From bd7d39f5bdc2f0847deddebc79eccbff84f95307 Mon Sep 17 00:00:00 2001 From: Travis Saucier Date: Tue, 23 Apr 2024 17:11:58 -0400 Subject: [PATCH] upgrade upstream modules to support latest versions. update module inputs for additional support. --- .terraform-version | 2 +- README.md | 30 +++++---- example/.terraform-version | 1 + example/.terraform.lock.hcl | 124 +++++++++++++++++------------------- example/README.md | 9 +-- example/main.tf | 40 +++++++++--- main.tf | 17 +++-- variables.tf | 40 +++++++++--- versions.tf | 8 +-- 9 files changed, 160 insertions(+), 111 deletions(-) create mode 100644 example/.terraform-version diff --git a/.terraform-version b/.terraform-version index e47cceb..7324740 100644 --- a/.terraform-version +++ b/.terraform-version @@ -1 +1 @@ -latest:^1.4 +latest:^1.7 diff --git a/README.md b/README.md index 67b56c2..49207c2 100644 --- a/README.md +++ b/README.md @@ -56,10 +56,10 @@ module "aurora" { | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | ~> 1.3 | -| [aws](#requirement\_aws) | ~> 4.0 | -| [null](#requirement\_null) | ~> 3.1.1 | -| [random](#requirement\_random) | ~> 3.4.0 | +| [terraform](#requirement\_terraform) | >= 1.3, < 2.0.0 | +| [aws](#requirement\_aws) | >= 4.0 | +| [null](#requirement\_null) | >= 3.1.1 | +| [random](#requirement\_random) | >= 3.4.0 | ## Providers @@ -72,9 +72,9 @@ module "aurora" { | Name | Source | Version | |------|--------|---------| -| [aurora\_cluster](#module\_aurora\_cluster) | git::https://github.com/cloudposse/terraform-aws-rds-cluster.git | 1.7.0 | -| [db\_management](#module\_db\_management) | git::https://github.com/cloudposse/terraform-aws-s3-bucket | 3.0.0 | -| [rds\_instance](#module\_rds\_instance) | git::https://github.com/cloudposse/terraform-aws-rds | 0.40.0 | +| [aurora\_cluster](#module\_aurora\_cluster) | git::https://github.com/cloudposse/terraform-aws-rds-cluster.git | 1.9.0 | +| [db\_management](#module\_db\_management) | git::https://github.com/cloudposse/terraform-aws-s3-bucket | 4.2.0 | +| [rds\_instance](#module\_rds\_instance) | git::https://github.com/cloudposse/terraform-aws-rds | 1.1.1 | | [this](#module\_this) | cloudposse/label/null | 0.25.0 | ## Resources @@ -122,6 +122,7 @@ module "aurora" { | [aurora\_db\_admin\_username](#input\_aurora\_db\_admin\_username) | Name of the default DB admin user role | `string` | `""` | no | | [aurora\_db\_name](#input\_aurora\_db\_name) | Database name. | `string` | `"auroradb"` | no | | [aurora\_db\_port](#input\_aurora\_db\_port) | Port for the Aurora DB instance to use. | `number` | `5432` | no | +| [aurora\_enabled\_cloudwatch\_logs\_exports](#input\_aurora\_enabled\_cloudwatch\_logs\_exports) | List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL). | `list(string)` | `[]` | no | | [aurora\_engine](#input\_aurora\_engine) | The name of the database engine to be used for this DB cluster. Valid values: `aurora`, `aurora-mysql`, `aurora-postgresql` | `string` | `"aurora-postgresql"` | no | | [aurora\_engine\_mode](#input\_aurora\_engine\_mode) | The database engine mode. Valid values: `parallelquery`, `provisioned`, `serverless` | `string` | `"provisioned"` | no | | [aurora\_engine\_version](#input\_aurora\_engine\_version) | The version of the database engine tocl use. See `aws rds describe-db-engine-versions` | `string` | `"14.5"` | no | @@ -130,7 +131,7 @@ module "aurora" { | [aurora\_scaling\_configuration](#input\_aurora\_scaling\_configuration) | List of nested attributes with scaling properties. Only valid when engine\_mode is set to serverless | 
list(object({
    auto_pause               = bool
    max_capacity             = number
    min_capacity             = number
    seconds_until_auto_pause = number
    timeout_action           = string
  }))
| `[]` | no | | [aurora\_security\_groups](#input\_aurora\_security\_groups) | List of security group IDs to be allowed to connect to the DB instance | `list(string)` | `[]` | no | | [aurora\_serverlessv2\_scaling\_configuration](#input\_aurora\_serverlessv2\_scaling\_configuration) | serverlessv2 scaling properties | 
object({
    min_capacity = number
    max_capacity = number
  })
