Skip to content

T
terraform-aws-rds
Commit 6523602f authored by Bryant Biggs's avatar Bryant Biggs Committed by GitHub
Browse files
Options

feat: add S3 import functionality which is supported for MySQL instances (#289)

parent 088a1598
Show whitespace changes
Inline Side-by-side
Showing with 513 additions and 44 deletions
README.md
View file @ 6523602f
...@@ -139,7 +139,7 @@ module "db" { ...@@ -139,7 +139,7 @@ module "db" {
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
...@@ -214,9 +214,10 @@ No resources. ...@@ -214,9 +214,10 @@ No resources.
| performance\_insights\_retention\_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). | `number` | `7` | no | | performance\_insights\_retention\_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). | `number` | `7` | no |
| port | The port on which the DB accepts connections | `string` | n/a | yes | | port | The port on which the DB accepts connections | `string` | n/a | yes |
| publicly\_accessible | Bool to control if instance is publicly accessible | `bool` | `false` | no | | publicly\_accessible | Bool to control if instance is publicly accessible | `bool` | `false` | no |
| replicate\_source\_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate. | `string` | `""` | no | | replicate\_source\_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate. | `string` | `null` | no |
| s3\_import | Restore from a Percona Xtrabackup in S3 (only MySQL is supported) | `map(string)` | `null` | no |
| skip\_final\_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final\_snapshot\_identifier | `bool` | `true` | no | | skip\_final\_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final\_snapshot\_identifier | `bool` | `true` | no |
| snapshot\_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | `string` | `""` | no | | snapshot\_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | `string` | `null` | no |
| storage\_encrypted | Specifies whether the DB instance is encrypted | `bool` | `false` | no | | storage\_encrypted | Specifies whether the DB instance is encrypted | `bool` | `false` | no |
| storage\_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not. | `string` | `"gp2"` | no | | storage\_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not. | `string` | `"gp2"` | no |
| subnet\_ids | A list of VPC subnet IDs | `list(string)` | `[]` | no | | subnet\_ids | A list of VPC subnet IDs | `list(string)` | `[]` | no |
......
examples/complete-mssql/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/complete-mssql/outputs.tf
View file @ 6523602f
...@@ -51,6 +51,7 @@ output "this_db_instance_username" { ...@@ -51,6 +51,7 @@ output "this_db_instance_username" {
output "this_db_instance_password" { output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password value = module.db.this_db_instance_password
sensitive = true
} }
output "this_db_instance_port" { output "this_db_instance_port" {
......
examples/complete-mssql/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/complete-mysql/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/complete-mysql/outputs.tf
View file @ 6523602f
...@@ -51,6 +51,7 @@ output "this_db_instance_username" { ...@@ -51,6 +51,7 @@ output "this_db_instance_username" {
output "this_db_instance_password" { output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password value = module.db.this_db_instance_password
sensitive = true
} }
output "this_db_instance_port" { output "this_db_instance_port" {
......
examples/complete-mysql/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/complete-oracle/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/complete-oracle/outputs.tf
View file @ 6523602f
...@@ -51,6 +51,7 @@ output "this_db_instance_username" { ...@@ -51,6 +51,7 @@ output "this_db_instance_username" {
output "this_db_instance_password" { output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password value = module.db.this_db_instance_password
sensitive = true
} }
output "this_db_instance_port" { output "this_db_instance_port" {
......
examples/complete-oracle/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/complete-postgres/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/complete-postgres/outputs.tf
View file @ 6523602f
...@@ -51,6 +51,7 @@ output "this_db_instance_username" { ...@@ -51,6 +51,7 @@ output "this_db_instance_username" {
output "this_db_instance_password" { output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password value = module.db.this_db_instance_password
sensitive = true
} }
output "this_db_instance_port" { output "this_db_instance_port" {
......
examples/complete-postgres/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/enhanced-monitoring/README.md
View file @ 6523602f
...@@ -23,7 +23,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -23,7 +23,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/enhanced-monitoring/outputs.tf
View file @ 6523602f
...@@ -51,6 +51,7 @@ output "this_db_instance_username" { ...@@ -51,6 +51,7 @@ output "this_db_instance_username" {
output "this_db_instance_password" { output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password value = module.db.this_db_instance_password
sensitive = true
} }
output "this_db_instance_port" { output "this_db_instance_port" {
......
examples/enhanced-monitoring/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/replica-mysql/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/replica-mysql/outputs.tf
View file @ 6523602f
...@@ -52,6 +52,7 @@ output "master_db_instance_username" { ...@@ -52,6 +52,7 @@ output "master_db_instance_username" {
output "master_db_instance_password" { output "master_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.master.this_db_instance_password value = module.master.this_db_instance_password
sensitive = true
} }
output "master_db_instance_port" { output "master_db_instance_port" {
......
examples/replica-mysql/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/replica-postgres/README.md
View file @ 6523602f
...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des ...@@ -21,7 +21,7 @@ Note that this example may create resources which cost money. Run `terraform des
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
examples/replica-postgres/outputs.tf
View file @ 6523602f
...@@ -52,6 +52,7 @@ output "master_db_instance_username" { ...@@ -52,6 +52,7 @@ output "master_db_instance_username" {
output "master_db_instance_password" { output "master_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)" description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.master.this_db_instance_password value = module.master.this_db_instance_password
sensitive = true
} }
output "master_db_instance_port" { output "master_db_instance_port" {
......
examples/replica-postgres/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
examples/s3-import-mysql/README.md 0 → 100644
View file @ 6523602f
# MySQL S3 Import Example
Configuration in this directory creates set of RDS resources including DB instance, DB subnet group and DB parameter group where the database itself is imported from a MySQL Percona Xtrabackup stored in S3.
## Usage
To run this example you need to execute:
```bash
$ terraform init
$ terraform plan
$ terraform apply
```
## Testing
In order to test this example, you will need a database backup in order to upload to S3 and import into the module. A backup has been provided under `backup/`, but in the case that a new backup needs to be created, the steps outlined below should suffice for creating a backup that can be used for the sake of testing and verifying module functionality/changes.
1. Create database container
```bash
$ docker run -d --name percona-server-mysql-8.0.20 -e MYSQL_ROOT_PASSWORD=root percona/percona-server:8.0.20
$ docker exec -it percona-server-mysql-8.0.20 bash
$ mysql -u root -p # password is also root
```
2. Once logged into container and database, create database and user used by RDS
```sql
CREATE DATABASE s3Import;
CREATE USER 's3_import_user'@'localhost' IDENTIFIED BY 'YourPwdShouldBeLongAndSecure!';
GRANT ALL PRIVILEGES ON * . * TO 's3_import_user'@'localhost';
FLUSH PRIVILEGES;
```
3. Use Percona Xtrabackup container to dump database and upload to S3
```bash
$ mkdir -p /tmp/backup
$ docker run --name percona-xtrabackup-8.0 --mount type=bind,src=/tmp/backup,dst=/backup --volumes-from percona-server-mysql-8.0.20 percona/percona-xtrabackup:8.0 xtrabackup --backup --data-dir=/var/lib/mysql --target-dir=/backup --user=root --password=root
$ mv /tmp/backup ./backup
```
Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
## Requirements
| Name | Version |
|------|---------|
| terraform | >= 0.12.26 |
| aws | >= 2.49 |
| random | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
| aws | >= 2.49 |
| random | >= 3.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| db | ../../ | |
| import_s3_bucket | terraform-aws-modules/s3-bucket/aws | 1.17.0 |
| security_group | terraform-aws-modules/security-group/aws | ~> 3.17 |
| vpc | terraform-aws-modules/vpc/aws | 2.70.0 |
## Resources
| Name |
|------|
| [aws_iam_policy_document](https://registry.terraform.io/providers/hashicorp/aws/2.49/docs/data-sources/iam_policy_document) |
| [aws_iam_role_policy](https://registry.terraform.io/providers/hashicorp/aws/2.49/docs/resources/iam_role_policy) |
| [aws_iam_role](https://registry.terraform.io/providers/hashicorp/aws/2.49/docs/resources/iam_role) |
| [random_pet](https://registry.terraform.io/providers/hashicorp/random/3.0/docs/resources/pet) |
## Inputs
No input.
