|
|
@@ -0,0 +1,596 @@
|
|
|
+AWSTemplateFormatVersion: 2010-09-09
|
|
|
+Resources:
|
|
|
+ ApplicationLoadBalancer:
|
|
|
+ Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
|
|
|
+ Properties:
|
|
|
+ Subnets:
|
|
|
+ - !Ref pubnet1
|
|
|
+ - !Ref pubnet2
|
|
|
+ SecurityGroups:
|
|
|
+ - !Ref elbgroup
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 01cf8a1b-c08c-4410-b833-5bab98a4cc0d
|
|
|
+ ALBListener:
|
|
|
+ Type: 'AWS::ElasticLoadBalancingV2::Listener'
|
|
|
+ Properties:
|
|
|
+ DefaultActions:
|
|
|
+ - Type: forward
|
|
|
+ TargetGroupArn: !Ref ALBTargetGroup
|
|
|
+ LoadBalancerArn: !Ref ApplicationLoadBalancer
|
|
|
+ Port: '81'
|
|
|
+ Protocol: HTTP
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: cf883cbd-fd01-45a1-b42e-3cc732475a48
|
|
|
+ ALBListenerRule:
|
|
|
+ Type: 'AWS::ElasticLoadBalancingV2::ListenerRule'
|
|
|
+ Properties:
|
|
|
+ Actions:
|
|
|
+ - Type: forward
|
|
|
+ TargetGroupArn: !Ref ALBTargetGroup
|
|
|
+ Conditions:
|
|
|
+ - Field: path-pattern
|
|
|
+ Values:
|
|
|
+ - /
|
|
|
+ ListenerArn: !Ref ALBListener
|
|
|
+ Priority: 1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: bfa5c894-73f0-40e1-a0ad-7a6d83d61f84
|
|
|
+ ALBTargetGroup:
|
|
|
+ Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
|
|
|
+ Properties:
|
|
|
+ HealthCheckIntervalSeconds: 30
|
|
|
+ HealthCheckPath: /
|
|
|
+ HealthCheckProtocol: HTTP
|
|
|
+ HealthCheckTimeoutSeconds: 5
|
|
|
+ HealthyThresholdCount: 3
|
|
|
+ Port: 7777
|
|
|
+ Protocol: HTTP
|
|
|
+ UnhealthyThresholdCount: 5
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: da90ade6-53eb-497d-a36a-b4ab683f9948
|
|
|
+ RootRole:
|
|
|
+ Type: 'AWS::IAM::Role'
|
|
|
+ Properties:
|
|
|
+ AssumeRolePolicyDocument:
|
|
|
+ Version: 2012-10-17
|
|
|
+ Statement:
|
|
|
+ - Effect: Allow
|
|
|
+ Principal:
|
|
|
+ Service:
|
|
|
+ - lambda.amazonaws.com
|
|
|
+ - ec2.amazonaws.com.cn
|
|
|
+ - ecs-tasks.amazonaws.com
|
|
|
+ - vpc-flow-logs.amazonaws.com
|
|
|
+ Action:
|
|
|
+ - 'sts:AssumeRole'
|
|
|
+ Path: /
|
|
|
+ RoleName: !Ref roleName
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 5a809822-8fad-40ca-bd0f-7aae64ae7b4a
|
|
|
+ RolePolicies:
|
|
|
+ Type: 'AWS::IAM::Policy'
|
|
|
+ Properties:
|
|
|
+ PolicyName: root
|
|
|
+ PolicyDocument:
|
|
|
+ Version: 2012-10-17
|
|
|
+ Statement:
|
|
|
+ - Effect: Allow
|
|
|
+ Action: '*'
|
|
|
+ Resource: '*'
|
|
|
+ Roles:
|
|
|
+ - Ref: RootRole
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 41ab1589-d187-45a1-99aa-379280c9f643
|
|
|
+ RootInstanceProfile:
|
|
|
+ Type: 'AWS::IAM::InstanceProfile'
|
|
|
+ Properties:
|
|
|
+ Path: /
|
|
|
+ Roles:
|
|
|
+ - Ref: RootRole
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 15050a6e-6cfb-43ec-b19f-c3c3102187d3
|
|
|
+ vpc1:
|
|
|
+ Type: 'AWS::EC2::VPC'
|
|
|
+ Properties:
|
|
|
+ CidrBlock: !Ref vpccidr
|
|
|
+ EnableDnsHostnames: 'true'
|
|
|
+ EnableDnsSupport: 'true'
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 36050a81-2f2b-4482-9d6a-763dbad1b527
|
|
|
+ pubnet1:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ MapPublicIpOnLaunch: true
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '0'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref pubnet1cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: pubnet1
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: d00fad60-d71a-4bfc-988a-65236dea5a6f
|
|
|
+ pubnet2:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ MapPublicIpOnLaunch: true
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '1'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref pubnet2cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: pubnet2
