--- AWSTemplateFormatVersion: "2010-09-09" Description: This template will launch various services (RDS & CodeCommit) for .Net Modernization Workshop. Parameters: VPCstack: Type: String Description: VPC stack to import values from Default: ModernizationVPC UnicornStoreDBUsername: Type: String Description: UnicornStore Database Username for RDS Default: "awssa" UnicornStoreDBPassword: AllowedPattern: "^(?=.*[0-9])(?=.*[a-zA-Z])([a-zA-Z0-9]+)" ConstraintDescription: Must contain only alphanumeric characters with at least one capital letter and one number Description: UnicornStore Database Username for RDS MaxLength: '41' MinLength: '8' Type: String Default: BBTh123ca Resources: UnicornRepo: Type: AWS::CodeCommit::Repository Properties: RepositoryName: unicorn-store RepositoryDescription: The Unicorn Store Workshop UnicornStoreECR: Type: "AWS::ECR::Repository" Properties: RepositoryName : modernization-devsecops-workshop UnicornStoreRDSSecurityGroup: Type: "AWS::EC2::SecurityGroup" Properties: GroupDescription: UnicornStoreRDSSecurityGroup SecurityGroupIngress: - IpProtocol: tcp FromPort: 1433 ToPort: 1433 CidrIp: Fn::ImportValue: !Sub "${VPCstack}:VPCCIDR" VpcId: Fn::ImportValue: !Sub "${VPCstack}:VPCId" UnicornStoreRDS: Type: "AWS::RDS::DBInstance" Properties: AllocatedStorage: 20 DBInstanceClass: db.t2.medium Port: 1433 PubliclyAccessible: 'true' StorageType: gp2 MasterUsername: !Ref UnicornStoreDBUsername MasterUserPassword: !Ref UnicornStoreDBPassword Engine: sqlserver-web EngineVersion: 14.00.3035.2.v1 LicenseModel: license-included MultiAZ: false DBSubnetGroupName: !Ref UnicornStoreSubnetGroup VPCSecurityGroups: - Fn::GetAtt: - UnicornStoreRDSSecurityGroup - GroupId Tags: - Key: "Name" Value: "UnicornStoreDB" UnicornStoreSubnetGroup: Type: "AWS::RDS::DBSubnetGroup" Properties: DBSubnetGroupDescription: UnicornStore-SubnetGroup SubnetIds: - Fn::ImportValue: !Sub "${VPCstack}:PublicSubnet1" - Fn::ImportValue: !Sub "${VPCstack}:PublicSubnet2" UnicornStoreDBSecret: Type: "AWS::SecretsManager::Secret" Properties: Name: UNICORNSTORE_DBSECRET Description: UnicornStoreDB RDS Secret SecretString: !Join - '' - - '{"username":' - !Sub '"${UnicornStoreDBUsername}",' - '"password":' - !Sub '"${UnicornStoreDBPassword}",' - '"engine":' - '"sqlserver",' - '"host":' - !Sub '"${UnicornStoreRDS.Endpoint.Address}",' - '"port":' - !Sub "${UnicornStoreRDS.Endpoint.Port}," - '"dbInstanceIdentifier":' - !Sub '"${UnicornStoreRDS}"' - '}' DefaultAdminPasswordSecret: Type: "AWS::SecretsManager::Secret" Properties: Name: DefaultAdminPassword Description: UnicornStore DefaultAdminPassword SecretString: Secret1* DefaultAdminUsernameSecret: Type: "AWS::SecretsManager::Secret" Properties: Name: DefaultAdminUsername Description: UnicornStore DefaultAdminUsername SecretString: Administrator@test.com Outputs: DBSecret: Description: UnicornStoreDB Secret Value: Ref: UnicornStoreDBSecret Export: Name: UnicornStoreServices:DBSecret AdminPasswordSecret: Description: DefaultAdminPasswordSecret Value: Ref: DefaultAdminPasswordSecret Export: Name: UnicornStoreServices:AdminPasswordSecret AdminUsernameSecret: Description: DefaultAdminUsernameSecret Value: Ref: DefaultAdminUsernameSecret Export: Name: UnicornStoreServices:AdminUsernameSecret CodeRepoURL: Description: URL for code commit repo Value: !GetAtt UnicornRepo.CloneUrlHttp Export: Name: UnicornStoreServices:CodeRepoURL