Merge pull request #60 from aws-samples/moodle4.4-graviton3-elasticac…

…heserverless

Moodle 4.4 + Support for Graviton 3, ElastiCache Serverless

templates/01-newvpc.yaml

@@ -1,69 +1,18 @@
 ---
 AWSTemplateFormatVersion: 2010-09-09
+Description: Moodle network (VPC)
 
-Description: Reference Architecture to host Moodle on AWS - Creates New VPC
-
-Metadata:
-
-  AWS::CloudFormation::Interface:
-
-    ParameterGroups:
-    - Label:
-        default: Amazon VPC Parameters
-      Parameters:
-      - NumberOfAZs
-      - AvailabilityZones
-      - VpcCidr
-      - PublicSubnet0Cidr
-      - PublicSubnet1Cidr
-      - PublicSubnet2Cidr
-      - AppSubnet0Cidr
-      - AppSubnet1Cidr
-      - AppSubnet2Cidr
-      - DataSubnet0Cidr
-      - DataSubnet1Cidr
-      - DataSubnet2Cidr
-
-    ParameterLabels:
-      AvailabilityZones:
-        default: Availability Zones
-      NumberOfAZs:
-        default: Number of Availability Zones
-      VpcCidr:
-        default: VpcCidr
-      PublicSubnet0Cidr:
-        default: Public Subnet 0
-      PublicSubnet1Cidr:
-        default: Public Subnet 1
-      PublicSubnet2Cidr:
-        default: Public Subnet 2
-      AppSubnet0Cidr:
-        default: App Subnet 0
-      AppSubnet1Cidr:
-        default: App Subnet 1
-      AppSubnet2Cidr:
-        default: App Subnet 2
-      DataSubnet0Cidr:
-        default: Data Subnet 0
-      DataSubnet1Cidr:
-        default: Data Subnet 1
-      DataSubnet2Cidr:
-        default: Data Subnet 2
-
 Parameters:
-
   AvailabilityZones:
-    Description: 'List of Availability Zones to use for the subnets in the VPC. Note:
-      The logical order is preserved.'
+    Description: 'List of Availability Zones to use for the subnets in the VPC. Note: The logical order is preserved.'
     Type: List<AWS::EC2::AvailabilityZone::Name>
   NumberOfAZs:
     AllowedValues:
     - 1
     - 2
     - 3
     Default: 2
-    Description: Number of Availability Zones to use in the VPC. This must match your
-      selections in the list of Availability Zones parameter.
+    Description: Number of Availability Zones to use in the VPC. This must match your selections in the list of Availability Zones parameter.
     Type: Number
   VpcCidr:
     AllowedPattern: "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\\/(1[6-9]|2[0-8]))$"
@@ -127,13 +76,9 @@ Parameters:
     Type: String
 
 Conditions:
-
-  NumberOfAZs1:
-      !Equals [ '1', !Ref NumberOfAZs ]
-  NumberOfAZs2:
-      !Equals [ '2', !Ref NumberOfAZs ]
-  NumberOfAZs3:
-      !Equals [ '3', !Ref NumberOfAZs ]
+  NumberOfAZs1: !Equals [ '1', !Ref NumberOfAZs ]
+  NumberOfAZs2: !Equals [ '2', !Ref NumberOfAZs ]
+  NumberOfAZs3: !Equals [ '3', !Ref NumberOfAZs ]
   AZ0: !Or
     - !Condition NumberOfAZs1
     - !Condition NumberOfAZs2
@@ -144,7 +89,6 @@ Conditions:
   AZ2: !Condition NumberOfAZs3
 
