Skip to content

Commit

Permalink
add examples for RDS proxy, RDS , Aurora Cluster and Aurora serverless
Browse files Browse the repository at this point in the history
  • Loading branch information
@vijay-stephen
vijay-stephen committed Nov 1, 2024
1 parent d28a4eb commit a44ded3
Show file tree
Hide file tree
Showing 42 changed files with 1,362 additions and 585 deletions.
38 changes: 25 additions & 13 deletions README.md
View file

Large diffs are not rendered by default.

35 changes: 20 additions & 15 deletions aurora-cluster.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
resource "random_password" "master" {
count = var.password == null && var.manage_user_password == false ? 1 : 0
count = var.password == null && var.manage_user_password == null ? 1 : 0

length = 41
special = true
override_special = "!#*^"
Expand All @@ -20,19 +21,23 @@ resource "random_password" "master" {
}

resource "aws_rds_cluster" "this" {
count = var.engine_type == "cluster" ? 1 : 0

cluster_identifier = var.name
engine = var.engine
engine_version = var.engine_version
engine_mode = var.engine_mode
engine_mode = var.engine_mode == "serverless" ? "provisioned" : var.engine_mode
port = var.port
master_username = var.username
master_password = var.password == null && var.manage_user_password == false ? random_password.master[0].result : var.password
master_password = var.password == null && var.manage_user_password == null ? random_password.master[0].result : var.password
manage_master_user_password = var.manage_user_password
database_name = var.database_name
db_cluster_instance_class = strcontains(var.engine, "aurora") ? null : var.db_server_class
vpc_security_group_ids = local.security_group_ids_to_attach
db_subnet_group_name = var.db_subnet_group_data.name
db_cluster_parameter_group_name = var.db_cluster_parameter_group_name
db_instance_parameter_group_name = var.db_instance_parameter_group_name
allocated_storage = strcontains(var.engine, "aurora") ? null : var.allocated_storage
backup_retention_period = var.backup_retention_period
preferred_backup_window = var.preferred_backup_window
preferred_maintenance_window = var.preferred_maintenance_window
Expand All @@ -42,7 +47,7 @@ resource "aws_rds_cluster" "this" {
ca_certificate_identifier = var.ca_certificate_identifier
kms_key_id = var.kms_data.create ? aws_kms_alias.this[0].target_key_arn : (var.kms_data.kms_key_id == null ? data.aws_kms_alias.rds.target_key_arn : var.kms_data.kms_key_id)
performance_insights_enabled = var.performance_insights_enabled
performance_insights_kms_key_id = var.kms_data.create ? aws_kms_alias.this[0].target_key_arn : (var.kms_data.performance_insights_kms_key_id == null ? data.aws_kms_alias.rds.target_key_arn : var.performance_insights_kms_key_id)
performance_insights_kms_key_id = var.kms_data.create ? aws_kms_alias.this[0].target_key_arn : (var.kms_data.performance_insights_kms_key_id == null ? data.aws_kms_alias.rds.target_key_arn : var.kms_data.performance_insights_kms_key_id)
deletion_protection = var.deletion_protection
delete_automated_backups = var.delete_automated_backups
skip_final_snapshot = var.skip_final_snapshot
Expand Down Expand Up @@ -70,13 +75,13 @@ resource "aws_rds_cluster" "this" {
resource "aws_rds_cluster_instance" "this" {
for_each = { for idx, instance in var.rds_cluster_instances : idx => instance }

