cloudformation/rds.yaml

AWSTemplateFormatVersion: 2010-09-09
Description: Hands-on template for RDS

#------------------------------------------------------
#  AWS CLIの実行の仕方
#  aws cloudformation create-stack --stack-name handson-cfn-rds --template-body file://ec2.yaml
#
# スタック名
# handson-cfn-rds
# DBユーザー
# dbmaster
# パスワード
# H&ppyHands0n
#
# データベース名
# wordpress
#------------------------------------------------------

#------------------------------------------------------
#  パラメーター(RDS)
#------------------------------------------------------

Parameters:
  VPCStack:
    Type: String
    Default: handson-cfn
  DBUser:
    Type: String
    Default: dbmaster
  DBPassword:
    Type: String
    Default: H&ppyHands0n
    NoEcho: true

#------------------------------------------------------
#  RDSInstance
#------------------------------------------------------
Resources:
  DBInstance:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Delete
    Properties:
      DBInstanceClass: db.t3.micro
      AllocatedStorage: "10"
      StorageType: gp2
      Engine: MySQL
      MasterUsername: !Ref DBUser
      MasterUserPassword: !Ref DBPassword
      DBName: wordpress
      BackupRetentionPeriod: 0
      MultiAZ: 'false'
      AvailabilityZone: !Sub ${AWS::Region}a
      DBSubnetGroupName: !Ref DBSubnetGroup
      VPCSecurityGroups:
        - !Ref DBSecurityGroup
#------------------------------------------------------
#  サブネット
#------------------------------------------------------
  DBSubnetGroup: 
    Type: AWS::RDS::DBSubnetGroup
    Properties: 
      DBSubnetGroupDescription: DB Subnet Group for Private Subnet
      SubnetIds: 
        - Fn::ImportValue: !Sub ${VPCStack}-PrivateSubnet1
        - Fn::ImportValue: !Sub ${VPCStack}-PrivateSubnet2
#------------------------------------------------------
#  セキュリティーグループ(EC2Instance)
#------------------------------------------------------
  DBSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties: 
      GroupDescription: !Sub ${AWS::StackName}-MySQL
      VpcId:
        Fn::ImportValue: !Sub ${VPCStack}-VPCID
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 3306
          ToPort: 3306
          CidrIp: 10.0.0.0/24
#------------------------------------------------------
#  Outputsセクション
#------------------------------------------------------
Outputs:
  DBEndpoint:
    Value: !GetAtt DBInstance.Endpoint.Address
    Export:
      Name: !Sub ${AWS::StackName}-DBEndpoint