Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- {
- "Outputs": {
- "RDSHost": {
- "Description": "Database endpoint address",
- "Value": { "Fn::GetAtt": ["RDSDatabase", "Endpoint.Address"] }
- },
- "RDSPort": {
- "Description": "Database endpoint port",
- "Value": { "Fn::GetAtt": ["RDSDatabase", "Endpoint.Port"] }
- },
- "RDSPassSecurityGroup": {
- "Description": "Security group assign to ec2 instance that need access to rds instance",
- "Value": {
- "Ref": "RDSPassSecurityGroup"
- }
- },
- "MessageQueueName": {
- "Value": {
- "Fn::GetAtt": [
- "MessageQueue",
- "QueueName"
- ]
- }
- },
- "MessageQueueUrl": {
- "Value": { "Ref": "MessageQueue" }
- },
- "DeadLetterQueueName": {
- "Value": {
- "Fn::GetAtt": [
- "DeadLetterQueue",
- "QueueName"
- ]
- }
- },
- "DeadLetterQueueUrl": {
- "Value": { "Ref": "DeadLetterQueue" }
- },
- "InstanceProfile": {
- "Description": "Instance profile that should be asigned to ec2 instance",
- "Value": {
- "Ref": "InstanceProfile"
- }
- }
- },
- "Parameters": {
- "env": {
- "Description": "Deployment environment name",
- "Type": "String"
- },
- "QueuePrefix": {
- "Description": "Message Queue Base Name",
- "Type": "String"
- },
- "DBUser": {
- "NoEcho": "false",
- "Description": "The name of master user for the client DB Instance.",
- "Type": "String",
- "ConstraintDescription": "must begin with a letter and contain only alphanumeric characters"
- },
- "DBName": {
- "NoEcho": "false",
- "Description": "The DB Name of the RDS instance",
- "Type": "String",
- "ConstraintDescription": "must contain only alphanumeric characters"
- },
- "DBPassword": {
- "NoEcho": "true",
- "Description": "The master password for the DB instance.",
- "Type": "String",
- "ConstraintDescription": "must contain only alphanumeric characters"
- }
- },
- "Resources": {
- "DeadLetterQueue": { "Type": "AWS::SQS::Queue" },
- "MessageQueue": {
- "Type": "AWS::SQS::Queue",
- "Properties": {
- "ReceiveMessageWaitTimeSeconds": 20,
- "VisibilityTimeout": 600,
- "QueueName": {
- "Fn::Join": [
- "-",
- [ { "Ref": "QueuePrefix" }, { "Ref": "env" } ]
- ]
- },
- "RedrivePolicy": {
- "maxReceiveCount": 10,
- "deadLetterTargetArn": {
- "Fn::GetAtt": [
- "DeadLetterQueue",
- "Arn"
- ]
- }
- }
- }
- },
- "Role": {
- "Type": "AWS::IAM::Role",
- "Properties": {
- "AssumeRolePolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Principal": {
- "Service": [
- "ec2.amazonaws.com"
- ]
- },
- "Action": [
- "sts:AssumeRole"
- ]
- }
- ]
- },
- "Path": "/",
- "Policies": [
- {
- "PolicyName": "S3Access",
- "PolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "s3:Get*",
- "s3:List*",
- "s3:PutObject"
- ],
- "Resource": "*"
- }
- ]
- }
- },
- {
- "PolicyName": "SQSAccess",
- "PolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "sqs:ChangeMessageVisibility",
- "sqs:DeleteMessage",
- "sqs:ReceiveMessage",
- "sqs:SendMessage"
- ],
- "Resource": "*"
- }
- ]
- }
- },
- {
- "PolicyName": "CloudWatchAccess",
- "PolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "cloudwatch:PutMetricData"
- ],
- "Resource": "*"
- }
- ]
- }
- },
- {
- "PolicyName": "DynamoPeriodicTasks",
- "PolicyDocument": {
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "dynamodb:BatchGetItem",
- "dynamodb:BatchWriteItem",
- "dynamodb:DeleteItem",
- "dynamodb:GetItem",
- "dynamodb:PutItem",
- "dynamodb:Query",
- "dynamodb:Scan",
- "dynamodb:UpdateItem"
- ],
- "Resource": "*"
- }
- ]
- }
- }
- ]
- }
- },
- "InstanceProfile": {
- "Type": "AWS::IAM::InstanceProfile",
- "Properties": {
- "Path": "/",
- "Roles": [
- {
- "Ref": "Role"
- }
- ]
- }
- },
- "RDSDBSecurityGroup": {
- "Type": "AWS::RDS::DBSecurityGroup",
- "Properties": {
- "GroupDescription": "Enable database access to Beanstalk application",
- "DBSecurityGroupIngress": {
- "EC2SecurityGroupName": {
- "Ref": "RDSPassSecurityGroup"
- }
- }
- }
- },
- "RDSDatabase": {
- "Type": "AWS::RDS::DBInstance",
- "DeletionPolicy": "Delete",
- "Properties": {
- "MasterUsername": {
- "Ref": "DBUser"
- },
- "DBSecurityGroups": [
- {
- "Ref": "RDSDBSecurityGroup"
- }
- ],
- "DBInstanceClass": "db.m1.small",
- "AllocatedStorage": "5",
- "MultiAZ": "false",
- "EngineVersion": "9.3.5",
- "DBName": {
- "Ref": "DBName"
- },
- "MasterUserPassword": {
- "Ref": "DBPassword"
- },
- "Engine": "postgres"
- }
- },
- "RDSPassSecurityGroup": {
- "Type": "AWS::EC2::SecurityGroup",
- "Properties": {
- "GroupDescription": "SecurityGroup access RDS database."
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement