From 03f2c129b425e487d29e67f8a540310b84246ced Mon Sep 17 00:00:00 2001 From: Sean Shriver Date: Fri, 15 Nov 2024 16:08:12 -0600 Subject: [PATCH] Setup env for LSQL (#122) * Setup env for LSQL * Adding C9 template too --- design-patterns/cloudformation/C9.yaml | 97 +++++++++++++++++++- design-patterns/cloudformation/UserDataC9.sh | 9 +- 2 files changed, 103 insertions(+), 3 deletions(-) diff --git a/design-patterns/cloudformation/C9.yaml b/design-patterns/cloudformation/C9.yaml index 08a94693..bee6b401 100644 --- a/design-patterns/cloudformation/C9.yaml +++ b/design-patterns/cloudformation/C9.yaml @@ -37,6 +37,17 @@ Parameters: Type: String Description: Location of LADV code ZIP Default: https://amazon-dynamodb-labs.com/assets/workshop.zip + DBLatestAmiId: + Type: 'AWS::SSM::Parameter::Value' + Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2' + DbMasterUsername: + Description: The datbase master user name + Type: String + Default: dbuser + DbMasterPassword: + Description: The database master password + Type: String + Default: m7de4uwt2eG# Metadata: AWS::CloudFormation::Interface: @@ -658,7 +669,7 @@ Resources: " if [[ \"$RESULT\" -ne 0 ]]; then", " sleep_delay", " else", - " /bin/bash /tmp/dynamodbworkshop.sh ${SUB_VERSION} ${AWS::AccountId} ${AWS::Region} \"${WorkshopZIP}\" \"${SUB_REPL_ROLE}\" &&", + " /bin/bash /tmp/dynamodbworkshop.sh ${SUB_VERSION} ${AWS::AccountId} ${AWS::Region} \"${WorkshopZIP}\" \"${SUB_REPL_ROLE}\" \"${SUB_DB_USER}\" \"${SUB_DB_PASSWORD}\" &&", " exit 0", " fi", "done" @@ -672,6 +683,8 @@ Resources: SUB_USERDATA_URL: !FindInMap [DesignPatterns, options, UserDataURL], SUB_VERSION: !FindInMap [DesignPatterns, options, version], SUB_REPL_ROLE: !GetAtt ['DDBReplicationRole', 'Arn'], + SUB_DB_USER: !Ref 'DbMasterUsername', + SUB_DB_PASSWORD: !Ref 'DbMasterPassword', } Cloud9BootstrapAssociation: Type: AWS::SSM::Association @@ -716,6 +729,83 @@ Resources: Value: Active - Key: Environment Value: !Ref EnvironmentName + ############ RELATIONAL MIGRATION STAGING BUCKET ######### + MigrationS3Bucket: + Type: AWS::S3::Bucket + ###### RELATIONAL MIGRATION MYSQL EC2 PUBLIC INSTANCE ###### + DbSecurityGroup: + Type: AWS::EC2::SecurityGroup + Properties: + GroupDescription: MySQL security group + SecurityGroupIngress: + - CidrIp: 172.31.0.0/16 + IpProtocol: tcp + FromPort: 3306 + ToPort: 3306 + Tags: + - Key: Name + Value: MySQL-SecurityGroup + DBInstanceProfile: + Type: AWS::IAM::InstanceProfile + Properties: + InstanceProfileName: DBInstanceProfile + Path: / + Roles: + - !Ref DBInstanceRole + DBInstanceRole: + Type: AWS::IAM::Role + Properties: + RoleName: DBInstanceRole + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - + Effect: Allow + Principal: + Service: + - ec2.amazonaws.com + Action: + - sts:AssumeRole + Path: / + ManagedPolicyArns: + - arn:aws:iam::aws:policy/AmazonS3FullAccess + - arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore + DbInstance: + Type: AWS::EC2::Instance + Properties: + ImageId: !Ref DBLatestAmiId + InstanceType: !GetAtt Cloud9FindTheInstanceTypeLambda.InstanceType + SecurityGroupIds: + - !GetAtt DbSecurityGroup.GroupId + SubnetId: !GetAtt Cloud9FindTheInstanceTypeLambda.SubnetId + IamInstanceProfile: !Ref DBInstanceProfile + BlockDeviceMappings: + - DeviceName: /dev/xvda + Ebs: + VolumeType: gp2 + VolumeSize: 50 + DeleteOnTermination: True + Encrypted: True + UserData: + Fn::Base64: !Sub | + #!/bin/bash -ex + sudo su + rpm --import https://repo.mysql.com/RPM-GPG-KEY-mysql-2023 + rpm -Uvh https://repo.mysql.com/mysql80-community-release-el7-3.noarch.rpm + yum install -y mysql-community-server + systemctl enable mysqld + systemctl start mysqld + export DbMasterPassword=${DbMasterPassword} + export DbMasterUsername=${DbMasterUsername} + mysql -u root "-p$(grep -oP '(?<=root@localhost\: )\S+' /var/log/mysqld.log)" -e "ALTER USER 'root'@'localhost' IDENTIFIED BY '${DbMasterPassword}'" --connect-expired-password + mysql -u root "-p${DbMasterPassword}" -e "CREATE USER '${DbMasterUsername}' IDENTIFIED BY '${DbMasterPassword}'" + mysql -u root "-p${DbMasterPassword}" -e "GRANT ALL PRIVILEGES ON *.* TO '${DbMasterUsername}'" + mysql -u root "-p${DbMasterPassword}" -e "FLUSH PRIVILEGES" + mysql -u root "-p${DbMasterPassword}" -e "CREATE DATABASE app_db;" + Tags: + - Key: Name + Value: MySQL-Instance + ################## OUTPUTS ##################### Outputs: @@ -732,6 +822,11 @@ Outputs: Value: !Ref Cloud9LogBucket Export: Name: Cloud9LogBucket + MigrationS3BucketName: + Description: S3 Bucket Name + Value: !Ref MigrationS3Bucket + Export: + Name: MigrationS3Bucket Cloud9RoleArn: Description: Role Arn Value: !GetAtt Cloud9Role.Arn diff --git a/design-patterns/cloudformation/UserDataC9.sh b/design-patterns/cloudformation/UserDataC9.sh index a915c001..a260210d 100644 --- a/design-patterns/cloudformation/UserDataC9.sh +++ b/design-patterns/cloudformation/UserDataC9.sh @@ -6,6 +6,8 @@ AWS_ACCOUNT_ID=$2 AWS_REGION=$3 WorkshopZIP="$4" # ${WorkshopZIP}" DDB_REPLICATION_ROLE="$5" #!Sub echo ${DDBReplicationRole.Arn} +DB_USER="$6" +DB_PASSWORD="$7" function log { @@ -52,12 +54,15 @@ output = json EOF #chmod 600 /home/ubuntu/.aws/config cat >> /home/ubuntu/.bashrc <> /home/ubuntu/.bashrc +PATH=$PATH:/usr/local/bin +export PATH >> /home/ubuntu/.bashrc EOF cat >> /home/ubuntu/.bash_profile < /dev/null rm -vf ${HOME}/.aws/credentials &> /dev/null EOF