Add complete enhanced monitoring example

71521914 · Robin Bowes · dd88fda3 · 71521914 · 71521914 · 71521914
Commit 71521914 authored Sep 30, 2017 by Robin Bowes
Showing with 75 additions and 11 deletions

README.md README.md +3 -3

main.tf examples/complete/main.tf +6 -6

README.md examples/enhanced_monitoring/README.md +14 -0

main.tf examples/enhanced_monitoring/main.tf +52 -2

No files found.
--- a/README.md
+++ b/README.md
@@ -39,9 +39,9 @@ module "db" {
  maintenance_window = "Mon:00:00-Mon:03:00"
  backup_window      = "03:00-06:00"
-  # Enhanced Monitoring
+  # Enhanced Monitoring - see example for details on how to create the role
-  monitoring_interval = "${var.monitoring_interval}
+  # monitoring_interval = "10"
-  monitoring_role_arn = "${var.monitoring_interval == "0" ? "" : aws_iam_role.rds_monitoring.arn}"
+  # monitoring_role_arn = "aws_iam_role.rds_enhanced_monitoring.arn"
  tags = {
    Owner       = "user"

--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -34,14 +34,14 @@ module "db" {
  # kms_key_id        = "arm:aws:kms:<region>:<accound id>:key/<kms key id>"
-  name     = "demodb"
+  name                    = "demodb"
-  username = "user"
+  username                = "user"
-  password = "YourPwdShouldBeLongAndSecure!"
+  password                = "YourPwdShouldBeLongAndSecure!"
-  port     = "3306"
+  port                    = "3306"
-  vpc_security_group_ids = ["${data.aws_security_group.default.id}"]
+  vpc_security_group_ids  = ["${data.aws_security_group.default.id}"]
  maintenance_window      = "Mon:00:00-Mon:03:00"
  backup_window           = "03:00-06:00"
-  backup_retention_period = 0                     // disable backups to create DB faster
+  backup_retention_period = 0                                         // disable backups to create DB faster
  tags = {
    Owner       = "user"
    Environment = "dev"

--- a/examples/enhanced_monitoring/README.md
+++ b/examples/enhanced_monitoring/README.md
@@ -3,3 +3,17 @@ Enhanced Monitoring example
 Configuration in this directory creates the additional resources required to use Enhanced Monitoring.
+Data sources are used to discover existing VPC resources (VPC, subnet and security group).
+Usage
+=====
+To run this example you need to execute:
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
--- a/examples/enhanced_monitoring/main.tf
+++ b/examples/enhanced_monitoring/main.tf
+provider "aws" {
+  region = "eu-west-1"
+}
+##############################################################
+# Data sources to get VPC, subnets and security group details
+##############################################################
+data "aws_vpc" "default" {
+  default = true
+}
+data "aws_subnet_ids" "all" {
+  vpc_id = "${data.aws_vpc.default.id}"
+}
+data "aws_security_group" "default" {
+  vpc_id = "${data.aws_vpc.default.id}"
+  name   = "default"
+}
+##################################################
+# Create an IAM role to allow enhanced monitoring
+##################################################
 resource "aws_iam_role" "rds_enhanced_monitoring" {
  name               = "rds-enhanced_monitoring-role"
  assume_role_policy = "${data.aws_iam_policy_document.rds_enhanced_monitoring.json}"
@@ -23,11 +46,38 @@ data "aws_iam_policy_document" "rds_enhanced_monitoring" {
  }
 }
+#####
+# DB
+#####
 module "db" {
  source = "../../"
-  # rest of params here as per complete example
+  identifier = "demodb"
+  engine            = "mysql"
+  engine_version    = "5.7.11"
+  instance_class    = "db.t2.large"
+  allocated_storage = 5
+  storage_encrypted = false
-  monitoring_interval = "${var.monitoring_interval}"
+  # kms_key_id        = "arm:aws:kms:<region>:<accound id>:key/<kms key id>"
+  name                    = "demodb"
+  username                = "user"
+  password                = "YourPwdShouldBeLongAndSecure!"
+  port                    = "3306"
+  vpc_security_group_ids  = ["${data.aws_security_group.default.id}"]
+  maintenance_window      = "Mon:00:00-Mon:03:00"
+  backup_window           = "03:00-06:00"
+  backup_retention_period = 0                                         // disable backups to create DB faster
+  tags = {
+    Owner       = "user"
+    Environment = "dev"
+  }
+  # DB subnet group
+  subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
+  # DB parameter group
+  family              = "mysql5.7"
+  monitoring_interval = "30"
  monitoring_role_arn = "${aws_iam_role.rds_enhanced_monitoring.arn}"
 }