Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
tinhtq committed Nov 29, 2024
2 parents a624752 + db4f9a8 commit 58a04ed
Show file tree
Hide file tree
Showing 123 changed files with 373 additions and 66 deletions.
29 changes: 11 additions & 18 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -1,26 +1,19 @@
name: Git Secrets
run-name: ${{ github.actor }} is learning GitHub Actions

on: [push]
on:
push:
schedule:
- cron: "0 4 * * 6"

jobs:
build:
scan:
name: gitleaks
runs-on: ubuntu-latest

steps:
- name: Checkout
uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
repository: awslabs/git-secrets

- name: Install git secret
run: sudo make install

- name: Checkout
uses: actions/checkout@v3

- name: Run git-secrets
run: |
git secrets --install
git secrets --register-aws
git secrets --scan --recursive
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -9,3 +9,4 @@ test.txt
python.zip
backend.tf
.DS_Store
.env
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
1 change: 0 additions & 1 deletion cicd/codebuild/AngularPrj
Submodule AngularPrj deleted from f7f289
1 change: 0 additions & 1 deletion cicd/codecommit/MyTestRepo
Submodule MyTestRepo deleted from c65b5b
104 changes: 104 additions & 0 deletions ec2/high-availability/application.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: Application Resources

Parameters:
InstanceType:
Type: String
Default: t2.micro
KeyName:
Type: AWS::EC2::KeyPair::KeyName
Description: Key pair for SSH access to instances

Resources:
ApplicationLoadBalancer:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
Subnets:
- !ImportValue PublicSubnet1ID
- !ImportValue PublicSubnet2ID
SecurityGroups:
- !Ref ALBSecurityGroup
Scheme: internet-facing

ALBSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !ImportValue VPCID
GroupDescription: Allow inbound HTTP access
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0

TargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
VpcId: !ImportValue VPCID
Port: 80
Protocol: HTTP
TargetType: instance
HealthCheckProtocol: HTTP
HealthCheckPort: 80
HealthCheckPath: /

LoadBalancerListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
LoadBalancerArn: !Ref ApplicationLoadBalancer
Port: 80
Protocol: HTTP
DefaultActions:
- Type: forward
TargetGroupArn: !Ref TargetGroup

LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateData:
ImageId: ami-0a91cd140a1fc148a
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
SecurityGroupIds:
- !Ref EC2SecurityGroup

EC2SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !ImportValue VPCID
GroupDescription: Allow HTTP access from ALB
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
SourceSecurityGroupId: !Ref ALBSecurityGroup
SecurityGroupEgress:
- IpProtocol: -1
CidrIp: 0.0.0.0/0

AutoScalingGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
VPCZoneIdentifier:
- !ImportValue PrivateSubnet1ID
- !ImportValue PrivateSubnet2ID
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: 1
MinSize: 2
MaxSize: 4
TargetGroupARNs:
- !Ref TargetGroup

StaticContentBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub "udagram-static-content-bucket-${AWS::AccountId}"
OwnershipControls:
Rules:
- ObjectOwnership: BucketOwnerEnforced

Outputs:
LoadBalancerURL:
Description: Load Balancer URL
Value: !Sub "http://${ApplicationLoadBalancer.DNSName}"
125 changes: 125 additions & 0 deletions ec2/high-availability/network.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
AWSTemplateFormatVersion: '2010-09-09'
Description: Networking Resources

Parameters:
VPCBlock:
Type: String
Default: 10.0.0.0/16
PublicSubnet1Block:
Type: String
Default: 10.0.1.0/24
PublicSubnet2Block:
Type: String
Default: 10.0.2.0/24
PrivateSubnet1Block:
Type: String
Default: 10.0.3.0/24
PrivateSubnet2Block:
Type: String
Default: 10.0.4.0/24

Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref VPCBlock
EnableDnsSupport: true
EnableDnsHostnames: true
Tags:
- Key: Name
Value: UdagramVPC

InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Name
Value: UdagramIGW

AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway

PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PublicSubnet1Block
MapPublicIpOnLaunch: true
AvailabilityZone: !Select [ 0, !GetAZs '' ]
Tags:
- Key: Name
Value: PublicSubnet1

PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PublicSubnet2Block
MapPublicIpOnLaunch: true
AvailabilityZone: !Select [ 1, !GetAZs '' ]
Tags:
- Key: Name
Value: PublicSubnet2

PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PrivateSubnet1Block
AvailabilityZone: !Select [ 0, !GetAZs '' ]
Tags:
- Key: Name
Value: PrivateSubnet1

PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref PrivateSubnet2Block
AvailabilityZone: !Select [ 1, !GetAZs '' ]
Tags:
- Key: Name
Value: PrivateSubnet2

NatGatewayEIP:
Type: AWS::EC2::EIP

NatGateway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId: !GetAtt NatGatewayEIP.AllocationId
SubnetId: !Ref PublicSubnet1

Outputs:
VPCID:
Description: VPC ID
Value: !Ref VPC
Export:
Name: VPCID

PublicSubnet1ID:
Description: Public Subnet 1 ID
Value: !Ref PublicSubnet1
Export:
Name: PublicSubnet1ID

PublicSubnet2ID:
Description: Public Subnet 2 ID
Value: !Ref PublicSubnet2
Export:
Name: PublicSubnet2ID

PrivateSubnet1ID:
Description: Private Subnet 1 ID
Value: !Ref PrivateSubnet1
Export:
Name: PrivateSubnet1ID

PrivateSubnet2ID:
Description: Private Subnet 2 ID
Value: !Ref PrivateSubnet2
Export:
Name: PrivateSubnet2ID
21 changes: 2 additions & 19 deletions rds/promote-read-replicas/cloudwatch.tf
Original file line number Diff line number Diff line change
@@ -1,20 +1,3 @@
resource "aws_cloudwatch_log_group" "rds_logs" {
name = "/aws/rds/mydb/logs"
}

resource "aws_cloudwatch_metric_alarm" "high_cpu" {
alarm_name = "HighCPUUtilization"
comparison_operator = "GreaterThanThreshold"
evaluation_periods = 5
metric_name = "CPUUtilization"
namespace = "AWS/RDS"
period = 300
statistic = "Average"
threshold = 80

dimensions = {
DBInstanceIdentifier = aws_rds_cluster.primary.id
}

alarm_description = "Triggers if CPU utilization exceeds 80% for 5 minutes"
resource "aws_cloudwatch_log_group" "rds" {
name = "/aws/rds/cluster/${var.rds_cluster_name}/error"
}
1 change: 1 addition & 0 deletions rds/promote-read-replicas/data.tf
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,4 @@ data "aws_subnets" "default_subnets" {
values = [data.aws_vpc.default.id]
}
}

49 changes: 49 additions & 0 deletions rds/promote-read-replicas/load-test/script.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
import sql from "k6/x/sql";
import { check } from "k6";
import { loadEnv } from "k6/x/dotenv";
import driver from "k6/x/sql/driver/postgres";

export const options = {
vus: 10, // Number of Virtual Users
duration: "30s", // Total test duration
};

// Load environment variables
const env = loadEnv(".env");

// Replace with your PostgreSQL connection string
const db = sql.open(
driver,
`postgres://${env.DB_USER}:${env.DB_PASSWORD}@${env.DB_HOST}:${env.DB_PORT}/${env.DB_NAME}`
);

export function setup() {
db.exec(`CREATE TABLE IF NOT EXISTS person (
id SERIAL PRIMARY KEY,
email VARCHAR NOT NULL,
first_name VARCHAR,
last_name VARCHAR);`);

db.exec(
"INSERT INTO person (email, first_name, last_name) VALUES('[email protected]', 'John', 'Doe');"
);
db.exec(
"INSERT INTO person (email, first_name, last_name) VALUES('[email protected]', 'Mary', 'Sue');"
);
db.exec(
"INSERT INTO person (email, first_name, last_name) VALUES('[email protected]', 'Dory', 'Doe');"
);
}

export function teardown() {
db.exec("DELETE FROM person;");
db.exec("DROP TABLE person;");
db.close();
}

export default function () {
const results = sql.query(db, "SELECT * FROM person;");
check(results, {
"is length 3": (r) => r.length === 3,
});
}
Loading

0 comments on commit 58a04ed

Please sign in to comment.