RDS MySQL database with secure firewall configuration, encryption, multi AZ, backup enabled, and alerting.
Install Node.js and npm first!
npm i @cfn-modules/rds-mysql
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'cfn-modules example'
Resources:
Database:
Type: 'AWS::CloudFormation::Stack'
Properties:
Parameters:
VpcModule: !GetAtt 'Vpc.Outputs.StackName' # required
ClientSgModule: !GetAtt 'ClientSg.Outputs.StackName' # required
AlertingModule: '' # optional
HostedZoneModule: '' # optional
BastionModule: '' # optional
KmsKeyModule: '' # optional
DBSnapshotIdentifier: '' # optional
DBAllocatedStorage: 5 # optional
DBInstanceClass: 'db.t2.micro' # optional
DBName: '' # optional
DBBackupRetentionPeriod: 30 # optional
DBMasterUsername: 'master' # optional
DBMasterUserPassword: '' # required if DBSnapshotIdentifier is not set
DBMultiAZ: true # optional
SubDomainNameWithDot: 'mysql.' # optional
EngineVersion: '5.7.21' # set this to the latest available version when launching!
EnableIAMDatabaseAuthentication: 'false' # optional
TemplateURL: './node_modules/@cfn-modules/rds-mysql/module.yml'
Name | Description | Default | Required? | Allowed values |
---|---|---|---|---|
VpcModule | Stack name of vpc module | yes | ||
ClientSgModule | Stack name of client-sg module where traffic is allowed from on port 5432 to the database | yes | ||
AlertingModule | Stack name of alerting module | no | ||
HostedZoneModule | Stack name of module implementing HostedZone | no | ||
BastionModule | Stack name of module implementing Bastion | no | ||
KmsKeyModule | Stack name of kms-key module | no | ||
DBSnapshotIdentifier | Name or Amazon Resource Name (ARN) of the DB snapshot from which you want to restore (leave blank to create an empty database) | no | ||
DBAllocatedStorage | The allocated storage size, specified in GB (ignored when DBSnapshotIdentifier is set, value used from snapshot) | 5 | no | [5-16384] |
DBInstanceClass | The instance type of the database | db.t2.micro | no | |
DBName | Name of the database (ignored when DBSnapshotIdentifier is set, value used from snapshot) | auto generated value | no | |
DBBackupRetentionPeriod | The number of days to keep snapshots of the database | 35 | no | [0-35] |
DBMasterUsername | The master user name for the DB instance (ignored when DBSnapshotIdentifier is set, value used from snapshot) | master | no | |
DBMasterUserPassword | The master password for the DB instance (ignored when DBSnapshotIdentifier is set, value used from snapshot) | yes (no if DBSnapshotIdentifier is set) | ||
DBMultiAZ | Specifies if the database instance is deployed to multiple Availability Zones for HA | true | no | [true, false] |
SubDomainNameWithDot | Name that is used to create the DNS entry with trailing dot, e.g. §{SubDomainNameWithDot}§{HostedZoneName}. Leave blank for naked (or apex and bare) domain. Requires HostedZoneModule parameter! | test. | no | |
EngineVersion | MySQL version | 5.7.21 | no | ['8.0.15', '5.7.25', '5.7.21', '5.6.41', '5.5.61'] |
EnableIAMDatabaseAuthentication | Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts). | false | no | [true, false] |
- Scalable: RDS instances capacity (CPU, RAM, network, ...) is limited by design
- Monitoring: Network In+Out is not monitored according to capacity of instance type