Parameters: EEKeyPair: Type: AWS::EC2::KeyPair::KeyName Default: EEKeyPair Description: Event Engine Name of the EC2 KeyPair generated for the Team LatestAMI: Type: AWS::SSM::Parameter::Value Default: /aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base Description: Latest AMI from windows Resources: CodeDeployServiceRole897ED2CE: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: Fn::Join: - "" - - codedeploy. - Ref: AWS::Region - "." - Ref: AWS::URLSuffix Version: "2012-10-17" ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSCodeDeployRole Path: / Metadata: aws:cdk:path: Module6/CodeDeployServiceRole/Resource awscodestarservicerole60377864: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: codestar.amazonaws.com Version: "2012-10-17" ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSCodeStarServiceRole Path: /service-role/ Metadata: aws:cdk:path: Module6/awscodestarservicerole/Resource awselasticbeanstalkserviceroleD8411EF4: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Condition: StringEquals: sts:ExternalId: elasticbeanstalk Effect: Allow Principal: Service: elasticbeanstalk.amazonaws.com Version: "2012-10-17" ManagedPolicyArns: - arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkEnhancedHealth - arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService Metadata: aws:cdk:path: Module6/awselasticbeanstalkservicerole/Resource CreateGitCredsRole385E94AC: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: lambda.amazonaws.com Version: "2012-10-17" Path: / Policies: - PolicyDocument: Statement: - Action: - iam:CreateServiceSpecificCredential - iam:ListServiceSpecificCredentials - iam:DeleteServiceSpecificCredential Effect: Allow Resource: "*" - Action: - logs:CreateLogGroup - logs:CreateLogStream - logs:PutLogEvents Effect: Allow Resource: arn:aws:logs:*:*:* Version: "2012-10-17" PolicyName: root Metadata: aws:cdk:path: Module6/CreateGitCredsRole/Resource DevAxNetworkVPC049CF20B: Type: AWS::EC2::VPC Properties: CidrBlock: 10.20.0.0/16 EnableDnsHostnames: true EnableDnsSupport: true InstanceTenancy: default Tags: - Key: Name Value: Module6/DevAxNetworkVPC Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/Resource DevAxNetworkVPCpublicSubnet1Subnet18336BFA: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.20.0.0/24 VpcId: Ref: DevAxNetworkVPC049CF20B AvailabilityZone: Fn::Select: - 0 - Fn::GetAZs: "" MapPublicIpOnLaunch: true Tags: - Key: aws-cdk:subnet-name Value: public - Key: aws-cdk:subnet-type Value: Public - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/Subnet DevAxNetworkVPCpublicSubnet1RouteTable397546CD: Type: AWS::EC2::RouteTable Properties: VpcId: Ref: DevAxNetworkVPC049CF20B Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/RouteTable DevAxNetworkVPCpublicSubnet1RouteTableAssociation32F54607: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: Ref: DevAxNetworkVPCpublicSubnet1RouteTable397546CD SubnetId: Ref: DevAxNetworkVPCpublicSubnet1Subnet18336BFA Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/RouteTableAssociation DevAxNetworkVPCpublicSubnet1DefaultRoute088828A0: Type: AWS::EC2::Route Properties: RouteTableId: Ref: DevAxNetworkVPCpublicSubnet1RouteTable397546CD DestinationCidrBlock: 0.0.0.0/0 GatewayId: Ref: DevAxNetworkVPCIGW3AED8105 DependsOn: - DevAxNetworkVPCVPCGWBDEEED8F Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/DefaultRoute DevAxNetworkVPCpublicSubnet1EIP241549E0: Type: AWS::EC2::EIP Properties: Domain: vpc Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/EIP DevAxNetworkVPCpublicSubnet1NATGateway8B09B209: Type: AWS::EC2::NatGateway Properties: AllocationId: Fn::GetAtt: - DevAxNetworkVPCpublicSubnet1EIP241549E0 - AllocationId SubnetId: Ref: DevAxNetworkVPCpublicSubnet1Subnet18336BFA Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet1/NATGateway DevAxNetworkVPCpublicSubnet2Subnet0FE75CE7: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.20.1.0/24 VpcId: Ref: DevAxNetworkVPC049CF20B AvailabilityZone: Fn::Select: - 1 - Fn::GetAZs: "" MapPublicIpOnLaunch: true Tags: - Key: aws-cdk:subnet-name Value: public - Key: aws-cdk:subnet-type Value: Public - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/Subnet DevAxNetworkVPCpublicSubnet2RouteTable697DCAB0: Type: AWS::EC2::RouteTable Properties: VpcId: Ref: DevAxNetworkVPC049CF20B Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/RouteTable DevAxNetworkVPCpublicSubnet2RouteTableAssociation88AA6DF8: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: Ref: DevAxNetworkVPCpublicSubnet2RouteTable697DCAB0 SubnetId: Ref: DevAxNetworkVPCpublicSubnet2Subnet0FE75CE7 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/RouteTableAssociation DevAxNetworkVPCpublicSubnet2DefaultRoute4C133366: Type: AWS::EC2::Route Properties: RouteTableId: Ref: DevAxNetworkVPCpublicSubnet2RouteTable697DCAB0 DestinationCidrBlock: 0.0.0.0/0 GatewayId: Ref: DevAxNetworkVPCIGW3AED8105 DependsOn: - DevAxNetworkVPCVPCGWBDEEED8F Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/DefaultRoute DevAxNetworkVPCpublicSubnet2EIP2C72517D: Type: AWS::EC2::EIP Properties: Domain: vpc Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/EIP DevAxNetworkVPCpublicSubnet2NATGateway63D3A4D0: Type: AWS::EC2::NatGateway Properties: AllocationId: Fn::GetAtt: - DevAxNetworkVPCpublicSubnet2EIP2C72517D - AllocationId SubnetId: Ref: DevAxNetworkVPCpublicSubnet2Subnet0FE75CE7 Tags: - Key: Name Value: Module6/DevAxNetworkVPC/publicSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/publicSubnet2/NATGateway DevAxNetworkVPCprivateSubnet1SubnetF1C6C29A: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.20.2.0/24 VpcId: Ref: DevAxNetworkVPC049CF20B AvailabilityZone: Fn::Select: - 0 - Fn::GetAZs: "" MapPublicIpOnLaunch: false Tags: - Key: aws-cdk:subnet-name Value: private - Key: aws-cdk:subnet-type Value: Private - Key: Name Value: Module6/DevAxNetworkVPC/privateSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet1/Subnet DevAxNetworkVPCprivateSubnet1RouteTableF757820F: Type: AWS::EC2::RouteTable Properties: VpcId: Ref: DevAxNetworkVPC049CF20B Tags: - Key: Name Value: Module6/DevAxNetworkVPC/privateSubnet1 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet1/RouteTable DevAxNetworkVPCprivateSubnet1RouteTableAssociation94A46865: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: Ref: DevAxNetworkVPCprivateSubnet1RouteTableF757820F SubnetId: Ref: DevAxNetworkVPCprivateSubnet1SubnetF1C6C29A Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet1/RouteTableAssociation DevAxNetworkVPCprivateSubnet1DefaultRoute07EFC529: Type: AWS::EC2::Route Properties: RouteTableId: Ref: DevAxNetworkVPCprivateSubnet1RouteTableF757820F DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: Ref: DevAxNetworkVPCpublicSubnet1NATGateway8B09B209 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet1/DefaultRoute DevAxNetworkVPCprivateSubnet2SubnetD148A816: Type: AWS::EC2::Subnet Properties: CidrBlock: 10.20.3.0/24 VpcId: Ref: DevAxNetworkVPC049CF20B AvailabilityZone: Fn::Select: - 1 - Fn::GetAZs: "" MapPublicIpOnLaunch: false Tags: - Key: aws-cdk:subnet-name Value: private - Key: aws-cdk:subnet-type Value: Private - Key: Name Value: Module6/DevAxNetworkVPC/privateSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet2/Subnet DevAxNetworkVPCprivateSubnet2RouteTable81AEA059: Type: AWS::EC2::RouteTable Properties: VpcId: Ref: DevAxNetworkVPC049CF20B Tags: - Key: Name Value: Module6/DevAxNetworkVPC/privateSubnet2 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet2/RouteTable DevAxNetworkVPCprivateSubnet2RouteTableAssociation973AEB51: Type: AWS::EC2::SubnetRouteTableAssociation Properties: RouteTableId: Ref: DevAxNetworkVPCprivateSubnet2RouteTable81AEA059 SubnetId: Ref: DevAxNetworkVPCprivateSubnet2SubnetD148A816 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet2/RouteTableAssociation DevAxNetworkVPCprivateSubnet2DefaultRouteE9B8CAFD: Type: AWS::EC2::Route Properties: RouteTableId: Ref: DevAxNetworkVPCprivateSubnet2RouteTable81AEA059 DestinationCidrBlock: 0.0.0.0/0 NatGatewayId: Ref: DevAxNetworkVPCpublicSubnet2NATGateway63D3A4D0 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/privateSubnet2/DefaultRoute DevAxNetworkVPCIGW3AED8105: Type: AWS::EC2::InternetGateway Properties: Tags: - Key: Name Value: Module6/DevAxNetworkVPC Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/IGW DevAxNetworkVPCVPCGWBDEEED8F: Type: AWS::EC2::VPCGatewayAttachment Properties: VpcId: Ref: DevAxNetworkVPC049CF20B InternetGatewayId: Ref: DevAxNetworkVPCIGW3AED8105 Metadata: aws:cdk:path: Module6/DevAxNetworkVPC/VPCGW DevAxNetworkSGF6BD3961: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Module6/DevAxNetworkSG GroupName: DBSecurityGroup SecurityGroupEgress: - CidrIp: 0.0.0.0/0 Description: Allow all outbound traffic by default IpProtocol: "-1" VpcId: Ref: DevAxNetworkVPC049CF20B Metadata: aws:cdk:path: Module6/DevAxNetworkSG/Resource DevAxNetworkSGfromModule6DevAxWindowsSecurityGroupA95E2EA133069E4A2650: Type: AWS::EC2::SecurityGroupIngress Properties: IpProtocol: tcp Description: WorkshopHost to DB over mysql FromPort: 3306 GroupId: Fn::GetAtt: - DevAxNetworkSGF6BD3961 - GroupId SourceSecurityGroupId: Fn::GetAtt: - DevAxWindowsSecurityGroupDE999860 - GroupId ToPort: 3306 Metadata: aws:cdk:path: Module6/DevAxNetworkSG/from Module6DevAxWindowsSecurityGroupA95E2EA1:3306 DevAxNetworkSGfromModule6DevAxNetworkSGD9751E783306189CA579: Type: AWS::EC2::SecurityGroupIngress Properties: IpProtocol: tcp Description: DB SG to DB SG over mysql FromPort: 3306 GroupId: Fn::GetAtt: - DevAxNetworkSGF6BD3961 - GroupId SourceSecurityGroupId: Fn::GetAtt: - DevAxNetworkSGF6BD3961 - GroupId ToPort: 3306 Metadata: aws:cdk:path: Module6/DevAxNetworkSG/from Module6DevAxNetworkSGD9751E78:3306 DBinstanceSubnetGroupA78F1F9F: Type: AWS::RDS::DBSubnetGroup Properties: DBSubnetGroupDescription: Subnet group for DBinstance database SubnetIds: - Ref: DevAxNetworkVPCprivateSubnet1SubnetF1C6C29A - Ref: DevAxNetworkVPCprivateSubnet2SubnetD148A816 Metadata: aws:cdk:path: Module6/DBinstance/SubnetGroup/Default DBinstanceA5CF359B: Type: AWS::RDS::DBInstance Properties: DBInstanceClass: db.t2.small AllocatedStorage: "5" AutoMinorVersionUpgrade: false BackupRetentionPeriod: 3 CopyTagsToSnapshot: true DBName: travelbuddy DBSubnetGroupName: Ref: DBinstanceSubnetGroupA78F1F9F DeletionProtection: false Engine: mysql EngineVersion: "8.0" MasterUsername: root MasterUserPassword: labpassword MultiAZ: false Port: "3306" PubliclyAccessible: false StorageEncrypted: true StorageType: gp2 VPCSecurityGroups: - Fn::GetAtt: - DevAxNetworkSGF6BD3961 - GroupId UpdateReplacePolicy: Snapshot Metadata: aws:cdk:path: Module6/DBinstance/Resource AWSStudent3111CB37: Type: AWS::IAM::User Properties: UserName: awsstudent Metadata: aws:cdk:path: Module6/AWSStudent/Resource DevAxWindowsSecurityGroupDE999860: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: Module6/DevAxWindowsSecurityGroup GroupName: WorkspaceSecurityGroup SecurityGroupEgress: - CidrIp: 0.0.0.0/0 Description: Allow all outbound traffic by default IpProtocol: "-1" SecurityGroupIngress: - CidrIp: 0.0.0.0/0 Description: from 0.0.0.0/0:3389 FromPort: 3389 IpProtocol: tcp ToPort: 3389 VpcId: Ref: DevAxNetworkVPC049CF20B Metadata: aws:cdk:path: Module6/DevAxWindowsSecurityGroup/Resource DevAxWindowsHost: Type: AWS::EC2::Instance Properties: ImageId: Ref: LatestAMI InstanceType: m5.xlarge KeyName: Ref: EEKeyPair NetworkInterfaces: - AssociatePublicIpAddress: true DeviceIndex: "0" GroupSet: - Fn::GetAtt: - DevAxWindowsSecurityGroupDE999860 - GroupId SubnetId: Ref: DevAxNetworkVPCpublicSubnet1Subnet18336BFA SourceDestCheck: true Tags: - Key: Name Value: DevAxWindowsHost UserData: Fn::Base64: Fn::Sub: >- CreationPolicy: ResourceSignal: Count: 1 Timeout: PT60M Metadata: AWS::CloudFormation::Init: configSets: ascending: - setup - install - finalise setup: files: C:\setup\setenvironment.ps1: content: >- # Set execution policy and install chocolatey Set-ExecutionPolicy Bypass -Scope Process -Force [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1')) # Reload profile $env:ChocolateyInstall = Convert-Path "$((Get-Command choco).Path)\..