mirror of
https://github.com/serverless/serverless.git
synced 2026-01-18 14:58:43 +00:00
cacb529925
Co-authored-by: Lew Gordon <lew.gordon@genesys.com> Co-authored-by: Piotr Grzesik <pj.grzesik@gmail.com>
246 lines
5.8 KiB
YAML
246 lines
5.8 KiB
YAML
AWSTemplateFormatVersion: 2010-09-09
|
|
|
|
Parameters:
|
|
ClusterName:
|
|
Type: String
|
|
Description: Name of MSK Cluster
|
|
ActiveMQBrokerName:
|
|
Type: String
|
|
Description: Name of Active MQ Broker
|
|
ActiveMQUser:
|
|
Type: String
|
|
Description: Name of Active MQ User
|
|
ActiveMQPassword:
|
|
Type: String
|
|
Description: Password of Active MQ User
|
|
NoEcho: true
|
|
ClusterConfigurationArn:
|
|
Type: String
|
|
Description: MSK Cluster Configuration ARN
|
|
ClusterConfigurationRevision:
|
|
Type: Number
|
|
Description: MSK Cluster Configuration Revision number
|
|
Default: 1
|
|
|
|
Resources:
|
|
VPC:
|
|
Type: AWS::EC2::VPC
|
|
Properties:
|
|
CidrBlock: 172.31.0.0/16
|
|
Tags:
|
|
- Key: Name
|
|
Value: !Ref AWS::StackName
|
|
|
|
PublicSubnet:
|
|
Type: AWS::EC2::Subnet
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
AvailabilityZone:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::GetAZs: ''
|
|
CidrBlock: 172.31.0.0/24
|
|
MapPublicIpOnLaunch: true
|
|
|
|
PrivateSubnetA:
|
|
Type: AWS::EC2::Subnet
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
AvailabilityZone:
|
|
Fn::Select:
|
|
- 0
|
|
- Fn::GetAZs: ''
|
|
CidrBlock: 172.31.3.0/24
|
|
MapPublicIpOnLaunch: false
|
|
|
|
PrivateSubnetB:
|
|
Type: AWS::EC2::Subnet
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
AvailabilityZone:
|
|
Fn::Select:
|
|
- 1
|
|
- Fn::GetAZs: ''
|
|
CidrBlock: 172.31.2.0/24
|
|
MapPublicIpOnLaunch: false
|
|
|
|
InternetGateway:
|
|
Type: AWS::EC2::InternetGateway
|
|
|
|
GatewayAttachment:
|
|
Type: AWS::EC2::VPCGatewayAttachment
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
InternetGatewayId: !Ref InternetGateway
|
|
|
|
PublicRouteTable:
|
|
Type: AWS::EC2::RouteTable
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
|
|
PublicRoute:
|
|
Type: AWS::EC2::Route
|
|
DependsOn: GatewayAttachment
|
|
Properties:
|
|
RouteTableId: !Ref PublicRouteTable
|
|
DestinationCidrBlock: 0.0.0.0/0
|
|
GatewayId: !Ref InternetGateway
|
|
|
|
PublicSubnetRouteTableAssociation:
|
|
Type: AWS::EC2::SubnetRouteTableAssociation
|
|
Properties:
|
|
SubnetId: !Ref PublicSubnet
|
|
RouteTableId: !Ref PublicRouteTable
|
|
|
|
NatGateway:
|
|
Type: AWS::EC2::NatGateway
|
|
DependsOn: NatPublicIP
|
|
Properties:
|
|
AllocationId: !GetAtt NatPublicIP.AllocationId
|
|
SubnetId: !Ref PublicSubnet
|
|
|
|
NatPublicIP:
|
|
Type: AWS::EC2::EIP
|
|
DependsOn: VPC
|
|
Properties:
|
|
Domain: vpc
|
|
|
|
PrivateRouteTable:
|
|
Type: AWS::EC2::RouteTable
|
|
Properties:
|
|
VpcId: !Ref VPC
|
|
|
|
PrivateRoute:
|
|
Type: AWS::EC2::Route
|
|
Properties:
|
|
RouteTableId: !Ref PrivateRouteTable
|
|
DestinationCidrBlock: 0.0.0.0/0
|
|
NatGatewayId: !Ref NatGateway
|
|
|
|
PrivateSubnetARouteTableAssociation:
|
|
