templates/bbb-on-aws-database.template.yaml

AWSTemplateFormatVersion: '2010-09-09'
Description: >
  This Cloudformation Template deploys the Database Cluster (Amazon Aurora) for the BigBlueButton application infrastructure.
  Disclaimer: Not for production use. Demo and testing purposes only.
  Author: David Surey <suredavi@amazon.com>

Parameters:
  BBBNotificationTopic:
    Description: Topic to be used for alarm notifications
    Type: String
  BBBDBPort:
    Description: TCP/IP Port for the Database Instance
    Type: Number
    Default: 5432
  BBBDBInstanceType:
    Description: DB instance type for Aurora PostgreSQL
    Type: String
    Default: db.serverless
    AllowedPattern: ^(db\.(serverless|(t3|t4g|r5|r6g|r6i|r7g)\.(medium|large|xlarge|2xlarge|4xlarge|8xlarge|12xlarge|16xlarge|24xlarge)))$
  BBBServerlessAuroraMinCapacity:
    Description: The minimum capacity for the Amazon Aurora Serverless Cluster
    Type: Number
    Default: 2
  BBBServerlessAuroraMaxCapacity:
    Description: The maximum capacity for the Amazon Aurora Serverless Cluster
    Type: Number
    Default: 4
  BBBDatastoreSubnets:
    Description: Comma separated list of the private database subnets
    Type: CommaDelimitedList
  BBBDBEngineVersion:
    Description: Database engine version for Aurora PostgreSQL
    Type: String
    Default: 16.4
    AllowedValues:
      - 14.3
      - 14.4
      - 14.5
      - 14.6
      - 14.7
      - 14.8
      - 15.3
      - 15.4
      - 15.5
      - 16.1
      - 16.2
      - 16.3
      - 16.4
  BBBDBSecurityGroup:
    Description: Security Group that should be assigned for the database
    Type: String

Mappings:
  AuroraEngineMap:
    "14.3":
      Family: "aurora-postgresql14"
    "14.4":
      Family: "aurora-postgresql14"
    "14.5":
      Family: "aurora-postgresql14"
    "14.6":
      Family: "aurora-postgresql14"
    "14.7":
      Family: "aurora-postgresql14"
    "14.8":
      Family: "aurora-postgresql14"
    "15.3":
      Family: "aurora-postgresql15"
    "15.4":
      Family: "aurora-postgresql15"
    "15.5":
      Family: "aurora-postgresql15"
    "16.1":
      Family: "aurora-postgresql16"
    "16.2":
      Family: "aurora-postgresql16"
    "16.3":
      Family: "aurora-postgresql16"
    "16.4":
      Family: "aurora-postgresql16"

Conditions:
  BBBServerlessAurora: !Equals [ !Ref BBBDBInstanceType, db.serverless ]

Resources:
  BBBDBSubnetGroup:
    Type: AWS::RDS::DBSubnetGroup
    Properties:
      DBSubnetGroupDescription: Subnet Group for RDS Deployment
      SubnetIds: !Ref BBBDatastoreSubnets

  BBBRDSDBSecret:
    Type: AWS::SecretsManager::Secret
    Properties:
      Description: 'This is the BBB Database instance secret'
      GenerateSecretString:
        SecretStringTemplate: '{"username": "BBBDBUsr"}'
        GenerateStringKey: 'password'
        PasswordLength: 16
        ExcludePunctuation: true

  BBBRDSDBConnectionSecret:
    Type: AWS::SecretsManager::Secret
    Properties:
      Description: 'This is the BBB Database cluster url secret'
      SecretString: !Sub
        - '{"hostname": "${HOSTNAME}", "port": ${PORT}, "connectionString": "postgresql://${BBBDBUser}:${BBBDBPassword}@${HOSTNAME}:${PORT}"}'
        - HOSTNAME: !GetAtt BBBRDSCluster.Endpoint.Address
          PORT: !GetAtt BBBRDSCluster.Endpoint.Port
          BBBDBUser: !Join ['', ['{{resolve:secretsmanager:', !Ref BBBRDSDBSecret, ':SecretString:username}}']]
          BBBDBPassword: !Join ['', ['{{resolve:secretsmanager:', !Ref BBBRDSDBSecret, ':SecretString:password}}']]

  BBBDatabaseName:
    Type: AWS::SecretsManager::Secret
    Properties:
      Description: 'This is the BBB DBName as secret'      
      GenerateSecretString:
        SecretStringTemplate: '{"database": "BBBDB"}'
        GenerateStringKey: 'DBName'
        PasswordLength: 16
        ExcludePunctuation: true

  BBBRDSDBParameterGroupPostgres:
    Type: AWS::RDS::DBParameterGroup
    Properties:
      Description: Aurora PG Database Instance Parameter Group
      Family: !FindInMap [AuroraEngineMap, !Ref BBBDBEngineVersion, Family]

  BBBRDSDBClusterParameterGroupPostgres:
    Type: AWS::RDS::DBClusterParameterGroup
    Properties:
      Description: Aurora PG Database Cluster Parameter Group
      Family: !FindInMap [AuroraEngineMap, !Ref BBBDBEngineVersion, Family]
      Parameters:
        timezone: Europe/Berlin

  BBBRDSCluster:
    Type: AWS::RDS::DBCluster
    DeletionPolicy: Delete
    Properties:
      MasterUsername: !Join ['', ['{{resolve:secretsmanager:', !Ref BBBRDSDBSecret, ':SecretString:username}}']]
      MasterUserPassword: !Join ['', ['{{resolve:secretsmanager:', !Ref BBBRDSDBSecret, ':SecretString:password}}']]
      DatabaseName: !Join ['', ['BBB', '{{resolve:secretsmanager:', !Ref BBBDatabaseName, ':SecretString:DBName}}']]
      Port: !Ref BBBDBPort
      Engine: aurora-postgresql
      EngineVersion: !Ref BBBDBEngineVersion
      StorageEncrypted: true
      DBSubnetGroupName: !Ref BBBDBSubnetGroup
      DBClusterParameterGroupName: !Ref BBBRDSDBClusterParameterGroupPostgres
      VpcSecurityGroupIds: [!Ref BBBDBSecurityGroup]
      ServerlessV2ScalingConfiguration:
        !If
        - BBBServerlessAurora
        - MinCapacity: !Ref BBBServerlessAuroraMinCapacity
          MaxCapacity: !Ref BBBServerlessAuroraMaxCapacity
        - !Ref AWS::NoValue

  BBBRDSDBInstance1:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Delete
    Properties:
      AllowMajorVersionUpgrade: false
      AutoMinorVersionUpgrade: true
      CopyTagsToSnapshot: true
      DBSubnetGroupName: !Ref BBBDBSubnetGroup
      Engine: aurora-postgresql
      EngineVersion: !Ref BBBDBEngineVersion
      DBClusterIdentifier: !Ref BBBRDSCluster
      DBParameterGroupName: !Ref BBBRDSDBParameterGroupPostgres
      AvailabilityZone: !Select [0, !GetAZs '']
      DBInstanceClass: !Ref BBBDBInstanceType

  BBBRDSDBInstance2:
    Type: AWS::RDS::DBInstance
    DeletionPolicy: Delete
    Properties:
      AllowMajorVersionUpgrade: false
      AutoMinorVersionUpgrade: true
      CopyTagsToSnapshot: true
      DBSubnetGroupName: !Ref BBBDBSubnetGroup
      Engine: aurora-postgresql
      EngineVersion: !Ref BBBDBEngineVersion
      DBClusterIdentifier: !Ref BBBRDSCluster
      DBParameterGroupName: !Ref BBBRDSDBParameterGroupPostgres
      AvailabilityZone: !Select [1, !GetAZs '']
      DBInstanceClass: !Ref BBBDBInstanceType

  DBClusterEventSubscription:
    Type: AWS::RDS::EventSubscription
    Properties:
      EventCategories:
        - failover
        - failure
        - notification
      SnsTopicArn: !Ref BBBNotificationTopic
      SourceIds: [!Ref BBBRDSCluster]
      SourceType: db-cluster

Outputs:
  BBBDBName:
    Value: !Join ['_', ['APPDB', !Ref 'AWS::StackName']]
  BBBDB:
    Description: The Big Blue Button Database Created
    Value: !Ref BBBRDSCluster
  BBBRDSDBConnectionSecret:
    Description: The Big Blue Button DB Connection Data
    Value: !Ref BBBRDSDBConnectionSecret
  BBBRDSDBClusterParameterGroup:
    Description: The Big Blue Button DB Cluster Parameter Group
    Value: !Ref BBBRDSDBClusterParameterGroupPostgres
  BBBDBSubnetGroup:
    Description: The Big Blue Button DB Subnet Group
    Value: !Ref BBBDBSubnetGroup
  BBBRDSCluster:
    Description: The Big Blue Button DB Cluster
    Value: !Ref BBBRDSCluster
  BBBRDSDBInstance1:
    Description: The Big Blue Button DB Instance 1
    Value: !Ref BBBRDSDBInstance1
  BBBRDSDBInstance2:
    Description: The Big Blue Button DB Instance 2
    Value: !Ref BBBRDSDBInstance2
  BBBRDSDBParameterGroup:
    Description: The Big Blue Button DB Parameter Group
    Value: !Ref BBBRDSDBParameterGroupPostgres