 Resources:
-
   AppSubnet0:
     Condition: AZ0
     Type: AWS::EC2::Subnet
@@ -158,6 +102,7 @@ Resources:
         - Key: SubnetType
           Value: Private
       VpcId: !Ref Vpc
+
   AppSubnet1:
     Condition: AZ1
     Type: AWS::EC2::Subnet
@@ -171,6 +116,7 @@ Resources:
         - Key: SubnetType
           Value: Private
       VpcId: !Ref Vpc
+
   AppSubnet2:
     Condition: AZ2
     Type: AWS::EC2::Subnet
@@ -191,12 +137,14 @@ Resources:
     Properties:
       RouteTableId: !Ref NatRouteTable0
       SubnetId: !Ref AppSubnet0
+
   AppSubnetRouteTableAssociation1:
     Condition: AZ1
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       RouteTableId: !Ref NatRouteTable1
       SubnetId: !Ref AppSubnet1
+
   AppSubnetRouteTableAssociation2:
     Condition: AZ2
     Type: AWS::EC2::SubnetRouteTableAssociation
@@ -217,6 +165,7 @@ Resources:
         - Key: SubnetType
           Value: Private
       VpcId: !Ref Vpc
+
   DataSubnet1:
     Condition: AZ1
     Type: AWS::EC2::Subnet
@@ -230,6 +179,7 @@ Resources:
         - Key: SubnetType
           Value: Private
       VpcId: !Ref Vpc
+
   DataSubnet2:
     Condition: AZ2
     Type: AWS::EC2::Subnet
@@ -250,25 +200,28 @@ Resources:
     Properties:
       RouteTableId: !Ref NatRouteTable0
       SubnetId: !Ref DataSubnet0
+
   DataSubnetRouteTableAssociation1:
     Condition: AZ1
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       RouteTableId: !Ref NatRouteTable1
       SubnetId: !Ref DataSubnet1
+
   DataSubnetRouteTableAssociation2:
     Condition: AZ2
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       RouteTableId: !Ref NatRouteTable2
       SubnetId: !Ref DataSubnet2
- 
+
   InternetGateway:
     Type: AWS::EC2::InternetGateway
     Properties:
       Tags:
         - Key: Name
           Value: !Join [ '', [ 'InternetGateway / ', !Ref 'AWS::StackName' ] ]
+
   AttachInternetGateway:
     Type: AWS::EC2::VPCGatewayAttachment
     Properties:
@@ -280,20 +233,23 @@ Resources:
     Type: AWS::EC2::EIP
     Properties:
       Domain: vpc
+
   NatGateway0:
     Condition: AZ0
     Type: AWS::EC2::NatGateway
     DependsOn: AttachInternetGateway
     Properties:
       AllocationId: !GetAtt NatEIP0.AllocationId
       SubnetId: !Ref PublicSubnet0
+
   NatRoute0:
     Condition: AZ0
     Type: AWS::EC2::Route
     Properties:
       RouteTableId: !Ref NatRouteTable0
       DestinationCidrBlock: 0.0.0.0/0
       NatGatewayId: !Ref NatGateway0
+
   NatRouteTable0:
     Condition: AZ0
     Type: AWS::EC2::RouteTable
@@ -310,20 +266,23 @@ Resources:
     Type: AWS::EC2::EIP
     Properties:
       Domain: vpc
+
   NatGateway1:
     Condition: AZ1
     Type: AWS::EC2::NatGateway
     DependsOn: AttachInternetGateway
     Properties:
       AllocationId: !GetAtt NatEIP1.AllocationId
       SubnetId: !Ref PublicSubnet1
+
   NatRoute1:
     Condition: AZ1
     Type: AWS::EC2::Route
     Properties:
       RouteTableId: !Ref NatRouteTable1
       DestinationCidrBlock: 0.0.0.0/0
       NatGatewayId: !Ref NatGateway1
+
   NatRouteTable1:
     Condition: AZ1
     Type: AWS::EC2::RouteTable
@@ -340,20 +299,23 @@ Resources:
     Type: AWS::EC2::EIP
     Properties:
       Domain: vpc
+
   NatGateway2:
     Condition: AZ2
     Type: AWS::EC2::NatGateway
     DependsOn: AttachInternetGateway
     Properties:
       AllocationId: !GetAtt NatEIP2.AllocationId
       SubnetId: !Ref PublicSubnet2
+
   NatRoute2:
     Condition: AZ2
     Type: AWS::EC2::Route
     Properties:
       RouteTableId: !Ref NatRouteTable2
       DestinationCidrBlock: 0.0.0.0/0
