New: module/rds

Setup basic DB instance and subnet group resources for using RDS.

Author: Magicloud

modules/rds/README.md

@@ -0,0 +1,5 @@
+# RDS
+
+Setup basic DB instance and subnet group resources for using RDS.
+
+Checkout example/rds-test for usage.

modules/rds/iam.tf

@@ -0,0 +1,19 @@
+resource "aws_iam_role" "rds_enhanced_monitoring" {
+  name_prefix        = var.name_prefix
+  assume_role_policy = data.aws_iam_policy_document.rds_enhanced_monitoring.json
+}
+
+resource "aws_iam_role_policy_attachment" "rds_enhanced_monitoring" {
+  role       = aws_iam_role.rds_enhanced_monitoring.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
+}
+
+data "aws_iam_policy_document" "rds_enhanced_monitoring" {
+  statement {
+    actions = ["sts:AssumeRole"]
+    principals {
+      type        = "Service"
+      identifiers = ["monitoring.rds.amazonaws.com"]
+    }
+  }
+}

modules/rds/main.tf

@@ -0,0 +1,22 @@
+resource "aws_db_subnet_group" "rds_private_subnet" {
+  subnet_ids = var.subnet_ids
+}
+
+resource "aws_db_instance" "default" {
+  identifier_prefix       = var.name_prefix
+  allocated_storage       = var.db_storage_size
+  storage_type            = var.db_storage_type
+  engine                  = var.db_engine
+  engine_version          = var.engine_version
+  instance_class          = var.db_instance_type
+  db_subnet_group_name    = aws_db_subnet_group.rds_private_subnet.name
+  multi_az                = var.multi_az
+  backup_retention_period = var.backup_retention_period
+  monitoring_interval     = var.monitoring_interval
+  monitoring_role_arn     = aws_iam_role.rds_enhanced_monitoring.arn
+  vpc_security_group_ids  = [var.security_group_id]
+  name                    = var.db_name
+  username                = var.db_username
+  password                = var.db_password
+  tags                    = var.tags
+}

modules/rds/outputs.tf

@@ -0,0 +1,7 @@
+output "endpoint" {
+  value = aws_db_instance.default.endpoint
+}
+
+output "db_id" {
+  value = aws_db_instance.default.id
+}

modules/rds/variables.tf

@@ -0,0 +1,73 @@
+variable "subnet_ids" {
+  type        = list(string)
+  description = "Subnets (should be private) to host RDS instances."
+}
+
+variable "name_prefix" {
+  type = string
+}
+
+variable "db_storage_size" {
+  type        = number
+  description = "The allocated storage in gibibytes."
+}
+
+variable "db_storage_type" {
+  type        = string
+  description = "One of \"standard\" (magnetic), \"gp2\" (general purpose SSD), or \"io1\" (provisioned IOPS SSD)."
+}
+
+variable "db_engine" {
+  type        = string
+  description = "The database engine to use."
+}
+
+variable "db_instance_type" {
+  type        = string
+  description = "The instance type of the RDS instance."
+}
+
+variable "security_group_id" {
+  type        = string
+  description = "The security group grants the access to database."
+}
+
+variable "db_name" {
+  type        = string
+  description = "The name of the database to create when the DB instance is created."
+}
+
+variable "db_username" {
+  type        = string
+  description = "Username for the master DB user."
+}
+
+variable "db_password" {
+  type        = string
+  description = "Password for the master DB user."
+}
+
+variable "tags" {
+  type    = map(string)
+  default = {}
+}
+
+variable "engine_version" {
+  type        = string
+  description = "The engine version to use."
+}
+
+variable "backup_retention_period" {
+  description = "The days to retain backups for."
+  default     = 7
+}
+
+variable "monitoring_interval" {
+  description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance."
+  default     = 30
+}
+
+variable "multi_az" {
+  description = "Specifies if the RDS instance is multi-AZ"
+  default     = true
+}