Skip to content

T
terraform-aws-rds
Commit 3aa04ac6 authored by Anton Babenko's avatar Anton Babenko Committed by GitHub
Browse files
Options

Upgraded module to support Terraform 0.12 (#126)

parent 05360c28
Show whitespace changes
Inline Side-by-side
Showing with 703 additions and 485 deletions
.pre-commit-config.yaml
View file @ 3aa04ac6
repos:
- repo: git://github.com/antonbabenko/pre-commit-terraform
rev: v1.7.3
rev: v1.12.0
hooks:
- id: terraform_fmt
- id: terraform_docs
# - id: terraform_docs
- repo: git://github.com/pre-commit/pre-commit-hooks
rev: v1.3.0
rev: v2.2.3
hooks:
- id: check-merge-conflict
README.md
View file @ 3aa04ac6
......@@ -27,6 +27,7 @@ Terraform 0.11. Pin module version to `~> v1.0`. Submit pull-requests to `terraf
```hcl
module "db" {
source = "terraform-aws-modules/rds/aws"
version = "~> 2.0"
identifier = "demodb"
......
examples/complete-mssql/main.tf
View file @ 3aa04ac6
......@@ -10,11 +10,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -32,12 +32,12 @@ module "db" {
allocated_storage = 20
storage_encrypted = false
name = "demodb"
name = null # "demodb"
username = "demouser"
password = "YourPwdShouldBeLongAndSecure!"
port = "1433"
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -51,7 +51,7 @@ module "db" {
}
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
# Snapshot name upon DB deletion
final_snapshot_identifier = "demodb"
......@@ -62,5 +62,10 @@ module "db" {
timezone = "Central Standard Time"
# Database Deletion Protection
deletion_protection = true
deletion_protection = false
# DB options
major_engine_version = "14.00"
options = []
}
examples/complete-mssql/outputs.tf
View file @ 3aa04ac6
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.db.this_db_instance_address}"
value = module.db.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.db.this_db_instance_arn}"
value = module.db.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.db.this_db_instance_availability_zone}"
value = module.db.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.db.this_db_instance_endpoint}"
value = module.db.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.db.this_db_instance_hosted_zone_id}"
value = module.db.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = "${module.db.this_db_instance_id}"
value = module.db.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.db.this_db_instance_resource_id}"
value = module.db.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = "${module.db.this_db_instance_status}"
value = module.db.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = "${module.db.this_db_instance_name}"
value = module.db.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = "${module.db.this_db_instance_username}"
value = module.db.this_db_instance_username
}
output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${module.db.this_db_instance_password}"
value = module.db.this_db_instance_password
}
output "this_db_instance_port" {
description = "The database port"
value = "${module.db.this_db_instance_port}"
value = module.db.this_db_instance_port
}
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.db.this_db_subnet_group_id}"
value = module.db.this_db_subnet_group_id
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.db.this_db_subnet_group_arn}"
value = module.db.this_db_subnet_group_arn
}
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = "${module.db.this_db_parameter_group_id}"
value = module.db.this_db_parameter_group_id
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = "${module.db.this_db_parameter_group_arn}"
value = module.db.this_db_parameter_group_arn
}
examples/complete-mysql/main.tf
View file @ 3aa04ac6
......@@ -10,11 +10,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -39,7 +39,7 @@ module "db" {
password = "YourPwdShouldBeLongAndSecure!"
port = "3306"
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -57,7 +57,7 @@ module "db" {
enabled_cloudwatch_logs_exports = ["audit", "general"]
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
# DB parameter group
family = "mysql5.7"
......@@ -69,7 +69,18 @@ module "db" {
final_snapshot_identifier = "demodb"
# Database Deletion Protection
deletion_protection = true
deletion_protection = false
parameters = [
{
name = "character_set_client"
value = "utf8"
},
{
name = "character_set_server"
value = "utf8"
}
]
options = [
{
......
examples/complete-mysql/outputs.tf
View file @ 3aa04ac6
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.db.this_db_instance_address}"
value = module.db.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.db.this_db_instance_arn}"
value = module.db.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.db.this_db_instance_availability_zone}"
value = module.db.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.db.this_db_instance_endpoint}"
value = module.db.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.db.this_db_instance_hosted_zone_id}"
value = module.db.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = "${module.db.this_db_instance_id}"
value = module.db.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.db.this_db_instance_resource_id}"
value = module.db.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = "${module.db.this_db_instance_status}"
value = module.db.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = "${module.db.this_db_instance_name}"
value = module.db.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = "${module.db.this_db_instance_username}"
value = module.db.this_db_instance_username
}
output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${module.db.this_db_instance_password}"
value = module.db.this_db_instance_password
}
output "this_db_instance_port" {
description = "The database port"
value = "${module.db.this_db_instance_port}"
value = module.db.this_db_instance_port
}
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.db.this_db_subnet_group_id}"
value = module.db.this_db_subnet_group_id
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.db.this_db_subnet_group_arn}"
value = module.db.this_db_subnet_group_arn
}
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = "${module.db.this_db_parameter_group_id}"
value = module.db.this_db_parameter_group_id
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = "${module.db.this_db_parameter_group_arn}"
value = module.db.this_db_parameter_group_arn
}
examples/complete-oracle/main.tf
View file @ 3aa04ac6
......@@ -10,11 +10,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -24,7 +24,7 @@ data "aws_security_group" "default" {
module "db" {
source = "../../"
identifier = "demodb"
identifier = "demodb-oracle"
engine = "oracle-ee"
engine_version = "12.1.0.2.v8"
......@@ -40,7 +40,7 @@ module "db" {
port = "1521"
iam_database_authentication_enabled = false
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -53,7 +53,7 @@ module "db" {
}
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
# DB parameter group
family = "oracle-ee-12.1"
......@@ -68,5 +68,5 @@ module "db" {
character_set_name = "AL32UTF8"
# Database Deletion Protection
deletion_protection = true
deletion_protection = false
}
examples/complete-oracle/outputs.tf
View file @ 3aa04ac6
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.db.this_db_instance_address}"
value = module.db.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.db.this_db_instance_arn}"
value = module.db.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.db.this_db_instance_availability_zone}"
value = module.db.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.db.this_db_instance_endpoint}"
value = module.db.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.db.this_db_instance_hosted_zone_id}"
value = module.db.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = "${module.db.this_db_instance_id}"
value = module.db.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.db.this_db_instance_resource_id}"
value = module.db.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = "${module.db.this_db_instance_status}"
value = module.db.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = "${module.db.this_db_instance_name}"
value = module.db.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = "${module.db.this_db_instance_username}"
value = module.db.this_db_instance_username
}
output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${module.db.this_db_instance_password}"
value = module.db.this_db_instance_password
}
output "this_db_instance_port" {
description = "The database port"
value = "${module.db.this_db_instance_port}"
value = module.db.this_db_instance_port
}
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.db.this_db_subnet_group_id}"
value = module.db.this_db_subnet_group_id
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.db.this_db_subnet_group_arn}"
value = module.db.this_db_subnet_group_arn
}
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = "${module.db.this_db_parameter_group_id}"
value = module.db.this_db_parameter_group_id
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = "${module.db.this_db_parameter_group_arn}"
value = module.db.this_db_parameter_group_arn
}
examples/complete-postgres/main.tf
View file @ 3aa04ac6
......@@ -10,11 +10,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -24,10 +24,10 @@ data "aws_security_group" "default" {
module "db" {
source = "../../"
identifier = "demodb"
identifier = "demodb-postgres"
engine = "postgres"
engine_version = "9.6.3"
engine_version = "9.6.9"
instance_class = "db.t2.large"
allocated_storage = 5
storage_encrypted = false
......@@ -43,7 +43,7 @@ module "db" {
password = "YourPwdShouldBeLongAndSecure!"
port = "5432"
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -59,7 +59,7 @@ module "db" {
enabled_cloudwatch_logs_exports = ["postgresql", "upgrade"]
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
# DB parameter group
family = "postgres9.6"
......@@ -71,5 +71,5 @@ module "db" {
final_snapshot_identifier = "demodb"
# Database Deletion Protection
deletion_protection = true
deletion_protection = false
}
examples/enhanced-monitoring/README.md
View file @ 3aa04ac6
......@@ -2,7 +2,7 @@
Configuration in this directory creates the additional resources required to use Enhanced Monitoring.
