vasilkosturski/RDSRecoverability.yaml

## RDSRecoverability.yaml
Description: RDS Recoverability Demo - Design for Availability, Resilience, and Reliability

Parameters:
  VpcName:
    Description: A name that is prefixed to resource names
    Type: String

  VpcCIDR:
    Description: Please enter the IP range (CIDR notation) for this VPC
    Type: String
    Default: 10.1.0.0/16

  PublicSubnet1CIDR:
    Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
    Type: String
    Default: 10.1.10.0/24

  PublicSubnet2CIDR:
    Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
    Type: String
    Default: 10.1.11.0/24

  PrivateSubnet1CIDR:
    Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
    Type: String
    Default: 10.1.20.0/24

  PrivateSubnet2CIDR:
    Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
    Type: String
    Default: 10.1.21.0/24

Metadata:
  AWS::CloudFormation::Interface:
    ParameterGroups:
      -
        Label:
          default: "Information for the VPC"
        Parameters:
          - VpcName
          - VpcCIDR
      -
        Label:
          default: "Information for the VPCs subnets. Subnet network ranges MUST fall within the VPC CIDR block above"
        Parameters:
          - PublicSubnet1CIDR
          - PublicSubnet2CIDR
          - PrivateSubnet1CIDR
          - PrivateSubnet2CIDR

    ParameterLabels:
      VpcName:
        default: "VPC Name"
      VpcCIDR:
        default: "VPC CIDR block"
      PublicSubnet1CIDR:
        default: "Public Subnet 1"
      PublicSubnet2CIDR:
        default: "Public Subnet 2"
      PrivateSubnet1CIDR:
        default: "Private Subnet 1"
      PrivateSubnet2CIDR:
        default: "Private Subnet 2"

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Ref VpcCIDR
      EnableDnsSupport: true
      EnableDnsHostnames: true
      Tags:
        - Key: Name
          Value: !Ref VpcName

  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: !Ref VpcName

  InternetGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      InternetGatewayId: !Ref InternetGateway
      VpcId: !Ref VPC

  PublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 0, !GetAZs '' ]
      CidrBlock: !Ref PublicSubnet1CIDR
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub
            - ${VpcName} Public Subnet (${AZ1})
            - { AZ1: !Select [ 0, !GetAZs  '' ] }
  PublicSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 1, !GetAZs  '' ]
      CidrBlock: !Ref PublicSubnet2CIDR
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: !Sub
            - ${VpcName} Public Subnet (${AZ2})
            - { AZ2: !Select [ 1, !GetAZs  '' ] }
  PrivateSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 0, !GetAZs  '' ]
      CidrBlock: !Ref PrivateSubnet1CIDR
      MapPublicIpOnLaunch: false
      Tags:
        - Key: Name
          Value: !Sub
            - ${VpcName} Private Subnet (${AZ1})
            - { AZ1: !Select [ 0, !GetAZs  '' ] }
  PrivateSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref VPC
      AvailabilityZone: !Select [ 1, !GetAZs  '' ]
      CidrBlock: !Ref PrivateSubnet2CIDR
      MapPublicIpOnLaunch: false
      Tags:
        - Key: Name
          Value: !Sub
            - ${VpcName} Private Subnet (${AZ2})
            - { AZ2: !Select [ 1, !GetAZs  '' ] }

  PublicRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: !Sub ${VpcName} Public Routes

  DefaultPublicRoute:
    Type: AWS::EC2::Route
    DependsOn: InternetGatewayAttachment
    Properties:
      RouteTableId: !Ref PublicRouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway

  PublicSubnet1RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PublicRouteTable
      SubnetId: !Ref PublicSubnet1

  PublicSubnet2RouteTableAssociation:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      RouteTableId: !Ref PublicRouteTable
      SubnetId: !Ref PublicSubnet2

  PrivateRouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: !Sub ${VpcName} Private Routes

  DatabaseSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: RDS Recoverability Project - Database Security Group
      GroupName: RDSRec-Database
      SecurityGroupIngress:
        -   Description: Application EC2 instances
            FromPort: 3306
            IpProtocol: tcp
            SourceSecurityGroupId: !Ref ApplicationSecurityGroup
            ToPort: 3306
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: RDSRec-Database

  ApplicationSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: RDS Recoverability Project - Application Security Group
      GroupName: RDSRec-Application
      SecurityGroupIngress:
        -   Description: SSH from the Internet
            FromPort: 22
            IpProtocol: tcp
            CidrIp: 0.0.0.0/0
            ToPort: 22
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: RDSRec-Application

Outputs:
  VPC:
    Description: VPC ID
    Value: !Ref VPC

  PublicSubnets:
    Description: A list of the public subnets
    Value: !Join [ ", ", [ !Ref PublicSubnet1, !Ref PublicSubnet2 ]]

  PrivateSubnets:
    Description: A list of the private subnets
    Value: !Join [ ", ", [ !Ref PrivateSubnet1, !Ref PrivateSubnet2 ]]

  DatabaseSecurityGroup:
    Description: ID of the database security group
    Value: !Ref DatabaseSecurityGroup

  ApplicationSecurityGroup:
    Description: ID of the EC2 instance security group
    Value: !Ref ApplicationSecurityGroup
	Description: RDS Recoverability Demo - Design for Availability, Resilience, and Reliability

	Parameters:
	VpcName:
	Description: A name that is prefixed to resource names
	Type: String

	VpcCIDR:
	Description: Please enter the IP range (CIDR notation) for this VPC
	Type: String
	Default: 10.1.0.0/16

	PublicSubnet1CIDR:
	Description: Please enter the IP range (CIDR notation) for the public subnet in the first Availability Zone
	Type: String
	Default: 10.1.10.0/24

	PublicSubnet2CIDR:
	Description: Please enter the IP range (CIDR notation) for the public subnet in the second Availability Zone
	Type: String
	Default: 10.1.11.0/24

	PrivateSubnet1CIDR:
	Description: Please enter the IP range (CIDR notation) for the private subnet in the first Availability Zone
	Type: String
	Default: 10.1.20.0/24

	PrivateSubnet2CIDR:
	Description: Please enter the IP range (CIDR notation) for the private subnet in the second Availability Zone
	Type: String
	Default: 10.1.21.0/24

	Metadata:
	AWS::CloudFormation::Interface:
	ParameterGroups:
	-
	Label:
	default: "Information for the VPC"
	Parameters:
	- VpcName
	- VpcCIDR
	-
	Label:
	default: "Information for the VPCs subnets. Subnet network ranges MUST fall within the VPC CIDR block above"
	Parameters:
	- PublicSubnet1CIDR
	- PublicSubnet2CIDR
	- PrivateSubnet1CIDR
	- PrivateSubnet2CIDR

	ParameterLabels:
	VpcName:
	default: "VPC Name"
	VpcCIDR:
	default: "VPC CIDR block"
	PublicSubnet1CIDR:
	default: "Public Subnet 1"
	PublicSubnet2CIDR:
	default: "Public Subnet 2"
	PrivateSubnet1CIDR:
	default: "Private Subnet 1"
	PrivateSubnet2CIDR:
	default: "Private Subnet 2"

	Resources:
	VPC:
	Type: AWS::EC2::VPC
	Properties:
	CidrBlock: !Ref VpcCIDR
	EnableDnsSupport: true
	EnableDnsHostnames: true
	Tags:
	- Key: Name
	Value: !Ref VpcName

	InternetGateway:
	Type: AWS::EC2::InternetGateway
	Properties:
	Tags:
	- Key: Name
	Value: !Ref VpcName

	InternetGatewayAttachment:
	Type: AWS::EC2::VPCGatewayAttachment
	Properties:
	InternetGatewayId: !Ref InternetGateway
	VpcId: !Ref VPC

