This article helps a user create a MYSQL database instance using CloudFormation automation service. RDS stands for relational database service. It is a managed AWS (Amazon Web Services) service simplifying the setting up and management of relational databases.
RDS supports various database engines. They Include:
- Amazon Aurora
- Maria DB
- SQL Server
The benefits of using AWS RDS include:
RDS makes it easier to provision and manage your RDS databases. There is no need to worry about software patches nor go through the complex process of provisioning instances and installing software on the instances.
RDS makes it easier to scale our databases should there be a need for that (read replicas). Also, the service provides the user with options to ensure a highly available setup (multi-az).
Before you start the setup have a look at the setup pre-requisites listed below.
The user will need to have:
- An AWS Account.
- Created a user with permissions to create resources on the AWS Account.
- An IDE like visual studio code to write and edit your CloudFormation Template.
- Created a VPC with subnets and an Internet Connection.
- Created a Parameter group for the database instance.
N/B: For an RDS MYSQL database instance we cannot create the parameter group with a CloudFormation template. It has to be created beforehand and used as an input variable (Parameter on our template).
Step 1: Create Database Instance Parameter Group
The parameter group allows you to manage your database engine configurations. To manually create an RDS database parameter group, follow the below steps.
On the AWS RDS console select parameter groups then click create parameter group.
Next, enter the parameter group details. For our case, we are creating a MySQL version 8 db instance hence we filled the details as below.
When done click create. It will create the database parameter group.
Step 2: Create CloudFormation Template
Use the below Template to create your RDS MYSQL database instance.
AWSTemplateFormatVersion: "2010-09-09" Description: "Create a DB subnet group and MYSQL Database" Parameters: VPC: Type: String Description: The VPC to create the cluster Default: vpc-ID PrivateSubnet01: Type: String Description: The subnet for the DB cluster Default: subnet-ID PrivateSubnet02: Type: String Description: The subnet for the DB cluster Default: subnet-ID MasterUsername: Type: String Description: The username for our database. MasterUserPassword: Type: String Description: The password for the database. "NoEcho": true ParameterGroup: Type: String Description: The name of the database parameter group created. Resources: EC2SecurityGroup: Type: "AWS::EC2::SecurityGroup" Properties: GroupDescription: "Database instances security group" VpcId: !Ref VPC SecurityGroupIngress: - CidrIp: "*.*.*.*/32" FromPort: 3306 IpProtocol: "tcp" ToPort: 3306 SecurityGroupEgress: - CidrIp: "0.0.0.0/0" IpProtocol: "-1" RDSDBSubnetGroup: Type: "AWS::RDS::DBSubnetGroup" Properties: DBSubnetGroupDescription: "Subnet Group for mySQL database" DBSubnetGroupName: !Sub "$AWS::Region-aws-dxl-database-subnet-group" SubnetIds: - !Ref PrivateSubnet01 - !Ref PrivateSubnet02 Tags: - Key: Name Value: eu-central-1-test-db-cluster - Key: createdBy Value: Maureen Barasa - Key: Project Value: test-blog - Key: Environment Value: test RDSDBInstance: Type: AWS::RDS::DBInstance Properties: DBInstanceIdentifier: aws-dxl-database-1 AllocatedStorage: 100 DBInstanceClass: db.m5.large Engine: "MYSQL" MasterUsername: !Ref MasterUsername MasterUserPassword: !Ref MasterUserPassword BackupRetentionPeriod: 7 MultiAZ: true EngineVersion: 8.0.20 AutoMinorVersionUpgrade: true Iops: 1000 PubliclyAccessible: false StorageType: io1 Port: 3306 StorageEncrypted: true CopyTagsToSnapshot: true MonitoringInterval: 60 EnableIAMDatabaseAuthentication: false EnablePerformanceInsights: true PerformanceInsightsRetentionPeriod: 7 DeletionProtection: true DBSubnetGroupName: !Ref RDSDBSubnetGroup VPCSecurityGroups: - !Ref EC2SecurityGroup MaxAllocatedStorage: 1000 DBParameterGroupName: !Ref ParameterGroup MonitoringRoleArn: !Sub "arn:aws:iam::$AWS::AccountId:role/rds-monitoring-role" Tags: - Key: Name Value: aws-dxl-database-1 - Key: createdBy Value: Maureen Barasa - Key: Project Value: test-blog - Key: Environment Value: test Outputs: Cluster: Description: The DB Cluster Name Value: !Ref RDSDBInstance SubnetGroup: Description: The db subnet group name Value: !Ref RDSDBSubnetGroup
We can deploy the CloudFormation Template using a CloudFormation stack.
The CloudFormation Template Explained
The template comprises 3 sections. The Parameters, Resources and Outputs sections.
In the resources section, we require the user to input the dynamic variables of their template. For our case, the user should replace the VPC and subnet ID’s with their respective VPC and subnet ID’s. Next, it will prompt the user to input their database master username and password. Finally, the user will be required to input the name of the parameter group created earlier on.
Here the user defines the AWS resources to create. For our case, we start by creating the database instance security group. The user should change the security group ingress to reflect the CIDR IP Block that they would like to permit access to the Database instances.
Next, it creates the DB subnet group. The subnet group defines the subnets where the database cluster and instances are created. Also, the user should pay attention to the names and tags to customize as needed.
Finally, the DB Instance is created. However, the user should go through the template and change the instance properties to match their specific needs. Also, the DB instance identifier and tags should be customized to meet user requirements.
The output section of the template instructs CloudFormation to output the names of the resources created. For example, in our case, we have instructed the template to output the names of the DB instance and subnet group.