cluster_identifier = aws_rds_cluster.this.id
identifier = each.value.name != null ? each.value.name : "${aws_rds_cluster.this.id}-${each.key + 1}"
cluster_identifier = aws_rds_cluster.this[0].id
identifier = each.value.name != null ? each.value.name : "${aws_rds_cluster.this[0].id}-${each.key + 1}"
instance_class = each.value.instance_class
engine = aws_rds_cluster.this.engine
engine_version = aws_rds_cluster.this.engine_version
db_subnet_group_name = aws_rds_cluster.this.db_subnet_group_name
engine = aws_rds_cluster.this[0].engine
engine_version = aws_rds_cluster.this[0].engine_version
db_subnet_group_name = aws_rds_cluster.this[0].db_subnet_group_name
availability_zone = each.value.availability_zone
publicly_accessible = each.value.publicly_accessible
db_parameter_group_name = each.value.db_parameter_group_name
Expand All @@ -85,9 +90,9 @@ resource "aws_rds_cluster_instance" "this" {
auto_minor_version_upgrade = var.auto_minor_version_upgrade
ca_cert_identifier = var.ca_cert_identifier
monitoring_interval = var.monitoring_interval
monitoring_role_arn = var.monitoring_role_arn
monitoring_role_arn = var.monitoring_interval > 0 ? (var.monitoring_role_arn == null ? aws_iam_role.enhanced_monitoring[0].arn : var.monitoring_role_arn) : null
performance_insights_enabled = var.performance_insights_enabled
performance_insights_kms_key_id = var.kms_data.create ? aws_kms_alias.this[0].target_key_arn : (var.kms_data.performance_insights_kms_key_id == null ? data.aws_kms_alias.rds.target_key_arn : var.performance_insights_kms_key_id)
performance_insights_kms_key_id = var.kms_data.create ? aws_kms_alias.this[0].target_key_arn : (var.kms_data.performance_insights_kms_key_id == null ? data.aws_kms_alias.rds.target_key_arn : var.kms_data.performance_insights_kms_key_id)
performance_insights_retention_period = var.performance_insights_retention_period
promotion_tier = each.value.promotion_tier
copy_tags_to_snapshot = each.value.copy_tags_to_snapshot
Expand All @@ -100,10 +105,10 @@ resource "aws_ssm_parameter" "database_creds" {
description = "Database credentials"
type = "SecureString"
value = jsonencode({
"username" : aws_rds_cluster.this.master_username
"password" : aws_rds_cluster.this.master_password
"database" : aws_rds_cluster.this.database_name
"port" : aws_rds_cluster.this.port
"username" : local.username
"password" : local.password
"database" : local.database
"port" : local.port
})

tags = var.tags
Expand Down
22 changes: 17 additions & 5 deletions common.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ resource "aws_db_parameter_group" "this" {
content {
name = parameter.value.name
value = parameter.value.value
apply_method = parameter.value
apply_method = parameter.value.apply_method
}
}

Expand All @@ -62,7 +62,7 @@ resource "aws_db_parameter_group" "this" {
################################################################################

resource "aws_kms_key" "this" {
count = var.kms_data.create ? 0 : 1
count = var.kms_data.create ? 1 : 0

description = var.kms_data.description == null ? "RDS KMS key" : var.kms_data.description
deletion_window_in_days = var.kms_data.deletion_window_in_days
Expand All @@ -74,7 +74,7 @@ resource "aws_kms_key" "this" {
}

resource "aws_kms_alias" "this" {
count = var.kms_data.create ? 0 : 1
count = var.kms_data.create ? 1 : 0

name = var.kms_data.name == null ? "alias/${local.prefix}-${var.name}-kms-key" : "alias/${var.kms_data.name}"
target_key_id = aws_kms_key.this[0].id
Expand Down Expand Up @@ -103,7 +103,7 @@ resource "aws_iam_role" "enhanced_monitoring" {
tags = var.tags
}

resource "aws_iam_policy" "enhanced_monitoring" {
resource "aws_iam_policy" "logs" {
count = var.monitoring_interval > 0 && var.monitoring_role_arn == null ? 1 : 0

name = "${local.prefix}-${var.name}-policy"
Expand All @@ -129,5 +129,17 @@ resource "aws_iam_role_policy_attachment" "attach_policy" {
count = var.monitoring_interval > 0 && var.monitoring_role_arn == null ? 1 : 0

role = aws_iam_role.enhanced_monitoring[0].name
policy_arn = aws_iam_policy.enhanced_monitoring[0].arn
policy_arn = aws_iam_policy.logs[0].arn
}

data "aws_iam_policy" "enhanced_monitoring" {
count = var.monitoring_interval > 0 && var.monitoring_role_arn == null ? 1 : 0
arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
}

resource "aws_iam_role_policy_attachment" "enhanced_monitoring" {
count = var.monitoring_interval > 0 && var.monitoring_role_arn == null ? 1 : 0

role = aws_iam_role.enhanced_monitoring[0].name
policy_arn = data.aws_iam_policy.enhanced_monitoring[0].arn
}
83 changes: 0 additions & 83 deletions docs/example/README.md
View file

This file was deleted.

Loading

0 comments on commit a44ded3

Please sign in to comment.