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: dbc87cce-6f33-46fb-8684-24fc5008ad91
|
|
|
+ webnet1:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '0'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref webnet1cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: webnet1
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 30f1713d-c319-4dcb-8730-c4baf0cb207a
|
|
|
+ webnet2:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '1'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref webnet2cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: webnet2
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: bd5423c4-721b-4194-a7ba-b8d4b437683a
|
|
|
+ dbnet1:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '0'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref dbnet1cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: dbnet1
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: d721de76-5cf2-416c-985d-2bd9d10d4c3c
|
|
|
+ dbnet2:
|
|
|
+ Type: 'AWS::EC2::Subnet'
|
|
|
+ Properties:
|
|
|
+ AvailabilityZone: !Select
|
|
|
+ - '1'
|
|
|
+ - !GetAZs ''
|
|
|
+ CidrBlock: !Ref dbnet2cidr
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: dbnet2
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: d3655dff-3e6c-4e71-b429-782c249ead24
|
|
|
+ table1:
|
|
|
+ Type: 'AWS::EC2::RouteTable'
|
|
|
+ Properties:
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: table1
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 5a28c477-28f7-4f63-96e4-eba4f2af91c8
|
|
|
+ table2:
|
|
|
+ Type: 'AWS::EC2::RouteTable'
|
|
|
+ Properties:
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: table2
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: e7cb3a54-60cc-4806-b6c5-51dd541555b2
|
|
|
+ table3:
|
|
|
+ Type: 'AWS::EC2::RouteTable'
|
|
|
+ Properties:
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: table3
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: b031b8a3-c571-4e9b-967f-e777ca927d08
|
|
|
+ igw1:
|
|
|
+ Type: 'AWS::EC2::InternetGateway'
|
|
|
+ Properties: {}
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 4f2d896c-333a-4e40-acf1-a4d29c7f1e04
|
|
|
+ EC2VPCG2BPGG:
|
|
|
+ Type: 'AWS::EC2::VPCGatewayAttachment'
|
|
|
+ Properties:
|
|
|
+ InternetGatewayId: !Ref igw1
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 544c5488-107f-4d4f-99d7-f22003afd889
|
|
|
+ natgateway1:
|
|
|
+ Type: 'AWS::EC2::NatGateway'
|
|
|
+ Properties:
|
|
|
+ AllocationId: !GetAtt
|
|
|
+ - eip1
|
|
|
+ - AllocationId
|
|
|
+ SubnetId: !Ref pubnet1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: df5bea53-45ac-47d0-ae9e-32e7d54a37a5
|
|
|
+ natgateway2:
|
|
|
+ Type: 'AWS::EC2::NatGateway'
|
|
|
+ Properties:
|
|
|
+ AllocationId: !GetAtt
|
|
|
+ - eip2
|
|
|
+ - AllocationId
|
|
|
+ SubnetId: !Ref pubnet2
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: b8570bf1-7fe5-4d58-8fb9-83e3660f2170
|
|
|
+ eip1:
|
|
|
+ Type: 'AWS::EC2::EIP'
|
|
|
+ Properties: {}
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: d77dbe47-fc90-4338-8ff2-af4000405dde
|
|
|
+ eip2:
|
|
|
+ Type: 'AWS::EC2::EIP'
|
|
|
+ Properties: {}
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: e8777cd9-8375-401a-ad6f-52051c09dc89
|
|
|
+ EC2SRTA51E2B:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ SubnetId: !Ref pubnet1
|
|
|
+ RouteTableId: !Ref table1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 72574f43-a5f8-4c3b-bcf7-f8b199887e9c
|
|
|
+ EC2SRTA2YHOD:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ SubnetId: !Ref pubnet2
|
|
|
+ RouteTableId: !Ref table1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: f7e5fe7c-a1c1-48e0-8743-daa1f0e3fb06
