In this section, I have provided the YAML Script for creation of RDS Instance (MySQL) in a VPC environment. I have used the VPC that I created in my previous blog posts to launch this RDS Instance.

Before we go into the script directly, lets look at what we require to launch an RDS Instance. You can launch Amazon RDS Instance that uses the following 5 DBs.

1. Maria DB

2. SQL Server DB

3. MySQL

4. Oracle DB

5. PostgreSQL

For this article, we will be using Amazon RDS with MySQL.

It is imperative to know that when we create a new DB instance;

a. we need to create the db instance in a private subnet

b. we need to secure the db instance with a new security group and allow only the necessary resources that connect through the same security group with appropriate port.

Tips / Recommendations

From my point of view it is suggested that we separate the DB Instance creation script from the Nested stack due to the following reasons.

• If anything goes wrong with DB instance creation script, the entire nested stack is rolled back. This can be avoided by isolating the script.

• Also, the DB creation script may take up to 20 minutes to complete.

It is also recommended that you create the script in (interactive mode)such a way that you select the subnets while uploading the script, provide the db user name and password so that you get the control of vital information.

Steps to run the script

• Upload the script in S3 in the same location where you have uploaded the other scripts. ( I have uploaded the script from my local machine as it is not a nested one).

• This script creates the DB Security Group with minimum required ingress rules, creates a MySQL version 5.7 database instance with Multi-AZ enabled.

Parameters:
 EnvironmentName:
 Description: MyTestEnvironment
 Type: String
 Default: MyTestEnvironment

 VpcId:
 Description: The VPC to create this ReplicationGroup under
 Type: 'AWS::EC2::VPC::Id'

 DBUser:
 NoEcho: 'true'
 Description: The database admin account username
 Type: String
 MinLength: '1'
 MaxLength: '16'
 AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
 ConstraintDescription: must begin with a letter and contain only alphanumeric
 characters.

 DBPassword:
 NoEcho: 'true'
 Description: The database admin account password
 Type: String
 MinLength: '1'
 MaxLength: '41'
 AllowedPattern: '[a-zA-Z0-9]+'
 ConstraintDescription: must contain only alphanumeric characters.

 DBSubnetAZ1:
 Description: >-
      Subnets you would like the DBInstance for RDS 5.7 to be created in.
 Type: 'AWS::EC2::Subnet::Id'

 DBSubnetAZ2:
 Description: >-
      Subnets you would like the DBInstance for RDS 5.7 to be created in. 
 Type: 'AWS::EC2::Subnet::Id'
# ======================================================
# Database creation for RDS MySQL v5.7
# ======================================================
Resources:
 DataSourceSecurityGroup:
 Type: AWS::EC2::SecurityGroup
 Properties:
 GroupDescription: Open database for access
 VpcId: !Ref VpcId
 DSSGIngressRule:
 Type: AWS::EC2::SecurityGroupIngress
 Properties:
 FromPort: "3306"
 ToPort: "3306"
 GroupId: !Ref DataSourceSecurityGroup
 IpProtocol: tcp
 SourceSecurityGroupId: !Ref DataSourceSecurityGroup
 DataSourceSubtNetGroup:
 Type: AWS::RDS::DBSubnetGroup
 Properties:
 DBSubnetGroupDescription: Created by CF
 SubnetIds:
        - !Ref DBSubnetAZ1
        - !Ref DBSubnetAZ2
 DataSource:
 Type: AWS::RDS::DBInstance
 Properties:
 AllocatedStorage: '5'
 DBInstanceClass: db.t2.micro
 DBName: mytestdb
 DBSubnetGroupName: !Ref DataSourceSubtNetGroup
 Engine: MySQL
 EngineVersion: 5.7.30
 MasterUsername: !Ref DBUser
 MasterUserPassword: !Ref DBPassword
 PubliclyAccessible: false
 MultiAZ: true
 VPCSecurityGroups:
        - !Ref DataSourceSecurityGroup
 DeletionPolicy: Snapshot
#=====================================================

Refer this screen shot for format and indentation

• Go to Cloud Formation

• Create New Stack

• Provide the stack name

• Provide DB User Name and Password

• Select the Private Subnets that you have created in your Master script across 2 Availability Zones

• Finally the VPC that you have created in the previous Nested stack

• Click on Next and create the Stack

The DB creation may easily take about 20 mins. You may periodically refresh the Cloud Formation events tab to see the exact status of the stack creation.

Now go to the RDS services from AWS console and check for the DB Instance that you have created.

I hope the above script will be useful to AWS beginners who are working or practicing cloud formation. Also, if you are only practicing, please remember to delete the stack after you have successfully created the DB as it may incur charges.

Please provide your valuable comments on this article if this is of any help. Kindly share this with your known groups if you like it. Thanks.