/
bridgeserver2-db.yaml
107 lines (107 loc) · 3.41 KB
/
bridgeserver2-db.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
Description: Resources for BridgeServer2 database
AWSTemplateFormatVersion: 2010-09-09
Parameters:
DatabaseAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: 'us-east-1a'
DatabaseBackupRetentionDays:
Type: Number
Default: '1'
DatabaseClusterAvailabilityZones:
Type: List<AWS::EC2::AvailabilityZone::Name>
Default: 'us-east-1a,us-east-1b,us-east-1c'
DatabaseInstanceType:
Type: String
Default: 'db.t2.small'
DatabaseReplicaAvailabilityZone:
Type: AWS::EC2::AvailabilityZone::Name
Default: 'us-east-1b'
HibernateConnectionPassword:
Type: String
NoEcho: true
HibernateConnectionUsername:
Type: String
NoEcho: true
MySqlVersion:
Type: String
Resources:
DBCluster:
Type: AWS::RDS::DBCluster
Properties:
AvailabilityZones: !Ref DatabaseClusterAvailabilityZones
BackupRetentionPeriod: !Ref DatabaseBackupRetentionDays
DatabaseName: 'BridgeDB'
DBClusterIdentifier: !Join
- '-'
- - !Ref 'AWS::StackName'
- aurora
DBSubnetGroupName: !ImportValue us-east-1-bridgeserver2-common-db-DBSubnetGroupName
DeletionProtection: true
Engine: 'aurora'
EngineMode: 'provisioned'
EngineVersion: !Ref MySqlVersion
MasterUsername: !Ref HibernateConnectionUsername
MasterUserPassword: !Ref HibernateConnectionPassword
Port: 3306
PreferredMaintenanceWindow: Mon:10:00-Mon:10:30
StorageEncrypted: true
VpcSecurityGroupIds:
- !ImportValue us-east-1-BridgeServer2-vpc-VpnSecurityGroup
- !Ref RdsNewVpcSecurityGroup
DBInstance:
Type: AWS::RDS::DBInstance
Properties:
AllowMajorVersionUpgrade: false
AutoMinorVersionUpgrade: true
AvailabilityZone: !Ref DatabaseAvailabilityZone
DBClusterIdentifier: !Ref DBCluster
DBInstanceClass: !Ref DatabaseInstanceType
DBInstanceIdentifier: !Join
- '-'
- - !Ref 'AWS::StackName'
- aurora
Engine: 'aurora'
PubliclyAccessible: false
DBInstanceReplica:
Type: AWS::RDS::DBInstance
Properties:
AllowMajorVersionUpgrade: false
AutoMinorVersionUpgrade: true
AvailabilityZone: !Ref DatabaseReplicaAvailabilityZone
DBClusterIdentifier: !Ref DBCluster
DBInstanceClass: !Ref DatabaseInstanceType
DBInstanceIdentifier: !Join
- '-'
- - !Ref 'AWS::StackName'
- aurora-replica
Engine: 'aurora'
PubliclyAccessible: false
RdsNewVpcSecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: !Join
- '-'
- - !Ref 'AWS::StackName'
- RdsNewVpcSecurityGroup
VpcId: !ImportValue us-east-1-BridgeServer2-vpc-VPCId
RdsNewToNewSecurityGroupIngress:
Type: 'AWS::EC2::SecurityGroupIngress'
Properties:
GroupId: !Ref RdsNewVpcSecurityGroup
IpProtocol: tcp
FromPort: 3306
ToPort: 3306
SourceSecurityGroupId: !Ref RdsNewVpcSecurityGroup
Outputs:
DatabaseEndpointAddress:
Value: !GetAtt DBCluster.Endpoint.Address
Export:
Name: !Sub '${AWS::Region}-${AWS::StackName}-DatabaseEndpointAddress'
DatabaseEndpointPort:
Value: !GetAtt DBCluster.Endpoint.Port
Export:
Name: !Sub '${AWS::Region}-${AWS::StackName}-DatabaseEndpointPort'
RdsNewVpcSecurityGroup:
Value: !Ref RdsNewVpcSecurityGroup
Export:
Name: !Sub '${AWS::Region}-${AWS::StackName}-RdsNewVpcSecurityGroup'