LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

@graoiugh

自分用メモ

Posted at

cloudformationの書き方調べるのがめんどくさい時は

とりあえず手動でリソース作る

Former2にRead権限IAM渡す

Former2で既存リソースから読み込んでGenerate

注意点は手動で作る時は勝手に色々作ってくれる(CloudWatchLogグループとか)けどFormer2は関連分を勝手に読み込んでくれるわけじゃない

RDS関係をgenerateするとこんな感じ

AWSTemplateFormatVersion: "2010-09-09"
Metadata:
  Generator: "former2"
Description: ""
Resources:
  RDSDBInstance:
    Type: "AWS::RDS::DBInstance"
    Properties:
      DBInstanceIdentifier: "db-ident-1"
      AllocatedStorage: 400
      DBInstanceClass: "db.t3.micro"
      Engine: "postgres"
      MasterUsername: "postgres"
      MasterUserPassword: "REPLACEME"
      PreferredBackupWindow: "03:15-03:45"
      BackupRetentionPeriod: 7
      AvailabilityZone: !Sub "${AWS::Region}c"
      PreferredMaintenanceWindow: "mon:06:18-mon:06:48"
      MultiAZ: true
      EngineVersion: "14.5"
      AutoMinorVersionUpgrade: true
      LicenseModel: "postgresql-license"
      Iops: 13000
      PubliclyAccessible: false
      StorageType: "gp3"
      Port: 30000
      StorageEncrypted: true
      KmsKeyId: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/ごにょごにょ"
      CopyTagsToSnapshot: true
      MonitoringInterval: 60
      EnableIAMDatabaseAuthentication: false
      EnablePerformanceInsights: true
      PerformanceInsightsKMSKeyId: !Sub "arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/ごにょごにょ"
      PerformanceInsightsRetentionPeriod: 7
      DeletionProtection: true
      DBSubnetGroupName: "default-vpc-ごにょごにょ"
      VPCSecurityGroups: 
      - !Ref EC2SecurityGroup
      - "sg-ごにょごにょ"
      DBParameterGroupName: !Ref RDSDBParameterGroup
      OptionGroupName: "default:postgres-14"
      MonitoringRoleArn: !Sub "arn:aws:iam::${AWS::AccountId}:role/rds-monitoring-role"
      EnableCloudwatchLogsExports: 
      - "postgresql"
      - "upgrade"
      CACertificateIdentifier: "rds-ca-2019"
      Tags: 
      - 
        Key: "devops-guru-default"
        Value: "db-ident-1"

  RDSDBSubnetGroup:
    Type: "AWS::RDS::DBSubnetGroup"
    Properties:
      DBSubnetGroupDescription: "my-rds-subnet"
      DBSubnetGroupName: "my-rds-subnet"
      SubnetIds: 
      - "subnet-ごにょごにょ"
      - "subnet-ごにょごにょ"
      - "subnet-ごにょごにょ"

  RDSDBParameterGroup:
    Type: "AWS::RDS::DBParameterGroup"
    Properties:
      DBClusterParameterGroupName: "post14-param"
      Description: "post14-param"
      Family: "postgres14"
      Parameters: 
        idle_session_timeout: "400000"

  EC2SecurityGroup:
    Type: "AWS::EC2::SecurityGroup"
    Properties:
      GroupDescription: "myssh created"
      GroupName: "myssh"
      VpcId: "vpc-ごにょごにょ"
      SecurityGroupIngress: 
      - 
        CidrIp: "0.0.0.0/0"
        FromPort: 10022
        IpProtocol: "tcp"
        ToPort: 10022
      SecurityGroupEgress: 
      - 
        CidrIp: "0.0.0.0/0"
        IpProtocol: "-1"

  LogsLogGroup:
    Type: "AWS::Logs::LogGroup"
    Properties:
      LogGroupName: !Sub "/aws/rds/instance/${RDSDBInstance}/postgresql"

  LogsLogStream:
    Type: "AWS::Logs::LogStream"
    Properties:
      LogGroupName: !Sub "/aws/rds/instance/${RDSDBInstance}/postgresql"
      LogStreamName: !Sub "${RDSDBInstance}.0"
0
0
1

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?