Skip to content

Latest commit

 

History

History
206 lines (192 loc) · 6.72 KB

README.md

File metadata and controls

206 lines (192 loc) · 6.72 KB

cfn-modules: RDS PostgreSQL

RDS PostgreSQL database with secure firewall configuration, encryption, multi AZ, backup enabled, and alerting.

Install

Install Node.js and npm first!

npm i @cfn-modules/rds-postgres

Usage

---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'cfn-modules example'
Resources:
  Database:
    Type: 'AWS::CloudFormation::Stack'
    Properties:
      Parameters:
        VpcModule: !GetAtt 'Vpc.Outputs.StackName' # required
        ClientSgModule: !GetAtt 'ClientSg.Outputs.StackName' # required
        AlertingModule: '' # optional
        HostedZoneModule: '' # optional
        BastionModule: '' # optional
        KmsKeyModule: '' # optional
        SecretModule: '' # optional
        DBSnapshotIdentifier: '' # optional
        DBAllocatedStorage: '5' # optional
        DBInstanceClass: 'db.t4g.micro' # optional
        DBName: '' # optional
        DBBackupRetentionPeriod: '30' # optional
        DBMasterUsername: 'master' # optional
        DBMasterUserPassword: '' # required if neither DBSnapshotIdentifier nor SecretModule is set
        DBMultiAZ: 'true' # optional
        SubDomainNameWithDot: 'postgres.' # optional
        # Set this to the version of PostgreSQL you want to use.
        # You can run the following command to get the list of PostgreSQL versions supported by AWS RDS:
        # aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion"
        EngineVersion: '14.12'
        EnableIAMDatabaseAuthentication: 'false' # optional
      TemplateURL: './node_modules/@cfn-modules/rds-postgres/module.yml'

Examples

Related modules

Parameters

Name Description Default Required? Allowed values
VpcModule Stack name of vpc module yes
ClientSgModule Stack name of client-sg module where traffic is allowed from on port 5432 to the database yes
AlertingModule Stack name of alerting module no
HostedZoneModule Stack name of module implementing HostedZone no
BastionModule Stack name of module implementing Bastion no
KmsKeyModule Stack name of kms-key module no
SecretModule Stack name of secret module no
DBSnapshotIdentifier Name or Amazon Resource Name (ARN) of the DB snapshot from which you want to restore (leave blank to create an empty database) no
DBAllocatedStorage The allocated storage size, specified in GB (ignored when DBSnapshotIdentifier is set, value used from snapshot) 5 no [5-16384]
DBInstanceClass The instance type of the database db.t4g.micro no
DBName Name of the database (ignored when DBSnapshotIdentifier is set, value used from snapshot) auto generated value no
DBBackupRetentionPeriod The number of days to keep snapshots of the database 35 no [0-35]
DBMasterUsername The master user name for the DB instance (ignored when DBSnapshotIdentifier is set, value used from snapshot) master no
DBMasterUserPassword The master password for the DB instance (ignored when DBSnapshotIdentifier is set, value used from snapshot; also ignored if SecretModule is set). yes (no if DBSnapshotIdentifier is set)
DBMultiAZ Specifies if the database instance is deployed to multiple Availability Zones for HA true no [true, false]
SubDomainNameWithDot Name that is used to create the DNS entry with trailing dot, e.g. §{SubDomainNameWithDot}§{HostedZoneName}. Leave blank for naked (or apex and bare) domain. Requires HostedZoneModule parameter! test. no
EngineVersion The PostgreSQL version. yes Set this to the version of PostgreSQL you want to use. You can run the following command to get the list of PostgreSQL versions supported by AWS RDS:
aws rds describe-db-engine-versions --engine postgres --query "DBEngineVersions[].EngineVersion"
EnableIAMDatabaseAuthentication Enable mapping of AWS Identity and Access Management (IAM) accounts to database accounts). false no [true, false]

Limitations

  • Scalable: RDS instances capacity (CPU, RAM, network, ...) is limited by design
  • Monitoring: Network In+Out is not monitored according to capacity of instance type