Scribd
Upload
3 views3 pages

New Text Document

This AWS CloudFormation template defines a scalable web application architecture with secure storage and logging. It includes resources such as a VPC, public and private subnets, an S3 bucket, a DynamoDB table, an RDS instance, and a Lambda function. Additionally, it sets up logging with AWS CloudTrail and defines necessary security groups and IAM roles for the Lambda function.

Uploaded by

adityakapse230
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
3 views3 pages

New Text Document

This AWS CloudFormation template defines a scalable web application architecture with secure storage and logging. It includes resources such as a VPC, public and private subnets, an S3 bucket, a DynamoDB table, an RDS instance, and a Lambda function. Additionally, it sets up logging with AWS CloudTrail and defines necessary security groups and IAM roles for the Lambda function.

Uploaded by

adityakapse230
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

AWSTemplateFormatVersion: '2010-09-09'

Description: Scalable Web App with Secure Storage and Logging

Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16

PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Select [0, !GetAZs '']

PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.2.0/24
AvailabilityZone: !Select [0, !GetAZs '']

InternetGateway:
Type: AWS::EC2::InternetGateway

VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref InternetGateway

RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref MyVPC

Route:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref RouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway

SubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet1
RouteTableId: !Ref RouteTable

MyS3Bucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: Private
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256

MyDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: WebAppData
AttributeDefinitions:
- AttributeName: id
AttributeType: S
KeySchema:
- AttributeName: id
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5

RDSInstance:
Type: AWS::RDS::DBInstance
Properties:
AllocatedStorage: 20
DBInstanceClass: db.t3.micro
Engine: mysql
MasterUsername: admin
MasterUserPassword: ChangeMe123!
VPCSecurityGroups:
- !GetAtt RDSInstanceSecurityGroup.GroupId
DBSubnetGroupName: !Ref RDSSubnetGroup

RDSSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupDescription: RDS Subnet Group
SubnetIds:
- !Ref PrivateSubnet1

RDSInstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: RDS Security Group
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
CidrIp: 10.0.1.0/24

CloudTrailLogs:
Type: AWS::CloudTrail::Trail
Properties:
S3BucketName: !Ref MyS3Bucket
IsLogging: true
IncludeGlobalServiceEvents: true

WebAppLambda:
Type: AWS::Lambda::Function
Properties:
Handler: index.handler
Role: !GetAtt LambdaExecutionRole.Arn
Runtime: nodejs18.x
Code:
ZipFile: |
exports.handler = async (event) => {
return {
statusCode: 200,
body: JSON.stringify({message: "Hello from Lambda!"})
};
}

LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

Outputs:
S3BucketName:
Value: !Ref MyS3Bucket
DynamoDBTableName:
Value: !Ref MyDynamoDBTable
RDSInstanceEndpoint:
Value: !GetAtt RDSInstance.Endpoint.Address

You might also like