Add complete enhanced monitoring example

README.md

@@ -39,9 +39,9 @@ module "db" {
   maintenance_window = "Mon:00:00-Mon:03:00"
   backup_window      = "03:00-06:00"
 
-  # Enhanced Monitoring
-  monitoring_interval = "${var.monitoring_interval}
-  monitoring_role_arn = "${var.monitoring_interval == "0" ? "" : aws_iam_role.rds_monitoring.arn}"
+  # Enhanced Monitoring - see example for details on how to create the role
+  # monitoring_interval = "10"
+  # monitoring_role_arn = "aws_iam_role.rds_enhanced_monitoring.arn"
   
   tags = {
     Owner       = "user"

examples/enhanced_monitoring/README.md

@@ -3,3 +3,17 @@ Enhanced Monitoring example
 
 Configuration in this directory creates the additional resources required to use Enhanced Monitoring.
 
+Data sources are used to discover existing VPC resources (VPC, subnet and security group).
+
+Usage
+=====
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.

examples/enhanced_monitoring/main.tf

+provider "aws" {
+  region = "eu-west-1"
+}
+
+##############################################################
+# Data sources to get VPC, subnets and security group details
+##############################################################
+data "aws_vpc" "default" {
+  default = true
+}
+
+data "aws_subnet_ids" "all" {
+  vpc_id = "${data.aws_vpc.default.id}"
+}
+
+data "aws_security_group" "default" {
+  vpc_id = "${data.aws_vpc.default.id}"
+  name   = "default"
+}
+
+##################################################
+# Create an IAM role to allow enhanced monitoring
+##################################################
 resource "aws_iam_role" "rds_enhanced_monitoring" {
   name               = "rds-enhanced_monitoring-role"
   assume_role_policy = "${data.aws_iam_policy_document.rds_enhanced_monitoring.json}"
@@ -23,11 +46,38 @@ data "aws_iam_policy_document" "rds_enhanced_monitoring" {
   }
 }
 
+#####
+# DB
+#####
 module "db" {
   source = "../../"
 
-  # rest of params here as per complete example
+  identifier = "demodb"
+
+  engine            = "mysql"
+  engine_version    = "5.7.11"
+  instance_class    = "db.t2.large"
+  allocated_storage = 5
+  storage_encrypted = false
 
-  monitoring_interval = "${var.monitoring_interval}"
+  # kms_key_id        = "arm:aws:kms:<region>:<accound id>:key/<kms key id>"
+
+  name                    = "demodb"
+  username                = "user"
+  password                = "YourPwdShouldBeLongAndSecure!"
+  port                    = "3306"
+  vpc_security_group_ids  = ["${data.aws_security_group.default.id}"]
+  maintenance_window      = "Mon:00:00-Mon:03:00"
+  backup_window           = "03:00-06:00"
+  backup_retention_period = 0                                         // disable backups to create DB faster
+  tags = {
+    Owner       = "user"
+    Environment = "dev"
+  }
+  # DB subnet group
+  subnet_ids = ["${data.aws_subnet_ids.all.ids}"]
+  # DB parameter group
+  family              = "mysql5.7"
+  monitoring_interval = "30"
   monitoring_role_arn = "${aws_iam_role.rds_enhanced_monitoring.arn}"
 }