---
AWSTemplateFormatVersion: 2010-09-09

Description: Reference Architecture to host WordPress on AWS - Creates RDS Aurora database cluster

Metadata:

  Authors:
    Description: Darryl Osborne (darrylo@amazon.com)
  License:
    Description: 'Copyright 2018 Amazon.com, Inc. and its affiliates. All Rights Reserved.
                  SPDX-License-Identifier: MIT-0'
  
  AWS::CloudFormation::Interface:
    ParameterGroups:
    - Label:
        default: Database Parameters
      Parameters:
        - DatabaseInstanceType
        - DatabaseMasterUsername
        - DatabaseMasterPassword
        - DatabaseName
        - DatabaseEncrpytedBoolean
        - DatabaseCmk
        - DatabaseSecurityGroup
        - NumberOfSubnets
        - Subnet
    ParameterLabels:
      DatabaseEncrpytedBoolean:
        default: Encrypted DB Cluster
      DatabaseCmk:
        default: AWS KMS Customer Master Key (CMK) to encrypt DB 
      DatabaseInstanceType:
        default: DB Instance Class 
      DatabaseMasterUsername:
        default: DB Master Username
      DatabaseMasterPassword:
        default: DB Master Password
      DatabaseName:
        default: DB Name
      DatabaseSecurityGroup:
        default: DB Security Group
      NumberOfSubnets:
        default: Number of subnets
      Subnet:
        default: Subnets

Parameters:

  DatabaseEncrpytedBoolean:
    AllowedValues:
      - true
      - false
    Default: True
    Description: Indicates whether the DB instances in the cluster are encrypted.
    Type: String
  DatabaseCmk:
    Description: AWS KMS Customer Master Key (CMK) to encrypt database cluster
    Type: String
  DatabaseInstanceType:
    AllowedValues:
      - db.t3.small
      - db.t3.medium
      - db.m5d.large
      - db.r5.large
      - db.r5.xlarge
      - db.r5.2xlarge
      - db.r5.4xlarge
      - db.r5.8xlarge
      - db.r5.12large
      - db.r5.16xlarge
      - db.r5.24xlarge
    ConstraintDescription: Must be a valid RDS instance class.
    Default: db.t3.medium
    Description: The Amazon RDS database instance class.
    Type: String
  DatabaseMasterUsername:
    AllowedPattern: ^([a-zA-Z0-9]*)$
    Description: The Amazon RDS master username.
    ConstraintDescription: Must contain only alphanumeric characters (minimum 8; maximum 16).
    MaxLength: 16
    MinLength: 8
    Type: String
  DatabaseMasterPassword:
    AllowedPattern: ^([a-z0-9A-Z`~!#$%^&*()_+,\\-])*$
    ConstraintDescription: Must be letters (upper or lower), numbers, and these special characters '_'`~!#$%^&*()_+,-    
    Description: The Amazon RDS master password.
    MaxLength: 41
    MinLength: 8
    NoEcho: true
    Type: String
  DatabaseName:
    AllowedPattern: ^([a-zA-Z0-9]*)$
    Description: The Amazon RDS master database name.
    Type: String
  DatabaseSecurityGroup:
    Description: Select the database security group.
    Type: AWS::EC2::SecurityGroup::Id
  NumberOfSubnets:
    AllowedValues:
    - 2
    - 3
    - 4
    - 5
    - 6
    Default: 3
    Description: Number of subnets. This must match your selections in the list of subnets below.
    Type: String 
  Subnet:
    Description: Select existing subnets. The number selected must match the number of subnets above. Subnets selected must be in separate AZs.
    Type: List<AWS::EC2::Subnet::Id>

Conditions:

  NumberOfSubnets1:
      !Equals [ 1, !Ref NumberOfSubnets ]
  NumberOfSubnets2:
      !Equals [ 2, !Ref NumberOfSubnets ]
  NumberOfSubnets3:
      !Equals [ 3, !Ref NumberOfSubnets ]
  NumberOfSubnets4:
      !Equals [ 4, !Ref NumberOfSubnets ]
  NumberOfSubnets5:
      !Equals [ 5, !Ref NumberOfSubnets ]
  NumberOfSubnets6:
      !Equals [ 6, !Ref NumberOfSubnets ]
  Subnet0: !Or
    - !Condition NumberOfSubnets1
    - !Condition NumberOfSubnets2
    - !Condition NumberOfSubnets3
    - !Condition NumberOfSubnets4
    - !Condition NumberOfSubnets5
    - !Condition NumberOfSubnets6
  Subnet1: !Or
    - !Condition NumberOfSubnets2
    - !Condition NumberOfSubnets3
    - !Condition NumberOfSubnets4
    - !Condition NumberOfSubnets5
    - !Condition NumberOfSubnets6
  Subnet2: !Or
    - !Condition NumberOfSubnets3
    - !Condition NumberOfSubnets4
    - !Condition NumberOfSubnets5
    - !Condition NumberOfSubnets6
  Subnet3: !Or
    - !Condition NumberOfSubnets4
    - !Condition NumberOfSubnets5
    - !Condition NumberOfSubnets6
  Subnet4: !Or
    - !Condition NumberOfSubnets5
    - !Condition NumberOfSubnets6
  Subnet5: !Condition NumberOfSubnets6
  UseAWS-ManagedCMK:
    !Equals ['', !Ref DatabaseCmk]

