Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- AWSLambdaVPCAccessExecutionRole:
- Type: AWS::IAM::ManagedPolicy
- Properties:
- Description: Creating policy for vpc connetion.
- Roles:
- - {"Ref" : "IamRoleLambdaExecution"}
- PolicyDocument:
- Version: '2012-10-17'
- Statement:
- - Effect: Allow
- Action:
- - ec2:CreateNetworkInterface
- - ec2:DescribeNetworkInterfaces
- - ec2:DeleteNetworkInterface
- Resource: "*"
- ServerlessVPC:
- Type: AWS::EC2::VPC
- Properties:
- CidrBlock: "10.0.0.0/16"
- Tags:
- - Key: Name
- Value: 'VPC Store Locator'
- ElasticIpLambda:
- Type: AWS::EC2::EIP
- Properties:
- Domain: vpc
- InternetGatewayLambda:
- Type: AWS::EC2::InternetGateway
- VPCGatewayAttachmentLambda:
- Type: AWS::EC2::VPCGatewayAttachment
- Properties:
- VpcId:
- Ref: ServerlessVPC
- InternetGatewayId:
- Ref: InternetGatewayLambda
- NatGatewayLambda:
- Type: AWS::EC2::NatGateway
- Properties:
- AllocationId:
- Fn::GetAtt:
- - ElasticIpLambda
- - AllocationId
- SubnetId:
- Ref: ServerlessPublicSubnetA
- ServerlessPrivateSubnetA:
- DependsOn: ServerlessVPC
- Type: AWS::EC2::Subnet
- Properties:
- VpcId:
- Ref: ServerlessVPC
- AvailabilityZone: ${self:provider.region}a
- CidrBlock: "10.0.1.0/24"
- ServerlessPrivateSubnetB:
- DependsOn: ServerlessVPC
- Type: AWS::EC2::Subnet
- Properties:
- VpcId:
- Ref: ServerlessVPC
- AvailabilityZone: ${self:provider.region}b
- CidrBlock: "10.0.20.0/24"
- ServerlessPublicSubnetA:
- DependsOn: ServerlessVPC
- Type: AWS::EC2::Subnet
- Properties:
- VpcId:
- Ref: ServerlessVPC
- AvailabilityZone: ${self:provider.region}a
- CidrBlock: "10.0.2.0/24"
- DefaultPrivateRouteTable:
- Type: AWS::EC2::RouteTable
- Properties:
- VpcId:
- Ref: ServerlessVPC
- DefaultPrivateRoute:
- Type: AWS::EC2::Route
- Properties:
- RouteTableId:
- Ref: DefaultPrivateRouteTable
- DestinationCidrBlock: 0.0.0.0/0
- NatGatewayId:
- Ref: NatGatewayLambda
- DefaultPublicRouteTable:
- Type: AWS::EC2::RouteTable
- Properties:
- VpcId:
- Ref: ServerlessVPC
- DefaultPublicRoute:
- Type: AWS::EC2::Route
- Properties:
- RouteTableId:
- Ref: DefaultPublicRouteTable
- DestinationCidrBlock: 0.0.0.0/0
- GatewayId:
- Ref: InternetGatewayLambda
- SubnetRouteTableAssociationLambdaPrivateA:
- Type: AWS::EC2::SubnetRouteTableAssociation
- Properties:
- SubnetId:
- Ref: ServerlessPrivateSubnetA
- RouteTableId:
- Ref: DefaultPrivateRouteTable
- SubnetRouteTableAssociationLambdaPrivateB:
- Type: AWS::EC2::SubnetRouteTableAssociation
- Properties:
- SubnetId:
- Ref: ServerlessPrivateSubnetB
- RouteTableId:
- Ref: DefaultPrivateRouteTable
- SubnetRouteTableAssociationLambdaPublicA:
- Type: AWS::EC2::SubnetRouteTableAssociation
- Properties:
- SubnetId:
- Ref: ServerlessPublicSubnetA
- RouteTableId:
- Ref: DefaultPublicRouteTable
- ServerlessSecurityGroup:
- DependsOn: ServerlessVPC
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: "SecurityGroup for Serverless Functions"
- VpcId:
- Ref: ServerlessVPC
- ServerlessStorageSecurityGroup:
- DependsOn: ServerlessVPC
- Type: AWS::EC2::SecurityGroup
- Properties:
- GroupDescription: "Ingress for Aurora Cluster"
- VpcId:
- Ref: ServerlessVPC
- SecurityGroupIngress:
- - IpProtocol: tcp
- FromPort: '3306'
- ToPort: '3306'
- SourceSecurityGroupId:
- Ref: ServerlessSecurityGroup
- RDSPersistanceSubtNetGroup:
- Type: AWS::RDS::DBSubnetGroup
- Properties:
- DBSubnetGroupDescription: "Store Locator subnet"
- SubnetIds:
- - Ref: ServerlessPrivateSubnetA
- - Ref: ServerlessPrivateSubnetB
- S3Endpoint:
- Type: AWS::EC2::VPCEndpoint
- Properties:
- RouteTableIds:
- - Ref: DefaultPrivateRouteTable
- ServiceName: com.amazonaws.${self:provider.region}.s3
- VpcId:
- Ref: ServerlessVPC
- RDSSimpleCluster:
- Type: AWS::RDS::DBCluster
- Properties:
- DatabaseName: ${self:custom.RDSDBName}
- Engine: aurora
- MasterUsername: ${ssm:MYSQL_MASTER_USER_NAME~true}
- MasterUserPassword: ${ssm:MYSQL_MASTER_PASSWORD~true}
- BackupRetentionPeriod: 7
- DBSubnetGroupName:
- Ref: RDSPersistanceSubtNetGroup
- VpcSecurityGroupIds:
- - Ref: ServerlessStorageSecurityGroup
- RDSInstance3:
- Type: AWS::RDS::DBInstance
- Properties:
- DBClusterIdentifier:
- Ref: RDSSimpleCluster
- AutoMinorVersionUpgrade: true
- DBInstanceClass: db.t2.small
- AvailabilityZone: ${self:provider.region}a
- DBSubnetGroupName:
- Ref: RDSPersistanceSubtNetGroup
- Engine: aurora
- PubliclyAccessible: false
Add Comment
Please, Sign In to add comment