| `null` | no | -| [aurora\_storage\_type](#input\_aurora\_storage\_type) | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD) or aurora-iopt1 | `string` | `null` | no | +| [aurora\_storage\_type](#input\_aurora\_storage\_type) | One of 'standard' (magnetic), 'gp2' / 'gp3' (general purpose SSD), or 'io1' (provisioned IOPS SSD) or aurora-iopt1 | `string` | `null` | no | | [aurora\_subnets](#input\_aurora\_subnets) | Subnets for the cluster to run in. | `list(string)` | `[]` | no | | [context](#input\_context) | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | `any` | 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "descriptor_formats": {},
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_key_case": null,
  "label_order": [],
  "label_value_case": null,
  "labels_as_tags": [
    "unset"
  ],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {},
  "tenant": null
}
| no | | [deletion\_protection](#input\_deletion\_protection) | Protect the instance from being deleted | `bool` | `false` | no | @@ -155,6 +156,7 @@ module "aurora" { | [performance\_insights\_kms\_key\_id](#input\_performance\_insights\_kms\_key\_id) | The ARN for the KMS key to encrypt Performance Insights data. When specifying `performance_insights_kms_key_id`, `performance_insights_enabled` needs to be set to true | `string` | `""` | no | | [performance\_insights\_retention\_period](#input\_performance\_insights\_retention\_period) | Amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years) | `number` | `null` | no | | [rds\_enable\_custom\_option\_group](#input\_rds\_enable\_custom\_option\_group) | Enable the custom Option Group for restoring backups via S3 | `bool` | `false` | no | +| [rds\_enabled\_cloudwatch\_logs\_exports](#input\_rds\_enabled\_cloudwatch\_logs\_exports) | List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL). | `list(string)` | `[]` | no | | [rds\_instance\_allocated\_storage](#input\_rds\_instance\_allocated\_storage) | The allocated storage in GBs. Required unless a snapshot\_identifier or replicate\_source\_db is provided. | `number` | `20` | no | | [rds\_instance\_allow\_major\_version\_upgrade](#input\_rds\_instance\_allow\_major\_version\_upgrade) | Allow major version upgrade | `bool` | `false` | no | | [rds\_instance\_allowed\_cidr\_blocks](#input\_rds\_instance\_allowed\_cidr\_blocks) | The whitelisted CIDRs which to allow ingress traffic to the DB instance | `list(string)` | `[]` | no | @@ -170,17 +172,18 @@ module "aurora" { | [rds\_instance\_database\_user](#input\_rds\_instance\_database\_user) | The name of the database to create when the DB instance is created | `string` | `"admin"` | no | | [rds\_instance\_db\_options](#input\_rds\_instance\_db\_options) | A list of DB options to apply with an option group. Depends on DB engine | 
list(object({
    db_security_group_memberships  = list(string)
    option_name                    = string
    port                           = number
    version                        = string
    vpc_security_group_memberships = list(string)

    option_settings = list(object({
      name  = string
      value = string
    }))
  }))
| `[]` | no | | [rds\_instance\_db\_parameter](#input\_rds\_instance\_db\_parameter) | A list of DB parameters to apply. Note that parameters may differ from a DB family to another | 
list(object({
    apply_method = string
    name         = string
    value        = string
  }))
| `[]` | no | -| [rds\_instance\_db\_parameter\_group](#input\_rds\_instance\_db\_parameter\_group) | The DB parameter group family name. The value depends on DB engine used. See DBParameterGroupFamily for instructions on how to retrieve applicable value. | `string` | `"postgres14"` | no | +| [rds\_instance\_db\_parameter\_group](#input\_rds\_instance\_db\_parameter\_group) | The DB parameter group family name. The value depends on DB engine used. See [DBParameterGroupFamily](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html#API_CreateDBParameterGroup_RequestParameters) for instructions on how to retrieve applicable value | `string` | `"postgres16"` | no | +| [rds\_instance\_db\_parameter\_group\_name](#input\_rds\_instance\_db\_parameter\_group\_name) | Name of the DB parameter group to associate. | `string` | `""` | no | | [rds\_instance\_dns\_zone\_id](#input\_rds\_instance\_dns\_zone\_id) | The ID of the DNS Zone in Route53 where a new DNS record will be created for the DB host name | `string` | `""` | no | | [rds\_instance\_enabled](#input\_rds\_instance\_enabled) | Enable creation of an RDS instance | `bool` | `false` | no | | [rds\_instance\_engine](#input\_rds\_instance\_engine) | Database engine type. Required unless a snapshot\_identifier or replicate\_source\_db is provided. For supported