\.." Import-Module "$env:ChocolateyInstall\helpers\chocolateyProfile.psm1" # Install Git choco install git -y --params="'/GitAndUnixToolsOnPath /NoAutoCrlf'" # Install AdoptOpenJDK jdk8 hotspot 8.262.10 https://chocolatey.org/packages/corretto8jdk choco install corretto8jdk -y refreshenv # Install IntelliJ https://chocolatey.org/packages/intellijidea-community choco install intellijidea-community -y # Install eclipse https://chocolatey.org/packages/eclipse choco install eclipse --version=4.15 -y --params "'/InstallationPath=C:\eclipse'" & "c:\\setup\\eclipseinstall.ps1" # Install Apache Maven https://chocolatey.org/packages/maven choco install maven -y # Install Tomcat https://chocolatey.org/packages/tomcat choco install tomcat -y # Install Python 3 https://chocolatey.org/packages/python3 choco install python3 -y refreshenv # Install AWS Cli 2 https://chocolatey.org/packages/awscli choco install awscli -y # Install Google Chrome https://chocolatey.org/packages/googlechrome choco install googlechrome -y --ignore-checksums # Install Elastic Beanstalk CLI pip install awsebcli --upgrade # Install MySQL Client https://chocolatey.org/packages/mysql-cli choco install mysql-cli # Move tomcat server to C:\ProgramData\Tomcat9 $tomcatPath = Get-ChildItem -Path C:\ProgramData\chocolatey\lib\Tomcat\tools -Directory | Select-Object -First 1 Get-ChildItem -Path $tomcatPath.FullName -Recurse | Move-Item -Destination C:\ProgramData\Tomcat9\ # Clear desktop $wshShell = New-Object -ComObject "WScript.Shell" Get-ChildItem -Path $wshShell.SpecialFolders.Item("AllUsersDesktop") -Recurse -ErrorAction SilentlyContinue | foreach { Remove-Item -Path $_.FullName } Get-ChildItem -Path $wshShell.SpecialFolders.Item("Desktop") -Recurse -ErrorAction SilentlyContinue | foreach { Remove-Item -Path $_.FullName } # Create shortcuts $wshShell = New-Object -ComObject "WScript.Shell" $urlShortcut = $wshShell.CreateShortcut( (Join-Path $wshShell.SpecialFolders.Item("AllUsersDesktop") "Dashboard.url") ) $urlShortcut.TargetPath = "https://dashboard.eventengine.run/login" $urlShortcut.Save() $wshShell = New-Object -ComObject "WScript.Shell" $urlShortcut = $wshShell.CreateShortcut( (Join-Path $wshShell.SpecialFolders.Item("AllUsersDesktop") "Workshop.url") ) $urlShortcut.TargetPath = "https://workshops.devax.academy/monoliths-to-microservices/" $urlShortcut.Save() C:\setup\eclipseinstall.ps1: content: > $eclipseBasePath = "C:\eclipse" $eclipseVer = Get-ChildItem -Path $eclipseBasePath -Force -Recurse | Select-Object -First 1 $eclipseDir = [IO.Path]::Combine($eclipseBasePath, $eclipseVer, 'eclipse\eclipse') # Install AWS Toolkit for eclipse & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.core.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.sdk.ui.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.ec2.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.dynamodb.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.identitymanagement.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.cloudformation.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.codecommit.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.codedeploy.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.codestar.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.elasticbeanstalk.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.lambda.