See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html for details
See http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html for details.
Data sources are used to discover existing VPC resources (VPC, subnet and security group).
......
examples/enhanced-monitoring/main.tf
View file @ 3aa04ac6
......@@ -10,11 +10,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -22,12 +22,12 @@ data "aws_security_group" "default" {
# Create an IAM role to allow enhanced monitoring
##################################################
resource "aws_iam_role" "rds_enhanced_monitoring" {
name = "rds-enhanced_monitoring-role"
assume_role_policy = "${data.aws_iam_policy_document.rds_enhanced_monitoring.json}"
name_prefix = "rds-enhanced-monitoring-"
assume_role_policy = data.aws_iam_policy_document.rds_enhanced_monitoring.json
}
resource "aws_iam_role_policy_attachment" "rds_enhanced_monitoring" {
role = "${aws_iam_role.rds_enhanced_monitoring.name}"
role = aws_iam_role.rds_enhanced_monitoring.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
}
......@@ -52,10 +52,10 @@ data "aws_iam_policy_document" "rds_enhanced_monitoring" {
module "db" {
source = "../../"
identifier = "demodb"
identifier = "demodb-enhanced-monitoring"
engine = "mysql"
engine_version = "5.7.11"
engine_version = "5.7.25"
instance_class = "db.t2.large"
allocated_storage = 5
storage_encrypted = false
......@@ -65,10 +65,12 @@ module "db" {
username = "user"
password = "YourPwdShouldBeLongAndSecure!"
port = "3306"
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
backup_retention_period = 0 // disable backups to create DB faster
# disable backups to create DB faster
backup_retention_period = 0
tags = {
Owner = "user"
......@@ -76,7 +78,7 @@ module "db" {
}
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
# DB parameter group
family = "mysql5.7"
......@@ -84,8 +86,8 @@ module "db" {
# DB option group
major_engine_version = "5.7"
monitoring_interval = "30"
monitoring_role_arn = "${aws_iam_role.rds_enhanced_monitoring.arn}"
monitoring_role_arn = aws_iam_role.rds_enhanced_monitoring.arn
# Database Deletion Protection
deletion_protection = true
deletion_protection = false
}
examples/replica-mysql/main.tf
View file @ 3aa04ac6
......@@ -21,11 +21,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -35,19 +35,19 @@ data "aws_security_group" "default" {
module "master" {
source = "../../"
identifier = "demodb-master"
identifier = "demodb-master-mysql"
engine = "${local.engine}"
engine_version = "${local.engine_version}"
instance_class = "${local.instance_class}"
allocated_storage = "${local.allocated_storage}"
engine = local.engine
engine_version = local.engine_version
instance_class = local.instance_class
allocated_storage = local.allocated_storage
name = "demodb"
username = "user"
password = "YourPwdShouldBeLongAndSecure!"
port = "${local.port}"
port = local.port
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -58,7 +58,7 @@ module "master" {
backup_retention_period = 1
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
create_db_option_group = false
create_db_parameter_group = false
......@@ -70,22 +70,22 @@ module "master" {
module "replica" {
source = "../../"
identifier = "demodb-replica"
identifier = "demodb-replica-mysql"
# Source database. For cross-region use this_db_instance_arn
replicate_source_db = "${module.master.this_db_instance_id}"
replicate_source_db = module.master.this_db_instance_id
engine = "${local.engine}"
engine_version = "${local.engine_version}"
instance_class = "${local.instance_class}"
allocated_storage = "${local.allocated_storage}"
engine = local.engine
engine_version = local.engine_version
instance_class = local.instance_class
allocated_storage = local.allocated_storage
# Username and password should not be set for replicas
username = ""
password = ""
port = "${local.port}"
port = local.port
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Tue:00:00-Tue:03:00"
backup_window = "03:00-06:00"
......
examples/replica-mysql/outputs.tf
View file @ 3aa04ac6
# Master
output "master_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.master.this_db_instance_address}"
value = module.master.this_db_instance_address
}
output "master_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.master.this_db_instance_arn}"
value = module.master.this_db_instance_arn
}
output "master_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.master.this_db_instance_availability_zone}"
value = module.master.this_db_instance_availability_zone
}
output "master_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.master.this_db_instance_endpoint}"
value = module.master.this_db_instance_endpoint
}
output "master_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.master.this_db_instance_hosted_zone_id}"
value = module.master.this_db_instance_hosted_zone_id
}
output "master_db_instance_id" {
description = "The RDS instance ID"
value = "${module.master.this_db_instance_id}"
value = module.master.this_db_instance_id
}
output "master_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.master.this_db_instance_resource_id}"
value = module.master.this_db_instance_resource_id
}
output "master_db_instance_status" {
description = "The RDS instance status"
value = "${module.master.this_db_instance_status}"
value = module.master.this_db_instance_status
}
output "master_db_instance_name" {
description = "The database name"
value = "${module.master.this_db_instance_name}"
value = module.master.this_db_instance_name
}
output "master_db_instance_username" {
description = "The master username for the database"
value = "${module.master.this_db_instance_username}"
value = module.master.this_db_instance_username
}
output "master_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${module.master.this_db_instance_password}"
value = module.master.this_db_instance_password
}
output "master_db_instance_port" {
description = "The database port"
value = "${module.master.this_db_instance_port}"
value = module.master.this_db_instance_port
}
output "master_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.master.this_db_subnet_group_id}"
value = module.master.this_db_subnet_group_id
}
output "master_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.master.this_db_subnet_group_arn}"
value = module.master.this_db_subnet_group_arn
}
# Replica
output "replica_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.replica.this_db_instance_address}"
value = module.replica.this_db_instance_address
}
output "replica_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.replica.this_db_instance_arn}"
value = module.replica.this_db_instance_arn
}
output "replica_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.replica.this_db_instance_availability_zone}"
value = module.replica.this_db_instance_availability_zone
}
output "replica_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.replica.this_db_instance_endpoint}"
value = module.replica.this_db_instance_endpoint
}
output "replica_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.replica.this_db_instance_hosted_zone_id}"
value = module.replica.this_db_instance_hosted_zone_id
}
output "replica_db_instance_id" {
description = "The RDS instance ID"
value = "${module.replica.this_db_instance_id}"
value = module.replica.this_db_instance_id
}
output "replica_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.replica.this_db_instance_resource_id}"
value = module.replica.this_db_instance_resource_id
}
output "replica_db_instance_status" {
description = "The RDS instance status"
value = "${module.replica.this_db_instance_status}"
value = module.replica.this_db_instance_status
}
output "replica_db_instance_name" {
description = "The database name"
value = "${module.replica.this_db_instance_name}"
value = module.replica.this_db_instance_name
}
output "replica_db_instance_username" {
description = "The replica username for the database"
value = "${module.replica.this_db_instance_username}"
value = module.replica.this_db_instance_username
}
output "replica_db_instance_port" {
description = "The database port"
value = "${module.replica.this_db_instance_port}"
value = module.replica.this_db_instance_port
}
examples/replica-postgres/main.tf
View file @ 3aa04ac6
......@@ -7,7 +7,7 @@ provider "aws" {
####################################
locals {
engine = "postgres"
engine_version = "9.6.3"
engine_version = "9.6.9"
instance_class = "db.t2.large"
allocated_storage = 5
port = "5432"
......@@ -21,11 +21,11 @@ data "aws_vpc" "default" {
}
data "aws_subnet_ids" "all" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
}
data "aws_security_group" "default" {
vpc_id = "${data.aws_vpc.default.id}"
vpc_id = data.aws_vpc.default.id
name = "default"
}
......@@ -35,19 +35,19 @@ data "aws_security_group" "default" {
module "master" {
source = "../../"
identifier = "demodb-master"
identifier = "demodb-master-postgres"
engine = "${local.engine}"
engine_version = "${local.engine_version}"
instance_class = "${local.instance_class}"
allocated_storage = "${local.allocated_storage}"
engine = local.engine
engine_version = local.engine_version
instance_class = local.instance_class
allocated_storage = local.allocated_storage
name = "demodb"
name = "demodbpostgres"
username = "demouser"
password = "YourPwdShouldBeLongAndSecure!"