values, see the Engine parameter in API action CreateDBInstance. | `string` | `"postgres"` | no | -| [rds\_instance\_engine\_version](#input\_rds\_instance\_engine\_version) | Database engine version, depends on engine type. Required unless a snapshot\_identifier or replicate\_source\_db is provided. | `string` | `"14.3"` | no | +| [rds\_instance\_engine\_version](#input\_rds\_instance\_engine\_version) | Database engine version, depends on engine type. Required unless a snapshot\_identifier or replicate\_source\_db is provided. | `string` | `"16.2"` | no | | [rds\_instance\_host\_name](#input\_rds\_instance\_host\_name) | The DB host name created in Route53 | `string` | `"db"` | no | -| [rds\_instance\_instance\_class](#input\_rds\_instance\_instance\_class) | Class of RDS instance | `string` | `"db.t2.medium"` | no | +| [rds\_instance\_instance\_class](#input\_rds\_instance\_instance\_class) | Class of RDS instance | `string` | `"db.t3.medium"` | no | | [rds\_instance\_iops](#input\_rds\_instance\_iops) | RDS instance IOPS | `number` | `0` | no | | [rds\_instance\_license\_model](#input\_rds\_instance\_license\_model) | License model for this DB. Optional, but required for some DB Engines. Valid values: license-included \| bring-your-own-license \| general-public-license | `string` | `""` | no | | [rds\_instance\_maintenance\_window](#input\_rds\_instance\_maintenance\_window) | The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi' UTC | `string` | `"Mon:03:00-Mon:04:00"` | no | -| [rds\_instance\_major\_engine\_version](#input\_rds\_instance\_major\_engine\_version) | major\_engine\_version Database MAJOR engine version, depends on engine type | `string` | `"14"` | no | +| [rds\_instance\_major\_engine\_version](#input\_rds\_instance\_major\_engine\_version) | major\_engine\_version Database MAJOR engine version, depends on engine type | `string` | `"16"` | no | | [rds\_instance\_multi\_az](#input\_rds\_instance\_multi\_az) | Set to true if multi AZ deployment must be supported | `bool` | `false` | no | | [rds\_instance\_name](#input\_rds\_instance\_name) | RDS Instance name | `string` | `""` | no | | [rds\_instance\_name\_override](#input\_rds\_instance\_name\_override) | If `true`, this will set a the RDS Instance name to what is defined in var.rds\_instance\_name.
If `false`, this will prepend ${var.namespace}-${var.environment} to ${var.rds\_instance\_name}" | `bool` | `false` | no | @@ -190,10 +193,11 @@ module "aurora" { | [rds\_instance\_skip\_final\_snapshot](#input\_rds\_instance\_skip\_final\_snapshot) | If true (default), no snapshot will be made before deleting DB | `bool` | `true` | no | | [rds\_instance\_snapshot\_identifier](#input\_rds\_instance\_snapshot\_identifier) | Snapshot identifier e.g: rds:production-2019-06-26-06-05. If specified, the module create cluster from the snapshot | `string` | `null` | no | | [rds\_instance\_storage\_encrypted](#input\_rds\_instance\_storage\_encrypted) | Specifies whether the DB instance is encrypted. The default is false if not specified | `bool` | `true` | no | -| [rds\_instance\_storage\_type](#input\_rds\_instance\_storage\_type) | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD) | `string` | `"gp2"` | no | +| [rds\_instance\_storage\_type](#input\_rds\_instance\_storage\_type) | One of 'standard' (magnetic), 'gp2' / 'gp3' (general purpose SSD), or 'io1' (provisioned IOPS SSD) | `string` | `"gp3"` | no | | [rds\_instance\_subnet\_ids](#input\_rds\_instance\_subnet\_ids) | List of subnet IDs for the DB. DB instance will be created in the VPC associated with the DB subnet group provisioned using the subnet IDs. Specify one of subnet\_ids, db\_subnet\_group\_name or availability\_zone | `list(string)` | `[]` | no | | [rds\_kms\_key\_arn\_override](#input\_rds\_kms\_key\_arn\_override) | Override the default created KMS key to encrypt storage | `string` | `""` | no | | [rds\_kms\_key\_id\_override](#input\_rds\_kms\_key\_id\_override) | Override the default created KMS key ID to encrypt storage | `string` | `""` | no | +| [rds\_monitoring\_interval](#input\_rds\_monitoring\_interval) | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. Valid Values are 0, 1, 5, 10, 15, 30, 60 | `number` | `0` | no | | [rds\_random\_admin\_password\_length](#input\_rds\_random\_admin\_password\_length) | Length of the generated random password. | `number` | `64` | no | | [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.
