-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmodule.yml
More file actions
162 lines (162 loc) · 5.46 KB
/
module.yml
File metadata and controls
162 lines (162 loc) · 5.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
---
# Copyright 2019 widdix GmbH
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
AWSTemplateFormatVersion: '2010-09-09'
Description: 'cfn-modules: ElastiCache Serverless Valkey'
# cfn-modules:implements(ExposeName, ExposeDnsName)
Parameters:
VpcModule:
Description: 'Stack name of vpc module.'
Type: String
ClientSgModule:
Description: 'Stack name of client-sg module.'
Type: String
AlertingModule:
Description: 'Optional but recommended stack name of alerting module.'
Type: String
Default: ''
BastionModule:
Description: 'Optional but recommended stack name of module implementing Bastion.'
Type: String
Default: ''
KmsKeyModule:
Description: 'Optional but recommended stack name of kms-key module (ignored when DBSnapshotIdentifier is set, value used from snapshot).'
Type: String
Default: ''
SnapshotRetentionLimit:
Description: 'The number of days for which ElastiCache retains automatic snapshots before deleting them (set to 0 to disable backups).'
Type: Number
Default: 35
MinValue: 0
MaxValue: 35
CacheName:
Description: 'The unique name for the cache.'
Type: String
MaxDataStorageLimit:
Description: 'The maximum amount of data stored in the cache.'
Type: 'Number'
Default: 10
MaxECPUPerSecondLimit:
Description: 'Maximum number of ECPU per second. Must be between 1000 and 15000000. You can set the value to zero to remove the limit.'
Type: 'Number'
Default: 1000
Conditions:
HasAlertingModule: !Not [!Equals [!Ref AlertingModule, '']]
HasBastionModule: !Not [!Equals [!Ref BastionModule, '']]
HasKmsKeyModule: !Not [!Equals [!Ref KmsKeyModule, '']]
Resources:
SecurityGroup:
Type: 'AWS::EC2::SecurityGroup'
Properties:
GroupDescription: !Ref 'AWS::StackName'
VpcId: {'Fn::ImportValue': !Sub '${VpcModule}-Id'}
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 6379
ToPort: 6379
SourceSecurityGroupId: {'Fn::ImportValue': !Sub '${ClientSgModule}-SecurityGroupId'}
SecurityGroupInSSHBastion:
Type: 'AWS::EC2::SecurityGroupIngress'
Condition: HasBastionModule
Properties:
GroupId: !Ref SecurityGroup
IpProtocol: tcp
FromPort: 6379
ToPort: 6379
SourceSecurityGroupId: {'Fn::ImportValue': !Sub '${BastionModule}-SecurityGroupId'}
ServerlessCache:
Type: 'AWS::ElastiCache::ServerlessCache'
Properties:
CacheUsageLimits:
DataStorage:
Unit: 'GB'
Maximum: !Ref MaxDataStorageLimit
ECPUPerSecond:
Maximum: !Ref MaxECPUPerSecondLimit
DailySnapshotTime: '03:00'
Engine: 'valkey'
KmsKeyId: !If [HasKmsKeyModule, {'Fn::ImportValue': !Sub '${KmsKeyModule}-Arn'}, !Ref 'AWS::NoValue']
SecurityGroupIds:
- !Ref SecurityGroup
ServerlessCacheName: !Ref CacheName
SnapshotRetentionLimit: !Ref SnapshotRetentionLimit
SubnetIds: !Split [',', {'Fn::ImportValue': !Sub '${VpcModule}-SubnetIdsPrivate'}]
BytesUsedForCacheAlarm:
Condition: HasAlertingModule
Type: 'AWS::CloudWatch::Alarm'
Properties:
AlarmActions:
- 'Fn::ImportValue': !Sub '${AlertingModule}-Arn'
AlarmDescription: '80% of maximum data storage limit reached.'
OKActions:
- 'Fn::ImportValue': !Sub '${AlertingModule}-Arn'
EvaluationPeriods: 1
ComparisonOperator: GreaterThanThreshold
Threshold: !Ref MaxDataStorageLimit
Metrics:
- Id: 'o'
Expression: 'm*0.8'
- Id: 'm'
MetricStat:
Metric:
Namespace: 'AWS/ElastiCache'
MetricName: 'BytesUsedForCache'
Dimensions:
- Name: 'clusterId'
Value: !Ref CacheName
Unit: 'Gigabytes'
Period: 900
Stat: 'Max'
ElastiCacheProcessingUnitsAlarm:
Condition: HasAlertingModule
Type: 'AWS::CloudWatch::Alarm'
Properties:
AlarmActions:
- 'Fn::ImportValue': !Sub '${AlertingModule}-Arn'
AlarmDescription: '80% of maximum procession units reached.'
OKActions:
- 'Fn::ImportValue': !Sub '${AlertingModule}-Arn'
EvaluationPeriods: 1
ComparisonOperator: GreaterThanThreshold
Threshold: !Ref MaxECPUPerSecondLimit
Metrics:
- Id: 'o'
Expression: 'm/900*0.8'
- Id: 'm'
MetricStat:
Metric:
Namespace: 'AWS/ElastiCache'
MetricName: 'ElastiCacheProcessingUnits'
Dimensions:
- Name: 'clusterId'
Value: !Ref CacheName
Period: 900
Stat: 'SUM'
Outputs:
ModuleId:
Value: 'elasticache-serverless'
ModuleVersion:
Value: '0.2.0'
StackName:
Value: !Ref 'AWS::StackName'
Name:
Description: 'The name of the cluster'
Value: !Ref CacheName
Export:
Name: !Sub '${AWS::StackName}-Name'
DnsName:
Description: 'The DNS address of the Serverless cache.'
Value: !GetAtt 'ServerlessCache.Endpoint.Address'
Export:
Name: !Sub '${AWS::StackName}-DnsName'