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.opsworks.feature.feature.group | Out-Null & $eclipseDir -nosplash -application org.eclipse.equinox.p2.director -repository https://aws.amazon.com/eclipse -installIU com.amazonaws.eclipse.rds.feature.feature.group | Out-Null C:\setup\DB.sql: content: > # # Lab 1 - DB Seed Script # use travelbuddy; DROP TABLE IF EXISTS `flightspecial`; CREATE TABLE `flightspecial` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `header` varchar(255) NOT NULL DEFAULT '', `body` varchar(255) DEFAULT NULL, `origin` varchar(255) DEFAULT NULL, `originCode` varchar(6) DEFAULT NULL, `destination` varchar(255) DEFAULT NULL, `destinationCode` varchar(6) DEFAULT NULL, `cost` int(11) NOT NULL, `expiryDate` bigint(16) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8; INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 200), 'London to Prague', 'Jewel of the East', 'London', 'LHR', 'Paris', 'CDG' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 200), 'Paris to London', 'Weekend getaway!', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 200), 'Dubai to Cairo', 'Middle East adventure', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Melbourne to Hawaii', 'Escape to the sun this winter', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 200), 'Buenos Aires to Rio', 'Time to carnivale!', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Sydney to Rome', 'An Italian classic', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Melbourne to Sydney', 'Well trodden path', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Hong Kong to Kuala Lumpur', 'Hop step and a jump', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Lisbon to Madrid', 'Spanish adventure', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'Aswan to Cairo', 'An experience of a lifetime', 'Origin', 'ORG', 'Destination', 'DST' ); INSERT INTO `flightspecial` (`expiryDate`, `cost`, `header`, `body`, `origin`, `originCode`, `destination`, `destinationCode`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 500), 'New York to London', 'Trans-Atlantic', 'Origin', 'ORG', 'Destination', 'DST' ); #--------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------- DROP TABLE IF EXISTS `hotelspecial`; CREATE TABLE `hotelspecial` ( `id` int(11) unsigned NOT NULL AUTO_INCREMENT, `hotel` varchar(255) NOT NULL DEFAULT '', `description` varchar(255) DEFAULT NULL, `location` varchar(255) DEFAULT NULL, `cost` int(11) NOT NULL, `expiryDate` bigint(16) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8; INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Sommerset Hotel', 'Minimum stay 3 nights', 'Sydney' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Freedmom Apartments', 'Pets allowed!', 'Sydney' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Studio City', 'Minimum stay one week', 'Los Angeles' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Le Fleur Hotel', 'Not available weekends', 'Los Angeles' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Classic Hotel', 'Includes breakfast', 'Dallas' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Groundhog Suites', 'Internet access included', 'Florida' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Sophmore Suites', 'Maximum 2 people per room', 'London' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Hotel Sandra', 'Minimum stay two nights', 'Cairo' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Apartamentos de Nestor', 'Pool and spa access included', 'Madrid' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'Kangaroo Hotel', 'Maximum 2 people per room', 'Manchester' ); INSERT INTO `hotelspecial` (`expiryDate`, `cost`, `hotel`, `description`, `location`) VALUES ( (SELECT (UNIX_TIMESTAMP() * 1000)) + 79200 + (RAND() * 20000000), (50 + RAND() * 1000), 'EasyStay Apartments', 'Minimum stay one week', 'Melbourne' ); install: commands: runsetup: command: powershell.exe -ExecutionPolicy Unrestricted C:\setup\setenvironment.ps1 waitAfterCompletion: "0" seed: command: Fn::Sub: - C:\ProgramData\chocolatey\bin\mysql -h ${endpoint} -u ${user} -p${password} -P 3306 < C:\setup\DB.sql - endpoint: Fn::GetAtt: - DBinstanceA5CF359B - Endpoint.Address user: root password: labpassword waitAfterCompletion: "0" finalise: commands: cleanup: command: rmdir C:\setup /s /q waitAfterCompletion: "0" signal: command: Fn::Sub: cfn-signal.exe -e %ERRORLEVEL% --resource DevAxWindowsHost --stack ${AWS::StackName} --region ${AWS::Region} CreateGitCredsFunction9D6697C5: Type: AWS::Lambda::Function Properties: Code: ZipFile: > import boto3 import cfnresponse def