Nakama custom Nakama authentication & update to RDS authentication

2025-07-28 19:44:24 +02:00 · 2019-11-03 17:34:28 -05:00
parent 2f5497ee76
commit b5e72c7a6b
4 changed files with 132 additions and 26 deletions
--- a/cloudformation/nakama/top.yaml
+++ b/cloudformation/nakama/top.yaml
@ -38,7 +38,18 @@ Parameters:
  #----------------------
  # Nakama Configuration
  #----------------------
+  NakamaUsername:
+    Type: String
+    Description: Username to access the Nakama admin portal
+    Default: "admin"
+  NakamaPasswordOverride:
+    Type: String
+    Description: Override Nakama admin portal password. Leave blank for random password.
+    Default: ""

+  #------------------------
+  # Database Configuration
+  #------------------------
  CreateDatabase:
    Type: String
    Default: "true"
@ -62,6 +73,32 @@ Parameters:
    Description: Port for the Postgres server
    Default: 5432

+  # Advanced RDS Configuration
+  RdsInstanceClass:
+    Type: String
+    Description: Instance class for the dabase to run on
+    Default: db.t2.micro
+  RdsEngine:
+    Type: String
+    Description: Database engine for the database to use
+    Default: postgres
+    AllowedValues: ["aurora", "aurora-mysql", "aurora-postgresql", "mariadb", "mysql", "oracle-ee", "oracle-se2", "oracle-se1", "oracle-se", "postgres", "sqlserver-ee", "sqlserver-se", "sqlserver-ex", "sqlserver-web"]
+  RdsUsername:
+    Type: String
+    Description: Master account's username for database
+    Default: postgres
+  RdsPort:
+    Type: Number
+    Description: Port for the database to open a socket on
+    Default: "5432"
+  RdsStorage:
+    Type: Number
+    Description: The amount of storage (in GB) allocated to the RDS instance
+    Default: "100"
+  RdsAccessCidr:
+    Type: String
+    Description: The CIDR used in the security group to secure the database
+    Default: "0.0.0.0/0"

 Conditions:
  CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
@ -79,6 +116,12 @@ Resources:
      Parameters:
        environment: !Ref environment
        VpcId: !Ref VpcId
+        InstanceClass: !Ref RdsInstanceClass
+        DatabaseEngine: !Ref RdsEngine
+        DatabaseUsername: !Ref RdsUsername
+        DatabasePort: !Ref RdsPort
+        DatabaseStorage: !Ref RdsStorage
+        DatabaseAccessCidr: !Ref RdsAccessCidr

  #-----------------
  # Load Balancing 
@ -93,7 +136,7 @@ Resources:
          Value: 60
      Scheme: internet-facing
      SecurityGroups:
-        - !Ref SecurityGroup
+        - !Ref AlbSecurityGroup
      Subnets: !Split [",", !Ref PublicSubnets]
      Tags:
        - Key: Name
@ -101,7 +144,7 @@ Resources:
        - Key: environment
          Value: !Ref environment

-  SecurityGroup:
+  AlbSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: ECS Allowed Ports
@ -197,6 +240,8 @@ Resources:
        DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
        DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
        DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
+        NakamaUsername: !Ref NakamaUsername
+        NakamaPasswordOverride: !Ref NakamaPasswordOverride

  EcsService:
    DependsOn: AdminPortalAlbListener