Added lab for dynamic references (#146)

* Dynamic References * Updated Introduction Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update code/workspace/dynamic-references/lambda_memory_size.yaml Co-authored-by: Matteo Rinaudo <[email protected]> * Update code/solutions/dynamic-references/lambda_memory_size.yaml Co-authored-by: Matteo Rinaudo <[email protected]> * Update code/workspace/dynamic-references/lambda_function.yaml Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Apply suggestions from code review Co-authored-by: Matteo Rinaudo <[email protected]> * Addressing other modification requests from matteo * Update code/workspace/dynamic-references/database.yaml Co-authored-by: Matteo Rinaudo <[email protected]> * Added REGION flags to CLI commands * Added "$" to Shell Commands Co-authored-by: Matteo Rinaudo <[email protected]> * Update workshop/content/intermediate/templates/dynamic-references/_index.md Co-authored-by: Matteo Rinaudo <[email protected]> * Fixed CLI Command Alignment * Apply suggestions from code review Co-authored-by: Matteo Rinaudo <[email protected]> * Apply suggestions from code review Co-authored-by: Matteo Rinaudo <[email protected]> * Apply suggestions from code review Co-authored-by: Matteo Rinaudo <[email protected]> * CLI Command Spacing Updates from @rezabekf Co-authored-by: Franco Rezabek <[email protected]> * Added Completed Templates to Solutions Folder * Added Completed Templates to Solutions Folder * Added Completed Templates to Solutions Folder * Code cleanup Fix formatting errors Fix typos Update markdown structure Add database template to code/solutions * Updated AWS::RDS::DBInstance to be CFN NAG compliant Co-authored-by: Matteo Rinaudo <[email protected]> Co-authored-by: Franco Rezabek <[email protected]> Co-authored-by: Franco Rezabek <[email protected]>
aws-samples · Feb 14, 2022 · df9335e · df9335e
1 parent c409862
commit df9335e
Show file tree

