begin with a letter, Contain Only alphanumeric
DBName:
Default: db1
Description: Database Name
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: Must begin with a letter, Contain Only alphanumeric
DBInstanceClass:
Default: db.m5.large
Description: DB instance class
Type: String
AllowedValues:
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.4xlarge
- db.m5.8xlarge
DBUsername:
Description: Username for DB Access
Type: String
MinLength: 1
MaxLength: 64
AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
ConstraintDescription: Must begin with a letter, Contain Only alphanumeric
DBPassword:
NoEcho: true
Description: Password for DB Access
Type: String
MinLength: 8
MaxLength: 40
AllowedPattern: '[a-zA-Z0-9]*'
ConstraintDescription: Contain Only alphanumeric
DBAllocatedStorage:
Default: 50
Description: Size of Database (GiB)
Type: Number
MinValue: 5
MaxValue: 1024
ConstraintDescription: between 20 and 65536 GiB
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCCidr
EnableDnsHostnames: true
Tags:
- Key: Name
Value: myVPC
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PublicSubnetCidr
AvailabilityZone: !Ref AZpublic
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: public subnet
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PrivateSubnet1Cidr
AvailabilityZone: !Ref AZprivate1
Tags:
- Key: Name
Value: private subnet 1
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PrivateSubnet2Cidr
AvailabilityZone: !Ref AZprivate2
Tags:
- Key: Name
Value: private subnet 2
IGW:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: myigw
Attachigw:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref IGW
VpcId: !Ref VPC
PublicRT:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: Public RT
PublicRoute:
Type: AWS::EC2::Route
DependsOn: Attachigw
Properties:
RouteTableId: !Ref PublicRT
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref IGW
PublicSubnetRTAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRT
SubnetId: !Ref PublicSubnet
SGforWeb:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: allow 22, 80
GroupName: webaccess
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
VpcId: !Ref VPC
SGforDB:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: allow webserver
GroupName: dbaccess
SecurityGroupIngress:
- IpProtocol: -1
SourceSecurityGroupId : !GetAtt SGforWeb.GroupId
VpcId: !Ref VPC
EC2forWeb:
Type: AWS::EC2::Instance
Properties:
ImageId: !FindInMap [ RegionMap, !Ref "AWS::Region", Linux2 ]
KeyName: !Ref KeyName
AvailabilityZone: !GetAtt PublicSubnet.AvailabilityZone
InstanceType: t3.micro
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !Ref SGforWeb
UserData:
Fn::Base64:
!Join [ "", [
"#!/bin/bash\n",
"#Install APM for Web Server\n",
"yum install -y mariadb* php httpd php-mysql\n",
"systemctl enable httpd mariadb\n",
"systemctl start httpd mariadb\n"] ]
Tags:
- Key: Name
Value: Web Server
SubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: SubnetGroup for MySQL RDS
DBSubnetGroupName: mySubnetGroup
SubnetIds:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
RDS:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: !Ref DBInstanceID
DBName: !Ref DBName
DBInstanceClass: !Ref DBInstanceClass
Engine: MySQL
EngineVersion: 8.0.20
MasterUsername: !Ref DBUsername
MasterUserPassword: !Ref DBPassword
AllocatedStorage: !Ref DBAllocatedStorage
DBSubnetGroupName: !Ref SubnetGroup
VPCSecurityGroups:
- !Ref SGforDB