Type: AWS::EC2::SubnetRouteTableAssociation
|
|
Properties:
|
|
SubnetId: !Ref PrivateSubnetA
|
|
RouteTableId: !Ref PrivateRouteTable
|
|
|
|
PrivateSubnetBRouteTableAssociation:
|
|
Type: AWS::EC2::SubnetRouteTableAssociation
|
|
Properties:
|
|
SubnetId: !Ref PrivateSubnetB
|
|
RouteTableId: !Ref PrivateRouteTable
|
|
|
|
ActiveMQSecurityGroup:
|
|
Type: AWS::EC2::SecurityGroup
|
|
Properties:
|
|
GroupDescription: Security Group for ApacheMQ
|
|
VpcId: !Ref VPC
|
|
SecurityGroupIngress:
|
|
- IpProtocol: tcp
|
|
FromPort: 61617
|
|
ToPort: 61617
|
|
CidrIp: 0.0.0.0/0
|
|
- IpProtocol: tcp
|
|
FromPort: 61614
|
|
ToPort: 61614
|
|
CidrIp: 0.0.0.0/0
|
|
|
|
ActiveMQBroker:
|
|
Type: 'AWS::AmazonMQ::Broker'
|
|
Properties:
|
|
AutoMinorVersionUpgrade: 'false'
|
|
BrokerName: !Ref ActiveMQBrokerName
|
|
DeploymentMode: SINGLE_INSTANCE
|
|
EngineType: ActiveMQ
|
|
EngineVersion: '5.15.0'
|
|
HostInstanceType: mq.t2.micro
|
|
PubliclyAccessible: 'false'
|
|
SecurityGroups:
|
|
- !Ref ActiveMQSecurityGroup
|
|
SubnetIds:
|
|
- !Ref PrivateSubnetA
|
|
Users:
|
|
- ConsoleAccess: 'true'
|
|
Password: !Ref ActiveMQPassword
|
|
Username: !Ref ActiveMQUser
|
|
|
|
MSKCluster:
|
|
Type: 'AWS::MSK::Cluster'
|
|
Properties:
|
|
ClusterName: !Ref ClusterName
|
|
KafkaVersion: 2.2.1
|
|
NumberOfBrokerNodes: 2
|
|
BrokerNodeGroupInfo:
|
|
InstanceType: kafka.t3.small
|
|
ClientSubnets:
|
|
- !Ref PrivateSubnetA
|
|
- !Ref PrivateSubnetB
|
|
StorageInfo:
|
|
EBSStorageInfo:
|
|
VolumeSize: 1
|
|
ConfigurationInfo:
|
|
Arn: !Ref ClusterConfigurationArn
|
|
Revision: !Ref ClusterConfigurationRevision
|
|
|
|
FileSystem:
|
|
Type: AWS::EFS::FileSystem
|
|
Properties:
|
|
PerformanceMode: generalPurpose
|
|
FileSystemTags:
|
|
- Key: Name
|
|
Value: ServerlessFrameworkTestsVolume
|
|
|
|
MountTarget:
|
|
Type: AWS::EFS::MountTarget
|
|
Properties:
|
|
FileSystemId: !Ref FileSystem
|
|
SubnetId: !Ref PrivateSubnetA
|
|
SecurityGroups:
|
|
- !GetAtt VPC.DefaultSecurityGroup
|
|
|
|
AccessPointResource:
|
|
Type: AWS::EFS::AccessPoint
|
|
Properties:
|
|
FileSystemId: !Ref FileSystem
|
|
PosixUser:
|
|
Uid: 1001
|
|
Gid: 1001
|
|
RootDirectory:
|
|
CreationInfo:
|
|
OwnerGid: 1001
|
|
OwnerUid: 1001
|
|
Permissions: 770
|
|
Path: /efs
|
|
|
|
Outputs:
|
|
VPC:
|
|
Description: VPC ID
|
|
Value: !Ref VPC
|
|
|
|
PrivateSubnetA:
|
|
Description: Private Subnet A ID
|
|
Value: !Ref PrivateSubnetA
|
|
|
|
SecurityGroup:
|
|
Description: Default security for Lambda VPC
|
|
Value: !GetAtt VPC.DefaultSecurityGroup
|
|
|
|
ActiveMQBrokerArn:
|
|
Description: Created Active MQ Broker ARN
|
|
Value: !GetAtt ActiveMQBroker.Arn
|
|
|
|
ActiveMQBrokerId:
|
|
Description: Created Active MQ Broker Id
|
|
Value: !Ref ActiveMQBroker
|
|
|
|
ActiveMQSecurityGroup:
|
|
Description: Security Group for Active MQ
|
|
Value: !Ref ActiveMQSecurityGroup
|
|
|
|
MSKCluster:
|
|
Description: Created MSK Cluster
|
|
Value: !Ref MSKCluster
|
|
|
|
EFSAccessPointARN:
|
|
Description: EFS Access Point ARN
|
|
Value: !GetAtt AccessPointResource.Arn
|