Hide file tree

Showing 11 changed files with 489 additions and 0 deletions.
diff --git a/code/solutions/dynamic-references/database.yaml b/code/solutions/dynamic-references/database.yaml
@@ -0,0 +1,52 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: AWS CloudFormation workshop - Dynamic references - Database template (uksb-1q9p31idr)
+
+Parameters:
+  DBUsername:
+    Description: Username for Database Access
+    Type: String
+    NoEcho: "true"
+    MinLength: "1"
+    MaxLength: "16"
+    AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
+    ConstraintDescription: must begin with a letter and contain only alphanumeric characters.
+
+  DBPassword:
+    Description: Password for MySQL database access
+    Type: String
+    NoEcho: "true"
+    MinLength: "8"
+    MaxLength: "41"
+    AllowedPattern: '[a-zA-Z0-9]*'
+    ConstraintDescription: must contain only alphanumeric characters.
+
+Resources:
+  Database:
+    Type: AWS::RDS::DBInstance
+    Metadata:
+      cfn_nag:
+        rules_to_suppress:
+          - id: F80
+          - id: F27
+    Properties:
+      DBInstanceClass: db.t2.micro
+      AllocatedStorage: "20"
+      Engine: mysql
+      EngineVersion: 8.0.26
+      MasterUsername: !Ref DBUsername
+      MasterUserPassword: !Ref DBPassword
+      PubliclyAccessible: false
+
+  DatabaseConnParams:
+    Type: AWS::SecretsManager::Secret
+    Properties:
+      Description: Database Connection Parameters.
+      Name: DatabaseConnParams
+      SecretString: !Sub |
+        {
+          "RDS_HOSTNAME": "${Database.Endpoint.Address}",
+          "RDS_PORT": "${Database.Endpoint.Port}",
+          "RDS_USERNAME": "${DBUsername}",
+          "RDS_PASSWORD": "${DBPassword}"
+        }
diff --git a/code/solutions/dynamic-references/ec2-instance.yaml b/code/solutions/dynamic-references/ec2-instance.yaml
@@ -0,0 +1,11 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: AWS CloudFormation workshop - Dynamic references - EC2 template (uksb-1q9p31idr)
+
+Resources:
+  Instance:
+    Type: AWS::EC2::Instance
+    Properties:
+      AvailabilityZone: !Select ["0", !GetAZs ""]
+      InstanceType: t2.micro
+      ImageId: '{{resolve:ssm:/golden-images/amazon-linux-2}}'
diff --git a/code/solutions/dynamic-references/lambda-function.yaml b/code/solutions/dynamic-references/lambda-function.yaml
@@ -0,0 +1,38 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: AWS CloudFormation workshop - Dynamic references - Lambda function (uksb-1q9p31idr)
+
+Resources:
+  FunctionExecutionRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Statement:
+          - Action:
+              - sts:AssumeRole
+            Effect: Allow
+            Principal:
+              Service:
+                - lambda.amazonaws.com
+        Version: "2012-10-17"
+      ManagedPolicyArns:
+        - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+      Path: /
+
+  HelloWorldFunction:
+    Type: AWS::Lambda::Function
+    Properties:
+      Role: !GetAtt FunctionExecutionRole.Arn
+      Handler: index.handler
+      Environment:
+        Variables:
+          RDS_HOSTNAME: '{{resolve:secretsmanager:DatabaseConnParams:SecretString:RDS_HOSTNAME}}'
+          RDS_PORT: '{{resolve:secretsmanager:DatabaseConnParams:SecretString:RDS_PORT}}'
+      Runtime: python3.7
+      Code:
+        ZipFile: |
+          import os
+          def handler(event, context):
+              RDS_HOSTNAME=os.getenv('RDS_HOSTNAME')
+              RDS_PORT=os.getenv('RDS_PORT')
+              return "Database: {}:{}".format(RDS_HOSTNAME,RDS_PORT)
diff --git a/code/solutions/dynamic-references/lambda-memory-size.yaml b/code/solutions/dynamic-references/lambda-memory-size.yaml
@@ -0,0 +1,40 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: AWS CloudFormation workshop - Dynamic references - Lambda memory size (uksb-1q9p31idr)
+
+Metadata:
+  cfn-lint:
+    config:
+      ignore_checks:
+        - E3012
+        - E3034
+
+Resources:
+  FunctionExecutionRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Statement:
+          - Action:
+              - sts:AssumeRole
+            Effect: Allow
+            Principal:
+              Service:
+                - lambda.amazonaws.com
+        Version: "2012-10-17"
+      ManagedPolicyArns:
+        - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+      Path: /
+
+  HelloWorldFunction:
+    Type: AWS::Lambda::Function
+    Properties:
+      Role: !GetAtt FunctionExecutionRole.Arn
+      Handler: index.handler
+      Runtime: python3.7
+      MemorySize: '{{resolve:ssm:/lambda/memory-size:1}}'
+      Code:
+        ZipFile: |
+          import os
+          def handler(event, context):
+              return "Hello World!"
diff --git a/code/workspace/dynamic-references/database.yaml b/code/workspace/dynamic-references/database.yaml
@@ -0,0 +1,52 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: AWS CloudFormation workshop - Dynamic references - Database template (uksb-1q9p31idr)
+
+Parameters:
+  DBUsername:
+    Description: Username for Database Access
+    Type: String
+    NoEcho: "true"
+    MinLength: "1"
+    MaxLength: "16"
+    AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
+    ConstraintDescription: must begin with a letter and contain only alphanumeric characters.
+
+  DBPassword:
+    Description: Password for MySQL database access
+    Type: String
+    NoEcho: "true"
+    MinLength: "8"
+    MaxLength: "41"
+    AllowedPattern: '[a-zA-Z0-9]*'
+    ConstraintDescription: must contain only alphanumeric characters.
+
+Resources:
+  Database:
+    Type: AWS::RDS::DBInstance
+    Metadata:
+      cfn_nag:
+        rules_to_suppress:
+          - id: F80
+          - id: F27
+    Properties:
+      DBInstanceClass: db.t2.micro
+      AllocatedStorage: "20"
+      Engine: mysql
+      EngineVersion: 8.0.26
+      MasterUsername: !Ref DBUsername
+      MasterUserPassword: !Ref DBPassword
+      PubliclyAccessible: false
+
+  DatabaseConnParams:
+    Type: AWS::SecretsManager::Secret
+    Properties:
+      Description: Database Connection Parameters.
+      Name: DatabaseConnParams
+      SecretString: !Sub |
+        {
+          "RDS_HOSTNAME": "${Database.Endpoint.Address}",
+          "RDS_PORT": "${Database.Endpoint.Port}",
+          "RDS_USERNAME": "${DBUsername}",
+          "RDS_PASSWORD": "${DBPassword}"
+        }
diff --git a/code/workspace/dynamic-references/ec2-instance.yaml b/code/workspace/dynamic-references/ec2-instance.yaml
@@ -0,0 +1,8 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: AWS CloudFormation workshop - Dynamic references - EC2 template (uksb-1q9p31idr)
+Resources:
+  Instance:
+    Type: AWS::EC2::Instance
+    Properties:
+      AvailabilityZone: !Select ['0', !GetAZs ""]
+      InstanceType: 't2.micro'
diff --git a/code/workspace/dynamic-references/lambda-function.yaml b/code/workspace/dynamic-references/lambda-function.yaml
@@ -0,0 +1,32 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: AWS CloudFormation workshop - Dynamic references - Lambda function (uksb-1q9p31idr)
+Resources:
+  FunctionExecutionRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Statement:
+          - Action:
+            - sts:AssumeRole
+            Effect: Allow
+            Principal:
+              Service:
+              - lambda.amazonaws.com
+        Version: 2012-10-17
+      ManagedPolicyArns:
+        - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+      Path: /
+  HelloWorldFunction:
+    Type: AWS::Lambda::Function
+    Properties:
+      Role: !GetAtt FunctionExecutionRole.Arn
+      Handler: index.handler
+      ## Environment Configuration Goes Here
+      Runtime: python3.7
+      Code:
+        ZipFile: |
+          import os
+          def handler(event, context):
+              RDS_HOSTNAME=os.getenv('RDS_HOSTNAME')
+              RDS_PORT=os.getenv('RDS_PORT')
+              return "Database: {}:{}".format(RDS_HOSTNAME,RDS_PORT)
diff --git a/code/workspace/dynamic-references/lambda-memory-size.yaml b/code/workspace/dynamic-references/lambda-memory-size.yaml
@@ -0,0 +1,19 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: AWS CloudFormation workshop - Dynamic references - Lambda memory size (uksb-1q9p31idr)
+Resources:
+  FunctionExecutionRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Statement:
+          - Action:
+            - sts:AssumeRole
+            Effect: Allow
+            Principal:
+              Service:
+              - lambda.amazonaws.com
+        Version: 2012-10-17
+      ManagedPolicyArns:
+        - !Sub 'arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+      Path: /
+  ## Lambda Resource Goes Here