port = "${local.port}"
port = local.port
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
......@@ -56,7 +56,7 @@ module "master" {
backup_retention_period = 1
# DB subnet group
subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
subnet_ids = data.aws_subnet_ids.all.ids
create_db_option_group = false
create_db_parameter_group = false
......@@ -68,22 +68,22 @@ module "master" {
module "replica" {
source = "../../"
identifier = "demodb-replica"
identifier = "demodb-replica-postgres"
# Source database. For cross-region use this_db_instance_arn
replicate_source_db = "${module.master.this_db_instance_id}"
replicate_source_db = module.master.this_db_instance_id
engine = "${local.engine}"
engine_version = "${local.engine_version}"
instance_class = "${local.instance_class}"
allocated_storage = "${local.allocated_storage}"
engine = local.engine
engine_version = local.engine_version
instance_class = local.instance_class
allocated_storage = local.allocated_storage
# Username and password must not be set for replicas
username = ""
password = ""
port = "${local.port}"
port = local.port
vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
vpc_security_group_ids = [data.aws_security_group.default.id]
maintenance_window = "Tue:00:00-Tue:03:00"
backup_window = "03:00-06:00"
......
examples/replica-postgres/outputs.tf
View file @ 3aa04ac6
# Master
output "master_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.master.this_db_instance_address}"
value = module.master.this_db_instance_address
}
output "master_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.master.this_db_instance_arn}"
value = module.master.this_db_instance_arn
}
output "master_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.master.this_db_instance_availability_zone}"
value = module.master.this_db_instance_availability_zone
}
output "master_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.master.this_db_instance_endpoint}"
value = module.master.this_db_instance_endpoint
}
output "master_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.master.this_db_instance_hosted_zone_id}"
value = module.master.this_db_instance_hosted_zone_id
}
output "master_db_instance_id" {
description = "The RDS instance ID"
value = "${module.master.this_db_instance_id}"
value = module.master.this_db_instance_id
}
output "master_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.master.this_db_instance_resource_id}"
value = module.master.this_db_instance_resource_id
}
output "master_db_instance_status" {
description = "The RDS instance status"
value = "${module.master.this_db_instance_status}"
value = module.master.this_db_instance_status
}
output "master_db_instance_name" {
description = "The database name"
value = "${module.master.this_db_instance_name}"
value = module.master.this_db_instance_name
}
output "master_db_instance_username" {
description = "The master username for the database"
value = "${module.master.this_db_instance_username}"
value = module.master.this_db_instance_username
}
output "master_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${module.master.this_db_instance_password}"
value = module.master.this_db_instance_password
}
output "master_db_instance_port" {
description = "The database port"
value = "${module.master.this_db_instance_port}"
value = module.master.this_db_instance_port
}
output "master_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.master.this_db_subnet_group_id}"
value = module.master.this_db_subnet_group_id
}
output "master_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.master.this_db_subnet_group_arn}"
value = module.master.this_db_subnet_group_arn
}
# Replica
output "replica_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.replica.this_db_instance_address}"
value = module.replica.this_db_instance_address
}
output "replica_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.replica.this_db_instance_arn}"
value = module.replica.this_db_instance_arn
}
output "replica_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.replica.this_db_instance_availability_zone}"
value = module.replica.this_db_instance_availability_zone
}
output "replica_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.replica.this_db_instance_endpoint}"
value = module.replica.this_db_instance_endpoint
}
output "replica_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.replica.this_db_instance_hosted_zone_id}"
value = module.replica.this_db_instance_hosted_zone_id
}
output "replica_db_instance_id" {
description = "The RDS instance ID"
value = "${module.replica.this_db_instance_id}"
value = module.replica.this_db_instance_id
}
output "replica_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.replica.this_db_instance_resource_id}"
value = module.replica.this_db_instance_resource_id
}
output "replica_db_instance_status" {
description = "The RDS instance status"
value = "${module.replica.this_db_instance_status}"
value = module.replica.this_db_instance_status
}
output "replica_db_instance_name" {
description = "The database name"
value = "${module.replica.this_db_instance_name}"
value = module.replica.this_db_instance_name
}
output "replica_db_instance_username" {
description = "The replica username for the database"
value = "${module.replica.this_db_instance_username}"
value = module.replica.this_db_instance_username
}
output "replica_db_instance_port" {
description = "The database port"
value = "${module.replica.this_db_instance_port}"
value = module.replica.this_db_instance_port
}
main.tf
View file @ 3aa04ac6
locals {
db_subnet_group_name = "${coalesce(var.db_subnet_group_name, module.db_subnet_group.this_db_subnet_group_id)}"
enable_create_db_subnet_group = "${var.db_subnet_group_name == "" ? var.create_db_subnet_group : 0}"
db_subnet_group_name = var.db_subnet_group_name != "" ? var.db_subnet_group_name : module.db_subnet_group.this_db_subnet_group_id
enable_create_db_subnet_group = var.db_subnet_group_name == "" ? var.create_db_subnet_group : false
parameter_group_name = "${coalesce(var.parameter_group_name, var.identifier)}"
parameter_group_name_id = "${coalesce(var.parameter_group_name, module.db_parameter_group.this_db_parameter_group_id)}"
parameter_group_name = var.parameter_group_name != "" ? var.parameter_group_name : var.identifier
parameter_group_name_id = var.parameter_group_name != "" ? var.parameter_group_name : module.db_parameter_group.this_db_parameter_group_id
option_group_name = "${coalesce(var.option_group_name, module.db_option_group.this_db_option_group_id)}"
enable_create_db_option_group = "${var.option_group_name == "" && var.engine != "postgres" ? var.create_db_option_group : 0}"
option_group_name = var.option_group_name != "" ? var.option_group_name : module.db_option_group.this_db_option_group_id
enable_create_db_option_group = var.option_group_name == "" && var.engine != "postgres" ? var.create_db_option_group : false
}
module "db_subnet_group" {
source = "./modules/db_subnet_group"
create = "${local.enable_create_db_subnet_group}"
identifier = "${var.identifier}"
create = local.enable_create_db_subnet_group
identifier = var.identifier
name_prefix = "${var.identifier}-"
subnet_ids = ["${var.subnet_ids}"]
subnet_ids = var.subnet_ids
tags = "${var.tags}"
tags = var.tags
}
module "db_parameter_group" {
source = "./modules/db_parameter_group"
create = "${var.create_db_parameter_group}"
identifier = "${var.identifier}"
name = "${var.parameter_group_name}"
description = "${var.parameter_group_description}"
create = var.create_db_parameter_group
identifier = var.identifier
name = var.parameter_group_name
description = var.parameter_group_description
name_prefix = "${var.identifier}-"
use_name_prefix = "${var.use_parameter_group_name_prefix}"
family = "${var.family}"
use_name_prefix = var.use_parameter_group_name_prefix
family = var.family
parameters = ["${var.parameters}"]
parameters = var.parameters
tags = "${var.tags}"
tags = var.tags
}
module "db_option_group" {
source = "./modules/db_option_group"
create = "${local.enable_create_db_option_group}"
