common-templates/cf-efs-stack.yml - aws-gerrit - Git at Google

 AWSTemplateFormatVersion: '2010-09-09'
 Description: Resources related to the EFS filesystem apt to store git data.
 Parameters:
   FileSystemThroughputMode:
     Description:  Gerrit shared filesystem throughput mode
     Type: String
   ProvisionedThroughputInMibps:
     Description:  The fs throughput, measured in MiB/s. Valid values are 1-1024.
     Type: Number
   PublicSubnet1:
     Description: The mount target of this EFS for subnet1
     Type: String
   PublicSubnet2:
     Description: The mount target of this EFS for subnet2
     Type: String
   SecurityGroupVPCID:
     Description: The ID of the VPC for the security group
     Type: String
   SecurityGroupCidrIp1:
     Description: The in CIDR range of subnet1 allowed mounting EFS
     Type: String
   SecurityGroupCidrIp2:
     Description: The in CIDR range of subnet2 allowed mounting EFS
     Type: String
   TagValue:
     Description: A tag value for this EFS resource
     Type: String

 Conditions:
   isProvisionedThroughput: !Equals [!Ref FileSystemThroughputMode, "provisioned"]

 Resources:
   FileSystem:
     Type: AWS::EFS::FileSystem
     Properties:
       ThroughputMode: !Ref FileSystemThroughputMode
       ProvisionedThroughputInMibps: !If [isProvisionedThroughput, !Ref ProvisionedThroughputInMibps, !Ref "AWS::NoValue"]
       FileSystemTags:
         - Key: Name
           Value: !Ref TagValue

   GitMountTargetSubnet1:
     Type: AWS::EFS::MountTarget
     Properties:
       FileSystemId: !Ref FileSystem
       SubnetId: !Ref PublicSubnet1
       SecurityGroups:
         - !Ref MountTargetSecurityGroup1

   GitMountTargetSubnet2:
     Type: AWS::EFS::MountTarget
     Properties:
       FileSystemId: !Ref FileSystem
       SubnetId: !Ref PublicSubnet2
       SecurityGroups:
         - !Ref MountTargetSecurityGroup2

   MountTargetSecurityGroup1:
     Type: AWS::EC2::SecurityGroup
     Properties:
       VpcId: !Ref SecurityGroupVPCID
       GroupDescription: "Security group for mount target in subnet 1"
       SecurityGroupIngress:
         - IpProtocol: TCP
           FromPort: 2049
           ToPort: 2049
           CidrIp: !Ref SecurityGroupCidrIp1

   MountTargetSecurityGroup2:
     Type: AWS::EC2::SecurityGroup
     Properties:
       VpcId: !Ref SecurityGroupVPCID
       GroupDescription: "Security group for mount target in subnet 2"
       SecurityGroupIngress:
         - IpProtocol: TCP
           FromPort: 2049
           ToPort: 2049
           CidrIp: !Ref SecurityGroupCidrIp2

 Outputs:
   FileSystemID:
     Description: The ID of the permanent EFS filesystem
     Value: !Ref FileSystem
     Export:
       Name: !Join [ ':', [ !Ref 'AWS::StackName', 'FileSystem' ] ]
	AWSTemplateFormatVersion: '2010-09-09'
	Description: Resources related to the EFS filesystem apt to store git data.
	Parameters:
	FileSystemThroughputMode:
	Description: Gerrit shared filesystem throughput mode
	Type: String
	ProvisionedThroughputInMibps:
	Description: The fs throughput, measured in MiB/s. Valid values are 1-1024.
	Type: Number
	PublicSubnet1:
	Description: The mount target of this EFS for subnet1
	Type: String
	PublicSubnet2:
	Description: The mount target of this EFS for subnet2
	Type: String
	SecurityGroupVPCID:
	Description: The ID of the VPC for the security group
	Type: String
	SecurityGroupCidrIp1:
	Description: The in CIDR range of subnet1 allowed mounting EFS
	Type: String
	SecurityGroupCidrIp2:
	Description: The in CIDR range of subnet2 allowed mounting EFS
	Type: String
	TagValue:
	Description: A tag value for this EFS resource
	Type: String

	Conditions:
	isProvisionedThroughput: !Equals [!Ref FileSystemThroughputMode, "provisioned"]

	Resources:
	FileSystem:
	Type: AWS::EFS::FileSystem
	Properties:
	ThroughputMode: !Ref FileSystemThroughputMode
	ProvisionedThroughputInMibps: !If [isProvisionedThroughput, !Ref ProvisionedThroughputInMibps, !Ref "AWS::NoValue"]
	FileSystemTags:
	- Key: Name
	Value: !Ref TagValue

	GitMountTargetSubnet1:
	Type: AWS::EFS::MountTarget
	Properties:
	FileSystemId: !Ref FileSystem
	SubnetId: !Ref PublicSubnet1
	SecurityGroups:
	- !Ref MountTargetSecurityGroup1

	GitMountTargetSubnet2:
	Type: AWS::EFS::MountTarget
	Properties:
	FileSystemId: !Ref FileSystem
	SubnetId: !Ref PublicSubnet2
	SecurityGroups:
	- !Ref MountTargetSecurityGroup2

	MountTargetSecurityGroup1:
	Type: AWS::EC2::SecurityGroup
	Properties:
	VpcId: !Ref SecurityGroupVPCID
	GroupDescription: "Security group for mount target in subnet 1"
	SecurityGroupIngress:
	- IpProtocol: TCP
	FromPort: 2049
	ToPort: 2049
	CidrIp: !Ref SecurityGroupCidrIp1

	MountTargetSecurityGroup2:
	Type: AWS::EC2::SecurityGroup
	Properties:
	VpcId: !Ref SecurityGroupVPCID
	GroupDescription: "Security group for mount target in subnet 2"
	SecurityGroupIngress:
	- IpProtocol: TCP
	FromPort: 2049
	ToPort: 2049
	CidrIp: !Ref SecurityGroupCidrIp2

	Outputs:
	FileSystemID:
	Description: The ID of the permanent EFS filesystem
	Value: !Ref FileSystem
	Export:
	Name: !Join [ ':', [ !Ref 'AWS::StackName', 'FileSystem' ] ]