allow overriding storage encryption (#21)

tenyo · Tenyo Grozev · web-flow · commit 4ad0d8060c43 · 2021-08-11T10:31:33.000-04:00
Co-authored-by: Tenyo Grozev &lt;tenyo.grozev@yale.edu&gt;
diff --git a/actions/orchestration.go b/actions/orchestration.go
@@ -27,6 +27,11 @@ func (o *rdsOrchestrator) databaseCreate(c buffalo.Context, req *DatabaseCreateR
 	if req.Cluster != nil {
 		req.Cluster.Tags = normalizeTags(req.Cluster.Tags)
 
+		// set default storage encryption
+		if req.Cluster.StorageEncrypted == nil {
+			req.Cluster.StorageEncrypted = aws.Bool(true)
+		}
+
 		// set default subnet group
 		if req.Cluster.DBSubnetGroupName == nil {
 			req.Cluster.DBSubnetGroupName = aws.String(o.client.DefaultSubnetGroup)
@@ -62,7 +67,7 @@ func (o *rdsOrchestrator) databaseCreate(c buffalo.Context, req *DatabaseCreateR
 			MasterUserPassword:          req.Cluster.MasterUserPassword,
 			MasterUsername:              req.Cluster.MasterUsername,
 			Port:                        req.Cluster.Port,
-			StorageEncrypted:            aws.Bool(true),
+			StorageEncrypted:            req.Cluster.StorageEncrypted,
 			Tags:                        toRDSTags(req.Cluster.Tags),
 			VpcSecurityGroupIds:         req.Cluster.VpcSecurityGroupIds,
 		}
@@ -89,6 +94,11 @@ func (o *rdsOrchestrator) databaseCreate(c buffalo.Context, req *DatabaseCreateR
 	if req.Instance != nil {
 		req.Instance.Tags = normalizeTags(req.Instance.Tags)
 
+		// set default storage encryption
+		if req.Instance.StorageEncrypted == nil {
+			req.Instance.StorageEncrypted = aws.Bool(true)
+		}
+
 		// set default subnet group
 		if req.Instance.DBSubnetGroupName == nil {
 			req.Instance.DBSubnetGroupName = aws.String(o.client.DefaultSubnetGroup)
@@ -126,7 +136,7 @@ func (o *rdsOrchestrator) databaseCreate(c buffalo.Context, req *DatabaseCreateR
 			MultiAZ:                     req.Instance.MultiAZ,
 			Port:                        req.Instance.Port,
 			PubliclyAccessible:          aws.Bool(false),
-			StorageEncrypted:            aws.Bool(true),
+			StorageEncrypted:            req.Instance.StorageEncrypted,
 			Tags:                        toRDSTags(req.Instance.Tags),
 			VpcSecurityGroupIds:         req.Instance.VpcSecurityGroupIds,
 		}
diff --git a/actions/types.go b/actions/types.go
@@ -35,6 +35,7 @@ type CreateDBInstanceInput struct {
 	MasterUsername              *string
 	MultiAZ                     *bool
 	Port                        *int64
+	StorageEncrypted            *bool
 	Tags                        []*Tag
 	VpcSecurityGroupIds         []*string
 }
@@ -55,6 +56,7 @@ type CreateDBClusterInput struct {
 	Port                        *int64
 	ScalingConfiguration        *ScalingConfiguration
 	SnapshotIdentifier          *string
+	StorageEncrypted            *bool
 	Tags                        []*Tag
 	VpcSecurityGroupIds         []*string
 }
