Skip to content

Instantly share code, notes, and snippets.

@yai333
Created April 7, 2019 12:25
Show Gist options
  • Save yai333/0a4e6d0a520d43b600ee78407c2e034b to your computer and use it in GitHub Desktop.
Save yai333/0a4e6d0a520d43b600ee78407c2e034b to your computer and use it in GitHub Desktop.
DaxIamRole:
Type: AWS::IAM::Role
Properties:
RoleName: ${self:service.name}dax
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- "dax.amazonaws.com"
Action:
- "sts:AssumeRole"
Policies:
- PolicyName: "${self:service.name}-dax"
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DescribeTable
Resource:
- { Fn::GetAtt: ["PostsTable", "Arn"] }
- "Fn::Join":
- "/"
- - { Fn::GetAtt: ["PostsTable", "Arn"] }
- "index/*"
DaxVpc:
Type: AWS::EC2::VPC
Properties:
InstanceTenancy: default
CidrBlock: 10.0.0.0/16
daxSubnet1:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-southeast-2b
CidrBlock: 10.0.8.0/24
VpcId:
Ref: DaxVpc
daxSubnet2:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: ap-southeast-2c
CidrBlock: 10.0.32.0/24
VpcId:
Ref: DaxVpc
DaxCluster:
Type: AWS::DAX::Cluster
Properties:
ClusterName: ${self:custom.daxClusterName}
NodeType: dax.t2.small
ReplicationFactor: 1
IAMRoleARN: { Fn::GetAtt: [DaxIamRole, Arn] }
Description: "DAX cluster created with Serverless and Cloudformation"
SecurityGroupIds:
- Ref: DaxVpcSecurityGroup
SubnetGroupName:
Ref: DaxSubnetGroup
DaxSubnetGroup:
Type: AWS::DAX::SubnetGroup
Properties:
SubnetIds:
- Ref: daxSubnet1
- Ref: daxSubnet2
DaxVpcSecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupName: DaxSecurityGroup
GroupDescription: Allow local access
SecurityGroupIngress:
- CidrIp: 10.0.0.0/16
IpProtocol: tcp
FromPort: 8111
ToPort: 8111
VpcId:
Ref: DaxVpc
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment