Skip to content

Instantly share code, notes, and snippets.

@vasilkosturski

vasilkosturski/RDSRecoverability.yaml

Created September 17, 2023 06:34
Show Gist options
  • Save vasilkosturski/9c5d84d3895d6a04b8cf1cc7755efe2e to your computer and use it in GitHub Desktop.
Save vasilkosturski/9c5d84d3895d6a04b8cf1cc7755efe2e to your computer and use it in GitHub Desktop.
Download ZIP
Cloud Formation template for RDS Recoverability Demo
Raw
RDSRecoverability.yaml
Description: RDS Recoverability Demo - Design for Availability, Resilience, and Reliability
Parameters:
VpcName:
Description: A name that is prefixed to resource names
Type: String
VpcCIDR:
Description: Please enter the IP range (CIDR notation) for this VPC
Type: String
Default: 10.1.0.0/16
PublicSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
Type: String
Default: 10.1.10.0/24
PublicSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
Type: String
Default: 10.1.11.0/24
PrivateSubnet1CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
Type: String
Default: 10.1.20.0/24
PrivateSubnet2CIDR:
Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
Type: String
Default: 10.1.21.0/24
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
-
Label:
default: "Information for the VPC"
Parameters:
- VpcName
- VpcCIDR
-
Label:
default: "Information for the VPCs subnets. Subnet network ranges MUST fall within the VPC CIDR block above"
Parameters:
- PublicSubnet1CIDR
- PublicSubnet2CIDR
- PrivateSubnet1CIDR
- PrivateSubnet2CIDR
ParameterLabels:
VpcName:
default: "VPC Name"
VpcCIDR:
default: "VPC CIDR block"
PublicSubnet1CIDR:
default: "Public Subnet 1"
PublicSubnet2CIDR:
default: "Public Subnet 2"
PrivateSubnet1CIDR:
default: "Private Subnet 1"
PrivateSubnet2CIDR:
default: "Private Subnet 2"
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCIDR
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: !Ref VpcName
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Ref VpcName
InternetGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
InternetGatewayId: !Ref InternetGateway
VpcId: !Ref VPC
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PublicSubnet1CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub
- ${VpcName} Public Subnet (${AZ1})
- { AZ1: !Select [ 0, !GetAZs '' ] }
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PublicSubnet2CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub
- ${VpcName} Public Subnet (${AZ2})
- { AZ2: !Select [ 1, !GetAZs '' ] }
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 0, !GetAZs '' ]
CidrBlock: !Ref PrivateSubnet1CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub
- ${VpcName} Private Subnet (${AZ1})
- { AZ1: !Select [ 0, !GetAZs '' ] }
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
AvailabilityZone: !Select [ 1, !GetAZs '' ]
CidrBlock: !Ref PrivateSubnet2CIDR
MapPublicIpOnLaunch: false
Tags:
- Key: Name
Value: !Sub
- ${VpcName} Private Subnet (${AZ2})
- { AZ2: !Select [ 1, !GetAZs '' ] }
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${VpcName} Public Routes
DefaultPublicRoute:
Type: AWS::EC2::Route
DependsOn: InternetGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet1
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
RouteTableId: !Ref PublicRouteTable
SubnetId: !Ref PublicSubnet2
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${VpcName} Private Routes
DatabaseSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: RDS Recoverability Project - Database Security Group
GroupName: RDSRec-Database
SecurityGroupIngress:
- Description: Application EC2 instances
FromPort: 3306
IpProtocol: tcp
SourceSecurityGroupId: !Ref ApplicationSecurityGroup
ToPort: 3306
VpcId: !Ref VPC
Tags:
- Key: Name
Value: RDSRec-Database
ApplicationSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: RDS Recoverability Project - Application Security Group
GroupName: RDSRec-Application
SecurityGroupIngress:
- Description: SSH from the Internet
FromPort: 22
IpProtocol: tcp
CidrIp: 0.0.0.0/0
ToPort: 22
VpcId: !Ref VPC
Tags:
- Key: Name
Value: RDSRec-Application
Outputs:
VPC:
Description: VPC ID
Value: !Ref VPC
PublicSubnets:
Description: A list of the public subnets
Value: !Join [ ", ", [ !Ref PublicSubnet1, !Ref PublicSubnet2 ]]
PrivateSubnets:
Description: A list of the private subnets
Value: !Join [ ", ", [ !Ref PrivateSubnet1, !Ref PrivateSubnet2 ]]
DatabaseSecurityGroup:
Description: ID of the database security group
Value: !Ref DatabaseSecurityGroup
ApplicationSecurityGroup:
Description: ID of the EC2 instance security group
Value: !Ref ApplicationSecurityGroup
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment