-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathmysql_rds_template.yml
129 lines (128 loc) · 5.83 KB
/
mysql_rds_template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
Parameters:
App:
Type: String
Description: Your application's name.
Env:
Type: String
Description: The environment name your service, job, or workflow is being deployed to.
Name:
Type: String
Description: The name of the service, job, or workflow being deployed.
Default: python_fastapi_template
# Customize your Aurora Serverless cluster by setting the default value of the following parameters.
pythonFastApiTemplateclusterDBName:
Type: String
Description: The name of the initial database to be created in the DB cluster.
Default: python_fastapi_template_db
# Cannot have special characters
# Naming constraints: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Limits.html#RDS_Limits.Constraints
pythonFastApiTemplateclusterDBAutoPauseSeconds:
Type: Number
Description: The duration in seconds before the cluster pauses.
Default: 1000
Mappings:
pythonFastApiTemplateclusterEnvScalingConfigurationMap:
prod:
"DBMinCapacity": 1 # AllowedValues: [1, 2, 4, 8, 16, 32, 64, 128, 256]
"DBMaxCapacity": 8 # AllowedValues: [1, 2, 4, 8, 16, 32, 64, 128, 256]
All:
"DBMinCapacity": 1 # AllowedValues: [1, 2, 4, 8, 16, 32, 64, 128, 256]
"DBMaxCapacity": 8 # AllowedValues: [1, 2, 4, 8, 16, 32, 64, 128, 256]
Resources:
pythonFastApiTemplateclusterDBSubnetGroup:
Type: 'AWS::RDS::DBSubnetGroup'
Properties:
DBSubnetGroupDescription: Group of Copilot private subnets for Aurora cluster.
SubnetIds:
!Split [',', { 'Fn::ImportValue': !Sub '${App}-${Env}-PrivateSubnets' }]
pythonFastApiTemplateclusterSecurityGroup:
Metadata:
'aws:copilot:description': 'A security group for your workload to access the DB cluster pythonFastApiTemplatecluster'
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: !Sub 'The Security Group for ${Name} to access DB cluster pythonFastApiTemplatecluster.'
VpcId:
Fn::ImportValue:
!Sub '${App}-${Env}-VpcId'
Tags:
- Key: Name
Value: !Sub 'copilot-${App}-${Env}-${Name}-Aurora'
pythonFastApiTemplateclusterDBClusterSecurityGroup:
Metadata:
'aws:copilot:description': 'A security group for your DB cluster pythonFastApiTemplatecluster'
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: The Security Group for the database cluster.
SecurityGroupIngress:
- ToPort: 3306
FromPort: 3306
IpProtocol: tcp
SourceSecurityGroupId:
Fn::ImportValue:
!Sub '${App}-${Env}-EnvironmentSecurityGroup'
Description: Allow incoming connections from any IP address.
VpcId:
Fn::ImportValue:
!Sub '${App}-${Env}-VpcId'
Tags:
- Key: Name
Value: !Sub 'copilot-${App}-${Env}-${Name}-Aurora'
pythonFastApiTemplateclusterAuroraSecret:
Metadata:
'aws:copilot:description': 'A Secrets Manager secret to store your DB credentials'
Type: AWS::SecretsManager::Secret
Properties:
Description: !Sub Aurora main user secret for ${AWS::StackName}
GenerateSecretString:
SecretStringTemplate: '{"username": "admin"}'
GenerateStringKey: "password"
ExcludePunctuation: true
IncludeSpace: false
PasswordLength: 16
pythonFastApiTemplateclusterDBClusterParameterGroup:
Metadata:
'aws:copilot:description': 'A DB parameter group for engine configuration values'
Type: 'AWS::RDS::DBClusterParameterGroup'
Properties:
Description: !Ref 'AWS::StackName'
Family: 'aurora-mysql5.7'
Parameters:
character_set_client: 'utf8'
pythonFastApiTemplateclusterDBCluster:
Metadata:
'aws:copilot:description': 'The pythonFastApiTemplatecluster Aurora Serverless database cluster'
Type: 'AWS::RDS::DBCluster'
Properties:
MasterUsername:
!Join [ "", [ '{{resolve:secretsmanager:', !Ref pythonFastApiTemplateclusterAuroraSecret, ":SecretString:username}}" ]]
MasterUserPassword:
!Join [ "", [ '{{resolve:secretsmanager:', !Ref pythonFastApiTemplateclusterAuroraSecret, ":SecretString:password}}" ]]
DatabaseName: !Ref pythonFastApiTemplateclusterDBName
Engine: 'aurora-mysql'
EngineVersion: '5.7.mysql_aurora.2.07.1'
EngineMode: serverless
DBClusterParameterGroupName: !Ref pythonFastApiTemplateclusterDBClusterParameterGroup
DBSubnetGroupName: !Ref pythonFastApiTemplateclusterDBSubnetGroup
VpcSecurityGroupIds:
- !Ref pythonFastApiTemplateclusterDBClusterSecurityGroup
ScalingConfiguration:
AutoPause: true
# Replace "All" below with "!Ref Env" to set different autoscaling limits per environment.
MinCapacity: !FindInMap [pythonFastApiTemplateclusterEnvScalingConfigurationMap, All, DBMinCapacity]
MaxCapacity: !FindInMap [pythonFastApiTemplateclusterEnvScalingConfigurationMap, All, DBMaxCapacity]
SecondsUntilAutoPause: !Ref pythonFastApiTemplateclusterDBAutoPauseSeconds
pythonFastApiTemplateclusterSecretAuroraClusterAttachment:
Type: AWS::SecretsManager::SecretTargetAttachment
Properties:
SecretId: !Ref pythonFastApiTemplateclusterAuroraSecret
TargetId: !Ref pythonFastApiTemplateclusterDBCluster
TargetType: AWS::RDS::DBCluster
Outputs:
pythonFastApiTemplateclusterSecret: # injected as pythonFastApiTemplateCLUSTER_SECRET environment variable by Copilot.
Description: "The JSON secret that holds the database username and password. Fields are 'host', 'port', 'dbname', 'username', 'password', 'dbClusterIdentifier' and 'engine'"
Value: !Ref pythonFastApiTemplateclusterAuroraSecret
Export:
Name: pythonFastApiTemplateclusterSecret
pythonFastApiTemplateclusterSecurityGroup:
Description: "The security group to attach to the workload."
Value: !Ref pythonFastApiTemplateclusterSecurityGroup