## Outputs
| Name | Description |
|------|-------------|
| this\_db\_instance\_address | The address of the RDS instance |
| this\_db\_instance\_arn | The ARN of the RDS instance |
| this\_db\_instance\_availability\_zone | The availability zone of the RDS instance |
| this\_db\_instance\_endpoint | The connection endpoint |
| this\_db\_instance\_hosted\_zone\_id | The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record) |
| this\_db\_instance\_id | The RDS instance ID |
| this\_db\_instance\_name | The database name |
| this\_db\_instance\_password | The database password (this password may be old, because Terraform doesn't track it after initial creation) |
| this\_db\_instance\_port | The database port |
| this\_db\_instance\_resource\_id | The RDS Resource ID of this instance |
| this\_db\_instance\_status | The RDS instance status |
| this\_db\_instance\_username | The master username for the database |
| this\_db\_parameter\_group\_arn | The ARN of the db parameter group |
| this\_db\_parameter\_group\_id | The db parameter group id |
| this\_db\_subnet\_group\_arn | The ARN of the db subnet group |
| this\_db\_subnet\_group\_id | The db subnet group name |
<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
examples/s3-import-mysql/main.tf 0 → 100644
View file @ 6523602f
provider "aws" {
region = local.region
}
locals {
name = "s3-import"
region = "eu-west-1"
tags = {
Owner = "user"
Environment = "dev"
}
}
################################################################################
# Supporting Resources
################################################################################
resource "random_pet" "this" {
length = 2
}
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
version = "2.70.0"
name = local.name
cidr = "10.0.0.0/18"
azs = ["${local.region}a", "${local.region}b", "${local.region}c"]
public_subnets = ["10.0.0.0/24", "10.0.1.0/24", "10.0.2.0/24"]
private_subnets = ["10.0.3.0/24", "10.0.4.0/24", "10.0.5.0/24"]
database_subnets = ["10.0.7.0/24", "10.0.8.0/24", "10.0.9.0/24"]
create_database_subnet_group = true
enable_nat_gateway = true
single_nat_gateway = true
enable_dns_hostnames = true
enable_dns_support = true
enable_s3_endpoint = true
tags = local.tags
}
module "security_group" {
source = "terraform-aws-modules/security-group/aws"
version = "~> 3.17"
name = local.name
description = "S3 import VPC example security group"
vpc_id = module.vpc.vpc_id
# ingress
ingress_with_self = [
{
rule = "https-443-tcp"
description = "Allow all internal HTTPs"
},
]
ingress_with_cidr_blocks = [
{
from_port = 3306
to_port = 3306
protocol = "tcp"
description = "MySQL access from within VPC"
cidr_blocks = module.vpc.vpc_cidr_block
},
]
# egress
computed_egress_with_self = [
{
rule = "https-443-tcp"
description = "Allow all internal HTTPs"
},
]
number_of_computed_egress_with_self = 1
egress_cidr_blocks = ["0.0.0.0/0"]
egress_rules = ["all-all"]
tags = local.tags
}
module "import_s3_bucket" {
source = "terraform-aws-modules/s3-bucket/aws"
version = "1.17.0"
bucket = "${local.name}-${random_pet.this.id}"
acl = "private"
force_destroy = true
tags = local.tags
}
data "aws_iam_policy_document" "s3_import_assume" {
statement {
actions = [
"sts:AssumeRole",
]
principals {
type = "Service"
identifiers = ["rds.amazonaws.com"]
}
}
}
resource "aws_iam_role" "s3_import" {
name = "${local.name}-${random_pet.this.id}"
description = "IAM role to allow RDS to import MySQL backup from S3"
assume_role_policy = data.aws_iam_policy_document.s3_import_assume.json
force_detach_policies = true
tags = local.tags
}
data "aws_iam_policy_document" "s3_import" {
statement {
actions = [
"s3:ListBucket",
"s3:GetBucketLocation",
]
resources = [
module.import_s3_bucket.this_s3_bucket_arn
]
}
statement {
actions = [
"s3:GetObject",
]
resources = [
"${module.import_s3_bucket.this_s3_bucket_arn}/*",
]
}
}
resource "aws_iam_role_policy" "s3_import" {
name = "${local.name}-${random_pet.this.id}"
role = aws_iam_role.s3_import.id
policy = data.aws_iam_policy_document.s3_import.json
# We need the files uploaded before the RDS instance is created, and the instance
# also needs this role so this is an easy way of ensuring the backup is uploaded before
# the instance creation starts
provisioner "local-exec" {
command = "unzip backup.zip && aws s3 sync ${path.module}/backup s3://${module.import_s3_bucket.this_s3_bucket_id}"
}
}
################################################################################
# RDS Module
################################################################################
module "db" {
source = "../../"
identifier = local.name
engine = "mysql"
engine_version = "8.0.20"
family = "mysql8.0"
major_engine_version = "8.0"
instance_class = "db.t3.large"
allocated_storage = 20
storage_encrypted = false
name = "s3Import"
username = "s3_import_user"
password = "YourPwdShouldBeLongAndSecure!"
