aws-rds-postgres-template/postgres.yml at master · hashgit/aws-rds-postgres-template · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
AWSTemplateFormatVersion: 2010-09-09
Metadata:
  'AWS::CloudFormation::Designer':
    9cc189f9-49aa-4395-b009-2a5627c01ced:
      size:
        width: 60
        height: 60
      position:
        x: 306
        'y': 62
      z: 0
      embeds: []
Outputs:
  DbEndpoint:
    Value: !GetAtt DbInstance.Endpoint.Address
Parameters:
  VpcId:
    Description: "The ID of the VPC in which the Bet API is located"
    Type: "AWS::EC2::VPC::Id"
  Subnets:
    Description: "Subnets to associate with the RDS instance"
    Type: "CommaDelimitedList"
  SecurityGroupIds:
    Description: "The IDs of security groups that are permitted to access the RDS instance"
    Type: "String"
  EnvironmentName:
    Description: "Name of the environment"
    Type: "String"
  AllocatedStorage:
    Description: "The amount of storage (in gigabytes) to allocate the database instance"
    Type: "Number"
  BackupRetentionPeriod:
    Description: "The number of days for which automated backups are retained"
    Type: "Number"
  InstanceClass:
    Description: "Class of instance"
    Type: "String"
  StorageType:
    Description: "Storage type"
    Type: "String"
  MasterUserPassword:
    Description: "The admin postgres password"
    NoEcho: true
    Type: "String"
  MultiAz:
    Description: "Specifies if the DB Instance should have a standby deployed in another Availability Zone"
    Type: "String"
Resources:
  DbClientSecurityGroup:
    Properties:
      GroupDescription: "Security group for clients of the Postgres database"
      VpcId: !Ref "VpcId"
    Type: "AWS::EC2::SecurityGroup"
  DbSecurityGroup:
    Properties:
      GroupDescription: "Allow traffic in"
      SecurityGroupIngress:
        - SourceSecurityGroupId: !Ref "DbClientSecurityGroup"
          FromPort: 5432
          IpProtocol: "tcp"
          ToPort: 5432
      VpcId: !Ref "VpcId"
    Type: "AWS::EC2::SecurityGroup"
  DbParameterGroup:
    Properties:
      Description: "parameter group for postgres9.6"
      Family: "Postgres9.6"
      Parameters:
        log_hostname: 0
        max_connections: 1000
    Type: AWS::RDS::DBParameterGroup
  DbSubnetGroup:
    Properties:
      DBSubnetGroupDescription: "Subnet group for Postgres instance"
      SubnetIds: !Ref "Subnets"
    Type: "AWS::RDS::DBSubnetGroup"
  DbInstance:
    Type: 'AWS::RDS::DBInstance'
    Properties:
      AllocatedStorage: !Ref "AllocatedStorage"
      CopyTagsToSnapshot: true
      BackupRetentionPeriod: !Ref "BackupRetentionPeriod"
      DBInstanceClass: !Ref "InstanceClass"
      StorageType: !Ref "StorageType"
      DBInstanceIdentifier: !Sub "Api-${EnvironmentName}"
      DBName: "dbname"
      DBParameterGroupName: !Ref "DbParameterGroup"
      PubliclyAccessible: false
      DBSubnetGroupName: !Ref "DbSubnetGroup"
      Engine: "postgres"
      EngineVersion: "9.6.6"
      MasterUserPassword: !Ref "MasterUserPassword"
      MasterUsername: "postgres"
      MultiAZ: !Ref "MultiAz"
      VPCSecurityGroups: !Split [ ",", !Join [ ",", [ !Ref "SecurityGroupIds", !Ref "DbSecurityGroup" ] ] ]
    Metadata:
      'AWS::CloudFormation::Designer':
        id: 9cc189f9-49aa-4395-b009-2a5627c01ced
    DeletionPolicy: Delete