--- AWSTemplateFormatVersion: 2010-09-09 Description: Reference Architecture to host Moodle on AWS - Creates RDS Aurora Serverless v2 MySQL or PostgreSQL database Metadata: AWS::CloudFormation::Interface: ParameterGroups: - Label: default: Database Parameters Parameters: - DatabaseType - DatabaseMinCapacity - DatabaseMaxCapacity - DatabaseName - DatabaseEncryptedBoolean - DatabaseCmk - DatabaseSecurityGroup - NumberOfSubnets - Subnet ParameterLabels: DatabaseType: default: Aurora database type DatabaseMinCapacity: default: Minimum capacity for database DatabaseMaxCapacity: default: Maximum capacity for database DatabaseEncryptedBoolean: default: Encrypted DB Cluster DatabaseCmk: default: AWS KMS Customer Master Key (CMK) to encrypt DB DatabaseName: default: DB Name DatabaseSecurityGroup: default: DB Security Group NumberOfSubnets: default: Number of subnets Subnet: default: Subnets Parameters: DatabaseType: AllowedValues: - MySQL - PostgreSQL Default: PostgreSQL Description: Indicates whether to use Aurora MySQL or PostgreSQL. Type: String DatabaseEncryptedBoolean: AllowedValues: - true - false Default: True Description: Indicates whether the DB instances in the cluster are encrypted. Type: String DatabaseCmk: Description: AWS KMS Customer Master Key (CMK) to encrypt database cluster Type: String RDSInstanceSecretArn: Type: String DatabaseName: AllowedPattern: ^([a-zA-Z0-9]*)$ Description: Amazon Aurora RDS master database name Type: String DatabaseSecurityGroup: Description: Database security group Type: AWS::EC2::SecurityGroup::Id NumberOfSubnets: AllowedValues: - 1 - 2 - 3 Default: 2 Description: Number of subnets. This must match your selections in the list of subnets below. Type: String Subnet: Description: Select existing subnets. The number selected must match the number of subnets above. Subnets selected must be in separate AZs. Type: List ProjectName: AllowedPattern: ^([a-zA-Z0-9]*)$ Default: App Description: Moodle Project Name Type: String DatabaseMinCapacity: AllowedValues: - 0.5 - 1 - 2 - 4 - 5 - 16 - 32 - 64 - 128 Default: 0.5 Description: The minimum capacity for an Aurora DB cluster, starts with 0.5 and maximum up to 1 Type: String DatabaseMaxCapacity: AllowedValues: - 0.5 - 1 - 2 - 4 - 5 - 16 - 32 - 64 - 128 Default: 64 Description: The maximum capacity for an Aurora DB cluster, starts with 0.5 and maximum up to 1 Type: String Conditions: UseMySQL: !Equals [!Ref DatabaseType, MySQL] UsePostgreSQL: !Equals [!Ref DatabaseType, PostgreSQL] NumberOfSubnets1: !Equals [ 1, !Ref NumberOfSubnets ] NumberOfSubnets2: !Equals [ 2, !Ref NumberOfSubnets ] NumberOfSubnets3: !Equals [ 3, !Ref NumberOfSubnets ] Subnet0: !Or - !Condition NumberOfSubnets1 - !Condition NumberOfSubnets2 - !Condition NumberOfSubnets3 Subnet1: !Or - !Condition NumberOfSubnets2 - !Condition NumberOfSubnets3 Subnet2: !Condition NumberOfSubnets3 UseAWS-ManagedCMK: !Equals ['', !Ref DatabaseCmk] Resources: DatabaseCluster: Type: AWS::RDS::DBCluster Properties: BackupRetentionPeriod: 30 DatabaseName: !Ref DatabaseName DBSubnetGroupName: !Ref