Characters matching the regex will be removed from the ID elements.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no | | [region](#input\_region) | Region which the resource is deployed to | `string` | `"us-east-1"` | no | diff --git a/example/.terraform-version b/example/.terraform-version new file mode 100644 index 0000000..7324740 --- /dev/null +++ b/example/.terraform-version @@ -0,0 +1 @@ +latest:^1.7 diff --git a/example/.terraform.lock.hcl b/example/.terraform.lock.hcl index 9363805..fe85915 100644 --- a/example/.terraform.lock.hcl +++ b/example/.terraform.lock.hcl @@ -2,92 +2,84 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "4.45.0" - constraints = ">= 2.0.0, >= 3.0.0, ~> 4.0, >= 4.9.0, >= 4.23.0" + version = "5.46.0" + constraints = ">= 2.0.0, >= 3.0.0, >= 4.0.0, >= 4.9.0, >= 4.23.0, >= 5.0.0" hashes = [ - "h1:AKX4R3U+kBpQB5oU08kSrzl5CLsMhbK+BKZVrwYDXZQ=", - "h1:ZFb6RqY48Fe+18sOC62wiE38XYPaTg98RJZO+EnsvCU=", - "h1:hJ8sqJFjzU/rc5mXEocl1b0wOrbkrsuOvMBP7vPdL8g=", - "zh:22da03786f25658a000d1bcc28c780816a97e7e8a1f59fff6eee7d452830e95e", - "zh:2543be56eee0491eb0c79ca1c901dcbf71da26625961fe719f088263fef062f4", - "zh:31a1da1e3beedfd88c3c152ab505bdcf330427f26b75835885526f7bb75c4857", - "zh:4409afe50f225659d5f378fe9303a45052953a1219f7f1acc82b69d07528b7ba", - "zh:4dadec3b783f10d2f8eef3dab5e817baae9c932a7967d45fe3d77fcbcbdaa438", - "zh:55be80d6e24828dcb0db7a0226fb275415c1c0ad63dd2f33b76f3ac0cd64e6a6", - "zh:560bba29efb7dbe0bfcc937369d88817aa31a8d18aa25395b1afe2576cb04495", - "zh:6caacc202e83438ff63d5d96733e283f44e349668d96c6b1c5c7df463ebf85cc", - "zh:6cabab83a61d5b4ac801c5a5d57556a0e76ec8dc879d28cf777509db5f6a657e", - "zh:96c4528bf9c16edb8841b68479ec51c499ed7fa680462fa28caeab3fc168bb43", + "h1:d0Mf33mbbQujZ/JaYkqmH5gZGvP+iEIWf9yBSiOwimE=", + "zh:05ae6180a7f23071435f6e5e59c19af0b6c5da42ee600c6c1568c8660214d548", + "zh:0d878d1565d5e57ce6b34ec5f04b28662044a50c999ec5770c374aa1f1020de2", + "zh:25ef1467af2514d8011c44759307445f7057836ff87dfe4503c3e1c9776d5c1a", + "zh:26c006df6200f0063b827aab05bec94f9f3f77848e82ed72e48a51d1170d1961", + "zh:37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274", + "zh:4315b0433c2fc512666c74e989e2d95240934ef370bea1c690d36cb02d30c4ce", + "zh:75df0b3f631b78aeff1832cc77d99b527c2a5e79d40f7aac40bdc4a66124dac2", + "zh:90693d936c9a556d2bf945de4920ff82052002eb73139bd7164fafd02920f0ef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:cdc0b47ff840d708fbf75abfe86d23dc7f1dffdd233a771822a17b5c637f4769", - "zh:d9a9583e82776d1ebb6cf6c3d47acc2b302f8778f470ceffe7579dc794eb1feb", - "zh:e9367ca9f6f6418a23cdf8d01f29dd0c4f614e78499f52a767a422e4c334b915", - "zh:f6d355a2fb3bcebb597f68bbca4fa2aaa364efd29240236c582375e219d77656", + "zh:c9177ad09804c60fd2ed25950570407b6bdcdf0fcc309e1673b584f06a827fae", + "zh:ca8e8db24a4d62d92afd8d3d383b81a08693acac191a2e0a110fb46deeff56a3", + "zh:d5fa3a36e13957d63bfe9bbd6df0426a2422214403aac9f20b60c36f8d9ebec6", + "zh:e4ede44a112296c9cc77b15e439e41ee15c0e8b3a0dec94ae34df5ebba840e8b", + "zh:f2d4de8d8cde69caffede1544ebea74e69fcc4552e1b79ae053519a05c060706", + "zh:fc19e9266b1841d4a3aeefa8a5b5ad6988baed6540f85a373b6c2d0dc1ca5830", ] } provider "registry.terraform.io/hashicorp/null" { - version = "3.1.1" - constraints = ">= 2.0.0, ~> 3.1.1" + version = "3.2.2" + constraints = ">= 2.0.0, >= 3.1.1" hashes = [ - "h1:1J3nqAREzuaLE7x98LEELCCaMV6BRiawHSg9MmFvfQo=", - "h1:Pctug/s/2Hg5FJqjYcTM0kPyx3AoYK1MpRWO0T9V2ns=", - "h1:YvH6gTaQzGdNv+SKTZujU1O0bO+Pw6vJHOPhqgN8XNs=", - "zh:063466f41f1d9fd0dd93722840c1314f046d8760b1812fa67c34de0afcba5597", - "zh:08c058e367de6debdad35fc24d97131c7cf75103baec8279aba3506a08b53faf", - "zh:73ce6dff935150d6ddc6ac4a10071e02647d10175c173cfe5dca81f3d13d8afe", + "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=", + "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7", + "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a", + "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3", + "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606", + "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546", + "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539", + "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8fdd792a626413502e68c195f2097352bdc6a0df694f7df350ed784741eb587e", - "zh:976bbaf268cb497400fd5b3c774d218f3933271864345f18deebe4dcbfcd6afa", - "zh:b21b78ca581f98f4cdb7a366b03ae9db23a73dfa7df12c533d7c19b68e9e72e5", - "zh:b7fc0c1615dbdb1d6fd4abb9c7dc7da286631f7ca2299fb9cd4664258ccfbff4", - "zh:d1efc942b2c44345e0c29bc976594cb7278c38cfb8897b344669eafbc3cddf46", - "zh:e356c245b3cd9d4789bab010893566acace682d7db877e52d40fc4ca34a50924", - "zh:ea98802ba92fcfa8cf12cbce2e9e7ebe999afbf8ed47fa45fc847a098d89468b", - "zh:eff8872458806499889f6927b5d954560f3d74bf20b6043409edf94d26cd906f", + "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422", + "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae", + "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1", + "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e", ] } provider "registry.terraform.io/hashicorp/random" { - version = "3.4.3" - constraints = "~> 3.4.0" + version = "3.6.1" + constraints = ">= 3.4.0" hashes = [ - "h1:hXUPrH8igYBhatzatkp80RCeeUJGu9lQFDyKemOlsTo=", - "h1:saZR+mhthL0OZl4SyHXZraxyaBNVMxiZzks78nWcZ2o=", - "h1:tL3katm68lX+4lAncjQA9AXL4GR/VM+RPwqYf4D2X8Q=", - "zh:41c53ba47085d8261590990f8633c8906696fa0a3c4b384ff6a7ecbf84339752", - "zh:59d98081c4475f2ad77d881c4412c5129c56214892f490adf11c7e7a5a47de9b", - "zh:686ad1ee40b812b9e016317e7f34c0d63ef837e084dea4a1f578f64a6314ad53", + "h1:a+Goawwh6Qtg4/bRWzfDtIdrEFfPlnVy0y4LdUQY3nI=", + "zh:2a0ec154e39911f19c8214acd6241e469157489fc56b6c739f45fbed5896a176", + "zh:57f4e553224a5e849c99131f5e5294be3a7adcabe2d867d8a4fef8d0976e0e52", + "zh:58f09948c608e601bd9d0a9e47dcb78e2b2c13b4bda4d8f097d09152ea9e91c5", + "zh:5c2a297146ed6fb3fe934c800e78380f700f49ff24dbb5fb5463134948e3a65f", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:84103eae7251384c0d995f5a257c72b0096605048f757b749b7b62107a5dccb3", - "zh:8ee974b110adb78c7cd18aae82b2729e5124d8f115d484215fd5199451053de5", - "zh:9dd4561e3c847e45de603f17fa0c01ae14cae8c4b7b4e6423c9ef3904b308dda", - "zh:bb07bb3c2c0296beba0beec629ebc6474c70732387477a65966483b5efabdbc6", - "zh:e891339e96c9e5a888727b45b2e1bb3fcbdfe0fd7c5b4396e4695459b38c8cb1", - "zh:ea4739860c24dfeaac6c100b2a2e357106a89d18751f7693f3c31ecf6a996f8d", - "zh:f0c76ac303fd0ab59146c39bc121c5d7d86f878e9a69294e29444d4c653786f8", - "zh:f143a9a5af42b38fed328a161279906759ff39ac428ebcfe55606e05e1518b93", + "zh:7ce41e26f0603e31cdac849085fc99e5cd5b3b73414c6c6d955c0ceb249b593f", + "zh:8c9e8d30c4ef08ee8bcc4294dbf3c2115cd7d9049c6ba21422bd3471d92faf8a", + "zh:93e91be717a7ffbd6410120eb925ebb8658cc8f563de35a8b53804d33c51c8b0", + "zh:982542e921970d727ce10ed64795bf36c4dec77a5db0741d4665230d12250a0d", + "zh:b9d1873f14d6033e216510ef541c891f44d249464f13cc07d3f782d09c7d18de", + "zh:cfe27faa0bc9556391c8803ade135a5856c34a3fe85b9ae3bdd515013c0c87c1", + "zh:e4aabf3184bbb556b89e4b195eab1514c86a2914dd01c23ad9813ec17e863a8a", ] } provider "registry.terraform.io/hashicorp/time" { - version = "0.9.1" + version = "0.11.1" constraints = ">= 0.7.0" hashes = [ - "h1:UHcDnIYFZ00uoou0TwPGMwOrE8gTkoRephIvdwDAK70=", - "h1:VxyoYYOCaJGDmLz4TruZQTSfQhvwEcMxvcKclWdnpbs=", - "h1:XYUT7lKAKuaHbCTp/WnjWBjz/C86JGvQUfS2s473Pjg=", - "zh:00a1476ecf18c735cc08e27bfa835c33f8ac8fa6fa746b01cd3bcbad8ca84f7f", - "zh:3007f8fc4a4f8614c43e8ef1d4b0c773a5de1dcac50e701d8abc9fdc8fcb6bf5", - "zh:5f79d0730fdec8cb148b277de3f00485eff3e9cf1ff47fb715b1c969e5bbd9d4", + "h1:pQGSL9mdgw4qsLndFYsEF93mbsIxyxNoAyIbBqhS3Xo=", + "zh:19a393db736ec4fd024d098d55aefaef07056c37a448ece3b55b3f5f4c2c7e4a", + "zh:227fa1e221de2907f37be78d40c06ca6a6f7b243a1ec33ade014dfaf6d92cd9c", + "zh:29970fecbf4a3ca23bacbb05d6b90cdd33dd379f90059fe39e08289951502d9f", + "zh:65024596f22f10e7dcb5e0e4a75277f275b529daa0bc0daf34ca7901c678ab88", + "zh:694d080cb5e3bf5ef08c7409208d061c135a4f5f4cdc93ea8607860995264b2e", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:8c8094689a2bed4bb597d24a418bbbf846e15507f08be447d0a5acea67c2265a", - "zh:a6d9206e95d5681229429b406bc7a9ba4b2d9b67470bda7df88fa161508ace57", - "zh:aa299ec058f23ebe68976c7581017de50da6204883950de228ed9246f309e7f1", - "zh:b129f00f45fba1991db0aa954a6ba48d90f64a738629119bfb8e9a844b66e80b", - "zh:ef6cecf5f50cda971c1b215847938ced4cb4a30a18095509c068643b14030b00", - "zh:f1f46a4f6c65886d2dd27b66d92632232adc64f92145bf8403fe64d5ffa5caea", - "zh:f79d6155cda7d559c60d74883a24879a01c4d5f6fd7e8d1e3250f3cd215fb904", - "zh:fd59fa73074805c3575f08cd627eef7acda14ab6dac2c135a66e7a38d262201c", + "zh:b29d15d13e1b3412e6a4e1627d378dbd102659132f7488f64017dd6b6d5216d3", + "zh:bb79f4cae9f8c17c73998edc54aa16c2130a03227f7f4e71fc6ac87e230575ec", + "zh:ceccf80e95929d97f62dcf1bb3c7c7553d5757b2d9e7d222518722fc934f7ad5", + "zh:f40e638336527490e294d9c938ae55919069e6987e85a80506784ba90348792a", + "zh:f99ef33b1629a3b2278201142a3011a8489e66d92da832a5b99e442204de18fb", + "zh:fded14754ea46fdecc62a52cd970126420d4cd190e598cb61190b4724a727edb", ] } diff --git a/example/README.md b/example/README.md index ea9302e..d37cf0e 100644 --- a/example/README.md +++ b/example/README.md @@ -3,21 +3,22 @@ | Name | Version | |------|---------| -| [terraform](#requirement\_terraform) | ~> 1.3 | -| [aws](#requirement\_aws) | ~> 4.0 | +| [terraform](#requirement\_terraform) | >= 1.3, < 2.0.0 | +| [aws](#requirement\_aws) | >= 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | 4.45.0 | +| [aws](#provider\_aws) | 5.46.0 | ## Modules | Name | Source | Version | |------|--------|---------| | [aurora](#module\_aurora) | ../ | n/a | -| [rds\_sql\_server](#module\_rds\_sql\_server) | sourcefuse/arc-db/aws | 2.0.3 | +| [rds\_postgresql](#module\_rds\_postgresql) | ../ | n/a | +| [rds\_sql\_server](#module\_rds\_sql\_server) | ../ | n/a | ## Resources diff --git a/example/main.tf b/example/main.tf index 82956f7..58674e9 100644 --- a/example/main.tf +++ b/example/main.tf @@ -2,12 +2,12 @@ ## defaults ################################################################################ terraform { - required_version = "~> 1.3" + required_version = ">= 1.3, < 2.0.0" required_providers { aws = { source = "hashicorp/aws" - version = "~> 4.0" + version = ">= 4.0" } } } @@ -27,7 +27,7 @@ data "aws_caller_identity" "this" {} ## aurora cluster module "aurora" { source = "../" - # version = "2.0.3" + environment = var.environment namespace = var.namespace region = var.region @@ -55,8 +55,8 @@ module "aurora" { ## sql server rds instance module "rds_sql_server" { - source = "sourcefuse/arc-db/aws" - version = "2.0.3" + source = "../" + environment = var.environment namespace = var.namespace region = var.region @@ -72,16 +72,16 @@ module "rds_sql_server" { rds_instance_database_user = "example_db_admin" rds_instance_database_port = 1433 rds_instance_engine = "sqlserver-ex" // express edition. - rds_instance_engine_version = "15.00.4236.7.v1" - rds_instance_major_engine_version = "15.00" - rds_instance_db_parameter_group = "default.sqlserver-ex-15.0" + rds_instance_engine_version = "16.00.4105.2.v1" + rds_instance_major_engine_version = "16.00" + rds_instance_db_parameter_group = "default.sqlserver-ex-16.0" rds_instance_db_parameter = [] rds_instance_db_options = [] rds_enable_custom_option_group = true rds_instance_ca_cert_identifier = "rds-ca-2019" rds_instance_publicly_accessible = false rds_instance_multi_az = false - rds_instance_storage_type = "gp2" + rds_instance_storage_type = "gp3" rds_instance_instance_class = "db.t3.small" rds_instance_allocated_storage = 25 rds_instance_storage_encrypted = false // sql server express