diff --git a/IAM.md b/IAM.md
index 46f2da5..b7bf2b8 100644
--- a/IAM.md
+++ b/IAM.md
@@ -109,4 +109,4 @@ The Policy required is:
```
-
\ No newline at end of file
+
diff --git a/LICENSE b/LICENSE
index e48bb0b..0c7f267 100644
--- a/LICENSE
+++ b/LICENSE
@@ -186,7 +186,7 @@
same "printed page" as the copyright notice for easier
identification within third-party archives.
- Copyright 2023 SquareOps Technologies Pvt. Ltd.
+ Copyright 2023 SquareOps Technologies Pvt. Ltd.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
@@ -198,4 +198,4 @@
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
- limitations under the License.
\ No newline at end of file
+ limitations under the License.
diff --git a/README.md b/README.md
index 300947f..8f86774 100644
--- a/README.md
+++ b/README.md
@@ -5,71 +5,58 @@
### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
-We publish several terraform modules.
-
-Terraform Module to create AWS Aurora(mysql/postgresql) on AWS Cloud.
+This Terraform module provides a convenient way to create and manage an Amazon Aurora RDS (Relational Database Service) cluster in AWS. It supports creating both Aurora MySQL and Aurora PostgreSQL clusters.
+Features
+
+ 1. Creates an Amazon Aurora RDS cluster with customizable configuration.
+ 2. Supports both Aurora MySQL and Aurora PostgreSQL engine types.
+ 3. Allows for easy management of database instances, replicas, and failover.
+ 4. Configurable backup retention periods and preferred backup/maintenance windows.
+ 5. Option to enable encryption at rest using AWS Key Management Service (KMS).
+ 6. Flexible configuration for database parameter groups and security groups.
+ 7. Supports provisioning in existing VPCs and subnets.
+ 8. Enables autoscaling for Aurora MySQL read replicas.
+ 9. Support for serverless Aurora PostgreSQL and performance insights.
## Usage Example
```hcl
-module "aurora" {
- source = "gitlab.com/sq-ia/aws/rds-mysql.git"
- environment = "production"
- rds_instance_name = "skaf"
- create_security_group = true
- allowed_cidr_blocks = []
- allowed_security_groups = ["sg-xyzf8bdc01fd9skaf"]
- engine = "aurora-postgresql/aurora-mysql"
- engine_version = "13.7"
- instance_type = "db.r5.large"
- storage_encrypted = true
- kms_key_arn = "arn:aws:kms:us-east-2:222222222222:key/kms_key_arn"
- publicly_accessible = false
- master_username = "produser"
- database_name = "proddb"
- port = 3306
- vpc_id = "vpc-xyz5ed733e273skaf"
- subnets = ["subnet-xyz546125e075skaf","subnet-xyz8f0564e655skaf"]
- apply_immediately = true
- create_random_password = true
+ module "aurora" {
+ source = "git@github.com:sq-ia/terraform-aws-rds-aurora.git"
+ environment = "production"
+ port = "5432/3306" ## port for MySQL/postgreSQL
+ vpc_id = "vpc-xyz5ed733e273skaf"
+ family = "aurora-postgresql15/aurora-mysql5.7" #family
+ subnets = ["subnet-0d9a8dd2a6e", "subnet-0fd2c9e73d"]
+ engine = "aurora-postgresql/aurora-mysql"
+ engine_version = "15.2/5.7"
+ rds_instance_name = "skaf"
+ create_security_group = true
+ allowed_security_groups = ["sg-0a68018afd35"]
+ instance_type = "db.r5.large"
+ storage_encrypted = true
+ kms_key_arn = "arn:aws:kms:us-east-2:27122222228:key/73ff9e84-83e1-623338a9"
+ publicly_accessible = false
+ master_username = "devuser"
+ database_name = "devdb"
+ apply_immediately = true
+ create_random_password = true
skip_final_snapshot = true
- final_snapshot_identifier_prefix = "prod-snapshot"
snapshot_identifier = null
- preferred_maintenance_window = "Mon:00:00-Mon:03:00"
preferred_backup_window = "03:00-06:00"
+ preferred_maintenance_window = "Mon:00:00-Mon:03:00"
+ final_snapshot_identifier_prefix = "prod-snapshot"
backup_retention_period = 7
enable_ssl_connection = false
- family = "aurora-postgresql13/aurora-mysql5.7"
autoscaling_enabled = true
autoscaling_max = 4
autoscaling_min = 1
+ deletion_protection = false
predefined_metric_type = "RDSReaderAverageDatabaseConnections"
autoscaling_target_connections = 40
autoscaling_scale_in_cooldown = 60
autoscaling_scale_out_cooldown = 30
- deletion_protection = false
-
}
```
-
-## Important Notes
-- Used to create RDS resource with AWS aurora engines.