DataSubnetGroup Engine: !If [ UsePostgreSQL, aurora-postgresql, aurora-mysql ] DBClusterParameterGroupName: !If [ UsePostgreSQL, default.aurora-postgresql13, default.aurora-mysql8.0 ] EngineVersion: !If [ UsePostgreSQL, '13.8', '8.0.mysql_aurora.3.02.1' ] KmsKeyId: !If [ UseAWS-ManagedCMK, !Ref 'AWS::NoValue', !Ref DatabaseCmk ] MasterUsername: !Join ['', ['{{resolve:secretsmanager:', !Ref RDSInstanceSecretArn, ':SecretString:username}}' ]] MasterUserPassword: !Join ['', ['{{resolve:secretsmanager:', !Ref RDSInstanceSecretArn, ':SecretString:password}}' ]] Port: !If [ UsePostgreSQL, 5432, 3306 ] StorageEncrypted: !Ref DatabaseEncryptedBoolean Tags: - Key: Name Value: !Join [ '', [ 'Moodle / ', !Ref 'AWS::StackName' ] ] VpcSecurityGroupIds: - !Ref DatabaseSecurityGroup ServerlessV2ScalingConfiguration: MinCapacity: !Ref DatabaseMinCapacity MaxCapacity: !Ref DatabaseMaxCapacity DatabaseInstance0: Type: AWS::RDS::DBInstance DeletionPolicy: Delete Properties: AllowMajorVersionUpgrade: false AutoMinorVersionUpgrade: true DBClusterIdentifier: !Ref DatabaseCluster DBInstanceClass: 'db.serverless' DBSubnetGroupName: !Ref DataSubnetGroup Engine: !If [ UsePostgreSQL, aurora-postgresql, aurora-mysql ] Tags: - Key: Name Value: !Join [ '', [ 'Moodle / ', !Ref 'AWS::StackName' ] ] DataSubnetGroup: Type: AWS::RDS::DBSubnetGroup Properties: DBSubnetGroupDescription: RDS Database Subnet Group for Moodle SubnetIds: !If [ NumberOfSubnets1, [ !Select [ 0, !Ref Subnet ] ], !If [ NumberOfSubnets2, [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ] ], [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ], !Select [ 2, !Ref Subnet ] ] ] ] Tags: - Key: Name Value: !Join [ '', [ 'Moodle / ', !Ref 'AWS::StackName' ] ] DatabaseClusterParam: Type: AWS::SSM::Parameter Properties: Name: !Join [ '', [ '/Moodle/',!Ref ProjectName, '/DB/ClusterEndpoint' ] ] Type: String Value: !GetAtt DatabaseCluster.Endpoint.Address Description: SSM Parameter for Moodle DB Cluster DatabaseClusterReadOnlyParam: Type: AWS::SSM::Parameter Properties: Name: !Join [ '', [ '/Moodle/',!Ref ProjectName, '/DB/ClusterReadOnlyEndpoint' ] ] Type: String # Aurora Serverless v1 does not support Read-only replicas Value: !GetAtt DatabaseCluster.Endpoint.Address Description: SSM Parameter for Moodle DB Cluster Read only DatabaseNameParam: Type: AWS::SSM::Parameter Properties: Name: !Join [ '', [ '/Moodle/',!Ref ProjectName, '/DB/Name' ] ] Type: String Value: !Ref DatabaseName Description: SSM Parameter for Moodle DB Name DatabaseTypeParam: Type: AWS::SSM::Parameter Properties: Name: !Join [ '', [ '/Moodle/',!Ref ProjectName, '/DB/Type' ] ] Type: String Value: !Ref DatabaseType Description: SSM Parameter for Moodle DB Type Outputs: Database: Value: !Ref DatabaseCluster DatabaseName: Value: !Ref DatabaseName DataSubnetGroup: Value: !Ref DataSubnetGroup DatabaseClusterEndpointAddress: Value: !GetAtt DatabaseCluster.Endpoint.Address DatabaseClusterEndpointPort: Value: !GetAtt DatabaseCluster.Endpoint.Port DatabaseClusterReadEndpointAddress: Value: !GetAtt DatabaseCluster.ReadEndpoint.Address