|
|
|
+ EC2SRTA2VWB8:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ RouteTableId: !Ref table2
|
|
|
+ SubnetId: !Ref webnet1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 5b9f52cd-7dd4-4a0e-88d2-ebd48368e2a4
|
|
|
+ EC2SRTA26CTN:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ SubnetId: !Ref dbnet1
|
|
|
+ RouteTableId: !Ref table2
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 3cedd898-d918-44c1-938d-cfc6512301ea
|
|
|
+ EC2SRTAH6LA:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ SubnetId: !Ref webnet2
|
|
|
+ RouteTableId: !Ref table3
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 91524a30-078a-41c2-a34e-0f16b37b3691
|
|
|
+ EC2SRTA1VSM:
|
|
|
+ Type: 'AWS::EC2::SubnetRouteTableAssociation'
|
|
|
+ Properties:
|
|
|
+ SubnetId: !Ref dbnet2
|
|
|
+ RouteTableId: !Ref table3
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 1220e1c3-e8c3-4f7a-998d-e60203564b8d
|
|
|
+ route1:
|
|
|
+ Type: 'AWS::EC2::Route'
|
|
|
+ Properties:
|
|
|
+ DestinationCidrBlock: 0.0.0.0/0
|
|
|
+ GatewayId: !Ref igw1
|
|
|
+ RouteTableId: !Ref table1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: d037ea69-ec83-4c36-92f7-12c199349fd9
|
|
|
+ route2:
|
|
|
+ Type: 'AWS::EC2::Route'
|
|
|
+ Properties:
|
|
|
+ DestinationCidrBlock: 0.0.0.0/0
|
|
|
+ NatGatewayId: !Ref natgateway1
|
|
|
+ RouteTableId: !Ref table2
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 64d213ca-d8f7-45f3-a53b-6001ad55ba0a
|
|
|
+ route3:
|
|
|
+ Type: 'AWS::EC2::Route'
|
|
|
+ Properties:
|
|
|
+ DestinationCidrBlock: 0.0.0.0/0
|
|
|
+ NatGatewayId: !Ref natgateway2
|
|
|
+ RouteTableId: !Ref table3
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: c5cec4ea-e367-424f-9e78-92220722b760
|
|
|
+ elbgroup:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: sg_elb
|
|
|
+ GroupName: sg_elb
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: sg_elb
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - IpProtocol: tcp
|
|
|
+ FromPort: 80
|
|
|
+ ToPort: 80
|
|
|
+ CidrIp: 0.0.0.0/0
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 41ff46eb-edb8-456f-9183-4d7eea31e49a
|
|
|
+ webgroup:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: !Ref sgName
|
|
|
+ GroupName: !Ref sgName
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: !Ref sgName
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - IpProtocol: tcp
|
|
|
+ FromPort: 7777
|
|
|
+ ToPort: 7777
|
|
|
+ CidrIp: 0.0.0.0/0
|
|
|
+ - IpProtocol: tcp
|
|
|
+ FromPort: 22
|
|
|
+ ToPort: 22
|
|
|
+ CidrIp: 0.0.0.0/0
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 3d3c83e4-c428-4628-a0e2-d4415ec6cfd6
|
|
|
+ dbgroup:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: dbgroup
|
|
|
+ GroupName: elasticache_memcache
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: elasticache_memcache
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: !Ref cacheport
|
|
|
+ ToPort: !Ref cacheport
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '2049'
|
|
|
+ ToPort: '2049'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '5432'
|
|
|
+ ToPort: '5432'
|
|
|
+ IpProtocol: tcp
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
|
|
|
+ redissg:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: redissg
|
|
|
+ GroupName: elasticache_redis
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: elasticache_redis
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '6379'
|
|
|
+ ToPort: '6379'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '2049'
|
|
|
+ ToPort: '2049'
|
|
|
+ IpProtocol: tcp