lambda_handler(event,context): print(event) response = {} try: if event['RequestType'] == 'Delete': iam = boto3.client('iam') credentials = iam.list_service_specific_credentials(UserName='awsstudent',ServiceName='codecommit.amazonaws.com') serviceSpecificCredentialId = credentials['ServiceSpecificCredentials'][0]['ServiceSpecificCredentialId'] delete = iam.delete_service_specific_credential(UserName='awsstudent', ServiceSpecificCredentialId=serviceSpecificCredentialId) cfnresponse.send(event, context, cfnresponse.SUCCESS,response) else: iam = boto3.client('iam') gitcreds = iam.create_service_specific_credential(UserName='awsstudent',ServiceName='codecommit.amazonaws.com') response['GitUserName'] = gitcreds['ServiceSpecificCredential']['ServiceUserName'] response['GitPassword'] = gitcreds['ServiceSpecificCredential']['ServicePassword'] cfnresponse.send(event, context, cfnresponse.SUCCESS,response) except Exception as e: print(e) response['Status'] = 'FAILED' response['Reason'] = 'Git failed, see log for details' cfnresponse.send(event, context, cfnresponse.FAILED,response) Handler: index.lambda_handler Role: Fn::GetAtt: - CreateGitCredsRole385E94AC - Arn Runtime: python3.7 FunctionName: CreateGitCredsFunction MemorySize: 128 Timeout: 90 DependsOn: - CreateGitCredsRole385E94AC Metadata: aws:cdk:path: Module6/CreateGitCredsFunction/Resource GitCredsCR: Type: AWS::CloudFormation::CustomResource Properties: ServiceToken: Fn::GetAtt: - CreateGitCredsFunction9D6697C5 - Arn UpdateReplacePolicy: Delete DeletionPolicy: Delete Metadata: aws:cdk:path: Module6/GitCredsCR/Default idevelopCodeStarCloudFormationPolicy17A1651C: Type: AWS::IAM::ManagedPolicy Properties: PolicyDocument: Statement: - Action: - iam:GetRole - iam:CreateRole - iam:DeleteRole - iam:PassRole - iam:PutRolePolicy - iam:DeleteRolePolicy - iam:AttachRolePolicy - iam:DetachRolePolicy - lambda:ListTags - lambda:TagResource - lambda:UntagResource - lambda:AddPermission - lambda:RemovePermission - ec2:DescribeSecurityGroups - ec2:DescribeSubnets - ec2:DescribeVpcs - ec2:CreateNetworkInterface - ec2:AttachNetworkInterface - ec2:DescribeNetworkInterfaces - states:* - s3:* Effect: Allow Resource: "*" Version: "2012-10-17" Description: "" ManagedPolicyName: idevelopCodeStarCloudFormationPolicy Path: / Metadata: aws:cdk:path: Module6/idevelopCodeStarCloudFormationPolicy/Resource DDBTableTripSector3416594F: Type: AWS::DynamoDB::Table Properties: KeySchema: - AttributeName: date KeyType: HASH AttributeDefinitions: - AttributeName: date AttributeType: "N" - AttributeName: originCity AttributeType: S - AttributeName: destinationCity AttributeType: S GlobalSecondaryIndexes: - IndexName: originCity-index KeySchema: - AttributeName: originCity KeyType: HASH Projection: ProjectionType: ALL ProvisionedThroughput: ReadCapacityUnits: 5 WriteCapacityUnits: 5 - IndexName: destinationCity-index KeySchema: - AttributeName: destinationCity KeyType: HASH Projection: ProjectionType: ALL ProvisionedThroughput: ReadCapacityUnits: 5 WriteCapacityUnits: 5 ProvisionedThroughput: ReadCapacityUnits: 5 WriteCapacityUnits: 5 TableName: TravelBuddyTripSectors UpdateReplacePolicy: Retain DeletionPolicy: Retain Metadata: aws:cdk:path: Module6/DDBTableTripSector/Resource S3BucketLambdaCode4DBB269B: Type: AWS::S3::Bucket UpdateReplacePolicy: Retain DeletionPolicy: Retain Metadata: aws:cdk:path: Module6/S3BucketLambdaCode/Resource S3BucketWebsite18DDBCD4: Type: AWS::S3::Bucket Properties: WebsiteConfiguration: IndexDocument: index.html UpdateReplacePolicy: Delete DeletionPolicy: Delete Metadata: aws:cdk:path: Module6/S3BucketWebsite/Resource S3BucketWebsitePolicyDFEFA12C: Type: AWS::S3::BucketPolicy Properties: Bucket: Ref: S3BucketWebsite18DDBCD4 PolicyDocument: Statement: - Action: s3:GetObject Effect: Allow Principal: "*" Resource: Fn::Join: - "" - - Fn::GetAtt: - S3BucketWebsite18DDBCD4 - Arn - /* Version: "2012-10-17" Metadata: aws:cdk:path: Module6/S3BucketWebsite/Policy/Resource LambdaRole3A44B857: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRole Effect: Allow Principal: Service: lambda.amazonaws.com Version: "2012-10-17" Path: / Policies: - PolicyDocument: Statement: - Action: - s3:* - sns:* - cloudwatch:* - logs:* Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: EventEnginelambdarole - PolicyDocument: Statement: - Action: - xray:PutTraceSegments - xray:PutTelemetryRecords Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: XRayAccess - PolicyDocument: Statement: - Action: dynamodb:* Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: DynamoDBAccess - PolicyDocument: Statement: - Action: - iam:GetRole - iam:CreateRole - iam:DeleteRole - iam:PassRole - iam:PutRolePolicy - iam:DeleteRolePolicy - lambda:ListTags - lambda:TagResource - lambda:UntagResource - ec2:DescribeSecurityGroups - ec2:DescribeSubnets - ec2:DescribeVpcs - ec2:CreateNetworkInterface - ec2:AttachNetworkInterface - ec2:DescribeNetworkInterfaces - ec2:DeleteNetworkInterface Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: VPCIntegration RoleName: LambdaRole Metadata: aws:cdk:path: Module6/LambdaRole/Resource CognitoUserPool53E37E69: Type: AWS::Cognito::UserPool Properties: AccountRecoverySetting: RecoveryMechanisms: - Name: verified_phone_number Priority: 1 - Name: verified_email Priority: 2 AdminCreateUserConfig: AllowAdminCreateUserOnly: false UnusedAccountValidityDays: 7 AutoVerifiedAttributes: - email EmailVerificationMessage: The verification code to your new account is {####} EmailVerificationSubject: Verify your new account MfaConfiguration: "OFF" Policies: PasswordPolicy: MinimumLength: 6 RequireLowercase: false RequireNumbers: false RequireSymbols: false RequireUppercase: false Schema: - AttributeDataType: String DeveloperOnlyAttribute: false Mutable: false Name: sub Required: true StringAttributeConstraints: MaxLength: "2048" MinLength: "1" - AttributeDataType: String DeveloperOnlyAttribute: false Mutable: true Name: name Required: true StringAttributeConstraints: MaxLength: "2048" MinLength: "0" - AttributeDataType: String DeveloperOnlyAttribute: false Mutable: true Name: given_name Required: false StringAttributeConstraints: MaxLength: "2048" MinLength: "0" - AttributeDataType: String DeveloperOnlyAttribute: false Mutable: true Name: family_name Required: false StringAttributeConstraints: MaxLength: "2048" MinLength: "0" SmsVerificationMessage: The verification code to your new account is {####} UserPoolName: TravelBuddy VerificationMessageTemplate: DefaultEmailOption: CONFIRM_WITH_CODE EmailMessage: The verification code to your new account is {####} EmailSubject: Verify your new account SmsMessage: The verification code to your new account is {####} Metadata: aws:cdk:path: Module6/CognitoUserPool/Resource CognitoUserPoolClient5AB59AE4: Type: AWS::Cognito::UserPoolClient Properties: UserPoolId: Ref: CognitoUserPool53E37E69 AllowedOAuthFlows: - implicit - code AllowedOAuthFlowsUserPoolClient: true AllowedOAuthScopes: - profile - phone - email - openid - aws.cognito.signin.user.admin CallbackURLs: - https://example.com ClientName: TravelBuddyWebApp GenerateSecret: false SupportedIdentityProviders: - COGNITO Metadata: aws:cdk:path: Module6/CognitoUserPoolClient/Resource CIPTravelBuddy: Type: AWS::Cognito::IdentityPool Properties: AllowUnauthenticatedIdentities: false CognitoIdentityProviders: - ClientId: Ref: CognitoUserPoolClient5AB59AE4 ProviderName: Fn::GetAtt: - CognitoUserPool53E37E69 - ProviderName IdentityPoolName: TravelBuddy Metadata: aws:cdk:path: Module6/CIPTravelBuddy cognitoIAMUnauthenticatedRole399D1BE2: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRoleWithWebIdentity Condition: StringEquals: cognito-identity.amazonaws.com:aud: Ref: CIPTravelBuddy ForAnyValue:StringLike: cognito-identity.amazonaws.com:amr: unauthenticated Effect: Allow Principal: Federated: cognito-identity.amazonaws.com Version: "2012-10-17" Path: / Policies: - PolicyDocument: Statement: - Action: - mobileanalytics:PutEvents - cognito-sync:* Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: standardCognito