-
Notifications
You must be signed in to change notification settings - Fork 5.7k
/
cloudformation.yml
297 lines (262 loc) · 7.1 KB
/
cloudformation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
AWSTemplateFormatVersion: 2010-09-09
Parameters:
ClusterName:
Type: String
Description: Name of MSK Cluster
ActiveMQBrokerName:
Type: String
Description: Name of ActiveMQ Broker
ActiveMQUser:
Type: String
Description: Name of ActiveMQ User
ActiveMQPassword:
Type: String
Description: Password of ActiveMQ User
NoEcho: true
RabbitMQBrokerName:
Type: String
Description: Name of RabbitMQ Broker
RabbitMQUser:
Type: String
Description: Name of RabbitMQ User
RabbitMQPassword:
Type: String
Description: Password of RabbitMQ User
NoEcho: true
ClusterConfigurationArn:
Type: String
Description: MSK Cluster Configuration ARN
ClusterConfigurationRevision:
Type: Number
Description: MSK Cluster Configuration Revision number
Default: 1
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 172.31.0.0/16
Tags:
- Key: Name
Value: !Ref AWS::StackName
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ''
CidrBlock: 172.31.0.0/24
MapPublicIpOnLaunch: true
PrivateSubnetA:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone:
Fn::Select:
- 0
- Fn::GetAZs: ''
CidrBlock: 172.31.3.0/24
MapPublicIpOnLaunch: false
PrivateSubnetB:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone:
Fn::Select:
- 1
- Fn::GetAZs: ''
CidrBlock: 172.31.2.0/24
MapPublicIpOnLaunch: false
InternetGateway:
Type: AWS::EC2::InternetGateway
GatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
PublicRoute:
Type: AWS::EC2::Route
DependsOn: GatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
NatGateway:
Type: AWS::EC2::NatGateway
DependsOn: NatPublicIP
Properties:
AllocationId: !GetAtt NatPublicIP.AllocationId
SubnetId: !Ref PublicSubnet
NatPublicIP:
Type: AWS::EC2::EIP
DependsOn: VPC
Properties:
Domain: vpc
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
PrivateRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway
PrivateSubnetARouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnetA
RouteTableId: !Ref PrivateRouteTable
PrivateSubnetBRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnetB
RouteTableId: !Ref PrivateRouteTable
ActiveMQSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security Group for ActiveMQ
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 61617
ToPort: 61617
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 61614
ToPort: 61614
CidrIp: 0.0.0.0/0
ActiveMQBroker:
Type: 'AWS::AmazonMQ::Broker'
Properties:
AutoMinorVersionUpgrade: 'false'
BrokerName: !Ref ActiveMQBrokerName
DeploymentMode: SINGLE_INSTANCE
EngineType: ActiveMQ
EngineVersion: '5.15.0'
HostInstanceType: mq.t2.micro
PubliclyAccessible: 'false'
SecurityGroups:
- !Ref ActiveMQSecurityGroup
SubnetIds:
- !Ref PrivateSubnetA
Users:
- ConsoleAccess: 'true'
Password: !Ref ActiveMQPassword
Username: !Ref ActiveMQUser
RabbitMQSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security Group for RabbitMQ
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 5671
ToPort: 5671
CidrIp: 0.0.0.0/0
RabbitMQBroker:
Type: 'AWS::AmazonMQ::Broker'
Properties:
AutoMinorVersionUpgrade: 'false'
BrokerName: !Ref RabbitMQBrokerName
DeploymentMode: SINGLE_INSTANCE
EngineType: RABBITMQ
EngineVersion: '3.8.11'
HostInstanceType: mq.t3.micro
PubliclyAccessible: 'false'
SecurityGroups:
- !Ref RabbitMQSecurityGroup
SubnetIds:
- !Ref PrivateSubnetA
Users:
- ConsoleAccess: 'true'
Password: !Ref RabbitMQPassword
Username: !Ref RabbitMQUser
MSKCluster:
Type: 'AWS::MSK::Cluster'
Properties:
ClusterName: !Ref ClusterName
KafkaVersion: 2.2.1
NumberOfBrokerNodes: 2
BrokerNodeGroupInfo:
InstanceType: kafka.t3.small
ClientSubnets:
- !Ref PrivateSubnetA
- !Ref PrivateSubnetB
StorageInfo:
EBSStorageInfo:
VolumeSize: 1
ConfigurationInfo:
Arn: !Ref ClusterConfigurationArn
Revision: !Ref ClusterConfigurationRevision
FileSystem:
Type: AWS::EFS::FileSystem
Properties:
PerformanceMode: generalPurpose
FileSystemTags:
- Key: Name
Value: ServerlessFrameworkTestsVolume
MountTarget:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystem
SubnetId: !Ref PrivateSubnetA
SecurityGroups:
- !GetAtt VPC.DefaultSecurityGroup
AccessPointResource:
Type: AWS::EFS::AccessPoint
Properties:
FileSystemId: !Ref FileSystem
PosixUser:
Uid: 1001
Gid: 1001
RootDirectory:
CreationInfo:
OwnerGid: 1001
OwnerUid: 1001
Permissions: 770
Path: /efs
Outputs:
VPC:
Description: VPC ID
Value: !Ref VPC
PrivateSubnetA:
Description: Private Subnet A ID
Value: !Ref PrivateSubnetA
SecurityGroup:
Description: Default security for Lambda VPC
Value: !GetAtt VPC.DefaultSecurityGroup
ActiveMQBrokerArn:
Description: Created ActiveMQ Broker ARN
Value: !GetAtt ActiveMQBroker.Arn
ActiveMQBrokerId:
Description: Created ActiveMQ Broker Id
Value: !Ref ActiveMQBroker
ActiveMQSecurityGroup:
Description: Security Group for ActiveMQ
Value: !Ref ActiveMQSecurityGroup
RabbitMQBrokerArn:
Description: Created RabbitMQ Broker ARN
Value: !GetAtt RabbitMQBroker.Arn
RabbitMQBrokerId:
Description: Created RabbitMQ Broker Id
Value: !Ref RabbitMQBroker
RabbitMQSecurityGroup:
Description: Security Group for RabbitMQ
Value: !Ref RabbitMQSecurityGroup
MSKCluster:
Description: Created MSK Cluster
Value: !Ref MSKCluster
EFSAccessPointARN:
Description: EFS Access Point ARN
Value: !GetAtt AccessPointResource.Arn