Skip to content

shamimice03/terraform-aws-rds-blueprint

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Usage

module "rds" {
  source  = "shamimice03/rds-blueprint/aws"

  create = true

  # DB Subnet Group
  create_db_subnet_group = true
  db_subnet_group_name = "db-subnet-group"
  db_subnets = [
      "subnet-0f5e0a9daf410e661",
      "subnet-0cb2441580936fb80",
      "subnet-0a698f3bc84f29ce8"
  ]

   # Identify DB instance
  db_identifier = "test-db-1"

  # Create Initial Database
  db_name = "mydb"

  # Credentials Settings
  db_master_username                  = "Admin"
  db_master_password                  = "Superadmin123"
  iam_database_authentication_enabled = true

  # Availability and durability
  multi_az = false

  # Az for DB instance
  availability_zone = "ap-northeast-1a"

  # Version upgrade
  allow_major_version_upgrade = false
  auto_minor_version_upgrade  = true

  # Engine options
  engine         = "mysql"
  engine_version = "8.0"

  # DB Instance configurations
  instance_class = "db.t3.micro"

  # Storage
  storage_type          = "gp2"
  allocated_storage     = "20"
  max_allocated_storage = "20"

  # Encrytion
  storage_encrypted = true

  # Connectivity
  db_security_groups  = [aws_security_group.rds_security_group.id]
  publicly_accessible = false
  database_port       = 3306

  # Backup and Maintenance
  backup_retention_period = 7
  backup_window           = "03:00-05:00"
  maintenance_window      = "Sat:05:00-Sat:07:00"
  deletion_protection     = false

  # Monitoring
  enabled_cloudwatch_logs_exports = ["audit", "error"]

  # Others
  apply_immediately        = true
  delete_automated_backups = true
  skip_final_snapshot      = true

  tags = {
    "DB_ID" : "test-db-1",
    "ENV" : "Dev"
  }
}

Requirements

Name Version
terraform >= 1.0.0
aws >= 5.0.0
random >= 3.4.3

Providers

Name Version
aws 5.16.2
random 3.5.1

Modules

No modules.

Resources

Name Type
aws_db_instance.this resource
aws_db_subnet_group.db_subnet_group resource
random_password.db_master_password resource

Inputs

Name Description Type Default Required
allocated_storage The allocated storage in gigabytes string "10" no
allow_major_version_upgrade Indicates that major version upgrades are allowed. Changing this parameter does not result in an outage and the change is asynchronously applied as soon as possible. bool false no
apply_immediately Specifies whether any database modifications are applied immediately,
or during the next maintenance window.
bool false no
auto_minor_version_upgrade Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Defaults to true. bool true no
availability_zone The AZ for the RDS instance string null no
backup_retention_period The number of days to retain automated backups number 0 no
backup_window Must not overlap with maintenance_window string null no
ca_cert_identifier The identifier of the CA certificate for the DB instance string "rds-ca-ecc384-g1" no
create Whether to create resources bool true no
create_db_subnet_group Whether to create db a subnet group bool false no
database_port The port on which the DB accepts connections. number null no
db_identifier The name of the DB instance identifier. string null no
db_master_password Master password for database string null no
db_master_username Master username for database string null no
db_name The database name string null no
db_security_groups A list of security group IDs to associate with the DB instance list(string) [] no
db_subnet_group_description Description of DB Subnet Group string null no
db_subnet_group_name Name of DB Subnet Group string null no
db_subnets List of DB subnets list(any) [] no
delete_automated_backups Specifies whether to remove automated backups immediately after the DB instance is deleted. bool true no
deletion_protection Protect database from accidental deletion bool false no
enabled_cloudwatch_logs_exports Set of log types to enable for exporting to CloudWatch logs.
If omitted, no logs will be exported. Valid values (depending on engine).
MySQL and MariaDB: audit, error, general, slowquery.
PostgreSQL: postgresql, upgrade.
MSSQL: agent , error.
Oracle: alert, audit, listener, trace.
list(string) [] no
engine The database engine to be used for the RDS instance. string null no
engine_version The version of the database engine to be used for the RDS instance. string null no
iam_database_authentication_enabled Specifies whether or not the mappings of AWS Identity and
Access Management (IAM) accounts to database accounts are enabled
bool false no
instance_class The instance class for the RDS instance. string null no
kms_key_id The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN string null no
maintenance_window The window to perform maintenance in. string null no
max_allocated_storage When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance.
Configuring this will automatically ignore differences to allocated_storage.
Must be greater than or equal to allocated_storage or 0 to disable Storage Autoscaling.
string "0" no
multi_az Determine if the RDS instance is multi-AZ bool false no
publicly_accessible Determine if the RDS instance is publicly_accessible bool false no
random_password_length Length of the random password number 16 no
replicate_source_db Specifies that this resource is a Replicate database, and to use this value as the source database. This correlates to the identifier of another Amazon RDS Database to replicate (if replicating within a single region) or ARN of the Amazon RDS Database to replicate (if replicating cross-region) string null no
skip_final_snapshot Determines whether a final DB snapshot is created before the DB instance is deleted bool true no
storage_encrypted Specifies whether the DB instance is encrypted. Note that if you are creating a cross-region read replica this field is ignored and you should instead declare kms_key_id with a valid ARN. The default is false if not specified bool false no
storage_type Choose storage type from - gp2, gp3, io1 string "gp2" no
tags Tags to apply to resources map(string) {} no

Outputs

Name Description
db_instance_address The hostname of the RDS instance
db_instance_arn The ARN of RDS instance
db_instance_availability_zone The availability zone of the RDS instance
db_instance_backup_retention_period The number of days to retain automated backups for the DB instance
db_instance_backup_window The backup window for the DB instance
db_instance_class The instance class of the DB instance
db_instance_endpoint The connection endpoint in address:port format
db_instance_engine The name of the database engine to be used for this[0] DB instance
db_instance_engine_version The version of the database engine to be used for this[0] DB instance
db_instance_id The unique identifier for the DB instance
db_instance_maintenance_window The maintenance window for the DB instance
db_instance_multi_az Indicates whether the DB instance is configured with Multi-AZ deployment
db_instance_password The database password (this[0] password might be old, because Terraform will not track password after initial creation)
db_instance_port The port number on which the DB instance accepts connections
db_instance_publicly_accessible Indicates whether the DB instance is publicly accessible
db_instance_security_groups A list of security group IDs associated with the DB instance
db_instance_storage_encrypted Indicates whether storage encryption is enabled for the DB instance
db_instance_storage_size The allocated storage size for the DB instance
db_instance_storage_type The storage type for the DB instance
db_instance_subnet_group The name of the DB subnet group associated with the DB instance
db_instance_username The master username for the database
db_name Name of the initial database
db_subnet_group_subnets The IDs of the subnets associated with the subnet group for the created RDS database instance