RoleName: cognitoIAMUnauthenticatedRole Metadata: aws:cdk:path: Module6/cognitoIAMUnauthenticatedRole/Resource cognitoIAMAuthenticatedRoleDD1F6023: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Statement: - Action: sts:AssumeRoleWithWebIdentity Condition: StringEquals: cognito-identity.amazonaws.com:aud: Ref: CIPTravelBuddy ForAnyValue:StringLike: cognito-identity.amazonaws.com:amr: authenticated Effect: Allow Principal: Federated: cognito-identity.amazonaws.com Version: "2012-10-17" Path: / Policies: - PolicyDocument: Statement: - Action: - mobileanalytics:PutEvents - cognito-sync:* Effect: Allow Resource: "*" Version: "2012-10-17" PolicyName: standardCognito RoleName: cognitoIAMAuthenticatedRole Metadata: aws:cdk:path: Module6/cognitoIAMAuthenticatedRole/Resource CognitoRolesAttachment: Type: AWS::Cognito::IdentityPoolRoleAttachment Properties: IdentityPoolId: Ref: CIPTravelBuddy Roles: authenticated: Fn::GetAtt: - cognitoIAMAuthenticatedRoleDD1F6023 - Arn unauthenticated: Fn::GetAtt: - cognitoIAMUnauthenticatedRole399D1BE2 - Arn Metadata: aws:cdk:path: Module6/CognitoRolesAttachment CDKMetadata: Type: AWS::CDK::Metadata Properties: Modules: aws-cdk=1.73.0,@aws-cdk/assets=1.73.0,@aws-cdk/aws-applicationautoscaling=1.73.0,@aws-cdk/aws-autoscaling-common=1.73.0,@aws-cdk/aws-cloudwatch=1.73.0,@aws-cdk/aws-codeguruprofiler=1.73.0,@aws-cdk/aws-cognito=1.73.0,@aws-cdk/aws-dynamodb=1.73.0,@aws-cdk/aws-ec2=1.73.0,@aws-cdk/aws-events=1.73.0,@aws-cdk/aws-iam=1.73.0,@aws-cdk/aws-kms=1.73.0,@aws-cdk/aws-lambda=1.73.0,@aws-cdk/aws-logs=1.73.0,@aws-cdk/aws-rds=1.73.0,@aws-cdk/aws-s3=1.73.0,@aws-cdk/aws-s3-assets=1.73.0,@aws-cdk/aws-sam=1.73.0,@aws-cdk/aws-secretsmanager=1.73.0,@aws-cdk/aws-sqs=1.73.0,@aws-cdk/aws-ssm=1.73.0,@aws-cdk/cloud-assembly-schema=1.73.0,@aws-cdk/core=1.73.0,@aws-cdk/custom-resources=1.73.0,@aws-cdk/cx-api=1.73.0,@aws-cdk/region-info=1.73.0,jsii-runtime=node.js/v12.18.3 Metadata: aws:cdk:path: Module6/CDKMetadata/Default Condition: CDKMetadataAvailable Outputs: GitUserName: Description: Git Username Value: Fn::GetAtt: - GitCredsCR - GitUserName GitPassword: Description: Git Password Value: Fn::GetAtt: - GitCredsCR - GitPassword S3BucketLambdaCodeBucketName: Description: S3 Bucket for Lambda code upload Value: Ref: S3BucketLambdaCode4DBB269B S3BucketWWWBucketName: Value: Ref: S3BucketWebsite18DDBCD4 LambdaRoleARN: Description: ARN of Lambda execution role Value: Fn::GetAtt: - LambdaRole3A44B857 - Arn DatabaseSecurityGroup: Description: Security group allowing access to the Database Instance Value: Fn::GetAtt: - DevAxNetworkSGF6BD3961 - GroupId DatabaseSubnet1: Description: Private Subnet for Database Instance Value: Ref: DevAxNetworkVPCprivateSubnet1SubnetF1C6C29A DatabaseSubnet2: Description: Private Subnet for Database Instance Value: Ref: DevAxNetworkVPCprivateSubnet2SubnetD148A816 RDSEndpoint: Description: RDS database endpoint Value: Fn::Join: - "" - - jdbc:mysql:// - Fn::GetAtt: - DBinstanceA5CF359B - Endpoint.Address - :3306/travelbuddy?useSSL=false Conditions: CDKMetadataAvailable: Fn::Or: - Fn::Or: - Fn::Equals: - Ref: AWS::Region - ap-east-1 - Fn::Equals: - Ref: AWS::Region - ap-northeast-1 - Fn::Equals: - Ref: AWS::Region - ap-northeast-2 - Fn::Equals: - Ref: AWS::Region - ap-south-1 - Fn::Equals: - Ref: AWS::Region - ap-southeast-1 - Fn::Equals: - Ref: AWS::Region - ap-southeast-2 - Fn::Equals: - Ref: AWS::Region - ca-central-1 - Fn::Equals: - Ref: AWS::Region - cn-north-1 - Fn::Equals: - Ref: AWS::Region - cn-northwest-1 - Fn::Equals: - Ref: AWS::Region - eu-central-1 - Fn::Or: - Fn::Equals: - Ref: AWS::Region - eu-north-1 - Fn::Equals: - Ref: AWS::Region - eu-west-1 - Fn::Equals: - Ref: AWS::Region - eu-west-2 - Fn::Equals: - Ref: AWS::Region - eu-west-3 - Fn::Equals: - Ref: AWS::Region - me-south-1 - Fn::Equals: - Ref: AWS::Region - sa-east-1 - Fn::Equals: - Ref: AWS::Region - us-east-1 - Fn::Equals: - Ref: AWS::Region - us-east-2 - Fn::Equals: - Ref: AWS::Region - us-west-1 - Fn::Equals: - Ref: AWS::Region - us-west-2