-- Contains the following features:
- 1. Engine Mode for provisioned or serverless.
- 2. Creation of a new security gorup with CIDR or Security group or both as ingress source.
- 3. Engine version and Parameter Group configurations based on database engine.
- 4. Generate a random master password.
- 5. Number of replicas to create in cluster.
- 6. Encrypted storage (with default or custom grenerated key)
- 7. Maintainence slot and backup window for prod env.
- 8. Option to skip final snapshot.
- 9. Launch RDS in multiple subnets.
- 10. Enable/Disable Deletion Protection.
- 11. Creates a new parameter group and cluster parameter group.
- 12. Cloudwatch monitoring and log export.
- 13. Enable/Disable Apply Immediately for changes.
- 14. SSL/TLS encryuption for connections.
-
-
## Security & Compliance [
](https://prowler.pro/)
Security scanning is graciously provided by Prowler. Proowler is the leading fully hosted, cloud-native solution providing continuous cluster security and compliance.
@@ -111,8 +98,8 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
|------|-------------|------|---------|:--------:|
| [allow\_major\_version\_upgrade](#input\_allow\_major\_version\_upgrade) | Determines whether major engine upgrades are allowed when changing engine version | `bool` | `false` | no |
| [allowed\_cidr\_blocks](#input\_allowed\_cidr\_blocks) | A list of CIDR blocks which are allowed to access the database | `list(string)` | `[]` | no |
-| [allowed\_security\_groups](#input\_allowed\_security\_groups) | A list of Security Group ID's to allow access to | `list(string)` | `[]` | no |
-| [apply\_immediately](#input\_apply\_immediately) | Determines whether or not any DB modifications are applied immediately, or during the maintenance window | `bool` | `false` | no |
+| [allowed\_security\_groups](#input\_allowed\_security\_groups) | A list of Security Group IDs to allow access to the database | `list(string)` | `[]` | no |
+| [apply\_immediately](#input\_apply\_immediately) | Specifies whether any cluster modifications are applied immediately or during the next maintenance window | `bool` | `false` | no |
| [autoscaling\_cpu](#input\_autoscaling\_cpu) | CPU usage to trigger autoscaling at | `number` | `70` | no |
| [autoscaling\_enabled](#input\_autoscaling\_enabled) | Whether to enable autoscaling for RDS Aurora (MySQL) read replicas | `bool` | `false` | no |
| [autoscaling\_max](#input\_autoscaling\_max) | Maximum number of replicas to allow scaling for | `number` | `3` | no |
@@ -120,17 +107,17 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
| [autoscaling\_scale\_in\_cooldown](#input\_autoscaling\_scale\_in\_cooldown) | Cooldown in seconds before allowing further scaling operations after a scale in | `number` | `300` | no |
| [autoscaling\_scale\_out\_cooldown](#input\_autoscaling\_scale\_out\_cooldown) | Cooldown in seconds before allowing further scaling operations after a scale out | `number` | `300` | no |
| [autoscaling\_target\_connections](#input\_autoscaling\_target\_connections) | No of connections on which aurora has to scale if predefined\_metric\_type is RDSReaderAverageDatabaseConnections | `number` | `50` | no |
-| [backup\_retention\_period](#input\_backup\_retention\_period) | How long to keep backups for (in days) | `number` | `null` | no |
+| [backup\_retention\_period](#input\_backup\_retention\_period) | The number of days to retain backups for | `number` | `null` | no |
| [create\_monitoring\_role](#input\_create\_monitoring\_role) | Set it to true to create IAM role for Enhanced monitoring. | `bool` | `false` | no |
-| [create\_random\_password](#input\_create\_random\_password) | Whether to create random password for RDS primary cluster | `bool` | `true` | no |
-| [create\_security\_group](#input\_create\_security\_group) | create security group or not | `bool` | `true` | no |
-| [database\_name](#input\_database\_name) | Name for an automatically created database on cluster creation | `string` | `""` | no |