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: e2fe8abf-7e4a-472a-88e6-52c5b75b9924
|
|
|
+ efssg:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: sgefs
|
|
|
+ GroupName: sg_efs
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: sg_efs
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '2049'
|
|
|
+ ToPort: '2049'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref lambdasg
|
|
|
+ FromPort: '2049'
|
|
|
+ ToPort: '2049'
|
|
|
+ IpProtocol: tcp
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: a2a71bad-d448-4630-ae7a-ac51d0366306
|
|
|
+ cachegroup:
|
|
|
+ Type: 'AWS::ElastiCache::SubnetGroup'
|
|
|
+ Properties:
|
|
|
+ CacheSubnetGroupName: cachegroup
|
|
|
+ Description: cachegroup
|
|
|
+ SubnetIds:
|
|
|
+ - !Ref dbnet1
|
|
|
+ - !Ref dbnet2
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 4c252f4a-8901-40df-b0a2-386cee29c258
|
|
|
+ rdsgroup:
|
|
|
+ Type: 'AWS::RDS::DBSubnetGroup'
|
|
|
+ Properties:
|
|
|
+ DBSubnetGroupDescription: rdsgroup
|
|
|
+ DBSubnetGroupName: rdsgroup
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: rdsgroup
|
|
|
+ SubnetIds:
|
|
|
+ - !Ref dbnet1
|
|
|
+ - !Ref dbnet2
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 00338a06-280d-4c12-9255-b77136a19138
|
|
|
+ rdssg:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: sg_rds
|
|
|
+ GroupName: sg_rds
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: sg_rds
|
|
|
+ SecurityGroupIngress:
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '3306'
|
|
|
+ ToPort: '3306'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref webgroup
|
|
|
+ FromPort: '5432'
|
|
|
+ ToPort: '5432'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref lambdasg
|
|
|
+ FromPort: '5432'
|
|
|
+ ToPort: '5432'
|
|
|
+ IpProtocol: tcp
|
|
|
+ - SourceSecurityGroupId: !Ref lambdasg
|
|
|
+ FromPort: '3306'
|
|
|
+ ToPort: '3306'
|
|
|
+ IpProtocol: tcp
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
|
|
|
+ lambdasg:
|
|
|
+ Type: 'AWS::EC2::SecurityGroup'
|
|
|
+ Properties:
|
|
|
+ GroupDescription: sg_lambda
|
|
|
+ GroupName: sg_lambda
|
|
|
+ Tags:
|
|
|
+ - Key: Name
|
|
|
+ Value: sg_lambda
|
|
|
+ SecurityGroupEgress:
|
|
|
+ - CidrIp: 0.0.0.0/0
|
|
|
+ IpProtocol: '-1'
|
|
|
+ VpcId: !Ref vpc1
|
|
|
+ Metadata:
|
|
|
+ 'AWS::CloudFormation::Designer':
|
|
|
+ id: 6efe5731-b5ea-4e23-9b48-1353eaea32a1
|
|
|
+Parameters:
|
|
|
+ vpccidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.0.0/16
|
|
|
+ pubnet1cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.1.0/24
|
|
|
+ pubnet2cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.2.0/24
|
|
|
+ webnet1cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.3.0/24
|
|
|
+ webnet2cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.4.0/24
|
|
|
+ dbnet1cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.5.0/24
|
|
|
+ dbnet2cidr:
|
|
|
+ Type: String
|
|
|
+ Default: 192.168.6.0/24
|
|
|
+ cacheport:
|
|
|
+ Type: String
|
|
|
+ Default: '11211'
|
|
|
+ sgName:
|
|
|
+ Type: String
|
|
|
+ Default: sg_ai
|
|
|
+ roleName:
|
|
|
+ Type: String
|
|
|
+ Default: BaseRole
|
|
|
+Outputs:
|
|
|
+ PUBnet1id:
|
|
|
+ Value: !Ref pubnet1
|
|
|
+ PUBnet2id:
|
|
|
+ Value: !Ref pubnet2
|
|
|
+ WEBbnet1id:
|
|
|
+ Value: !Ref webnet1
|
|
|
+ WEBnet2id:
|
|
|
+ Value: !Ref webnet2
|
|
|
+ DBnet1id:
|
|
|
+ Value: !Ref dbnet1
|
|
|
+ DBnet2id:
|
|
|
+ Value: !Ref dbnet2
|
|
|
+ Vpcid:
|
|
|
+ Value: !Ref vpc1
|
|
|
+ ELBsg:
|
|
|
+ Value: !Ref elbgroup
|
|
|
+ ServerSG:
|
|
|
+ Value: !Ref webgroup
|
|
|
+ MemSg:
|
|
|
+ Value: !Ref dbgroup
|
|
|
+ EFSsg:
|
|
|
+ Value: !Ref efssg
|
|
|
+ RedisSg:
|
|
|
+ Value: !Ref redissg
|
xdc