       NatGatewayId: !Ref NatGateway2
+
   NatRouteTable2:
     Condition: AZ2
     Type: AWS::EC2::RouteTable
@@ -372,6 +334,7 @@ Resources:
       RouteTableId: !Ref PublicRouteTable
       DestinationCidrBlock: 0.0.0.0/0
       GatewayId: !Ref InternetGateway
+
   PublicRouteTable:
     Type: AWS::EC2::RouteTable
     Properties:
@@ -381,65 +344,70 @@ Resources:
         - Key: Network
           Value: Public
       VpcId: !Ref Vpc
+
   PublicRouteTableAssociation0:
     Condition: AZ0
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       SubnetId: !Ref PublicSubnet0
       RouteTableId: !Ref PublicRouteTable
+
   PublicRouteTableAssociation1:
     Condition: AZ1
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       SubnetId: !Ref PublicSubnet1
       RouteTableId: !Ref PublicRouteTable
+
   PublicRouteTableAssociation2:
     Condition: AZ2
     Type: AWS::EC2::SubnetRouteTableAssociation
     Properties:
       SubnetId: !Ref PublicSubnet2
       RouteTableId: !Ref PublicRouteTable
-  
+
   PublicSubnet0:
     Condition: AZ0
     Type: AWS::EC2::Subnet
     Properties:
       AvailabilityZone: !Select [ 0, !Ref AvailabilityZones ]
       CidrBlock: !Ref PublicSubnet0Cidr
-      MapPublicIpOnLaunch: true
+      MapPublicIpOnLaunch: false
       Tags:
         - Key: Name
           Value: !Join [ '', [ 'PublicSubnet0 / ', !Ref 'AWS::StackName' ] ]
         - Key: SubnetType
           Value: Public
       VpcId: !Ref Vpc
+
   PublicSubnet1:
     Condition: AZ1
     Type: AWS::EC2::Subnet
     Properties:
       AvailabilityZone: !Select [ 1, !Ref AvailabilityZones ]
       CidrBlock: !Ref PublicSubnet1Cidr
-      MapPublicIpOnLaunch: true
+      MapPublicIpOnLaunch: false
       Tags:
         - Key: Name
           Value: !Join [ '', [ 'PublicSubnet1 / ', !Ref 'AWS::StackName' ] ]
         - Key: SubnetType
           Value: Public
       VpcId: !Ref Vpc
+
   PublicSubnet2:
     Condition: AZ2
     Type: AWS::EC2::Subnet
     Properties:
       AvailabilityZone: !Select [ 2, !Ref AvailabilityZones ]
       CidrBlock: !Ref PublicSubnet2Cidr
-      MapPublicIpOnLaunch: true
+      MapPublicIpOnLaunch: false
       Tags:
         - Key: Name
           Value: !Join [ '', [ 'PublicSubnet2 / ', !Ref 'AWS::StackName' ] ]
         - Key: SubnetType
           Value: Public
       VpcId: !Ref Vpc
-  
+
   Vpc:
     Type: AWS::EC2::VPC
     Properties:
@@ -449,6 +417,7 @@ Resources:
       Tags:
         - Key: Name
           Value: !Join [ '', [ 'Vpc / ', !Ref 'AWS::StackName' ] ]
+
   VpcFlowLog:
     Type: AWS::EC2::FlowLog
     Properties:
@@ -457,6 +426,7 @@ Resources:
       ResourceId: !Ref Vpc
       ResourceType: VPC
       TrafficType: ALL
+
   VpcFlowLogsRole:
     Type: AWS::IAM::Role
     Properties:
@@ -476,16 +446,20 @@ Resources:
             Version: 2012-10-17
             Statement:
               - Action:
-                  - logs:CreateLogGroup
                   - logs:CreateLogStream
                   - logs:DescribeLogGroups
                   - logs:DescribeLogStreams
                   - logs:PutLogEvents
                 Effect: Allow
-                Resource: '*'
+                Resource: !GetAtt VpcFlowLogsGroup.Arn
+
+  VpcFlowLogsGroup: 
+      Type: AWS::Logs::LogGroup
+      DeletionPolicy: Delete
+      Properties: 
+        RetentionInDays: 7
 
 Outputs:
-
   Vpc:
     Value: !Ref Vpc
   VpcCidr:
@@ -550,4 +524,3 @@ Outputs:
           !Join [ ',', [ !Ref PublicSubnet0, !Ref PublicSubnet1, !Ref PublicSubnet2 ] ]
           ] 
         ] 
-