-| [deletion\_protection](#input\_deletion\_protection) | provide accidental deletion protection | `bool` | `true` | no |
+| [create\_random\_password](#input\_create\_random\_password) | Whether to create a random password for the primary database cluster | `bool` | `true` | no |
+| [create\_security\_group](#input\_create\_security\_group) | Whether to create a security group or not | `bool` | `true` | no |
+| [database\_name](#input\_database\_name) | The name for an automatically created database on cluster creation | `string` | `""` | no |
+| [deletion\_protection](#input\_deletion\_protection) | Whether accidental deletion protection is enabled | `bool` | `true` | no |
| [enable\_http\_endpoint](#input\_enable\_http\_endpoint) | Whether or not to enable the Data API for a serverless Aurora database engine | `bool` | `false` | no |
| [enable\_ssl\_connection](#input\_enable\_ssl\_connection) | Whether or not to enable the ssl connection | `bool` | `false` | no |
-| [engine](#input\_engine) | engine type | `string` | `"aurora"` | no |
+| [engine](#input\_engine) | The name of the database engine to be used for this DB cluster | `string` | `"aurora"` | no |
| [engine\_mode](#input\_engine\_mode) | The database engine mode. Valid values: global, parallelquery, provisioned, serverless, multimaster | `string` | `"provisioned"` | no |
-| [engine\_version](#input\_engine\_version) | engine version | `string` | `""` | no |
+| [engine\_version](#input\_engine\_version) | The database engine version. Updating this argument results in an outage. | `string` | `""` | no |
| [environment](#input\_environment) | Select enviroment type: dev, demo, prod | `string` | `"demo"` | no |
| [family](#input\_family) | Version of aurora DB family being created | `string` | `"aurora-mysql5.7"` | no |
| [final\_snapshot\_identifier\_prefix](#input\_final\_snapshot\_identifier\_prefix) | The prefix name to use when creating a final snapshot on cluster destroy, appends a random 8 digits to name to ensure it's unique too. | `string` | `"final"` | no |
@@ -138,17 +125,17 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
| [instance\_type](#input\_instance\_type) | Instance type | `string` | `"db.m5.large"` | no |
| [instances\_config](#input\_instances\_config) | Map of cluster instances and any specific/overriding attributes to be created | `map(any)` | {
"one": {}
} | no |
| [kms\_key\_arn](#input\_kms\_key\_arn) | The ARN for the KMS encryption key. If creating an encrypted replica, set this to the destination KMS ARN. If storage\_encrypted is set to true and kms\_key\_id is not specified the default KMS key created in your account will be used | `string` | `null` | no |
-| [master\_username](#input\_master\_username) | Master DB username | `string` | `"root"` | no |
+| [master\_username](#input\_master\_username) | The username for the primary cluster | `string` | `"root"` | no |
| [monitoring\_interval](#input\_monitoring\_interval) | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to 0 to disble. Default is 0 | `number` | `0` | no |
| [performance\_insights\_enabled](#input\_performance\_insights\_enabled) | Specifies whether Performance Insights is enabled or not | `bool` | `null` | no |
| [performance\_insights\_kms\_key\_id](#input\_performance\_insights\_kms\_key\_id) | ARN of KMS key to encrypt performance insights data. | `string` | `null` | no |
| [performance\_insights\_retention\_period](#input\_performance\_insights\_retention\_period) | Retention period for performance insights data, Either 7 (7 days) or 731 (2 years). | `number` | `null` | no |
-| [port](#input\_port) | port for database | `number` | `3306` | no |
+| [port](#input\_port) | The port for the database | `number` | `3306` | no |
| [predefined\_metric\_type](#input\_predefined\_metric\_type) | The metric type to scale on. Valid values are RDSReaderAverageCPUUtilization and RDSReaderAverageDatabaseConnections | `string` | `"RDSReaderAverageDatabaseConnections"` | no |