Resources:

  DatabaseCluster:
    Type: AWS::RDS::DBCluster
    Properties:
      BackupRetentionPeriod: 30
      DatabaseName: !Ref DatabaseName
      DBSubnetGroupName: !Ref DataSubnetGroup
      Engine: aurora
      KmsKeyId:
        !If [ UseAWS-ManagedCMK, !Ref 'AWS::NoValue', !Ref DatabaseCmk ]
      MasterUsername: !Ref DatabaseMasterUsername
      MasterUserPassword: !Ref DatabaseMasterPassword
      Port: 3306
      StorageEncrypted: !Ref DatabaseEncrpytedBoolean
      Tags:
        - Key: Name
          Value: !Join [ '', [ 'WordPress / ', !Ref 'AWS::StackName' ] ]
      VpcSecurityGroupIds:
      - !Ref DatabaseSecurityGroup
  DatabaseInstance0:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Delete
    Properties:
      AllowMajorVersionUpgrade: false
      AutoMinorVersionUpgrade: true
      DBClusterIdentifier: !Ref DatabaseCluster
      DBInstanceClass: !Ref DatabaseInstanceType
      DBSubnetGroupName: !Ref DataSubnetGroup
      Engine: aurora
      Tags:
        - Key: Name
          Value: !Join [ '', [ 'WordPress / ', !Ref 'AWS::StackName' ] ]
  DatabaseInstance1:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Delete
    Properties:
      AllowMajorVersionUpgrade: false
      AutoMinorVersionUpgrade: true
      DBClusterIdentifier: !Ref DatabaseCluster
      DBInstanceClass: !Ref DatabaseInstanceType
      DBSubnetGroupName: !Ref DataSubnetGroup
      Engine: aurora
      Tags:
        - Key: Name
          Value: !Join [ '', [ 'WordPress / ', !Ref 'AWS::StackName' ] ]
  DataSubnetGroup:
    Type: AWS::RDS::DBSubnetGroup
    Properties:
      DBSubnetGroupDescription: RDS Database Subnet Group for WordPress
      SubnetIds:
        !If
          [ NumberOfSubnets1,
          [ !Select [ 0, !Ref Subnet ] ],
          !If
            [ NumberOfSubnets2,
            [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ] ],
            !If
              [ NumberOfSubnets3,
              [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ], !Select [ 2, !Ref Subnet ] ],
              !If
                [ NumberOfSubnets4,
                [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ], !Select [ 2, !Ref Subnet ], !Select [ 3, !Ref Subnet ] ],
                !If
                  [ NumberOfSubnets5,
                  [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ], !Select [ 2, !Ref Subnet ], !Select [ 3, !Ref Subnet ], !Select [ 4, !Ref Subnet ] ],
                  [ !Select [ 0, !Ref Subnet ], !Select [ 1, !Ref Subnet ], !Select [ 2, !Ref Subnet ], !Select [ 3, !Ref Subnet ], !Select [ 4, !Ref Subnet ], !Select [ 5, !Ref Subnet ] ]
                  ]
                ]
              ]
            ]
          ]
      Tags:
        - Key: Name
          Value: !Join [ '', [ 'WordPress / ', !Ref 'AWS::StackName' ] ]

Outputs:
  DatabaseCluster:
    Value: !Ref DatabaseCluster
  DatabaseName:
    Value: !Ref DatabaseName
  DatabaseInstance0:
    Value: !Ref DatabaseInstance0
  DatabaseInstance1:
    Value: !Ref DatabaseInstance1
  DataSubnetGroup:
    Value: !Ref DataSubnetGroup
  DatabaseClusterEndpointAddress:
    Value: !GetAtt DatabaseCluster.Endpoint.Address