identifier = "${var.identifier}"
create = local.enable_create_db_option_group
identifier = var.identifier
name_prefix = "${var.identifier}-"
option_group_description = "${var.option_group_description}"
engine_name = "${var.engine}"
major_engine_version = "${var.major_engine_version}"
option_group_description = var.option_group_description
engine_name = var.engine
major_engine_version = var.major_engine_version
options = ["${var.options}"]
options = var.options
tags = "${var.tags}"
tags = var.tags
}
module "db_instance" {
source = "./modules/db_instance"
create = "${var.create_db_instance}"
identifier = "${var.identifier}"
engine = "${var.engine}"
engine_version = "${var.engine_version}"
instance_class = "${var.instance_class}"
allocated_storage = "${var.allocated_storage}"
storage_type = "${var.storage_type}"
storage_encrypted = "${var.storage_encrypted}"
kms_key_id = "${var.kms_key_id}"
license_model = "${var.license_model}"
name = "${var.name}"
username = "${var.username}"
password = "${var.password}"
port = "${var.port}"
iam_database_authentication_enabled = "${var.iam_database_authentication_enabled}"
replicate_source_db = "${var.replicate_source_db}"
snapshot_identifier = "${var.snapshot_identifier}"
vpc_security_group_ids = ["${var.vpc_security_group_ids}"]
db_subnet_group_name = "${local.db_subnet_group_name}"
parameter_group_name = "${local.parameter_group_name_id}"
option_group_name = "${local.option_group_name}"
availability_zone = "${var.availability_zone}"
multi_az = "${var.multi_az}"
iops = "${var.iops}"
publicly_accessible = "${var.publicly_accessible}"
allow_major_version_upgrade = "${var.allow_major_version_upgrade}"
auto_minor_version_upgrade = "${var.auto_minor_version_upgrade}"
apply_immediately = "${var.apply_immediately}"
maintenance_window = "${var.maintenance_window}"
skip_final_snapshot = "${var.skip_final_snapshot}"
copy_tags_to_snapshot = "${var.copy_tags_to_snapshot}"
final_snapshot_identifier = "${var.final_snapshot_identifier}"
backup_retention_period = "${var.backup_retention_period}"
backup_window = "${var.backup_window}"
monitoring_interval = "${var.monitoring_interval}"
monitoring_role_arn = "${var.monitoring_role_arn}"
monitoring_role_name = "${var.monitoring_role_name}"
create_monitoring_role = "${var.create_monitoring_role}"
timezone = "${var.timezone}"
character_set_name = "${var.character_set_name}"
enabled_cloudwatch_logs_exports = "${var.enabled_cloudwatch_logs_exports}"
timeouts = "${var.timeouts}"
deletion_protection = "${var.deletion_protection}"
tags = "${var.tags}"
create = var.create_db_instance
identifier = var.identifier
engine = var.engine
engine_version = var.engine_version
instance_class = var.instance_class
allocated_storage = var.allocated_storage
storage_type = var.storage_type
storage_encrypted = var.storage_encrypted
kms_key_id = var.kms_key_id
license_model = var.license_model
name = var.name
username = var.username
password = var.password
port = var.port
iam_database_authentication_enabled = var.iam_database_authentication_enabled
replicate_source_db = var.replicate_source_db
snapshot_identifier = var.snapshot_identifier
vpc_security_group_ids = var.vpc_security_group_ids
db_subnet_group_name = local.db_subnet_group_name
parameter_group_name = local.parameter_group_name_id
option_group_name = local.option_group_name
availability_zone = var.availability_zone
multi_az = var.multi_az
iops = var.iops
publicly_accessible = var.publicly_accessible
allow_major_version_upgrade = var.allow_major_version_upgrade
auto_minor_version_upgrade = var.auto_minor_version_upgrade
apply_immediately = var.apply_immediately
maintenance_window = var.maintenance_window
skip_final_snapshot = var.skip_final_snapshot
copy_tags_to_snapshot = var.copy_tags_to_snapshot
final_snapshot_identifier = var.final_snapshot_identifier
backup_retention_period = var.backup_retention_period
backup_window = var.backup_window
monitoring_interval = var.monitoring_interval
monitoring_role_arn = var.monitoring_role_arn
monitoring_role_name = var.monitoring_role_name
create_monitoring_role = var.create_monitoring_role
timezone = var.timezone
character_set_name = var.character_set_name
enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports
timeouts = var.timeouts
deletion_protection = var.deletion_protection
tags = var.tags
}
modules/db_instance/main.tf
View file @ 3aa04ac6
locals {
is_mssql = "${element(split("-", var.engine), 0) == "sqlserver"}"
is_mssql = element(split("-", var.engine), 0) == "sqlserver"
}
data "aws_iam_policy_document" "enhanced_monitoring" {
statement {
actions = [
"sts:AssumeRole",
]
principals {
type = "Service"
identifiers = ["monitoring.rds.amazonaws.com"]
}
}
}
resource "aws_iam_role" "enhanced_monitoring" {
count = "${var.create_monitoring_role ? 1 : 0}"
count = var.create_monitoring_role ? 1 : 0
name = "${var.monitoring_role_name}"
assume_role_policy = "${file("${path.module}/policy/enhancedmonitoring.json")}"
tags = "${merge(map("Name", format("%s", var.monitoring_role_name)), var.tags)}"
name = var.monitoring_role_name
assume_role_policy = data.aws_iam_policy_document.enhanced_monitoring.json
tags = merge(
{
"Name" = format("%s", var.monitoring_role_name)
},
var.tags,
)
}
resource "aws_iam_role_policy_attachment" "enhanced_monitoring" {
count = "${var.create_monitoring_role ? 1 : 0}"
count = var.create_monitoring_role ? 1 : 0
role = "${aws_iam_role.enhanced_monitoring.name}"
role = aws_iam_role.enhanced_monitoring[0].name
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
}
resource "aws_db_instance" "this" {
count = "${var.create && ! local.is_mssql ? 1 : 0}"
identifier = "${var.identifier}"
engine = "${var.engine}"
engine_version = "${var.engine_version}"
instance_class = "${var.instance_class}"
allocated_storage = "${var.allocated_storage}"
storage_type = "${var.storage_type}"
storage_encrypted = "${var.storage_encrypted}"
kms_key_id = "${var.kms_key_id}"
license_model = "${var.license_model}"
name = "${var.name}"
username = "${var.username}"
password = "${var.password}"
port = "${var.port}"
iam_database_authentication_enabled = "${var.iam_database_authentication_enabled}"
replicate_source_db = "${var.replicate_source_db}"
snapshot_identifier = "${var.snapshot_identifier}"
vpc_security_group_ids = ["${var.vpc_security_group_ids}"]
db_subnet_group_name = "${var.db_subnet_group_name}"
parameter_group_name = "${var.parameter_group_name}"
option_group_name = "${var.option_group_name}"
availability_zone = "${var.availability_zone}"
multi_az = "${var.multi_az}"
iops = "${var.iops}"
publicly_accessible = "${var.publicly_accessible}"
monitoring_interval = "${var.monitoring_interval}"
monitoring_role_arn = "${coalesce(var.monitoring_role_arn, join("", aws_iam_role.enhanced_monitoring.*.arn))}"
allow_major_version_upgrade = "${var.allow_major_version_upgrade}"
auto_minor_version_upgrade = "${var.auto_minor_version_upgrade}"
apply_immediately = "${var.apply_immediately}"
maintenance_window = "${var.maintenance_window}"
skip_final_snapshot = "${var.skip_final_snapshot}"
copy_tags_to_snapshot = "${var.copy_tags_to_snapshot}"
final_snapshot_identifier = "${var.final_snapshot_identifier}"
backup_retention_period = "${var.backup_retention_period}"
backup_window = "${var.backup_window}"
character_set_name = "${var.character_set_name}"
enabled_cloudwatch_logs_exports = "${var.enabled_cloudwatch_logs_exports}"
timeouts = "${var.timeouts}"
deletion_protection = "${var.deletion_protection}"
tags = "${merge(var.tags, map("Name", format("%s", var.identifier)))}"
count = var.create && false == local.is_mssql ? 1 : 0
identifier = var.identifier
engine = var.engine
engine_version = var.engine_version
instance_class = var.instance_class
allocated_storage = var.allocated_storage
storage_type = var.storage_type
storage_encrypted = var.storage_encrypted
kms_key_id = var.kms_key_id
license_model = var.license_model
name = var.name
username = var.username
password = var.password
port = var.port
