API tools faq
paste
Guest User

Untitled

a guest
Jun 3rd, 2018
213
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.51 KB | None | 0 0
raw download clone embed print report
  1. AWSLambdaVPCAccessExecutionRole:
  2. Type: AWS::IAM::ManagedPolicy
  3. Properties:
  4. Description: Creating policy for vpc connetion.
  5. Roles:
  6. - {"Ref" : "IamRoleLambdaExecution"}
  7. PolicyDocument:
  8. Version: '2012-10-17'
  9. Statement:
  10. - Effect: Allow
  11. Action:
  12. - ec2:CreateNetworkInterface
  13. - ec2:DescribeNetworkInterfaces
  14. - ec2:DeleteNetworkInterface
  15. Resource: "*"
  16.  
  17. ServerlessVPC:
  18. Type: AWS::EC2::VPC
  19. Properties:
  20. CidrBlock: "10.0.0.0/16"
  21. Tags:
  22. - Key: Name
  23. Value: 'VPC Store Locator'
  24. ElasticIpLambda:
  25. Type: AWS::EC2::EIP
  26. Properties:
  27. Domain: vpc
  28. InternetGatewayLambda:
  29. Type: AWS::EC2::InternetGateway
  30. VPCGatewayAttachmentLambda:
  31. Type: AWS::EC2::VPCGatewayAttachment
  32. Properties:
  33. VpcId:
  34. Ref: ServerlessVPC
  35. InternetGatewayId:
  36. Ref: InternetGatewayLambda
  37. NatGatewayLambda:
  38. Type: AWS::EC2::NatGateway
  39. Properties:
  40. AllocationId:
  41. Fn::GetAtt:
  42. - ElasticIpLambda
  43. - AllocationId
  44. SubnetId:
  45. Ref: ServerlessPublicSubnetA
  46. ServerlessPrivateSubnetA:
  47. DependsOn: ServerlessVPC
  48. Type: AWS::EC2::Subnet
  49. Properties:
  50. VpcId:
  51. Ref: ServerlessVPC
  52. AvailabilityZone: ${self:provider.region}a
  53. CidrBlock: "10.0.1.0/24"
  54. ServerlessPrivateSubnetB:
  55. DependsOn: ServerlessVPC
  56. Type: AWS::EC2::Subnet
  57. Properties:
  58. VpcId:
  59. Ref: ServerlessVPC
  60. AvailabilityZone: ${self:provider.region}b
  61. CidrBlock: "10.0.20.0/24"
  62. ServerlessPublicSubnetA:
  63. DependsOn: ServerlessVPC
  64. Type: AWS::EC2::Subnet
  65. Properties:
  66. VpcId:
  67. Ref: ServerlessVPC
  68. AvailabilityZone: ${self:provider.region}a
  69. CidrBlock: "10.0.2.0/24"
  70. DefaultPrivateRouteTable:
  71. Type: AWS::EC2::RouteTable
  72. Properties:
  73. VpcId:
  74. Ref: ServerlessVPC
  75. DefaultPrivateRoute:
  76. Type: AWS::EC2::Route
  77. Properties:
  78. RouteTableId:
  79. Ref: DefaultPrivateRouteTable
  80. DestinationCidrBlock: 0.0.0.0/0
  81. NatGatewayId:
  82. Ref: NatGatewayLambda
  83. DefaultPublicRouteTable:
  84. Type: AWS::EC2::RouteTable
  85. Properties:
  86. VpcId:
  87. Ref: ServerlessVPC
  88. DefaultPublicRoute:
  89. Type: AWS::EC2::Route
  90. Properties:
  91. RouteTableId:
  92. Ref: DefaultPublicRouteTable
  93. DestinationCidrBlock: 0.0.0.0/0
  94. GatewayId:
  95. Ref: InternetGatewayLambda
  96. SubnetRouteTableAssociationLambdaPrivateA:
  97. Type: AWS::EC2::SubnetRouteTableAssociation
  98. Properties:
  99. SubnetId:
  100. Ref: ServerlessPrivateSubnetA
  101. RouteTableId:
  102. Ref: DefaultPrivateRouteTable
  103. SubnetRouteTableAssociationLambdaPrivateB:
  104. Type: AWS::EC2::SubnetRouteTableAssociation
  105. Properties:
  106. SubnetId:
  107. Ref: ServerlessPrivateSubnetB
  108. RouteTableId:
  109. Ref: DefaultPrivateRouteTable
  110. SubnetRouteTableAssociationLambdaPublicA:
  111. Type: AWS::EC2::SubnetRouteTableAssociation
  112. Properties:
  113. SubnetId:
  114. Ref: ServerlessPublicSubnetA
  115. RouteTableId:
  116. Ref: DefaultPublicRouteTable
  117. ServerlessSecurityGroup:
  118. DependsOn: ServerlessVPC
  119. Type: AWS::EC2::SecurityGroup
  120. Properties:
  121. GroupDescription: "SecurityGroup for Serverless Functions"
  122. VpcId:
  123. Ref: ServerlessVPC
  124. ServerlessStorageSecurityGroup:
  125. DependsOn: ServerlessVPC
  126. Type: AWS::EC2::SecurityGroup
  127. Properties:
  128. GroupDescription: "Ingress for Aurora Cluster"
  129. VpcId:
  130. Ref: ServerlessVPC
  131. SecurityGroupIngress:
  132. - IpProtocol: tcp
  133. FromPort: '3306'
  134. ToPort: '3306'
  135. SourceSecurityGroupId:
  136. Ref: ServerlessSecurityGroup
  137. RDSPersistanceSubtNetGroup:
  138. Type: AWS::RDS::DBSubnetGroup
  139. Properties:
  140. DBSubnetGroupDescription: "Store Locator subnet"
  141. SubnetIds:
  142. - Ref: ServerlessPrivateSubnetA
  143. - Ref: ServerlessPrivateSubnetB
  144.  
  145. S3Endpoint:
  146. Type: AWS::EC2::VPCEndpoint
  147. Properties:
  148. RouteTableIds:
  149. - Ref: DefaultPrivateRouteTable
  150. ServiceName: com.amazonaws.${self:provider.region}.s3
  151. VpcId:
  152. Ref: ServerlessVPC
  153.  
  154. RDSSimpleCluster:
  155. Type: AWS::RDS::DBCluster
  156. Properties:
  157. DatabaseName: ${self:custom.RDSDBName}
  158. Engine: aurora
  159. MasterUsername: ${ssm:MYSQL_MASTER_USER_NAME~true}
  160. MasterUserPassword: ${ssm:MYSQL_MASTER_PASSWORD~true}
  161. BackupRetentionPeriod: 7
  162. DBSubnetGroupName:
  163. Ref: RDSPersistanceSubtNetGroup
  164. VpcSecurityGroupIds:
  165. - Ref: ServerlessStorageSecurityGroup
  166. RDSInstance3:
  167. Type: AWS::RDS::DBInstance
  168. Properties:
  169. DBClusterIdentifier:
  170. Ref: RDSSimpleCluster
  171. AutoMinorVersionUpgrade: true
  172. DBInstanceClass: db.t2.small
  173. AvailabilityZone: ${self:provider.region}a
  174. DBSubnetGroupName:
  175. Ref: RDSPersistanceSubtNetGroup
  176. Engine: aurora
  177. PubliclyAccessible: false
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!