	PublicSubnet1:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	AvailabilityZone: !Select [ 0, !GetAZs '' ]
	CidrBlock: !Ref PublicSubnet1CIDR
	MapPublicIpOnLaunch: true
	Tags:
	- Key: Name
	Value: !Sub
	- ${VpcName} Public Subnet (${AZ1})
	- { AZ1: !Select [ 0, !GetAZs '' ] }
	PublicSubnet2:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	AvailabilityZone: !Select [ 1, !GetAZs '' ]
	CidrBlock: !Ref PublicSubnet2CIDR
	MapPublicIpOnLaunch: true
	Tags:
	- Key: Name
	Value: !Sub
	- ${VpcName} Public Subnet (${AZ2})
	- { AZ2: !Select [ 1, !GetAZs '' ] }
	PrivateSubnet1:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	AvailabilityZone: !Select [ 0, !GetAZs '' ]
	CidrBlock: !Ref PrivateSubnet1CIDR
	MapPublicIpOnLaunch: false
	Tags:
	- Key: Name
	Value: !Sub
	- ${VpcName} Private Subnet (${AZ1})
	- { AZ1: !Select [ 0, !GetAZs '' ] }
	PrivateSubnet2:
	Type: AWS::EC2::Subnet
	Properties:
	VpcId: !Ref VPC
	AvailabilityZone: !Select [ 1, !GetAZs '' ]
	CidrBlock: !Ref PrivateSubnet2CIDR
	MapPublicIpOnLaunch: false
	Tags:
	- Key: Name
	Value: !Sub
	- ${VpcName} Private Subnet (${AZ2})
	- { AZ2: !Select [ 1, !GetAZs '' ] }

	PublicRouteTable:
	Type: AWS::EC2::RouteTable
	Properties:
	VpcId: !Ref VPC
	Tags:
	- Key: Name
	Value: !Sub ${VpcName} Public Routes

	DefaultPublicRoute:
	Type: AWS::EC2::Route
	DependsOn: InternetGatewayAttachment
	Properties:
	RouteTableId: !Ref PublicRouteTable
	DestinationCidrBlock: 0.0.0.0/0
	GatewayId: !Ref InternetGateway

	PublicSubnet1RouteTableAssociation:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	RouteTableId: !Ref PublicRouteTable
	SubnetId: !Ref PublicSubnet1

	PublicSubnet2RouteTableAssociation:
	Type: AWS::EC2::SubnetRouteTableAssociation
	Properties:
	RouteTableId: !Ref PublicRouteTable
	SubnetId: !Ref PublicSubnet2

	PrivateRouteTable:
	Type: AWS::EC2::RouteTable
	Properties:
	VpcId: !Ref VPC
	Tags:
	- Key: Name
	Value: !Sub ${VpcName} Private Routes

	DatabaseSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: RDS Recoverability Project - Database Security Group
	GroupName: RDSRec-Database
	SecurityGroupIngress:
	- Description: Application EC2 instances
	FromPort: 3306
	IpProtocol: tcp
	SourceSecurityGroupId: !Ref ApplicationSecurityGroup
	ToPort: 3306
	VpcId: !Ref VPC
	Tags:
	- Key: Name
	Value: RDSRec-Database

	ApplicationSecurityGroup:
	Type: AWS::EC2::SecurityGroup
	Properties:
	GroupDescription: RDS Recoverability Project - Application Security Group
	GroupName: RDSRec-Application
	SecurityGroupIngress:
	- Description: SSH from the Internet
	FromPort: 22
	IpProtocol: tcp
	CidrIp: 0.0.0.0/0
	ToPort: 22
	VpcId: !Ref VPC
	Tags:
	- Key: Name
	Value: RDSRec-Application

	Outputs:
	VPC:
	Description: VPC ID
	Value: !Ref VPC

	PublicSubnets:
	Description: A list of the public subnets
	Value: !Join [ ", ", [ !Ref PublicSubnet1, !Ref PublicSubnet2 ]]

	PrivateSubnets:
	Description: A list of the private subnets
	Value: !Join [ ", ", [ !Ref PrivateSubnet1, !Ref PrivateSubnet2 ]]

	DatabaseSecurityGroup:
	Description: ID of the database security group
	Value: !Ref DatabaseSecurityGroup

	ApplicationSecurityGroup:
	Description: ID of the EC2 instance security group
	Value: !Ref ApplicationSecurityGroup