/
function_with_mq_using_autogen_role.yaml
136 lines (129 loc) · 3.3 KB
/
function_with_mq_using_autogen_role.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
Parameters:
MQBrokerUser:
Description: The user to access the Amazon MQ broker.
Type: String
Default: testBrokerUser
MinLength: 2
ConstraintDescription: The Amazon MQ broker user is required !
MQBrokerPassword:
Description: The password to access the Amazon MQ broker. Min 12 characters
Type: String
Default: testBrokerPassword
MinLength: 12
ConstraintDescription: The Amazon MQ broker password is required !
NoEcho: true
PreCreatedVpc:
Type: String
PreCreatedSubnetTwo:
Type: String
MQBrokerUserSecretName2:
Type: String
PreCreatedInternetGateway:
Type: String
MQBrokerName2:
Description: The name of MQ Broker
Type: String
Default: TestMQBroker2
Resources:
RouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: PreCreatedVpc
Route:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: RouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: PreCreatedInternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PreCreatedSubnetTwo
RouteTableId:
Ref: RouteTable
MQSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Limits security group ingress and egress traffic for the Amazon
MQ instance
VpcId:
Ref: PreCreatedVpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 8162
ToPort: 8162
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 61617
ToPort: 61617
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 5671
ToPort: 5671
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 61614
ToPort: 61614
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 8883
ToPort: 8883
CidrIp: 0.0.0.0/0
MyMqBroker:
Properties:
BrokerName:
Ref: MQBrokerName2
DeploymentMode: SINGLE_INSTANCE
EngineType: ACTIVEMQ
EngineVersion: 5.17.6
HostInstanceType: mq.t3.micro
Logs:
Audit: true
General: true
PubliclyAccessible: true
AutoMinorVersionUpgrade: false
SecurityGroups:
- Ref: MQSecurityGroup
SubnetIds:
- Ref: PreCreatedSubnetTwo
Users:
- ConsoleAccess: true
Groups:
- admin
Username:
Ref: MQBrokerUser
Password:
Ref: MQBrokerPassword
Type: AWS::AmazonMQ::Broker
MyLambdaFunction:
Type: AWS::Serverless::Function
Properties:
Runtime: nodejs18.x
Handler: index.handler
CodeUri: ${codeuri}
Events:
MyMqEvent:
Type: MQ
Properties:
Broker:
Fn::GetAtt: MyMqBroker.Arn
Queues:
- TestQueue
SourceAccessConfigurations:
- Type: BASIC_AUTH
URI:
Ref: MQBrokerUserSecret
MQBrokerUserSecret:
Type: AWS::SecretsManager::Secret
Properties:
Name:
Ref: MQBrokerUserSecretName2
SecretString:
Fn::Sub: '{"username":"${MQBrokerUser}","password":"${MQBrokerPassword}"}'
Description: SecretsManager Secret for broker user and password
Metadata:
SamTransformTest: true