iam_database_authentication_enabled = var.iam_database_authentication_enabled
replicate_source_db = var.replicate_source_db
snapshot_identifier = var.snapshot_identifier
vpc_security_group_ids = var.vpc_security_group_ids
db_subnet_group_name = var.db_subnet_group_name
parameter_group_name = var.parameter_group_name
option_group_name = var.option_group_name
availability_zone = var.availability_zone
multi_az = var.multi_az
iops = var.iops
publicly_accessible = var.publicly_accessible
monitoring_interval = var.monitoring_interval
monitoring_role_arn = coalesce(var.monitoring_role_arn, aws_iam_role.enhanced_monitoring.*.arn, null)
allow_major_version_upgrade = var.allow_major_version_upgrade
auto_minor_version_upgrade = var.auto_minor_version_upgrade
apply_immediately = var.apply_immediately
maintenance_window = var.maintenance_window
skip_final_snapshot = var.skip_final_snapshot
copy_tags_to_snapshot = var.copy_tags_to_snapshot
final_snapshot_identifier = var.final_snapshot_identifier
backup_retention_period = var.backup_retention_period
backup_window = var.backup_window
character_set_name = var.character_set_name
enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports
deletion_protection = var.deletion_protection
tags = merge(
var.tags,
{
"Name" = format("%s", var.identifier)
},
)
timeouts {
create = lookup(var.timeouts, "create", null)
delete = lookup(var.timeouts, "delete", null)
update = lookup(var.timeouts, "update", null)
}
}
resource "aws_db_instance" "this_mssql" {
count = "${var.create && local.is_mssql ? 1 : 0}"
identifier = "${var.identifier}"
engine = "${var.engine}"
engine_version = "${var.engine_version}"
instance_class = "${var.instance_class}"
allocated_storage = "${var.allocated_storage}"
storage_type = "${var.storage_type}"
storage_encrypted = "${var.storage_encrypted}"
kms_key_id = "${var.kms_key_id}"
license_model = "${var.license_model}"
name = "${var.name}"
username = "${var.username}"
password = "${var.password}"
port = "${var.port}"
iam_database_authentication_enabled = "${var.iam_database_authentication_enabled}"
replicate_source_db = "${var.replicate_source_db}"
snapshot_identifier = "${var.snapshot_identifier}"
vpc_security_group_ids = ["${var.vpc_security_group_ids}"]
db_subnet_group_name = "${var.db_subnet_group_name}"
parameter_group_name = "${var.parameter_group_name}"
option_group_name = "${var.option_group_name}"
availability_zone = "${var.availability_zone}"
multi_az = "${var.multi_az}"
iops = "${var.iops}"
publicly_accessible = "${var.publicly_accessible}"
monitoring_interval = "${var.monitoring_interval}"
monitoring_role_arn = "${coalesce(var.monitoring_role_arn, join("", aws_iam_role.enhanced_monitoring.*.arn))}"
allow_major_version_upgrade = "${var.allow_major_version_upgrade}"
auto_minor_version_upgrade = "${var.auto_minor_version_upgrade}"
apply_immediately = "${var.apply_immediately}"
maintenance_window = "${var.maintenance_window}"
skip_final_snapshot = "${var.skip_final_snapshot}"
copy_tags_to_snapshot = "${var.copy_tags_to_snapshot}"
final_snapshot_identifier = "${var.final_snapshot_identifier}"
backup_retention_period = "${var.backup_retention_period}"
backup_window = "${var.backup_window}"
timezone = "${var.timezone}"
enabled_cloudwatch_logs_exports = "${var.enabled_cloudwatch_logs_exports}"
timeouts = "${var.timeouts}"
deletion_protection = "${var.deletion_protection}"
tags = "${merge(var.tags, map("Name", format("%s", var.identifier)))}"
count = var.create && local.is_mssql ? 1 : 0
identifier = var.identifier
engine = var.engine
engine_version = var.engine_version
instance_class = var.instance_class
allocated_storage = var.allocated_storage
storage_type = var.storage_type
storage_encrypted = var.storage_encrypted
kms_key_id = var.kms_key_id
license_model = var.license_model
name = var.name
username = var.username
password = var.password
port = var.port
iam_database_authentication_enabled = var.iam_database_authentication_enabled
replicate_source_db = var.replicate_source_db
snapshot_identifier = var.snapshot_identifier
vpc_security_group_ids = var.vpc_security_group_ids
db_subnet_group_name = var.db_subnet_group_name
parameter_group_name = var.parameter_group_name
option_group_name = var.option_group_name
availability_zone = var.availability_zone
multi_az = var.multi_az
iops = var.iops
publicly_accessible = var.publicly_accessible
monitoring_interval = var.monitoring_interval
monitoring_role_arn = coalesce(var.monitoring_role_arn, aws_iam_role.enhanced_monitoring.*.arn, null)
allow_major_version_upgrade = var.allow_major_version_upgrade
auto_minor_version_upgrade = var.auto_minor_version_upgrade
apply_immediately = var.apply_immediately
maintenance_window = var.maintenance_window
skip_final_snapshot = var.skip_final_snapshot
copy_tags_to_snapshot = var.copy_tags_to_snapshot
final_snapshot_identifier = var.final_snapshot_identifier
backup_retention_period = var.backup_retention_period
backup_window = var.backup_window
timezone = var.timezone
enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports
deletion_protection = var.deletion_protection
tags = merge(
var.tags,
{
"Name" = format("%s", var.identifier)
},
)
timeouts {
create = lookup(var.timeouts, "create", null)
delete = lookup(var.timeouts, "delete", null)
update = lookup(var.timeouts, "update", null)
}
}
modules/db_instance/outputs.tf
View file @ 3aa04ac6
locals {
this_db_instance_address = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.address, aws_db_instance.this.*.address), list("")), 0)}"
this_db_instance_arn = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.arn, aws_db_instance.this.*.arn), list("")), 0)}"
this_db_instance_availability_zone = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.availability_zone, aws_db_instance.this.*.availability_zone), list("")), 0)}"
this_db_instance_endpoint = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.endpoint, aws_db_instance.this.*.endpoint), list("")), 0)}"
this_db_instance_hosted_zone_id = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.hosted_zone_id, aws_db_instance.this.*.hosted_zone_id), list("")), 0)}"
this_db_instance_id = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.id, aws_db_instance.this.*.id), list("")), 0)}"
this_db_instance_resource_id = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.resource_id, aws_db_instance.this.*.resource_id), list("")), 0)}"
this_db_instance_status = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.status, aws_db_instance.this.*.status), list("")), 0)}"
this_db_instance_name = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.name, aws_db_instance.this.*.name), list("")), 0)}"
this_db_instance_username = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.username, aws_db_instance.this.*.username), list("")), 0)}"
this_db_instance_port = "${element(concat(coalescelist(aws_db_instance.this_mssql.*.port, aws_db_instance.this.*.port), list("")), 0)}"
this_db_instance_address = element(concat(aws_db_instance.this_mssql.*.address, aws_db_instance.this.*.address, [""]), 0)
this_db_instance_arn = element(concat(aws_db_instance.this_mssql.*.arn, aws_db_instance.this.*.arn, [""]), 0)
this_db_instance_availability_zone = element(concat(aws_db_instance.this_mssql.*.availability_zone, aws_db_instance.this.*.availability_zone, [""]), 0)
this_db_instance_endpoint = element(concat(aws_db_instance.this_mssql.*.endpoint, aws_db_instance.this.*.endpoint, [""]), 0)
this_db_instance_hosted_zone_id = element(concat(aws_db_instance.this_mssql.*.hosted_zone_id, aws_db_instance.this.*.hosted_zone_id, [""]), 0)
this_db_instance_id = element(concat(aws_db_instance.this_mssql.*.id, aws_db_instance.this.*.id, [""]), 0)
this_db_instance_resource_id = element(concat(aws_db_instance.this_mssql.*.resource_id, aws_db_instance.this.*.resource_id, [""]), 0)
this_db_instance_status = element(concat(aws_db_instance.this_mssql.*.status, aws_db_instance.this.*.status, [""]), 0)
this_db_instance_name = element(concat(aws_db_instance.this_mssql.*.name, aws_db_instance.this.*.name, [""]), 0)
