Updated: Mar 31, 2021
In this section, I have provided the YAML Script for creation of RDS Instance (MySQL) in a VPC environment. I have used the VPC that I created in my previous blog posts to launch this RDS Instance.
Before we go into the script directly, lets look at what we require to launch an RDS Instance. You can launch Amazon RDS Instance that uses the following 5 DBs.
SQL Server DB
For this article, we will be using Amazon RDS with MySQL.
It is imperative to know that when we create a new DB instance;
a. we need to create the db instance in a private subnet
b. we need to secure the db instance with a new security group and allow only the necessary resources that connect through the same security group with appropriate port.
Tips / Recommendations
From my point of view it is suggested that we separate the DB Instance creation script from the Nested stack due to the following reasons.
If anything goes wrong with DB instance creation script, the entire nested stack is rolled back. This can be avoided by isolating the script.
Also, the DB creation script may take up to 20 minutes to complete.
It is also recommended that you create the script in (interactive mode)such a way that you select the subnets while uploading the script, provide the db user name and password so that you get the control of vital information.
Steps to run the script
Upload the script in S3 in the same location where you have uploaded the other scripts. ( I have uploaded the script from my local machine as it is not a nested one).
This script creates the DB Security Group with minimum required ingress rules, creates a MySQL version 5.7 database instance with Multi-AZ enabled.
Parameters: EnvironmentName: Description: MyTestEnvironment Type: String Default: MyTestEnvironment VpcId: Description: The VPC to create this ReplicationGroup under Type: 'AWS::EC2::VPC::Id' DBUser: NoEcho: 'true' Description: The database admin account username Type: String MinLength: '1' MaxLength: '16' AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*' ConstraintDescription: must begin with a letter and contain only alphanumeric characters. DBPassword: NoEcho: 'true' Description: The database admin account password Type: String MinLength: '1' MaxLength: '41' AllowedPattern: '[a-zA-Z0-9]+' ConstraintDescription: must contain only alphanumeric characters. DBSubnetAZ1: Description: >- Subnets you would like the DBInstance for RDS 5.7 to be created in. Type: 'AWS::EC2::Subnet::Id' DBSubnetAZ2: Description: >- Subnets you would like the DBInstance for RDS 5.7 to be created in. Type: 'AWS::EC2::Subnet::Id' # ====================================================== # Database creation for RDS MySQL v5.7 # ====================================================== Resources: DataSourceSecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Open database for access VpcId: !Ref VpcId DSSGIngressRule: Type: AWS::EC2::SecurityGroupIngress Properties: FromPort: "3306" ToPort: "3306" GroupId: !Ref DataSourceSecurityGroup IpProtocol: tcp SourceSecurityGroupId: !Ref DataSourceSecurityGroup DataSourceSubtNetGroup: Type: AWS::RDS::DBSubnetGroup Properties: DBSubnetGroupDescription: Created by CF SubnetIds: - !Ref DBSubnetAZ1 - !Ref DBSubnetAZ2 DataSource: Type: AWS::RDS::DBInstance Properties: AllocatedStorage: '5' DBInstanceClass: db.t2.micro DBName: mytestdb DBSubnetGroupName: !Ref DataSourceSubtNetGroup Engine: MySQL EngineVersion: 5.7.30 MasterUsername: !Ref DBUser MasterUserPassword: !Ref DBPassword PubliclyAccessible: false MultiAZ: true VPCSecurityGroups: - !Ref DataSourceSecurityGroup DeletionPolicy: Snapshot #=====================================================
Refer this screen shot for format and indentation
Go to Cloud Formation
Create New Stack
Provide the stack name
Provide DB User Name and Password
Select the Private Subnets that you have created in your Master script across 2 Availability Zones
Finally the VPC that you have created in the previous Nested stack
Click on Next and create the Stack
The DB creation may easily take about 20 mins. You may periodically refresh the Cloud Formation events tab to see the exact status of the stack creation.
Now go to the RDS services from AWS console and check for the DB Instance that you have created.
I hope the above script will be useful to AWS beginners who are working or practicing cloud formation. Also, if you are only practicing, please remember to delete the stack after you have successfully created the DB as it may incur charges.
Please provide your valuable comments on this article if this is of any help. Kindly share this with your known groups if you like it. Thanks.