-| [preferred\_backup\_window](#input\_preferred\_backup\_window) | When to perform DB backups | `string` | `""` | no |
-| [preferred\_maintenance\_window](#input\_preferred\_maintenance\_window) | When to perform DB maintenance | `string` | `""` | no |
-| [publicly\_accessible](#input\_publicly\_accessible) | Publicly accessible to the internet | `bool` | `false` | no |
-| [rds\_instance\_name](#input\_rds\_instance\_name) | RDS instance name | `string` | `"abc"` | no |
+| [preferred\_backup\_window](#input\_preferred\_backup\_window) | The maintenance window for performing database backup | `string` | `""` | no |
+| [preferred\_maintenance\_window](#input\_preferred\_maintenance\_window) | The maintenance window for performing database maintenance | `string` | `""` | no |
+| [publicly\_accessible](#input\_publicly\_accessible) | Specifies whether the database is publicly accessible over the internet | `bool` | `false` | no |
+| [rds\_instance\_name](#input\_rds\_instance\_name) | The name of the RDS instance | `string` | `""` | no |
| [scaling\_configuration](#input\_scaling\_configuration) | Map of nested attributes with scaling properties. Only valid when engine\_mode is set to `serverless` | `map(string)` | `{}` | no |
| [security\_group\_description](#input\_security\_group\_description) | The description of the security group. If value is set to empty string it will contain cluster name in the description | `string` | `"RDS Aurora SG managed by Terraform"` | no |
| [serverlessv2\_scaling\_configuration](#input\_serverlessv2\_scaling\_configuration) | Map of nested attributes with serverless v2 scaling properties. Only valid when engine\_mode is set to provisioned | `map(string)` | `{}` | no |
@@ -162,61 +149,33 @@ Security scanning is graciously provided by Prowler. Proowler is the leading ful
| Name | Description |
|------|-------------|
-| [rds\_cluster\_endpoint](#output\_rds\_cluster\_endpoint) | The cluster endpoint |
-| [rds\_cluster\_master\_password](#output\_rds\_cluster\_master\_password) | The master password |
-| [rds\_cluster\_master\_username](#output\_rds\_cluster\_master\_username) | The master username |
-| [rds\_cluster\_reader\_endpoint](#output\_rds\_cluster\_reader\_endpoint) | The cluster reader endpoint |
-| [security\_group\_id](#output\_security\_group\_id) | The security group ID of the cluster |
+| [rds\_cluster\_endpoint](#output\_rds\_cluster\_endpoint) | The endpoint URL of the Aurora cluster |
+| [rds\_cluster\_master\_password](#output\_rds\_cluster\_master\_password) | The master password for the Aurora cluster |
+| [rds\_cluster\_master\_username](#output\_rds\_cluster\_master\_username) | The master username for the Aurora cluster |
+| [rds\_cluster\_reader\_endpoint](#output\_rds\_cluster\_reader\_endpoint) | The reader endpoint URL of the Aurora cluster |
+| [security\_group\_id](#output\_security\_group\_id) | The security group ID associated with the Aurora cluster |
## Contribute & Issue Report
-To contribute to a project, you can typically:
-
- 1. Find the repository on a platform like GitHub
- 2. Fork the repository to your own account
- 3. Make changes to the code
- 4. Submit a pull request to the original repository
-
To report an issue with a project:
- 1. Check the repository's [issue tracker](https://github.com/squareops/terraform-aws-vpc/issues) on GitHub
- 2. Search to see if the issue has already been reported
- 3. If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Be sure to provide enough context and details so others can understand your problem.
- 4. Contributing to the project can be a great way to get involved and get help. The maintainers and other contributors may be more likely to help you if you're already making contributions to the project.
-
-## Our Other Projects
-
-We have a number of other projects that you might be interested in:
-
- 1. [terraform-aws-vpc](https://github.com/squareops/terraform-aws-vpc): Terraform module to create Networking resources for workload deployment on AWS Cloud.