this_db_instance_username = element(concat(aws_db_instance.this_mssql.*.username, aws_db_instance.this.*.username, [""]), 0)
this_db_instance_port = element(concat(aws_db_instance.this_mssql.*.port, aws_db_instance.this.*.port, [""]), 0)
}
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = "${local.this_db_instance_address}"
value = local.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${local.this_db_instance_arn}"
value = local.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${local.this_db_instance_availability_zone}"
value = local.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = "${local.this_db_instance_endpoint}"
value = local.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${local.this_db_instance_hosted_zone_id}"
value = local.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = "${local.this_db_instance_id}"
value = local.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${local.this_db_instance_resource_id}"
value = local.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = "${local.this_db_instance_status}"
value = local.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = "${local.this_db_instance_name}"
value = local.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = "${local.this_db_instance_username}"
value = local.this_db_instance_username
}
output "this_db_instance_port" {
description = "The database port"
value = "${local.this_db_instance_port}"
value = local.this_db_instance_port
}
modules/db_instance/policy/enhancedmonitoring.json deleted 100644 → 0
View file @ 05360c28
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "monitoring.rds.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
modules/db_instance/variables.tf
View file @ 3aa04ac6
variable "create" {
description = "Whether to create this resource or not?"
type = bool
default = true
}
variable "identifier" {
description = "The name of the RDS instance, if omitted, Terraform will assign a random, unique identifier"
type = string
}
variable "allocated_storage" {
description = "The allocated storage in gigabytes"
type = string
}
variable "storage_type" {
description = "One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'standard' if not. Note that this behaviour is different from the AWS web console, where the default is 'gp2'."
type = string
default = "gp2"
}
variable "storage_encrypted" {
description = "Specifies whether the DB instance is encrypted"
type = bool
default = false
}
variable "kms_key_id" {
description = "The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage_encrypted is set to true and kms_key_id is not specified the default KMS key created in your account will be used"
type = string
default = ""
}
variable "replicate_source_db" {
description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate."
type = string
default = ""
}
variable "snapshot_identifier" {
description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05."
type = string
default = ""
}
variable "license_model" {
description = "License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1"
type = string
default = ""
}
variable "iam_database_authentication_enabled" {
description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
type = bool
default = false
}
variable "engine" {
description = "The database engine to use"
type = string
}
variable "engine_version" {
description = "The engine version to use"
type = string
}
variable "instance_class" {
description = "The instance type of the RDS instance"
type = string
}
variable "name" {
description = "The DB name to create. If omitted, no database is created initially"
type = string
default = ""
}
variable "username" {
description = "Username for the master DB user"
type = string
}
variable "password" {
description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file"
type = string
}
variable "port" {
description = "The port on which the DB accepts connections"
type = string
}
variable "final_snapshot_identifier" {
description = "The name of your final DB snapshot when this DB instance is deleted."
default = false
type = string
default = null
}
variable "vpc_security_group_ids" {
description = "List of VPC security groups to associate"
type = list(string)
default = []
}
variable "db_subnet_group_name" {
description = "Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC"
type = string
default = ""
}
variable "parameter_group_name" {
description = "Name of the DB parameter group to associate"
type = string
default = ""
}
variable "availability_zone" {
description = "The Availability Zone of the RDS instance"
type = string
default = ""
}
variable "multi_az" {
description = "Specifies if the RDS instance is multi-AZ"
type = bool
default = false
}
variable "iops" {
description = "The amount of provisioned IOPS. Setting this implies a storage_type of 'io1'"
type = number
default = 0
}
variable "publicly_accessible" {
description = "Bool to control if instance is publicly accessible"
type = bool
default = false
}
variable "monitoring_interval" {
description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60."
type = number
default = 0
}
variable "monitoring_role_arn" {
description = "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. Must be specified if monitoring_interval is non-zero."
type = string
default = ""
}
variable "monitoring_role_name" {
description = "Name of the IAM role which will be created when create_monitoring_role is enabled."
type = string
default = "rds-monitoring-role"
}
variable "create_monitoring_role" {
description = "Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs."
type = bool
default = false
}
variable "allow_major_version_upgrade" {
description = "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible"
type = bool
default = false
}
variable "auto_minor_version_upgrade" {
description = "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window"
type = bool
default = true
}
variable "apply_immediately" {
description = "Specifies whether any database modifications are applied immediately, or during the next maintenance window"
type = bool
default = false
}
variable "maintenance_window" {
description = "The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00'"
type = string
}
variable "skip_final_snapshot" {
description = "Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final_snapshot_identifier"
type = bool
default = true
}
variable "copy_tags_to_snapshot" {
description = "On delete, copy all Instance tags to the final snapshot (if final_snapshot_identifier is specified)"
type = bool
default = false
}
variable "backup_retention_period" {
description = "The days to retain backups for"
type = number
default = 1
}
variable "backup_window" {
description = "The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window"
type = string
}
variable "tags" {
description = "A mapping of tags to assign to all resources"
type = map(string)
default = {}
}
variable "option_group_name" {
description = "Name of the DB option group to associate."
type = string
default = ""
}
variable "timezone" {
description = "(Optional) Time zone of the DB instance. timezone is currently only supported by Microsoft SQL Server. The timezone can only be set on creation. See MSSQL User Guide for more information."
type = string
default = ""
}
variable "character_set_name" {
description = "(Optional) The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS for more information"
type = string
default = ""
}
variable "enabled_cloudwatch_logs_exports" {
description = "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL)."
type = list(string)
default = []
}
variable "timeouts" {
description = "(Optional) Updated Terraform resource management timeouts. Applies to `aws_db_instance` in particular to permit resource management times"
type = "map"
type = map(string)
default = {
create = "40m"
update = "80m"
......@@ -211,5 +252,6 @@ variable "timeouts" {
variable "deletion_protection" {
description = "The database can't be deleted when this value is set to true."
