--- AWSTemplateFormatVersion: '2010-09-09' Description: > This Cloudformation Template deploys the Shared Storage for the application infrastructure. Disclaimer: Not for production use. Demo and testing purposes only. Author: David Surey Parameters: BBBSharedStorageSecurityGroup: Type: String Description: Security Group that should be assigned to the shared storage BBBPrivateApplicationSubnets: Type: CommaDelimitedList Description: Comma separated list of the private instance subnets BBBNumberOfAZs: Description: Amount of Availability Zones to utilize Type: Number AllowedValues: - 1 - 2 - 3 Default: 3 Conditions: BBBBuild2AZs: !Not [ !Equals [ !Ref BBBNumberOfAZs, 1 ]] BBBBuild3AZs: !Equals [ !Ref BBBNumberOfAZs, 3 ] Resources: BBBSharedStorageFS: Type: AWS::EFS::FileSystem Properties: Encrypted: true FileSystemPolicy: Version: "2012-10-17" Statement: - Effect: "Allow" Action: - "elasticfilesystem:ClientMount" - "elasticfilesystem:ClientWrite" Principal: AWS: "*" Condition: StringLike: aws:PrincipalTag/Name: "*BBBFrontendApplicationStack*" - Effect: "Allow" Action: - "elasticfilesystem:ClientMount" - "elasticfilesystem:ClientWrite" Principal: AWS: "*" Condition: StringLike: aws:PrincipalTag/Name: "*BBBApplicationStack*" BBBSharedStorageMountTarget1: Type: AWS::EFS::MountTarget Properties: FileSystemId: Ref: BBBSharedStorageFS SubnetId: !Select [0, !Ref BBBPrivateApplicationSubnets] SecurityGroups: - !Ref BBBSharedStorageSecurityGroup BBBSharedStorageMountTarget2: Type: AWS::EFS::MountTarget Condition: BBBBuild2AZs Properties: FileSystemId: Ref: BBBSharedStorageFS SubnetId: !Select [1, !Ref BBBPrivateApplicationSubnets] SecurityGroups: - !Ref BBBSharedStorageSecurityGroup BBBSharedStorageMountTarget3: Type: AWS::EFS::MountTarget Condition: BBBBuild3AZs Properties: FileSystemId: Ref: BBBSharedStorageFS SubnetId: !Select [2, !Ref BBBPrivateApplicationSubnets] SecurityGroups: - !Ref BBBSharedStorageSecurityGroup BBBSharedStorageAPspool: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref BBBSharedStorageFS PosixUser: Uid: "1000" Gid: "2000" RootDirectory: CreationInfo: OwnerGid: "1000" OwnerUid: "2000" Permissions: "0777" Path: "/spool" BBBSharedStorageAPpublished: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref BBBSharedStorageFS PosixUser: Uid: "1000" Gid: "2000" RootDirectory: CreationInfo: OwnerGid: "1000" OwnerUid: "2000" Permissions: "0777" Path: "/published" BBBSharedStorageAPunpublished: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref BBBSharedStorageFS PosixUser: Uid: "1000" Gid: "2000" RootDirectory: CreationInfo: OwnerGid: "1000" OwnerUid: "2000" Permissions: "0777" Path: "/unpublished" BBBSharedStorageAPrecordings: Type: 'AWS::EFS::AccessPoint' Properties: FileSystemId: !Ref BBBSharedStorageFS PosixUser: Uid: "1000" Gid: "2000" RootDirectory: CreationInfo: OwnerGid: "1000" OwnerUid: "2000" Permissions: "0777" Path: "/recordings" Outputs: BBBSharedStorageFS: Value: !Ref BBBSharedStorageFS Description: Reference to the created Amazon EFS Volume BBBSharedStorageAPspool: Value: !Ref BBBSharedStorageAPspool Description: Reference to the created Amazon EFS Access Point BBBSharedStorageAPpublished: Value: !Ref BBBSharedStorageAPpublished Description: Reference to the created Amazon EFS Access Point BBBSharedStorageAPunpublished: Value: !Ref BBBSharedStorageAPunpublished Description: Reference to the created Amazon EFS Access Point BBBSharedStorageAPrecordings: Value: !Ref BBBSharedStorageAPrecordings Description: Reference to the created Amazon EFS Access Point