-
- 2. [terraform-aws-keypair](https://github.com/squareops/terraform-aws-keypair): Terraform module which creates EC2 key pair on AWS. The private key will be stored on SSM.
-
- Follow Us:
-
- To stay updated on our projects and future release, follow us on
- [GitHub](https://github.com/squareops/),
- [LinkedIn](https://www.linkedin.com/company/squareops-technologies-pvt-ltd/)
-
- By joining our both the [email](https://github.com/squareops) and [Slack community](https://github.com/squareops), you can benefit from the different ways in which we provide support. You can receive timely notifications and updates through email and engage in real-time conversations and discussions with other members through Slack. This combination of resources can help you stay informed, get help when you need it, and contribute to the project in a meaningful way.
-
-## Security, Validation and pull-requests
-
-we have offered here excessive quality code and modules. Hence we are using several [pre-commit hooks](.pre-commit-config.yaml) and [GitHub Actions](https://gitlab.com/sq-ia/aws/eks/-/tree/v1.0.0#security-validation-and-pull-requests) as a workflow. So here we will create pull-requests to any branch and validate the request automatically using pre-commit tool.
+ 1. Check the repository's [issue tracker](https://github.com/sq-ia/terraform-aws-rds-aurora/issues) on GitHub
+ 2. Search to check if the issue has already been reported
+ 3. If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Make sure to provide enough context and details.
## License
-Apache License, Version 2.0, January 2004 (http://www.apache.org/licenses/).
+Apache License, Version 2.0, January 2004 (https://www.apache.org/licenses/LICENSE-2.0)
## Support Us
-To support a GitHub project by liking it, you can follow these steps:
+To support our GitHub project by liking it, you can follow these steps:
- 1. Visit the repository: Navigate to the GitHub repository that you want to support.
+ 1. Visit the repository: Navigate to the [GitHub repository](https://github.com/sq-ia/terraform-aws-rds-aurora)
- 2. Click the "Star" [button](https://github.com/squareops/terraform-aws-vpc): On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.
+ 2. Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.
3. Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.
@@ -226,7 +185,7 @@ Staring a repository on GitHub is a simple way to show your support and apprecia
We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.
- 1. We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 4 years.
+ 1. We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.
2. Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
3. Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
4. DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
@@ -235,5 +194,4 @@ We believe that the key to success in the digital age is the ability to deliver
We provide [support](https://squareops.com/contact-us/) on all of our projects, no matter how small or large they may be.
-You can find more information about our company on this [squareops.com](https://squareops.com/), follow us on [linkdin](https://www.linkedin.com/company/squareops-technologies-pvt-ltd/), or fill out a [job application](https://squareops.com/careers/). If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to [contact us](https://squareops.com/contact-us/).
-
+To find more information about our company, visit [squareops.com](https://squareops.com/), follow us on [Linkedin](https://www.linkedin.com/company/squareops-technologies-pvt-ltd/), or fill out a [job application](https://squareops.com/careers/). If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to [contact us](https://squareops.com/contact-us/).
diff --git a/examples/aurora/README.md b/examples/aurora/README.md
index 71ea5c1..0073d1b 100644
--- a/examples/aurora/README.md
+++ b/examples/aurora/README.md
@@ -14,7 +14,7 @@ No providers.
| Name | Source | Version |
|------|--------|---------|
-| [aurora](#module\_aurora) | ../../ | n/a |
+| [aurora](#module\_aurora) | git@github.com:sq-ia/terraform-aws-rds-aurora.git | n/a |
## Resources
@@ -28,9 +28,9 @@ No inputs.
| Name | Description |
|------|-------------|
-| [aurora\_cluster\_endpoint](#output\_aurora\_cluster\_endpoint) | The cluster endpoint |
-| [aurora\_cluster\_master\_password](#output\_aurora\_cluster\_master\_password) | The master password |
-| [aurora\_cluster\_master\_username](#output\_aurora\_cluster\_master\_username) | The master username |
-| [aurora\_cluster\_reader\_endpoint](#output\_aurora\_cluster\_reader\_endpoint) | The cluster reader endpoint |
-| [aurora\_security\_group\_id](#output\_aurora\_security\_group\_id) | The security group ID of the cluster |
+| [aurora\_cluster\_endpoint](#output\_aurora\_cluster\_endpoint) | The endpoint URL of the Aurora cluster |
+| [aurora\_cluster\_master\_password](#output\_aurora\_cluster\_master\_password) | The master password for the Aurora cluster |
+| [aurora\_cluster\_master\_username](#output\_aurora\_cluster\_master\_username) | The master username for the Aurora cluster |
+| [aurora\_cluster\_reader\_endpoint](#output\_aurora\_cluster\_reader\_endpoint) | The reader endpoint URL of the Aurora cluster |
+| [aurora\_security\_group\_id](#output\_aurora\_security\_group\_id) | The security group ID associated with the Aurora cluster |
diff --git a/examples/aurora/main.tf b/examples/aurora/main.tf
index 6680398..916564b 100644
--- a/examples/aurora/main.tf
+++ b/examples/aurora/main.tf
@@ -1,46 +1,51 @@
locals {
- environment = "production"
- name = "skaf"
- region = "us-east-2"
- db_instance_class = "db.r5.large"
- db_engine_version = "13.7"
+ environment = "production"
+ name = "skaf"
+ region = "us-east-2"
+ port = 5432 / 3306
+ family = "aurora-postgresql15/aurora-mysql5.7"
+ engine = "aurora-postgresql/aurora-mysql"
+ vpc_id = "vpc-00ae5511ee10671c1"
+ subnets = ["subnet-0d9a81939c6dd2a6e", "subnet-0fd26f0d73dc9e73d"]
+ kms_key_arn = "arn:aws:kms:us-east-2:271251951598:key/73ff9e84-83e1-4097-b388-fe29623338a9"
+ db_engine_version = "15.2/5.7"
+ db_instance_class = "db.r5.large"
+ allowed_security_groups = ["sg-0a680184e11eafd35"]
}
module "aurora" {
- source = "../../"
+ source = "git@github.com:sq-ia/terraform-aws-rds-aurora.git"
environment = local.environment
+ port = local.port
+ vpc_id = local.vpc_id
+ family = local.family
+ subnets = local.subnets
+ engine = local.engine
+ engine_version = local.db_engine_version
rds_instance_name = local.name
create_security_group = true
- allowed_cidr_blocks = []
- allowed_security_groups = ["sg-xyzf8bdc01fd9skaf"]
- engine = "aurora-postgresql"
- engine_version = local.db_engine_version
+ allowed_security_groups = local.allowed_security_groups
instance_type = local.db_instance_class
storage_encrypted = true
- kms_key_arn = "arn:aws:kms:us-east-2:222222222222:key/kms_key_arn"
+ kms_key_arn = local.kms_key_arn
publicly_accessible = false
master_username = "devuser"
database_name = "devdb"
- port = 3306
- vpc_id = "vpc-xyz5ed733e273skaf"
- subnets = ["subnet-xyz546125e075skaf", "subnet-xyz8f0564e655skaf"]
apply_immediately = true
create_random_password = true
skip_final_snapshot = true # Keeping final snapshot results in retention of DB options group and hence creates problems during destroy. So use this option wisely.
- final_snapshot_identifier_prefix = "prod-snapshot"
snapshot_identifier = null
- preferred_maintenance_window = "Mon:00:00-Mon:03:00"
preferred_backup_window = "03:00-06:00"
+ preferred_maintenance_window = "Mon:00:00-Mon:03:00"
+ final_snapshot_identifier_prefix = "prod-snapshot"
backup_retention_period = 7
enable_ssl_connection = false
- family = "aurora-postgresql13/mysql5.7"
autoscaling_enabled = true
autoscaling_max = 4
autoscaling_min = 1
+ deletion_protection = false
predefined_metric_type = "RDSReaderAverageDatabaseConnections"
autoscaling_target_connections = 40
autoscaling_scale_in_cooldown = 60
autoscaling_scale_out_cooldown = 30
- deletion_protection = false
}
-
diff --git a/examples/aurora/outputs.tf b/examples/aurora/outputs.tf
index 1bfc70b..36a0489 100644
--- a/examples/aurora/outputs.tf
+++ b/examples/aurora/outputs.tf
@@ -1,24 +1,24 @@
output "aurora_cluster_endpoint" {
- description = "The cluster endpoint"
+ description = "The endpoint URL of the Aurora cluster"
value = module.aurora.rds_cluster_endpoint
}
output "aurora_cluster_reader_endpoint" {
- description = "The cluster reader endpoint"
+ description = "The reader endpoint URL of the Aurora cluster"
value = module.aurora.rds_cluster_reader_endpoint
}
output "aurora_cluster_master_password" {
- description = "The master password"
+ description = "The master password for the Aurora cluster"
value = module.aurora.rds_cluster_master_password
}
output "aurora_cluster_master_username" {
- description = "The master username"
+ description = "The master username for the Aurora cluster"
value = module.aurora.rds_cluster_master_username
}
output "aurora_security_group_id" {
- description = "The security group ID of the cluster"
+ description = "The security group ID associated with the Aurora cluster"
value = module.aurora.security_group_id
}
diff --git a/examples/aurora/provider.tf b/examples/aurora/provider.tf
index 6181612..c291cce 100644
--- a/examples/aurora/provider.tf
+++ b/examples/aurora/provider.tf
@@ -1,3 +1,3 @@
provider "aws" {
region = local.region
-}
\ No newline at end of file
+}
diff --git a/outputs.tf b/outputs.tf
index dec3ae4..a2bb4ca 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,24 +1,24 @@
output "rds_cluster_endpoint" {
- description = "The cluster endpoint"
+ description = "The endpoint URL of the Aurora cluster"
value = module.aurora.cluster_endpoint
}
output "rds_cluster_reader_endpoint" {
- description = "The cluster reader endpoint"
+ description = "The reader endpoint URL of the Aurora cluster"
value = module.aurora.cluster_reader_endpoint
}
output "rds_cluster_master_password" {
- description = "The master password"
+ description = "The master password for the Aurora cluster"
value = nonsensitive(module.aurora.cluster_master_password)
}
output "rds_cluster_master_username" {
- description = "The master username"
+ description = "The master username for the Aurora cluster"
value = nonsensitive(module.aurora.cluster_master_username)
}
output "security_group_id" {
- description = "The security group ID of the cluster"
+ description = "The security group ID associated with the Aurora cluster"
value = module.aurora.security_group_id
}
diff --git a/variables.tf b/variables.tf
index 68c42c4..8c57ab1 100644
--- a/variables.tf
+++ b/variables.tf
@@ -11,51 +11,51 @@ variable "allow_major_version_upgrade" {
}
variable "allowed_security_groups" {
- description = "A list of Security Group ID's to allow access to"
+ description = "A list of Security Group IDs to allow access to the database"
type = list(string)
default = []
}
variable "apply_immediately" {
- description = "Determines whether or not any DB modifications are applied immediately, or during the maintenance window"
+ description = "Specifies whether any cluster modifications are applied immediately or during the next maintenance window"
type = bool
default = false
}
variable "backup_retention_period" {
- description = "How long to keep backups for (in days)"
+ description = "The number of days to retain backups for"
type = number
default = null
}
variable "create_random_password" {
- description = "Whether to create random password for RDS primary cluster"
+ description = "Whether to create a random password for the primary database cluster"
type = bool
default = true
}
variable "create_security_group" {
- description = "create security group or not"
+ description = "Whether to create a security group or not"
type = bool
default = true
}
variable "database_name" {
- description = "Name for an automatically created database on cluster creation"
+ description = "The name for an automatically created database on cluster creation"
type = string
default = ""
}
variable "deletion_protection" {
- description = "provide accidental deletion protection"
- default = true
+ description = "Whether accidental deletion protection is enabled"
type = bool
+ default = true
}
variable "engine" {
- description = "engine type"
- default = "aurora"
+ description = "The name of the database engine to be used for this DB cluster"
type = string
+ default = "aurora"
}
variable "enable_http_endpoint" {
@@ -66,8 +66,8 @@ variable "enable_http_endpoint" {
variable "enable_ssl_connection" {
description = "Whether or not to enable the ssl connection"
- default = false
type = bool
+ default = false
}
variable "engine_mode" {
@@ -77,15 +77,15 @@ variable "engine_mode" {
}
variable "engine_version" {
- description = "engine version"
- default = ""
+ description = "The database engine version. Updating this argument results in an outage."
type = string
+ default = ""
}
variable "environment" {
description = "Select enviroment type: dev, demo, prod"
- default = "demo"
type = string
+ default = "demo"
}
variable "family" {
@@ -102,8 +102,8 @@ variable "final_snapshot_identifier_prefix" {
variable "instance_type" {
description = "Instance type"
- default = "db.m5.large"
type = string
+ default = "db.m5.large"
}
variable "kms_key_arn" {
@@ -113,39 +113,39 @@ variable "kms_key_arn" {
}
variable "master_username" {
- description = "Master DB username"
+ description = "The username for the primary cluster"
type = string
default = "root"
}
variable "port" {
- description = "port for database"
+ description = "The port for the database"
type = number
default = 3306
}
variable "preferred_backup_window" {
- description = "When to perform DB backups"
+ description = "The maintenance window for performing database backup"
type = string
default = ""
}
variable "preferred_maintenance_window" {
- description = "When to perform DB maintenance"
+ description = "The maintenance window for performing database maintenance"
type = string
default = ""
}
variable "publicly_accessible" {
- description = "Publicly accessible to the internet"
- default = false
+ description = "Specifies whether the database is publicly accessible over the internet"
type = bool
+ default = false
}
variable "rds_instance_name" {
- description = "RDS instance name"
- default = "abc"
+ description = "The name of the RDS instance"
type = string
+ default = ""
}
variable "scaling_configuration" {
@@ -168,8 +168,8 @@ variable "skip_final_snapshot" {
variable "storage_encrypted" {
description = "Allow Database encryption or not"
- default = true
type = bool
+ default = true
}
variable "subnets" {
@@ -227,63 +227,63 @@ variable "snapshot_identifier" {
}
variable "instances_config" {
- type = map(any)
description = "Map of cluster instances and any specific/overriding attributes to be created"
+ type = map(any)
default = {
one = {}
}
}
variable "create_monitoring_role" {
+ description = "Set it to true to create IAM role for Enhanced monitoring."
type = bool
default = false
- description = "Set it to true to create IAM role for Enhanced monitoring."
}
variable "serverlessv2_scaling_configuration" {
+ description = "Map of nested attributes with serverless v2 scaling properties. Only valid when engine_mode is set to provisioned"
type = map(string)
default = {}
- description = "Map of nested attributes with serverless v2 scaling properties. Only valid when engine_mode is set to provisioned"
}
variable "performance_insights_retention_period" {
+ description = "Retention period for performance insights data, Either 7 (7 days) or 731 (2 years)."
type = number
default = null
- description = "Retention period for performance insights data, Either 7 (7 days) or 731 (2 years)."
}
variable "performance_insights_kms_key_id" {
+ description = "ARN of KMS key to encrypt performance insights data."
type = string
default = null
- description = "ARN of KMS key to encrypt performance insights data."
}
variable "performance_insights_enabled" {
+ description = "Specifies whether Performance Insights is enabled or not"
type = bool
default = null
- description = "Specifies whether Performance Insights is enabled or not"
}
variable "iam_database_authentication_enabled" {
+ description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
type = bool
default = null
- description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
}
variable "autoscaling_target_connections" {
+ description = "No of connections on which aurora has to scale if predefined_metric_type is RDSReaderAverageDatabaseConnections"
type = number
default = 50
- description = "No of connections on which aurora has to scale if predefined_metric_type is RDSReaderAverageDatabaseConnections"
}
variable "monitoring_interval" {
+ description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to 0 to disble. Default is 0"
type = number
default = 0
- description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to 0 to disble. Default is 0"
}
variable "predefined_metric_type" {
- type = string
description = "The metric type to scale on. Valid values are RDSReaderAverageCPUUtilization and RDSReaderAverageDatabaseConnections"
+ type = string
default = "RDSReaderAverageDatabaseConnections"
}