port = "3306"
# S3 import https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/MySQL.Procedural.Importing.html
s3_import = {
source_engine_version = "8.0.20"
bucket_name = module.import_s3_bucket.this_s3_bucket_id
ingestion_role = aws_iam_role.s3_import.arn
}
multi_az = true
subnet_ids = module.vpc.database_subnets
vpc_security_group_ids = [module.security_group.this_security_group_id]
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
enabled_cloudwatch_logs_exports = ["audit", "general"]
backup_retention_period = 0
final_snapshot_identifier = local.name
deletion_protection = false
tags = {
Owner = "user"
Environment = "dev"
}
}
examples/s3-import-mysql/outputs.tf 0 → 100644
View file @ 6523602f
output "this_db_instance_address" {
description = "The address of the RDS instance"
value = module.db.this_db_instance_address
}
output "this_db_instance_arn" {
description = "The ARN of the RDS instance"
value = module.db.this_db_instance_arn
}
output "this_db_instance_availability_zone" {
description = "The availability zone of the RDS instance"
value = module.db.this_db_instance_availability_zone
}
output "this_db_instance_endpoint" {
description = "The connection endpoint"
value = module.db.this_db_instance_endpoint
}
output "this_db_instance_hosted_zone_id" {
description = "The canonical hosted zone ID of the DB instance (to be used in a Route 53 Alias record)"
value = module.db.this_db_instance_hosted_zone_id
}
output "this_db_instance_id" {
description = "The RDS instance ID"
value = module.db.this_db_instance_id
}
output "this_db_instance_resource_id" {
description = "The RDS Resource ID of this instance"
value = module.db.this_db_instance_resource_id
}
output "this_db_instance_status" {
description = "The RDS instance status"
value = module.db.this_db_instance_status
}
output "this_db_instance_name" {
description = "The database name"
value = module.db.this_db_instance_name
}
output "this_db_instance_username" {
description = "The master username for the database"
value = module.db.this_db_instance_username
}
output "this_db_instance_password" {
description = "The database password (this password may be old, because Terraform doesn't track it after initial creation)"
value = module.db.this_db_instance_password
sensitive = true
}
output "this_db_instance_port" {
description = "The database port"
value = module.db.this_db_instance_port
}
output "this_db_subnet_group_id" {
description = "The db subnet group name"
value = module.db.this_db_subnet_group_id
}
output "this_db_subnet_group_arn" {
description = "The ARN of the db subnet group"
value = module.db.this_db_subnet_group_arn
}
output "this_db_parameter_group_id" {
description = "The db parameter group id"
value = module.db.this_db_parameter_group_id
}
output "this_db_parameter_group_arn" {
description = "The ARN of the db parameter group"
value = module.db.this_db_parameter_group_arn
}
examples/s3-import-mysql/versions.tf 0 → 100644
View file @ 6523602f
terraform {
required_version = ">= 0.12.26"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
random = {
source = "hashicorp/random"
version = ">= 3.0"
}
}
}
main.tf
View file @ 6523602f
...@@ -118,6 +118,8 @@ module "db_instance" { ...@@ -118,6 +118,8 @@ module "db_instance" {
deletion_protection = var.deletion_protection deletion_protection = var.deletion_protection
delete_automated_backups = var.delete_automated_backups delete_automated_backups = var.delete_automated_backups
s3_import = var.s3_import
tags = var.tags tags = var.tags
} }
modules/db_instance/README.md
View file @ 6523602f
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
...@@ -73,9 +73,10 @@ No Modules. ...@@ -73,9 +73,10 @@ No Modules.
