updating documentation

jq.md

@@ -0,0 +1,72 @@
+# JQ
+
+## Piping into jq
+
+You can `cat` or `bat` a file and pipe it into `jq`.
+
+You can also take a command that returns json and pipe it into `jq`.
+
+## Returning data without "
+
+To return data without `jq` wrapping results in `"` use the `-r` flag.
+
+`jq -r`
+
+## Filtering
+
+### Get values from a key
+
+Running `aws --profile admin cloudformation describe-stack-resources --stack-name strapi-vpc | jq` returns:
+
+```json
+{
+  "StackResources": [
+    {
+      "StackName": "strapi-vpc",
+      "StackId": "arn:aws:cloudformation:eu-west-1:745437999005:stack/strapi-vpc/a9e41430-8afc-11ea-bdaa-0a736ea8438a",
+      "LogicalResourceId": "InternetGateway",
+      "PhysicalResourceId": "igw-0e059db8e0795ac32",
+      "ResourceType": "AWS::EC2::InternetGateway",
+      "Timestamp": "2020-04-30T16:07:42.434Z",
+      "ResourceStatus": "CREATE_COMPLETE",
+      "DriftInformation": {
+        "StackResourceDriftStatus": "NOT_CHECKED"
+      }
+    },
+    {
+      "StackName": "strapi-vpc",
+      "StackId": "arn:aws:cloudformation:eu-west-1:745437999005:stack/strapi-vpc/a9e41430-8afc-11ea-bdaa-0a736ea8438a",
+      "LogicalResourceId": "InternetGatewayAttachment",
+      "PhysicalResourceId": "strap-Inter-1413K0IDR1L3N",
+      "ResourceType": "AWS::EC2::VPCGatewayAttachment",
+      "Timestamp": "2020-04-30T16:08:00.147Z",
+      "ResourceStatus": "CREATE_COMPLETE",
+      "DriftInformation": {
+        "StackResourceDriftStatus": "NOT_CHECKED"
+      }
+    },
+```
+
+We can then use `jq`'s filtering to return values.
+
+We have a key of `StackResources` which contains a list: `.StackResources[]`
+
+We can then pass in the key we want `.StackResources[].PhysicalResourceId`
+
+`aws --profile admin cloudformation describe-stack-resources --stack-name strapi-vpc | jq -r '.StackResources[].PhysicalResourceId'` which gives:
+
+```json
+"igw-0e059db8e0795ac32"
+"strap-Inter-1413K0IDR1L3N"
+"strap-Publi-1TS82BV8W4UFD"
+"rtb-0cf8d05f71a30ef03"
+"subnet-051fe56dc37d8396d"
+"rtbassoc-0f7ae2fbdfe6bf2a5"
+"subnet-0ea9f2f165a57be27"
+"rtbassoc-00a67937c3778e273"
+"subnet-09b28d722f41b2dde"
+"rtbassoc-0a0a6bd0f8ff641df"
+"vpc-029d232726cbf591d"
+```
+
+`aws --profile admin cloudformation describe-stack-resources --stack-name strapi-vpc | jq -r '.StackResources[] | .ResourceType + ":    " + .PhysicalResourceId'`

tempnotes.md

@@ -149,15 +149,24 @@ Default ports:
 
 ### deploy
 
-`aws --profile admin cloudformation deploy --template-file ./02-stack-vpc.yaml --stack-name temp-vpc --tags git=web-dev owner=home project=strapi-elb test=true deployment=cloudformation`
+`aws --profile admin cloudformation deploy --template-file ./02-stack-vpc.yaml --stack-name strapi-vpc --tags git=web-dev owner=home project=strapi-elb test=true deployment=cloudformation`
 
-`aws --profile admin cloudformation deploy --template-file ./03-stack-rdsinstance.yaml --stack-name temp --parameter-overrides StackName=temp-vpc`
+`aws --profile admin cloudformation deploy --template-file ./02-stack-vpc.yaml --stack-name new-temp-vpc --tags git=web-dev owner=home project=strapi-elb test=true deployment=cloudformation`
+
+`aws --profile admin cloudformation deploy --template-file ./03-stack-rdsinstance.yaml --stack-name strapi-rds --parameter-overrides StackName=strapi-vpc`
 
 ### delete
 
 `aws --profile admin cloudformation delete-stack --stack-name temp-vpc`
 
+`aws --profile admin cloudformation delete-stack --stack-name new-temp-vpc`
+
 `aws --profile admin cloudformation delete-stack --stack-name temp`
 
 List of all RDS Engines available under "Engine" header: <https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html>.
 
+### descrive-stack-resources
+
+Will print a json list of all resources in the stack
+
+`aws --profile admin cloudformation describe-stack-resources --stack-name strapi-vpc`

todo.md

@@ -87,9 +87,29 @@ Outputs:
 
 Defines a VPC. We can then pass in the stackname to another CF template and it can reference this VPC. The VPC names are static between projects (they don't have to be but here they are).
 
-
 Check if the security group of the CF RDS matches that of ELB RDS. They should specify the same (one postgres inbound on 5432 and all traffic all/all inbound)
+They don't - the traffic all/all isnt there on ELB RDS SG.
+This is because we are editing the default security group. We should create a new security group then change the inbound rules on there.
 
 Do we need a seperate security group for the database? - The answer should be that there is a seperate security group for RDS, and one for EC2. EC2 one should be created by ELB automatically.
 
 Does the db and the ec2 instances share the same VPC?
+
+To Do
+
+Change stacknames
+New stack names
+--stack-name temp-vpc: strapi-vpc-seperate
+--stack-name new-temp-vpc: strapi-vpc-elb
+--stack-name temp: strapi-elb
+
+- Create the VPC CF template twice (one for ELB, other to compare)
+- In RDS CF template:
+  - Create a https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-security-group.html
+  - Change SecurityGroupIngress to this SG
+- Deploy strapi-prod with VPC + subnets of one of the VPCs
+- Compare the db SG ingress with ELB, should be the same now.
+
+- Destroy all above
+- Redeploy but only do one VPC, put this in strapi-prod and deploy ELB app with DB
+- Redeploy strapi-elb but change the RDS env vars to point to standalone RDS.