forked from cloudify-community/eaas-example
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaws-blueprint.yaml
101 lines (92 loc) · 3.57 KB
/
aws-blueprint.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
tosca_definitions_version: cloudify_dsl_1_3
imports:
- https://cloudify.co/spec/cloudify/6.2.0/types.yaml
- plugin:cloudify-aws-plugin?version= >=2.5.6
dsl_definitions:
aws_client: &aws_client
aws_access_key_id: { get_input: [ cloud_credentials, aws_access_key_id ] }
aws_secret_access_key: { get_input: [ cloud_credentials, aws_secret_access_key ] }
region_name: { get_input: [ cloud_credentials, region_name ] }
inputs:
cloud_credentials:
type: dict
resource_config:
type: resource_config
network_deployment_id:
type: string
data_types:
resource_config:
properties:
master_username:
type: string
node_templates:
network:
type: cloudify.nodes.SharedResource
properties:
resource_config:
deployment:
id: { get_input: network_deployment_id }
password_generator:
type: cloudify.nodes.Root
interfaces:
cloudify.interfaces.lifecycle:
create:
executor: central_deployment_agent
implementation: scripts/generate-password.sh
database_stack:
type: cloudify.nodes.aws.CloudFormation.Stack
properties:
client_config: *aws_client
resource_config:
kwargs:
StackName: { concat: [ { get_attribute: [ network, capabilities, resource_prefix ] }, '-stack' ] }
TemplateBody:
Resources:
MyDBSecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: DB security group
GroupName: { concat: [ { get_attribute: [ network, capabilities, resource_prefix ] }, '-security-group' ] }
SecurityGroupIngress:
- CidrIp: 0.0.0.0/0
FromPort: 5432
ToPort: 5432
IpProtocol: tcp
VpcId: { get_attribute: [ network, capabilities, vpc_id ] }
MyDBSubnetGroup:
Type: "AWS::RDS::DBSubnetGroup"
Properties:
DBSubnetGroupDescription: "DB Private Subnet"
SubnetIds:
- { get_attribute: [ network, capabilities, private_subnet_ids, 0 ] }
- { get_attribute: [ network, capabilities, private_subnet_ids, 1 ] }
MyDB:
Type: "AWS::RDS::DBInstance"
Properties:
DBName: { concat: [ { get_attribute: [ network, capabilities, resource_prefix ] }, 'rdspsql' ] }
AllocatedStorage: 5
DBInstanceClass: db.r6g.large
Engine: postgres
MasterUsername: { get_input: [ resource_config, master_username ] }
MasterUserPassword: { get_attribute: [ password_generator, master_password ] }
VPCSecurityGroups:
- Ref: MyDBSecurityGroup
DBSubnetGroupName: { Ref: MyDBSubnetGroup }
DeletionPolicy: Snapshot
Outputs:
IpAddress:
Value: { "Fn::GetAtt" : [ "MyDB", "Endpoint.Address" ] }
Port:
Value: { "Fn::GetAtt" : [ "MyDB", "Endpoint.Port" ] }
relationships:
- target: network
type: cloudify.relationships.depends_on
- target: password_generator
type: cloudify.relationships.depends_on
capabilities:
host:
value: { get_attribute: [ database_stack, outputs_items, IpAddress ] }
master_username:
value: { get_input: [ resource_config, master_username ] }
master_password:
value: { get_attribute: [ password_generator, master_password] }