type = bool
default = false
}
modules/db_option_group/main.tf
View file @ 3aa04ac6
resource "aws_db_option_group" "this" {
count = "${var.create ? 1 : 0}"
count = var.create ? 1 : 0
name_prefix = "${var.name_prefix}"
option_group_description = "${var.option_group_description == "" ? format("Option group for %s", var.identifier) : var.option_group_description}"
engine_name = "${var.engine_name}"
major_engine_version = "${var.major_engine_version}"
name_prefix = var.name_prefix
option_group_description = var.option_group_description == "" ? format("Option group for %s", var.identifier) : var.option_group_description
engine_name = var.engine_name
major_engine_version = var.major_engine_version
option = ["${var.options}"]
dynamic "option" {
for_each = var.options
content {
option_name = option.value.option_name
port = lookup(option.value, "port", null)
version = lookup(option.value, "version", null)
db_security_group_memberships = lookup(option.value, "db_security_group_memberships", null)
vpc_security_group_memberships = lookup(option.value, "vpc_security_group_memberships", null)
tags = "${merge(var.tags, map("Name", format("%s", var.identifier)))}"
dynamic "option_settings" {
for_each = lookup(option.value, "option_settings", [])
content {
name = lookup(option_settings.value, "name", null)
value = lookup(option_settings.value, "value", null)
}
}
}
}
tags = merge(
var.tags,
{
"Name" = format("%s", var.identifier)
},
)
lifecycle {
create_before_destroy = true
}
}
modules/db_option_group/outputs.tf
View file @ 3aa04ac6
output "this_db_option_group_id" {
description = "The db option group id"
value = "${element(split(",", join(",", aws_db_option_group.this.*.id)), 0)}"
value = element(concat(aws_db_option_group.this.*.id, [""]), 0)
}
output "this_db_option_group_arn" {
description = "The ARN of the db option group"
value = "${element(split(",", join(",", aws_db_option_group.this.*.arn)), 0)}"
value = element(concat(aws_db_option_group.this.*.arn, [""]), 0)
}
modules/db_option_group/variables.tf
View file @ 3aa04ac6
variable "create" {
description = "Whether to create this resource or not?"
type = bool
default = true
}
variable "name_prefix" {
description = "Creates a unique name beginning with the specified prefix"
type = string
}
variable "identifier" {
description = "The identifier of the resource"
type = string
}
variable "option_group_description" {
description = "The description of the option group"
type = string
default = ""
}
variable "engine_name" {
description = "Specifies the name of the engine that this option group should be associated with"
type = string
}
variable "major_engine_version" {
description = "Specifies the major version of the engine that this option group should be associated with"
type = string
}
variable "options" {
type = "list"
description = "A list of Options to apply"
type = any
default = []
}
variable "tags" {
type = "map"
description = "A mapping of tags to assign to the resource"
type = map(string)
default = {}
}
modules/db_parameter_group/main.tf
View file @ 3aa04ac6
locals {
description = "${coalesce(var.description, "Database parameter group for ${var.identifier}")}"
description = coalesce(var.description, "Database parameter group for ${var.identifier}")
}
resource "aws_db_parameter_group" "this_no_prefix" {
count = "${var.create && ! var.use_name_prefix ? 1 : 0}"
name = "${var.name}"
description = "${local.description}"
family = "${var.family}"
parameter = ["${var.parameters}"]
count = var.create && false == var.use_name_prefix ? 1 : 0
name = var.name
description = local.description
family = var.family
dynamic "parameter" {
for_each = var.parameters
content {
name = parameter.value.name
value = parameter.value.value
apply_method = lookup(parameter.value, "apply_method", null)
}
}
tags = "${merge(var.tags, map("Name", format("%s", var.name)))}"
tags = merge(
var.tags,
{
"Name" = format("%s", var.name)
},
)
lifecycle {
create_before_destroy = true
......@@ -19,17 +31,30 @@ resource "aws_db_parameter_group" "this_no_prefix" {
}
resource "aws_db_parameter_group" "this" {
count = "${var.create && var.use_name_prefix ? 1 : 0}"
name_prefix = "${var.name_prefix}"
description = "${local.description}"
family = "${var.family}"
parameter = ["${var.parameters}"]
count = var.create && var.use_name_prefix ? 1 : 0
name_prefix = var.name_prefix
description = local.description
family = var.family
dynamic "parameter" {
for_each = var.parameters
content {
name = parameter.value.name
value = parameter.value.value
apply_method = lookup(parameter.value, "apply_method", null)
}
}
tags = "${merge(var.tags, map("Name", format("%s", var.identifier)))}"
tags = merge(
var.tags,
{
"Name" = format("%s", var.identifier)
},
)
lifecycle {
create_before_destroy = true
}
}
modules/db_parameter_group/outputs.tf
View file @ 3aa04ac6
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = "${element(concat(coalescelist(aws_db_parameter_group.this.*.id, aws_db_parameter_group.this_no_prefix.*.id), list("")), 0)}"
value = element(concat(aws_db_parameter_group.this.*.id, aws_db_parameter_group.this_no_prefix.*.id, [""]), 0)
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = "${element(concat(coalescelist(aws_db_parameter_group.this.*.arn, aws_db_parameter_group.this_no_prefix.*.arn), list("")), 0)}"
value = element(concat(aws_db_parameter_group.this.*.arn, aws_db_parameter_group.this_no_prefix.*.arn, [""]), 0)
}
modules/db_parameter_group/variables.tf
View file @ 3aa04ac6
variable "create" {
description = "Whether to create this resource or not?"
type = bool
default = true
}
variable "description" {
default = ""
description = "The description of the DB parameter group"
type = string
default = ""
}
variable "name" {
default = ""
description = "The name of the DB parameter group"
type = string
default = ""
}
variable "name_prefix" {
default = ""
description = "Creates a unique name beginning with the specified prefix"
type = string
default = ""
}
variable "identifier" {
description = "The identifier of the resource"
type = string
}
variable "family" {
description = "The family of the DB parameter group"
type = string
}
variable "parameters" {
description = "A list of DB parameter maps to apply"
default = []
type = list(map(string))
default = {}
}
variable "tags" {
type = "map"
description = "A mapping of tags to assign to the resource"
type = map(string)
default = {}
}
variable "use_name_prefix" {
description = "Whether to use name_prefix or not"
type = bool
default = true
}
modules/db_subnet_group/main.tf
View file @ 3aa04ac6
resource "aws_db_subnet_group" "this" {
count = "${var.create ? 1 : 0}"
count = var.create ? 1 : 0
name_prefix = "${var.name_prefix}"
name_prefix = var.name_prefix
description = "Database subnet group for ${var.identifier}"
subnet_ids = ["${var.subnet_ids}"]
subnet_ids = var.subnet_ids
tags = "${merge(var.tags, map("Name", format("%s", var.identifier)))}"
tags = merge(
var.tags,
{
"Name" = format("%s", var.identifier)
},
)
}
modules/db_subnet_group/outputs.tf
View file @ 3aa04ac6
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = "${element(concat(aws_db_subnet_group.this.*.id, list("")), 0)}"
value = element(concat(aws_db_subnet_group.this.*.id, [""]), 0)
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${element(concat(aws_db_subnet_group.this.*.arn, list("")), 0)}"
value = element(concat(aws_db_subnet_group.this.*.arn, [""]), 0)
}
modules/db_subnet_group/variables.tf
View file @ 3aa04ac6
variable "create" {
description = "Whether to create this resource or not?"