doesn't support encryption at rest @@ -99,3 +99,25 @@ module "rds_sql_server" { rds_instance_subnet_ids = data.aws_subnets.private.ids additional_ingress_rules_rds = var.additional_ingress_rules_rds } + +## sql server rds instance +module "rds_postgresql" { + source = "../" + + environment = var.environment + namespace = var.namespace + region = var.region + vpc_id = data.aws_vpc.vpc.id + + account_id = data.aws_caller_identity.this.id + rds_instance_enabled = true + rds_instance_name = "postgresql-example" + enhanced_monitoring_name = "postgresql-example-enhanced-monitoring" + rds_instance_database_name = "arc" + rds_instance_database_user = "example_db_admin" + + rds_instance_security_group_ids = data.aws_security_groups.db_sg.ids + rds_instance_allowed_cidr_blocks = [data.aws_vpc.vpc.cidr_block] + rds_instance_subnet_ids = data.aws_subnets.private.ids + additional_ingress_rules_rds = var.additional_ingress_rules_rds +} diff --git a/main.tf b/main.tf index 1d0cd5a..853cdbb 100644 --- a/main.tf +++ b/main.tf @@ -135,7 +135,7 @@ resource "random_password" "rds_db_admin_password" { ## aurora cluster ################################################################################ module "aurora_cluster" { - source = "git::https://github.com/cloudposse/terraform-aws-rds-cluster.git?ref=1.7.0" + source = "git::https://github.com/cloudposse/terraform-aws-rds-cluster.git?ref=1.9.0" count = var.aurora_cluster_enabled == true ? 1 : 0 name = local.aurora_cluster_name @@ -164,12 +164,12 @@ module "aurora_cluster" { storage_type = var.aurora_storage_type iops = var.aurora_iops copy_tags_to_snapshot = true - # enable monitoring every 30 seconds - rds_monitoring_interval = 30 + rds_monitoring_interval = var.rds_monitoring_interval performance_insights_enabled = var.performance_insights_enabled performance_insights_kms_key_id = var.performance_insights_enabled ? coalesce(var.performance_insights_kms_key_id, aws_kms_key.aurora_cluster_kms_key[0].arn) : "" performance_insights_retention_period = var.performance_insights_retention_period + enabled_cloudwatch_logs_exports = var.aurora_enabled_cloudwatch_logs_exports vpc_security_group_ids = var.vpc_security_group_ids kms_key_arn = var.kms_key_arn @@ -205,7 +205,7 @@ resource "aws_security_group_rule" "additional_ingress_rules_aurora" { ## s3 db management ################################################################################ module "db_management" { - source = "git::https://github.com/cloudposse/terraform-aws-s3-bucket?ref=3.0.0" + source = "git::https://github.com/cloudposse/terraform-aws-s3-bucket?ref=4.2.0" count = var.rds_enable_custom_option_group == true ? 1 : 0 name = "${local.rds_instance_name}-db-management" @@ -361,7 +361,7 @@ resource "aws_db_instance_role_association" "this" { ################################################################################ module "rds_instance" { count = var.rds_instance_enabled == true ? 1 : 0 - source = "git::https://github.com/cloudposse/terraform-aws-rds?ref=0.40.0" + source = "git::https://github.com/cloudposse/terraform-aws-rds?ref=1.1.1" name = local.rds_instance_name @@ -380,6 +380,11 @@ module "rds_instance" { deletion_protection = var.deletion_protection iops = var.rds_instance_iops # monitoring_role_arn = aws_iam_role.enhanced_monitoring.arn // TODO - make this conditional + enabled_cloudwatch_logs_exports = var.rds_enabled_cloudwatch_logs_exports + monitoring_interval = var.rds_monitoring_interval + performance_insights_enabled = var.performance_insights_enabled + performance_insights_kms_key_id = var.performance_insights_kms_key_id + performance_insights_retention_period = var.performance_insights_retention_period kms_key_arn = var.rds_instance_storage_encrypted == false ? "" : var.rds_kms_key_arn_override != "" ? var.rds_kms_key_arn_override : aws_kms_key.rds_db_kms_key[0].arn database_name = var.rds_instance_database_name @@ -389,7 +394,7 @@ module "rds_instance" { engine = var.rds_instance_engine engine_version = var.rds_instance_engine_version major_engine_version = var.rds_instance_major_engine_version - parameter_group_name = var.rds_instance_db_parameter_group + parameter_group_name = var.rds_instance_db_parameter_group_name db_parameter_group = var.rds_instance_db_parameter_group db_parameter = var.rds_instance_db_parameter db_options = var.rds_instance_db_options diff --git a/variables.tf b/variables.tf index 5530a3a..f6718e9 100644 --- a/variables.tf +++ b/variables.tf @@ -313,19 +313,25 @@ variable "rds_instance_engine" { variable "rds_instance_engine_version" { type = string description = "Database engine version, depends on engine type. Required unless a snapshot_identifier or replicate_source_db is provided." - default = "14.3" + default = "16.2" } variable "rds_instance_major_engine_version" { type = string description = "major_engine_version Database MAJOR engine version, depends on engine type" - default = "14" + default = "16" } variable "rds_instance_db_parameter_group" { type = string - description = "The DB parameter group family name. The value depends on DB engine used. See DBParameterGroupFamily for instructions on how to retrieve applicable value." - default = "postgres14" + description = "The DB parameter group family name. The value depends on DB engine used. See [DBParameterGroupFamily](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html#API_CreateDBParameterGroup_RequestParameters) for instructions on how to retrieve applicable value" + default = "postgres16" +} + +variable "rds_instance_db_parameter_group_name" { + type = string + description = "Name of the DB parameter group to associate." + default = "" } variable "rds_kms_key_arn_override" { @@ -391,16 +397,28 @@ variable "rds_instance_multi_az" { default = false } +variable "rds_enabled_cloudwatch_logs_exports" { + type = list(string) + description = "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL)." + default = [] +} + +variable "rds_monitoring_interval" { + type = number + description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. Valid Values are 0, 1, 5, 10, 15, 30, 60" + default = 0 +} + variable "rds_instance_storage_type" { type = string - description = "One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD)" - default = "gp2" + description = "One of 'standard' (magnetic), 'gp2' / 'gp3' (general purpose SSD), or 'io1' (provisioned IOPS SSD)" + default = "gp3" } variable "rds_instance_instance_class" { type = string description = "Class of RDS instance" - default = "db.t2.medium" + default = "db.t3.medium" } variable "rds_instance_allocated_storage" { @@ -493,6 +511,12 @@ variable "rds_instance_license_model" { default = "" } +variable "aurora_enabled_cloudwatch_logs_exports" { + type = list(string) + description = "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL)." + default = [] +} + variable "performance_insights_enabled" { type = bool default = false @@ -532,7 +556,7 @@ variable "iam_database_authentication_enabled" { variable "aurora_storage_type" { type = string - description = "One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD) or aurora-iopt1" + description = "One of 'standard' (magnetic), 'gp2' / 'gp3' (general purpose SSD), or 'io1' (provisioned IOPS SSD) or aurora-iopt1" default = null } diff --git a/versions.tf b/versions.tf index 568f6bc..527a4ba 100644 --- a/versions.tf +++ b/versions.tf @@ -1,19 +1,19 @@ terraform { - required_version = "~> 1.3" + required_version = ">= 1.3, < 2.0.0" required_providers { aws = { source = "hashicorp/aws" - version = "~> 4.0" + version = ">= 4.0" } null = { source = "hashicorp/null" - version = "~> 3.1.1" + version = ">= 3.1.1" } random = { - version = "~> 3.4.0" + version = ">= 3.4.0" source = "hashicorp/random" } }