infamousjoeg/DeployRDSSecret.yml

## DeployRDSSecret.yml
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates an empty SQL Server RDS database as an example for automated deployments.
Parameters:
  SqlServerInstanceName:
    NoEcho: 'false'
    Description: RDS SQL Server Instance Name
    Type: String
    Default: SqlRdsDB
    MinLength: '1'
    MaxLength: '63'
    AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
Metadata:
  AWS::CloudFormation::Interface:
    ParameterGroups:
    - Label:
        default: SQL Instance name
      Parameters:
        - SqlServerInstanceName
      ParameterLabels:
        SqlServerInstanceName:
            default: Instance name
Resources:
  SQLServerSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: SQL Server Security Group
      SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: '1433'
        ToPort: '1433'
        CidrIp: 0.0.0.0/0
  SQLDatabase:
    Type: AWS::RDS::DBInstance
    Properties:
      VPCSecurityGroups:
      - Fn::GetAtt:
        - SQLServerSecurityGroup
        - GroupId
      DBInstanceIdentifier:
        Ref: SqlServerInstanceName
      LicenseModel: license-included
      Engine: sqlserver-ex
      MultiAZ: false
      DBInstanceClass: db.t3.small
      AllocatedStorage: '20'
      MasterUsername: '{{resolve:secretsmanager:JoeG-SecretsHub-Demo/Database-MSSql-sa:SecretString:username}}'
      MasterUserPassword: '{{resolve:secretsmanager:JoeG-SecretsHub-Demo/Database-MSSql-sa:SecretString:secret}}'
      PubliclyAccessible: 'false'
      Tags:
        -
          Key: "Name"
          Value: "secretshub-db"
      BackupRetentionPeriod: '1'
    DependsOn: SQLServerSecurityGroup
Outputs:
   SQLDatabaseEndpoint:
     Description: Database endpoint
     Value: !Sub "${SQLDatabase.Endpoint.Address}:${SQLDatabase.Endpoint.Port}"
	AWSTemplateFormatVersion: '2010-09-09'
	Description: Creates an empty SQL Server RDS database as an example for automated deployments.
	Parameters:
	SqlServerInstanceName:
	NoEcho: 'false'
	Description: RDS SQL Server Instance Name
	Type: String
	Default: SqlRdsDB
	MinLength: '1'
	MaxLength: '63'
	AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
	Metadata:
	AWS::CloudFormation::Interface:
	ParameterGroups:
	- Label:
	default: SQL Instance name
	Parameters:
	- SqlServerInstanceName
	ParameterLabels:
	SqlServerInstanceName:
	default: Instance name
	Resources:
	SQLServerSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: SQL Server Security Group
	SecurityGroupIngress:
	- IpProtocol: tcp
	FromPort: '1433'
	ToPort: '1433'
	CidrIp: 0.0.0.0/0
	SQLDatabase:
	Type: AWS::RDS::DBInstance
	Properties:
	VPCSecurityGroups:
	- Fn::GetAtt:
	- SQLServerSecurityGroup
	- GroupId
	DBInstanceIdentifier:
	Ref: SqlServerInstanceName
	LicenseModel: license-included
	Engine: sqlserver-ex
	MultiAZ: false
	DBInstanceClass: db.t3.small
	AllocatedStorage: '20'
	MasterUsername: '{{resolve:secretsmanager:JoeG-SecretsHub-Demo/Database-MSSql-sa:SecretString:username}}'
	MasterUserPassword: '{{resolve:secretsmanager:JoeG-SecretsHub-Demo/Database-MSSql-sa:SecretString:secret}}'
	PubliclyAccessible: 'false'
	Tags:
	-
	Key: "Name"
	Value: "secretshub-db"
	BackupRetentionPeriod: '1'
	DependsOn: SQLServerSecurityGroup
	Outputs:
	SQLDatabaseEndpoint:
	Description: Database endpoint
	Value: !Sub "${SQLDatabase.Endpoint.Address}:${SQLDatabase.Endpoint.Port}"