この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので十分ご注意ください。
背景
AWS Database Migration Serviceを検証するために移行先DBであるOracle SE2 19c bring-your-own-licenseの構築が必要になります。ここでCloudFormationでの構築手順紹介します。
前提
・VPCが作成済みであること
・RDS用のセキュリティグループが作成済みであること
・CloudFormationのテンプレートをyaml形式とする。
・AWSの管理者ユーザで検証しています。
・AWSコンソール上でスタックを作成します(作成手順を割愛します)。
構築手順
Cfnテンプレート
コピペで利用できます。下記のパラメータを自分の環境に合わせて変更してご利用ください。
DBSubnet1a: { ID: subnet-xxxxxxxxxxxxxxxxx }
DBSubnet1c: { ID: subnet-xxxxxxxxxxxxxxxxx }
RdsSecurityGroup: { ID: sg-xxxxxxxxxxxxxxxxx }
AWSTemplateFormatVersion: '2010-09-09'
Description: This CloudFormation template to create RDS(Oracle) db instances.
Mappings:
dev:
DBSubnet1a: { ID: subnet-xxxxxxxxxxxxxxxxx }
DBSubnet1c: { ID: subnet-xxxxxxxxxxxxxxxxx }
RdsSecurityGroup: { ID: sg-xxxxxxxxxxxxxxxxx }
DBInstance:
Engine: oracle-se2
LicenseModel: bring-your-own-license
EngineVersion: 19.0.0.0.ru-2022-10.rur-2022-10.r1
RDS1AvailabilityZone: ap-northeast-1a
RDS2AvailabilityZone: ap-northeast-1c
BackupRetentionPeriod: 7
InstancePreferredBackupWindow: 13:00-13:30
InstancePreferredMaintenanceWindow: wed:14:00-wed:14:30
DatabaseName: testdb
AutoMinorVersionUpgrade: true
DBInstanceClass: db.t3.medium
DBParameterGroup:
DBEngineFamily: oracle-se2-19
Parameters:
Environment:
Description: Type of this environment.
Type: String
Default: dev
AllowedValues:
- dev
SystemName:
Description: Name of this system.
Type: String
Default: cpi
Username:
Description: Name of DB mater username.
Type: String
Default: dmsuser2
Password:
Description: Name of DB mater user password.
Type: String
NoEcho: true
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
-
Label:
default: Environment Configuration
Parameters:
- SystemName
- Environment
-
Label:
default: RDS DB instace Configuration
Parameters:
- Username
- Password
Resources:
# IAM Role for enhanced monitoring
RDSMonitoringRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Sub ${SystemName}-${Environment}-rds-monitoring-role
Path: /
AssumeRolePolicyDocument: !Sub |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "monitoring.rds.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole
Tags:
- Key: User
Value: kobayashi
RDSDBInstance1:
Type: AWS::RDS::DBInstance
Properties:
MasterUsername: !Ref Username
MasterUserPassword: !Ref Password
LicenseModel: !FindInMap [ !Ref Environment, DBInstance, LicenseModel ]
Port: 1521
VPCSecurityGroups:
- !FindInMap [ !Ref Environment, RdsSecurityGroup, ID ]
StorageEncrypted: true
DBName: !FindInMap [ !Ref Environment, DBInstance, DatabaseName ]
AllocatedStorage: '50'
DBSubnetGroupName: !Ref DBSubnetGroup
DBParameterGroupName: !Ref RDSDBParameterGroup
Engine: !FindInMap [ !Ref Environment, DBInstance, Engine ]
EngineVersion: !FindInMap [ !Ref Environment, DBInstance, EngineVersion ]
AvailabilityZone: !FindInMap [ !Ref Environment, DBInstance, RDS1AvailabilityZone ]
DBInstanceClass: !FindInMap [ !Ref Environment, DBInstance, DBInstanceClass ]
AutoMinorVersionUpgrade: !FindInMap [ !Ref Environment, DBInstance, AutoMinorVersionUpgrade ]
CopyTagsToSnapshot: true
DBInstanceIdentifier: !Sub ${SystemName}-${Environment}-kobayashi-oracle-test
EnablePerformanceInsights: true
PreferredBackupWindow: !FindInMap [ !Ref Environment, DBInstance, InstancePreferredBackupWindow ]
PreferredMaintenanceWindow: !FindInMap [ !Ref Environment, DBInstance, InstancePreferredMaintenanceWindow ]
# DeletionProtection: true
MonitoringInterval: 60
MonitoringRoleArn: !GetAtt RDSMonitoringRole.Arn
PubliclyAccessible: false
Tags:
- Key: Name
Value: !Sub ${SystemName}-${Environment}-kobayashi-oracle-test
- Key: User
Value: kobayashi
# DB subnet group
DBSubnetGroup:
Type: AWS::RDS::DBSubnetGroup
Properties:
DBSubnetGroupName: !Sub ${SystemName}-${Environment}-db-subnet-group
DBSubnetGroupDescription: !Sub ${SystemName}-${Environment}-db-subnet-group
SubnetIds:
- !FindInMap [ !Ref Environment, DBSubnet1a, ID ]
- !FindInMap [ !Ref Environment, DBSubnet1c, ID ]
Tags:
- Key: Name
Value: !Sub ${SystemName}-${Environment}-db-subnet-group
- Key: User
Value: kobayashi
# DB parameter group
RDSDBParameterGroup:
Type: AWS::RDS::DBParameterGroup
Properties:
Description: !Sub ${SystemName}-${Environment}-db-param-group
Family: !FindInMap [ !Ref Environment, DBParameterGroup, DBEngineFamily ]
Tags:
- Key: Name
Value: !Sub ${SystemName}-${Environment}-db-param-group
- Key: User
Value: kobayashiスタック作成時のパラメータ
作成後の確認
接続確認
接続コマンド
sqlplus dmsuser2/passw0rd@"(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=cpi-dev-kobayashi-oracle-test.c5qwrqga2axq.ap-northeast-1.rds.amazonaws.com)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=TESTDB)))"
テーブル一覧の確認コマンド
SELECT TABLE_NAME FROM USER_TABLES ORDER BY TABLE_NAME;
参考
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html