55 lines
2.0 KiB
YAML
55 lines
2.0 KiB
YAML
AWSTemplateFormatVersion: 2010-09-09
|
|
Description: This template creates an RDS database for an ELB environment.
|
|
In addition to the database it creates a subnet group for the RDS database,
|
|
a security group with Ingress rules only allowing connections to the database.
|
|
It uses an existing Public VPC and subnet already created in
|
|
another Cloudformation stack. This is public so the database can go out
|
|
to the internet.
|
|
Parameters:
|
|
StackName:
|
|
Description: The stack name of another CloudFormation template. This is used
|
|
to prepend the name of other resources in other templates.
|
|
Type: String
|
|
Resources:
|
|
RDSSubnetGroup:
|
|
Type: AWS::RDS::DBSubnetGroup
|
|
Properties:
|
|
DBSubnetGroupDescription: A subnet group for the RDS instance.
|
|
SubnetIds:
|
|
- Fn::ImportValue: !Sub "${StackName}-PublicSubnet0"
|
|
- Fn::ImportValue: !Sub "${StackName}-PublicSubnet1"
|
|
- Fn::ImportValue: !Sub "${StackName}-PublicSubnet2"
|
|
RDSSecurityGroup:
|
|
Type: AWS::EC2::SecurityGroup
|
|
Properties:
|
|
GroupName: !Sub "${AWS::StackName}-RDS-SecurityGroup"
|
|
GroupDescription: Security Group for RDS allowing ingress on DB port only.
|
|
VpcId:
|
|
Fn::ImportValue: !Sub "${StackName}-PublicVPC"
|
|
SecurityGroupIngress:
|
|
- IpProtocol: tcp
|
|
FromPort: 5432
|
|
ToPort: 5432
|
|
CidrIp: 82.6.205.148/32
|
|
- IpProtocol: tcp
|
|
FromPort: 5432
|
|
ToPort: 5432
|
|
SourceSecurityGroupId:
|
|
Fn::ImportValue: !Sub "${StackName}-PublicSecurityGroup"
|
|
RDSDBInstance:
|
|
Type: AWS::RDS::DBInstance
|
|
Properties:
|
|
AllocatedStorage: 5
|
|
AllowMajorVersionUpgrade: false
|
|
AutoMinorVersionUpgrade: true
|
|
DBInstanceClass: "db.t2.micro"
|
|
DBName: postgres
|
|
Engine: postgres
|
|
EngineVersion: 12.2
|
|
MasterUsername: mainuser
|
|
MasterUserPassword: password
|
|
PubliclyAccessible: true
|
|
VPCSecurityGroups:
|
|
- !Ref RDSSecurityGroup
|
|
DBSubnetGroupName: !Ref RDSSubnetGroup
|