| performance\_insights\_retention\_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). | `number` | `7` | no | | performance\_insights\_retention\_period | The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). | `number` | `7` | no |
| port | The port on which the DB accepts connections | `string` | n/a | yes | | port | The port on which the DB accepts connections | `string` | n/a | yes |
| publicly\_accessible | Bool to control if instance is publicly accessible | `bool` | `false` | no | | publicly\_accessible | Bool to control if instance is publicly accessible | `bool` | `false` | no |
| replicate\_source\_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate. | `string` | `""` | no | | replicate\_source\_db | Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate. | `string` | `null` | no |
| s3\_import | Restore from a Percona Xtrabackup in S3 (only MySQL is supported) | `map(string)` | `null` | no |
| skip\_final\_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final\_snapshot\_identifier | `bool` | `true` | no | | skip\_final\_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted, using the value from final\_snapshot\_identifier | `bool` | `true` | no |
| snapshot\_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | `string` | `""` | no | | snapshot\_identifier | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | `string` | `null` | no |
| storage\_encrypted | Specifies whether the DB instance is encrypted | `bool` | `false` | no | | storage\_encrypted | Specifies whether the DB instance is encrypted | `bool` | `false` | no |
| storage\_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'standard' if not. Note that this behaviour is different from the AWS web console, where the default is 'gp2'. | `string` | `"gp2"` | no | | storage\_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'standard' if not. Note that this behaviour is different from the AWS web console, where the default is 'gp2'. | `string` | `"gp2"` | no |
| tags | A mapping of tags to assign to all resources | `map(string)` | `{}` | no | | tags | A mapping of tags to assign to all resources | `map(string)` | `{}` | no |
......
modules/db_instance/main.tf
View file @ 6523602f
...@@ -98,6 +98,17 @@ resource "aws_db_instance" "this" { ...@@ -98,6 +98,17 @@ resource "aws_db_instance" "this" {
deletion_protection = var.deletion_protection deletion_protection = var.deletion_protection
delete_automated_backups = var.delete_automated_backups delete_automated_backups = var.delete_automated_backups
dynamic "s3_import" {
for_each = var.s3_import != null ? [var.s3_import] : []
content {
source_engine = "mysql"
source_engine_version = s3_import.value.source_engine_version
bucket_name = s3_import.value.bucket_name
bucket_prefix = lookup(s3_import.value, "bucket_prefix", null)
ingestion_role = s3_import.value.ingestion_role
}
}
tags = merge( tags = merge(
var.tags, var.tags,
{ {
......
modules/db_instance/variables.tf
View file @ 6523602f
...@@ -35,13 +35,13 @@ variable "kms_key_id" { ...@@ -35,13 +35,13 @@ variable "kms_key_id" {
variable "replicate_source_db" { variable "replicate_source_db" {
description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate." description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate."
type = string type = string
default = "" default = null
} }
variable "snapshot_identifier" { variable "snapshot_identifier" {
description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05." description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05."
type = string type = string
default = "" default = null
} }
variable "license_model" { variable "license_model" {
...@@ -303,3 +303,9 @@ variable "iam_partition" { ...@@ -303,3 +303,9 @@ variable "iam_partition" {
type = string type = string
default = "aws" default = "aws"
} }
variable "s3_import" {
description = "Restore from a Percona Xtrabackup in S3 (only MySQL is supported)"
type = map(string)
default = null
}
modules/db_instance/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
modules/db_option_group/README.md
View file @ 6523602f
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
modules/db_option_group/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
modules/db_parameter_group/README.md
View file @ 6523602f
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
modules/db_parameter_group/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
modules/db_subnet_group/README.md
View file @ 6523602f
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
| Name | Version | | Name | Version |
|------|---------| |------|---------|
| terraform | >= 0.12.6 | | terraform | >= 0.12.26 |
| aws | >= 2.49 | | aws | >= 2.49 |
## Providers ## Providers
......
modules/db_subnet_group/versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
variables.tf
View file @ 6523602f
...@@ -29,13 +29,13 @@ variable "kms_key_id" { ...@@ -29,13 +29,13 @@ variable "kms_key_id" {
variable "replicate_source_db" { variable "replicate_source_db" {
description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate." description = "Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate."
type = string type = string
default = "" default = null
} }
variable "snapshot_identifier" { variable "snapshot_identifier" {
description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05." description = "Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05."
type = string type = string
default = "" default = null
} }
variable "license_model" { variable "license_model" {
...@@ -228,6 +228,12 @@ variable "backup_window" { ...@@ -228,6 +228,12 @@ variable "backup_window" {
type = string type = string
} }
variable "s3_import" {
description = "Restore from a Percona Xtrabackup in S3 (only MySQL is supported)"
type = map(string)
default = null
}
variable "tags" { variable "tags" {
description = "A mapping of tags to assign to all resources" description = "A mapping of tags to assign to all resources"
type = map(string) type = map(string)
......
versions.tf
View file @ 6523602f
terraform { terraform {
required_version = ">= 0.12.6" required_version = ">= 0.12.26"
required_providers { required_providers {
aws = ">= 2.49" aws = {
source = "hashicorp/aws"
version = ">= 2.49"
}
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment