High Availability
高可用マルチAZデータベース&Web構成
マルチAZ配置 of RDS、Auto Scaling EC2、VPC構成により、シングルポイント障害を排除した安全な高可用インフラテンプレートです。
構成要素 (AWS Services):
EC2ALBRDSAuto ScalingVPC
アーキテクチャ図 (Architecture Diagram)
クリックで拡大表示
AWS CLI でのデプロイ例
AWS CLIを使用してCloudFormationスタックをデプロイする場合は、以下のコマンドを実行します。
aws cloudformation create-stack \ --stack-name high-availability-architecture-stack \ --template-body file://high-availability-architecture.yaml \ --capabilities CAPABILITY_IAM
high-availability-architecture.yaml
AWSTemplateFormatVersion: '2010-09-09'
Description: 'High Availability Architecture - Multi-AZ deployment with ALB, Auto Scaling, Aurora, ElastiCache, and CloudFront'
Parameters:
EnvironmentName:
Type: String
Default: production
Description: Environment name prefix
VpcCIDR:
Type: String
Default: 10.0.0.0/16
Description: VPC CIDR block
InstanceType:
Type: String
Default: t3.micro
AllowedValues: [t3.micro, t3.small, t3.medium]
Description: EC2 instance type
DBMasterUsername:
Type: String
Default: admin
NoEcho: true
Description: Database master username
LatestAmiId:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64
Resources:
# VPC Configuration
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VpcCIDR
EnableDnsHostnames: true
EnableDnsSupport: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-vpc
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-igw
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
# Public Subnets (3 AZs)
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Select [0, !GetAZs '']
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-subnet-1
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.2.0/24
AvailabilityZone: !Select [1, !GetAZs '']
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-subnet-2
PublicSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.3.0/24
AvailabilityZone: !Select [2, !GetAZs '']
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-subnet-3
# Private Subnets (3 AZs)
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.11.0/24
AvailabilityZone: !Select [0, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-subnet-1
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.12.0/24
AvailabilityZone: !Select [1, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-subnet-2
PrivateSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.13.0/24
AvailabilityZone: !Select [2, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-subnet-3
# Database Subnets (3 AZs)
DatabaseSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.21.0/24
AvailabilityZone: !Select [0, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-database-subnet-1
DatabaseSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.22.0/24
AvailabilityZone: !Select [1, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-database-subnet-2
DatabaseSubnet3:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.23.0/24
AvailabilityZone: !Select [2, !GetAZs '']
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-database-subnet-3
# NAT Gateways (3 AZs for high availability)
NatGateway1EIP:
Type: AWS::EC2::EIP
DependsOn: AttachGateway
Properties:
Domain: vpc
NatGateway2EIP:
Type: AWS::EC2::EIP
DependsOn: AttachGateway
Properties:
Domain: vpc
NatGateway3EIP:
Type: AWS::EC2::EIP
DependsOn: AttachGateway
Properties:
Domain: vpc
NatGateway1:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway1EIP.AllocationId
SubnetId: !Ref PublicSubnet1
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-nat-1
NatGateway2:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway2EIP.AllocationId
SubnetId: !Ref PublicSubnet2
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-nat-2
NatGateway3:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGateway3EIP.AllocationId
SubnetId: !Ref PublicSubnet3
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-nat-3
# Route Tables
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-public-rt
PublicRoute:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet1
RouteTableId: !Ref PublicRouteTable
PublicSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet2
RouteTableId: !Ref PublicRouteTable
PublicSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet3
RouteTableId: !Ref PublicRouteTable
PrivateRouteTable1:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-rt-1
PrivateRoute1:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable1
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway1
PrivateSubnet1RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet1
RouteTableId: !Ref PrivateRouteTable1
PrivateRouteTable2:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-rt-2
PrivateRoute2:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable2
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway2
PrivateSubnet2RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet2
RouteTableId: !Ref PrivateRouteTable2
PrivateRouteTable3:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-private-rt-3
PrivateRoute3:
Type: AWS::EC2::Route
Properties:
RouteTableId: !Ref PrivateRouteTable3
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId: !Ref NatGateway3
PrivateSubnet3RouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PrivateSubnet3
RouteTableId: !Ref PrivateRouteTable3
# Security Groups
ALBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for Application Load Balancer
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-alb-sg
WebServerSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for web servers
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
SourceSecurityGroupId: !Ref ALBSecurityGroup
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-web-sg
DatabaseSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for Aurora database
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 3306
ToPort: 3306
SourceSecurityGroupId: !Ref WebServerSecurityGroup
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-db-sg
CacheSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Security group for ElastiCache
VpcId: !Ref VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 6379
ToPort: 6379
SourceSecurityGroupId: !Ref WebServerSecurityGroup
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-cache-sg
# Application Load Balancer
ApplicationLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Name: !Sub ${EnvironmentName}-alb
Type: application
Scheme: internet-facing
IpAddressType: ipv4
Subnets:
- !Ref PublicSubnet1
- !Ref PublicSubnet2
- !Ref PublicSubnet3
SecurityGroups:
- !Ref ALBSecurityGroup
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-alb
ALBTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
Name: !Sub ${EnvironmentName}-tg
Port: 80
Protocol: HTTP
VpcId: !Ref VPC
HealthCheckEnabled: true
HealthCheckPath: /health
HealthCheckProtocol: HTTP
HealthCheckIntervalSeconds: 30
HealthCheckTimeoutSeconds: 5
HealthyThresholdCount: 2
UnhealthyThresholdCount: 3
TargetType: instance
Matcher:
HttpCode: 200
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-tg
ALBListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
LoadBalancerArn: !Ref ApplicationLoadBalancer
Port: 80
Protocol: HTTP
DefaultActions:
- Type: forward
TargetGroupArn: !Ref ALBTargetGroup
# IAM Role for EC2
EC2Role:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: ec2.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/CloudWatchAgentServerPolicy
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-ec2-role
EC2InstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
Roles:
- !Ref EC2Role
# Launch Template
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateName: !Sub ${EnvironmentName}-lt
LaunchTemplateData:
ImageId: !Ref LatestAmiId
InstanceType: !Ref InstanceType
IamInstanceProfile:
Arn: !GetAtt EC2InstanceProfile.Arn
SecurityGroupIds:
- !Ref WebServerSecurityGroup
UserData:
Fn::Base64: |
#!/bin/bash
yum update -y
yum install -y httpd
systemctl start httpd
systemctl enable httpd
echo "<h1>High Availability Web Server - $(hostname -f)</h1>" > /var/www/html/index.html
echo "OK" > /var/www/html/health
MetadataOptions:
HttpTokens: required
HttpPutResponseHopLimit: 1
Monitoring:
Enabled: true
TagSpecifications:
- ResourceType: instance
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-web-server
# Auto Scaling Group
AutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
AutoScalingGroupName: !Sub ${EnvironmentName}-asg
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber
MinSize: 3
MaxSize: 9
DesiredCapacity: 3
HealthCheckType: ELB
HealthCheckGracePeriod: 300
VPCZoneIdentifier:
- !Ref PrivateSubnet1
- !Ref PrivateSubnet2
- !Ref PrivateSubnet3
TargetGroupARNs:
- !Ref ALBTargetGroup
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-asg-instance
PropagateAtLaunch: true
# Auto Scaling Policies
ScaleUpPolicy:
Type: AWS::AutoScaling::ScalingPolicy
Properties:
AutoScalingGroupName: !Ref AutoScalingGroup
PolicyType: TargetTrackingScaling
TargetTrackingConfiguration:
PredefinedMetricSpecification:
PredefinedMetricType: ASGAverageCPUUtilization
TargetValue: 70.0
# Secrets Manager for DB Password
DBPasswordSecret:
Type: AWS::SecretsManager::Secret
Properties:
Description: Aurora database master password
GenerateSecretString:
SecretStringTemplate: !Sub '{"username": "${DBMasterUsername}"}'
GenerateStringKey: password
PasswordLength: 16
ExcludeCharacters: '"@/\'
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-db-password
# Aurora DB Subnet Group
DBSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupName: !Sub ${EnvironmentName}-db-subnet-group
DBSubnetGroupDescription: Subnet group for Aurora cluster
SubnetIds:
- !Ref DatabaseSubnet1
- !Ref DatabaseSubnet2
- !Ref DatabaseSubnet3
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-db-subnet-group
# Aurora MySQL Cluster (Multi-AZ)
AuroraDBCluster:
Type: AWS::RDS::DBCluster
Properties:
Engine: aurora-mysql
EngineVersion: 8.0.mysql_aurora.3.07.1
DatabaseName: appdb
MasterUsername: !Ref DBMasterUsername
MasterUserPassword: !Sub '{{resolve:secretsmanager:${DBPasswordSecret}:SecretString:password}}'
DBSubnetGroupName: !Ref DBSubnetGroup
VpcSecurityGroupIds:
- !Ref DatabaseSecurityGroup
BackupRetentionPeriod: 7
PreferredBackupWindow: 03:00-04:00
PreferredMaintenanceWindow: mon:04:00-mon:05:00
StorageEncrypted: true
EnableCloudwatchLogsExports:
- error
- general
- slowquery
DeletionProtection: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-aurora-cluster
# Aurora DB Instances (Multi-AZ)
AuroraDBInstance1:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: !Sub ${EnvironmentName}-aurora-instance-1
Engine: aurora-mysql
DBClusterIdentifier: !Ref AuroraDBCluster
DBInstanceClass: db.t3.medium
PubliclyAccessible: false
EnablePerformanceInsights: true
PerformanceInsightsRetentionPeriod: 7
MonitoringInterval: 60
MonitoringRoleArn: !GetAtt RDSMonitoringRole.Arn
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-aurora-instance-1
AuroraDBInstance2:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: !Sub ${EnvironmentName}-aurora-instance-2
Engine: aurora-mysql
DBClusterIdentifier: !Ref AuroraDBCluster
DBInstanceClass: db.t3.medium
PubliclyAccessible: false
EnablePerformanceInsights: true
PerformanceInsightsRetentionPeriod: 7
MonitoringInterval: 60
MonitoringRoleArn: !GetAtt RDSMonitoringRole.Arn
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-aurora-instance-2
AuroraDBInstance3:
Type: AWS::RDS::DBInstance
Properties:
DBInstanceIdentifier: !Sub ${EnvironmentName}-aurora-instance-3
Engine: aurora-mysql
DBClusterIdentifier: !Ref AuroraDBCluster
DBInstanceClass: db.t3.medium
PubliclyAccessible: false
EnablePerformanceInsights: true
PerformanceInsightsRetentionPeriod: 7
MonitoringInterval: 60
MonitoringRoleArn: !GetAtt RDSMonitoringRole.Arn
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-aurora-instance-3
# RDS Monitoring Role
RDSMonitoringRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: monitoring.rds.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole
# ElastiCache Subnet Group
CacheSubnetGroup:
Type: AWS::ElastiCache::SubnetGroup
Properties:
Description: Subnet group for ElastiCache
SubnetIds:
- !Ref DatabaseSubnet1
- !Ref DatabaseSubnet2
- !Ref DatabaseSubnet3
# ElastiCache Redis Replication Group (Multi-AZ)
RedisReplicationGroup:
Type: AWS::ElastiCache::ReplicationGroup
Properties:
ReplicationGroupId: !Sub ${EnvironmentName}-redis
ReplicationGroupDescription: Redis cluster for high availability
Engine: redis
EngineVersion: 7.1
CacheNodeType: cache.t3.micro
NumCacheClusters: 3
MultiAZEnabled: true
AutomaticFailoverEnabled: true
CacheSubnetGroupName: !Ref CacheSubnetGroup
SecurityGroupIds:
- !Ref CacheSecurityGroup
AtRestEncryptionEnabled: true
TransitEncryptionEnabled: true
SnapshotRetentionLimit: 5
SnapshotWindow: 03:00-05:00
PreferredMaintenanceWindow: mon:05:00-mon:07:00
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-redis
# S3 Bucket for static content
StaticContentBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub ${EnvironmentName}-static-${AWS::AccountId}
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
VersioningConfiguration:
Status: Enabled
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: true
IgnorePublicAcls: true
RestrictPublicBuckets: true
LifecycleConfiguration:
Rules:
- Id: DeleteOldVersions
Status: Enabled
NoncurrentVersionExpirationInDays: 30
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-static-bucket
# CloudFront Origin Access Control
CloudFrontOAC:
Type: AWS::CloudFront::OriginAccessControl
Properties:
OriginAccessControlConfig:
Name: !Sub ${EnvironmentName}-oac
OriginAccessControlOriginType: s3
SigningBehavior: always
SigningProtocol: sigv4
# CloudFront Distribution
CloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Enabled: true
Comment: !Sub ${EnvironmentName} CloudFront Distribution
DefaultRootObject: index.html
Origins:
- Id: S3Origin
DomainName: !GetAtt StaticContentBucket.RegionalDomainName
OriginAccessControlId: !Ref CloudFrontOAC
S3OriginConfig: {}
- Id: ALBOrigin
DomainName: !GetAtt ApplicationLoadBalancer.DNSName
CustomOriginConfig:
HTTPPort: 80
OriginProtocolPolicy: http-only
DefaultCacheBehavior:
TargetOriginId: ALBOrigin
ViewerProtocolPolicy: redirect-to-https
AllowedMethods: [GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE]
CachedMethods: [GET, HEAD, OPTIONS]
ForwardedValues:
QueryString: true
Cookies:
Forward: all
Compress: true
CacheBehaviors:
- PathPattern: /static/*
TargetOriginId: S3Origin
ViewerProtocolPolicy: redirect-to-https
AllowedMethods: [GET, HEAD, OPTIONS]
CachedMethods: [GET, HEAD, OPTIONS]
ForwardedValues:
QueryString: false
Cookies:
Forward: none
Compress: true
DefaultTTL: 86400
MaxTTL: 31536000
MinTTL: 0
PriceClass: PriceClass_All
ViewerCertificate:
CloudFrontDefaultCertificate: true
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-cloudfront
# S3 Bucket Policy for CloudFront
StaticContentBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref StaticContentBucket
PolicyDocument:
Statement:
- Sid: AllowCloudFrontServicePrincipal
Effect: Allow
Principal:
Service: cloudfront.amazonaws.com
Action: s3:GetObject
Resource: !Sub ${StaticContentBucket.Arn}/*
Condition:
StringEquals:
AWS:SourceArn: !Sub arn:aws:cloudfront::${AWS::AccountId}:distribution/${CloudFrontDistribution}
# CloudWatch Alarms
ALBUnhealthyHostAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub ${EnvironmentName}-alb-unhealthy-hosts
AlarmDescription: Alert when unhealthy host count is high
MetricName: UnHealthyHostCount
Namespace: AWS/ApplicationELB
Statistic: Average
Period: 60
EvaluationPeriods: 2
Threshold: 1
ComparisonOperator: GreaterThanThreshold
Dimensions:
- Name: LoadBalancer
Value: !GetAtt ApplicationLoadBalancer.LoadBalancerFullName
- Name: TargetGroup
Value: !GetAtt ALBTargetGroup.TargetGroupFullName
DatabaseCPUAlarm:
Type: AWS::CloudWatch::Alarm
Properties:
AlarmName: !Sub ${EnvironmentName}-db-cpu-high
AlarmDescription: Alert when database CPU is high
MetricName: CPUUtilization
Namespace: AWS/RDS
Statistic: Average
Period: 300
EvaluationPeriods: 2
Threshold: 80
ComparisonOperator: GreaterThanThreshold
Dimensions:
- Name: DBClusterIdentifier
Value: !Ref AuroraDBCluster
Outputs:
VPCId:
Description: VPC ID
Value: !Ref VPC
Export:
Name: !Sub ${EnvironmentName}-vpc-id
LoadBalancerDNS:
Description: Application Load Balancer DNS Name
Value: !GetAtt ApplicationLoadBalancer.DNSName
Export:
Name: !Sub ${EnvironmentName}-alb-dns
CloudFrontDomain:
Description: CloudFront Distribution Domain Name
Value: !GetAtt CloudFrontDistribution.DomainName
Export:
Name: !Sub ${EnvironmentName}-cloudfront-domain
AuroraClusterEndpoint:
Description: Aurora Cluster Writer Endpoint
Value: !GetAtt AuroraDBCluster.Endpoint.Address
Export:
Name: !Sub ${EnvironmentName}-aurora-endpoint
AuroraReaderEndpoint:
Description: Aurora Cluster Reader Endpoint
Value: !GetAtt AuroraDBCluster.ReadEndpoint.Address
Export:
Name: !Sub ${EnvironmentName}-aurora-reader-endpoint
RedisEndpoint:
Description: Redis Primary Endpoint
Value: !GetAtt RedisReplicationGroup.PrimaryEndPoint.Address
Export:
Name: !Sub ${EnvironmentName}-redis-endpoint
S3BucketName:
Description: S3 Bucket for Static Content
Value: !Ref StaticContentBucket
Export:
Name: !Sub ${EnvironmentName}-s3-bucket