blob: e7e3004239f1295d4bfc4c2e47008cef2b0ab1ef [file] [log] [blame]
AWSTemplateFormatVersion: '2010-09-09'
Description: Resources related to the EFS filesystem apt to store git data.
Parameters:
FileSystemThroughputMode:
Description: Gerrit shared filesystem throughput mode
Type: String
ProvisionedThroughputInMibps:
Description: The fs throughput, measured in MiB/s. Valid values are 1-1024.
Type: Number
PublicSubnet1:
Description: The mount target of this EFS for subnet1
Type: String
PublicSubnet2:
Description: The mount target of this EFS for subnet2
Type: String
SecurityGroupVPCID:
Description: The ID of the VPC for the security group
Type: String
SecurityGroupCidrIp1:
Description: The in CIDR range of subnet1 allowed mounting EFS
Type: String
SecurityGroupCidrIp2:
Description: The in CIDR range of subnet2 allowed mounting EFS
Type: String
TagValue:
Description: A tag value for this EFS resource
Type: String
Conditions:
isProvisionedThroughput: !Equals [!Ref FileSystemThroughputMode, "provisioned"]
Resources:
FileSystem:
Type: AWS::EFS::FileSystem
Properties:
ThroughputMode: !Ref FileSystemThroughputMode
ProvisionedThroughputInMibps: !If [isProvisionedThroughput, !Ref ProvisionedThroughputInMibps, !Ref "AWS::NoValue"]
FileSystemTags:
- Key: Name
Value: !Ref TagValue
GitMountTargetSubnet1:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystem
SubnetId: !Ref PublicSubnet1
SecurityGroups:
- !Ref MountTargetSecurityGroup1
GitMountTargetSubnet2:
Type: AWS::EFS::MountTarget
Properties:
FileSystemId: !Ref FileSystem
SubnetId: !Ref PublicSubnet2
SecurityGroups:
- !Ref MountTargetSecurityGroup2
MountTargetSecurityGroup1:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref SecurityGroupVPCID
GroupDescription: "Security group for mount target in subnet 1"
SecurityGroupIngress:
- IpProtocol: TCP
FromPort: 2049
ToPort: 2049
CidrIp: !Ref SecurityGroupCidrIp1
MountTargetSecurityGroup2:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref SecurityGroupVPCID
GroupDescription: "Security group for mount target in subnet 2"
SecurityGroupIngress:
- IpProtocol: TCP
FromPort: 2049
ToPort: 2049
CidrIp: !Ref SecurityGroupCidrIp2
Outputs:
FileSystemID:
Description: The ID of the permanent EFS filesystem
Value: !Ref FileSystem
Export:
Name: !Join [ ':', [ !Ref 'AWS::StackName', 'FileSystem' ] ]