Skip to content

Latest commit

 

History

History
102 lines (87 loc) · 8.69 KB

README.md

File metadata and controls

102 lines (87 loc) · 8.69 KB
Raw

AWS RDS Instance Module

This module creates AWS RDS Instance with Security Group and IAM Role attached to it.

Example

# main.tf
module "rds_instance" {
  source = "git::https://github.com/lpavliuk/Terraform-Modules.git//aws_rds_instance_mysql"

  name                       = local.codename
  instance_type              = "db.t3.micro"
  storage_size_gb            = "20"
  storage_type               = "gp3"
  engine                     = "mysql"
  engine_version             = "8.0.33"
  vpc_id                     = local.vpc_id
  rds_subnet_group_id        = local.rds_subnet_group_id

  master_username                   = "masteruser"
  manage_master_user_pswd           = true
  is_private                        = true
  multi_az                          = true
  enable_enhanced_monitoring        = true
  enable_auto_minor_version_upgrade = true
  backup_retention_period_days      = 0                     # [!] Disabled as AWS Backup is used!
  backup_window_utc_period          = "14:00-16:00"         # UTC => 01:00-03:00 Sydney AEDT
  maintenance_window_utc_period     = "Sat:16:00-Sat:18:00" # UTC => Sun 03:00-05:00 Sydney AEDT

  cloudwatch_logs_exports               = ["error"]
  cloudwatch_logs_retention_period_days = 30

  aws_cli_profile            = local.account_config.aws_profile
}

Requirements

Name Version
terraform < 2.0.0, >= 1.6.6
aws < 6.0, >= 5.22

Inputs

Name Description Type Default Required
name RDS Instance Name.

NOTE! Must contain 1 to 63 alphanumeric characters or hyphens (-).
Naming constraints in Amazon RDS		 string n/a yes
engine Database Engine. Available engines:
- mysql
- aurora-mysql		 string "mysql" no
engine_version Engine Version string "8.0.28" no
instance_type RDS Instance Type (e.g. db.t3.micro) string n/a yes
storage_type Storage Type (e.g. gp3) string n/a yes
storage_size Storage size in GB number 20 no
max_storage_size Max allocated storage size in GB number 40 no
master_username Master Username string n/a yes
master_password Master Password.

NOTE! Required if manage_master_user_pswd is false		 string null no
manage_master_user_pswd Enable automatic RDS management of the master user password in AWS Secret Manager bool n/a yes
vpc_id VPC ID the RDS Instance will be provisioned in string n/a yes
rds_subnet_group_id RDS Subnet Group ID the RDS Instance will be provisioned in string n/a yes
ca_cert_identifier CA Certificate of the database string "rds-ca-rsa4096-g1" no
is_private Enable private mode of the RDS Instance (accessible only from VPC) bool n/a yes
multi_az Enable Multi-AZ for the RDS Instance bool n/a yes
backup_retention_period_days Automatic Backup retention period in days. NOTE: 0 days disables the automatic backups. number 7 no
backup_window_utc_period The daily time range of the automatic backups (in UTC). Default: 14:00-16:00 (01:00-03:00 AEDT)
Must not overlap maintenance_window_utc_period parameter		 string "14:00-16:00" no
enable_enhanced_monitoring Enable Enhanced Monitoring bool false no
enable_auto_minor_version_upgrade Enable Auto Minor Version Upgrade bool false no
maintenance_window_utc_period The daily time range of the maintenance (in UTC). Default: Sat:16:00-Sat:18:00 (Sun:03:00-Sun:05:00 AEDT)
Must not overlap backup_window_utc_period parameter		 string "Sat:16:00-Sat:18:00" no
cloudwatch_logs_exports Enable publishing MySQL logs to Amazon CloudWatch Logs. Available: error, general and slowquery list(string) [] no
cloudwatch_logs_retention_period_days CloudWatch Logs retention period in days. Available: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365. number 30 no
aws_cli_profile AWS CLI Profile used for this module. Used to execute AWS CLI local-exec commands absent in Terraform string null no
db_parameters Parameters are added to the DB Parameter Group.

- MySQL server system parameters
- Aurora MySQL configuration parameters		 
list(object({
    name  = string
    value = string
  }))
 [] no

Outputs

Name Description
id RDS Instance ID
arn RDS Instance ARN
name RDS Instance Name
host Database Host
port Database Port
instance_class RDS Instance Class
master_user Database Master Username
master_user_secret AWS Secret Manager secret details where Database Master Password is stored
security_group_id Security Group ID of the RDS Instance

Resources

Name Type
aws_db_instance.this resource
aws_db_parameter_group.this resource
aws_iam_role.rds_enhanced_monitoring resource
aws_iam_role_policy_attachment.rds_enhanced_monitoring resource
aws_security_group.this resource
null_resource.cloudwatch_log_retention_period resource
aws_iam_policy_document.rds_enhanced_monitoring data source
aws_region.current data source