mysql_rds.yaml
---

RDS MYSQL CloudFormation Deployment

This CloudFormation template will deploy an RDS instance using MYSQL with it's own security group.

AWSTemplateFormatVersion: '2010-09-09' Description: Deploys a basic RDS MySQL Instance

Parameters

These are the input parameters for this template. All of these parameters must be supplied for this template to be deployed.

Parameters:

The name of the database instance.

DBName: Type: String Description: Enter the Identifier for the Database (lowercase, no spaces)

VPCID is the ID of the VPC where this template will be deployed.

VPCID: Description: Target VPC Type: AWS::EC2::VPC::Id

The EC2 Subnet IDs for the DB Subnet Group.

SubnetGroupMembers: Description: Subnet Group Members Type: List<AWS::EC2::Subnet::Id>

Default EC2 Instance Type for Application instances.

InstanceType: Description: EC2 Instance Type Type: String Default: db.m3.medium AllowedValues: - db.t2.small - db.m3.medium - db.m3.large

Default storage size of the database.

DBStorageSize: Description: Storage Size in GB Type: String Default: '100'

The engine version of MYSQL supported by Amazon RDS services.

DBEngineVersion: Description: Database Version Type: String Default: 5.6.27 AllowedValues: - 5.5.46 - 5.6.23 - 5.6.27 - 5.7.10

The username of the database user

DBUsername: Description: Master DB Username Type: String

The password of the database user

DBPassword: Description: Master DB Password Type: String NoEcho: true MinLength: 8 MaxLength: 40 AllowedPattern: "[!#-.0-?A-~]*" ConstraintDescription: 'Password must have a minimum of 8 characters and cannot contain spaces or the following characters: /, ", @'

Tags

The following tags are applied to all resources created by this template.

TagOwner: Description: Owner's Name for this DB Type: String TagNetid: Description: Owner's NetId for this DB Type: String TagProjectname: Description: Project name and/or JIRA ticket Type: String

Metadata

Metadata is mostly for organizing and presenting Parameters in a better way when using CloudFormation in the AWS Web UI.

Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Database Instance Settings Parameters: - DBName - InstanceType - DBEngineVersion - DBStorageSize - DBUsername - DBPassword - Label: default: Network Settings Parameters: - VPCID - SubnetGroupMembers - Label: default: Tagging and Cost Management Parameters: - TagOwner - TagNetid - TagProjectname

Resources

These are all of the resources deployed by this template.

Resources:

Database Instance

This deploys the database RDS instance with some tags.

DBInstance: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: !Ref DBName DBInstanceClass: !Ref InstanceType AllocatedStorage: !Ref DBStorageSize StorageType: gp2 AutoMinorVersionUpgrade: true BackupRetentionPeriod: '30' MultiAZ: true PubliclyAccessible: false Engine: MySQL EngineVersion: !Ref DBEngineVersion DBSubnetGroupName: !Ref DBSubnetGroup MasterUsername: !Ref DBUsername MasterUserPassword: !Ref DBPassword VPCSecurityGroups: - Ref: DBSecurityGroup Tags: - Key: Name Value: !Ref DBName - Key: projectname Value: !Ref TagProjectname - Key: owner Value: !Ref TagOwner - Key: netid Value: !Ref TagNetid

Database Subnet Group

Subnet group for the database instance, that has at least two availiablity zones

DBSubnetGroup: Type: AWS::RDS::DBSubnetGroup Properties: DBSubnetGroupDescription: !Sub "${DBName} Subnet Group" SubnetIds: !Ref SubnetGroupMembers Tags: - Key: Name Value: !Sub "${DBName} Subnet Group" - Key: projectname Value: !Ref TagProjectname - Key: owner Value: !Ref TagOwner - Key: netid Value: !Ref TagNetid

Database Security Group

Security group for the database instance, that allows MYSQL into the database.

DBSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Allow MySQL access to DB VpcId: !Ref VPCID SecurityGroupIngress: - IpProtocol: tcp FromPort: '3306' ToPort: '3306' CidrIp: 0.0.0.0/0 Tags: - Key: Name Value: !Sub "${DBName} Security Group" - Key: projectname Value: !Ref TagProjectname - Key: owner Value: !Ref TagOwner - Key: netid Value: !Ref TagNetid

Outputs

Output values that can be viewed from the AWS CloudFormation console.

Outputs: DBEndpoint: Description: The DNS Endpoint for this DB Value: !GetAtt DBInstance.Endpoint.Address DBPort: Description: The DB Port Value: !GetAtt DBInstance.Endpoint.Port