type = bool
default = true
}
variable "name_prefix" {
description = "Creates a unique name beginning with the specified prefix"
type = string
}
variable "identifier" {
description = "The identifier of the resource"
type = string
}
variable "subnet_ids" {
type = "list"
description = "A list of VPC subnet IDs"
type = list(string)
default = []
}
variable "tags" {
type = "map"
description = "A mapping of tags to assign to the resource"
type = map(string)
default = {}
}
outputs.tf
View file @ 3aa04ac6
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = "${module.db_instance.this_db_instance_address}"
value = module.db_instance.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = "${module.db_instance.this_db_instance_arn}"
value = module.db_instance.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = "${module.db_instance.this_db_instance_availability_zone}"
value = module.db_instance.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = "${module.db_instance.this_db_instance_endpoint}"
value = module.db_instance.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = "${module.db_instance.this_db_instance_hosted_zone_id}"
value = module.db_instance.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = "${module.db_instance.this_db_instance_id}"
value = module.db_instance.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = "${module.db_instance.this_db_instance_resource_id}"
value = module.db_instance.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = "${module.db_instance.this_db_instance_status}"
value = module.db_instance.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = "${module.db_instance.this_db_instance_name}"
value = module.db_instance.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = "${module.db_instance.this_db_instance_username}"
value = module.db_instance.this_db_instance_username
}
output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = "${var.password}"
value = var.password
}
output "this_db_instance_port" {
description = "The database port"
value = "${module.db_instance.this_db_instance_port}"
value = module.db_instance.this_db_instance_port
}
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = "${module.db_subnet_group.this_db_subnet_group_id}"
value = module.db_subnet_group.this_db_subnet_group_id
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = "${module.db_subnet_group.this_db_subnet_group_arn}"
value = module.db_subnet_group.this_db_subnet_group_arn
}
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = "${module.db_parameter_group.this_db_parameter_group_id}"
value = module.db_parameter_group.this_db_parameter_group_id
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = "${module.db_parameter_group.this_db_parameter_group_arn}"
value = module.db_parameter_group.this_db_parameter_group_arn
}
# DB option group
output "this_db_option_group_id" {
description = "The db option group id"
value = "${module.db_option_group.this_db_option_group_id}"
value = module.db_option_group.this_db_option_group_id
}
output "this_db_option_group_arn" {
description = "The ARN of the db option group"
value = "${module.db_option_group.this_db_option_group_arn}"
value = module.db_option_group.this_db_option_group_arn
}
variables.tf
View file @ 3aa04ac6
variable "identifier" {
description = "The name of the RDS instance, if omitted, Terraform will assign a random, unique identifier"
type = string
}
variable "allocated_storage" {
description = "The allocated storage in gigabytes"
type = string
}
variable "storage_type" {
description = "One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'standard' if not. Note that this behaviour is different from the AWS web console, where the default is 'gp2'."
type = string
default = "gp2"
}
variable "storage_encrypted" {
description = "Specifies whether the DB instance is encrypted"
type = bool
default = false
}
variable "kms_key_id" {
description = "The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage_encrypted is set to true and kms_key_id is not specified the default KMS key created in your account will be used"
type = string
default = ""
}
variable "replicate_source_db" {
description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate."
type = string
default = ""
}
variable "snapshot_identifier" {
description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05."
type = string
default = ""
}
variable "license_model" {
description = "License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1"
type = string
default = ""
}
variable "iam_database_authentication_enabled" {
description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
type = bool
default = false
}
variable "engine" {
description = "The database engine to use"
type = string
}
variable "engine_version" {
description = "The engine version to use"
type = string
}
variable "final_snapshot_identifier" {
description = "The name of your final DB snapshot when this DB instance is deleted."
default = false
type = string
default = null
}
variable "instance_class" {
description = "The instance type of the RDS instance"
type = string
}
variable "name" {
description = "The DB name to create. If omitted, no database is created initially"
type = string
default = ""
}
variable "username" {
description = "Username for the master DB user"
type = string
}
variable "password" {
description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file"
type = string
}
variable "port" {
description = "The port on which the DB accepts connections"
type = string
}
variable "vpc_security_group_ids" {
description = "List of VPC security groups to associate"
type = list(string)
default = []
}
variable "db_subnet_group_name" {
description = "Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC"
type = string
default = ""
}
variable "parameter_group_description" {
description = "Description of the DB parameter group to create"
type = string
default = ""
}
variable "parameter_group_name" {
description = "Name of the DB parameter group to associate or create"
type = string
default = ""
}
variable "option_group_name" {
description = "Name of the DB option group to associate. Setting this automatically disables option_group creation"
type = string
default = ""
}
variable "availability_zone" {
description = "The Availability Zone of the RDS instance"
type = string
default = ""
}
variable "multi_az" {
description = "Specifies if the RDS instance is multi-AZ"
type = bool
default = false
}
variable "iops" {
description = "The amount of provisioned IOPS. Setting this implies a storage_type of 'io1'"
type = number
default = 0
}
variable "publicly_accessible" {
description = "Bool to control if instance is publicly accessible"
type = bool
default = false
}
variable "monitoring_interval" {
description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60."
type = number
default = 0
}
variable "monitoring_role_arn" {
description = "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs. Must be specified if monitoring_interval is non-zero."
type = string
default = ""
}
variable "monitoring_role_name" {
description = "Name of the IAM role which will be created when create_monitoring_role is enabled."
type = string
default = "rds-monitoring-role"
}
variable "create_monitoring_role" {
description = "Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs."
type = bool
default = false
}
variable "allow_major_version_upgrade" {
description = "Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible"
type = bool
default = false
}
variable "auto_minor_version_upgrade" {
description = "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window"
type = bool
default = true
}
variable "apply_immediately" {
description = "Specifies whether any database modifications are applied immediately, or during the next maintenance window"
type = bool
default = false
}
variable "maintenance_window" {
description = "The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00'"
type = string
}
variable "skip_final_snapshot" {
description = "Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final_snapshot_identifier"
type = bool
default = true
}
variable "copy_tags_to_snapshot" {
description = "On delete, copy all Instance tags to the final snapshot (if final_snapshot_identifier is specified)"
type = bool
default = false
}
variable "backup_retention_period" {
description = "The days to retain backups for"
type = number
default = 1
}
variable "backup_window" {
description = "The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window"
type = string
}
variable "tags" {
description = "A mapping of tags to assign to all resources"
type = map(string)
default = {}
}
# DB subnet group
variable "subnet_ids" {
type = "list"
description = "A list of VPC subnet IDs"
type = list(string)
default = []
}
# DB parameter group
variable "family" {
description = "The family of the DB parameter group"
type = string
default = ""
}
variable "parameters" {
description = "A list of DB parameters (map) to apply"
type = list(map(string))
default = []
}
# DB option group
variable "option_group_description" {
description = "The description of the option group"
type = string
default = ""
}
variable "major_engine_version" {
description = "Specifies the major version of the engine that this option group should be associated with"
type = string
default = ""
}
variable "options" {
type = "list"
description = "A list of Options to apply."
type = any
default = []
}
variable "create_db_subnet_group" {
description = "Whether to create a database subnet group"
type = bool
default = true
}
variable "create_db_parameter_group" {
description = "Whether to create a database parameter group"
type = bool
default = true
}
variable "create_db_option_group" {
description = "Whether to create a database option group"
type = bool
default = true
}
variable "create_db_instance" {
description = "Whether to create a database instance"
type = bool
default = true
}
variable "timezone" {
description = "(Optional) Time zone of the DB instance. timezone is currently only supported by Microsoft SQL Server. The timezone can only be set on creation. See MSSQL User Guide for more information."
type = string
default = ""
}
variable "character_set_name" {
description = "(Optional) The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS for more information"
type = string
default = ""
}
variable "enabled_cloudwatch_logs_exports" {
description = "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL)."
type = list(string)
default = []
}
variable "timeouts" {
description = "(Optional) Updated Terraform resource management timeouts. Applies to `aws_db_instance` in particular to permit resource management times"
type = "map"
type = map(string)
default = {
create = "40m"
update = "80m"
......@@ -266,10 +315,13 @@ variable "timeouts" {
variable "deletion_protection" {
description = "The database can't be deleted when this value is set to true."
type = bool
default = false
}
variable "use_parameter_group_name_prefix" {
description = "Whether to use the parameter group name prefix or not"
type = bool
default = true
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment