Terraform module which creates RDS resources on AWS.
- AAOps I can create a Postgres, MariaDB or MySQL database with its name, subnet, version, disk (type and size), maximum number of connections and activate (or not) high availability
- AAOps I can force SSL connections to the database
- AAOps I can store my DB credentials in SecretManager
- AAOps AAOps I can encrypt my database with an existing KMS Key (Custom or AWS-managed) or have it generated by the module
module "rds" {
source = "https://github.com/padok-team/terraform-aws-rds.git?ref=v1.0.1"
aws_region = "eu-west-3"
identifier = "rds-poc-library-multi-az"
## DATABASE
engine = "postgres"
engine_version = "13.4"
db_parameter_family = "postgres13"
name = "aws_rds_instance_poc_library_multi_az"
username = "aws_rds_instance_user_poc_library_multi_az"
## NETWORK
subnet_ids = ["subnet-0f55d716e3746c4db", "subnet-0ced4e0a55a479422", "subnet-0005a41a2318130e5"]
vpc_id = "vpc-0fcea78a178762e3f"
}- Postgres RDS instance with multi AZ
- MySQL RDS instance single AZ
- MariaDB RDS instance single AZ
- Cross-region backups
No modules.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| db_parameter_family | The family of the DB parameter group. Should be one of: postgres11, postgres12, postgres13, mysql5.6, mysql5.7, mysql8.0 for MySQL or Postgres | string |
n/a | yes |
| engine | Engine used for your RDS instance (mysql, postgres ...) | string |
n/a | yes |
| engine_version | Version of your engine | string |
n/a | yes |
| identifier | Unique identifier for your RDS instance. For example, aws_rds_instance_postgres_poc_library_break | string |
n/a | yes |
| subnet_ids | A list of VPC subnet IDs to create your db subnet group | list(string) |
n/a | yes |
| vpc_id | ID of the VPC to deploy the database to | string |
n/a | yes |
| allocated_storage | Storage allocated to your RDS instance in Gigabytes | number |
10 |
no |
| allow_major_version_upgrade | Indicates that major version upgrades are allowed | bool |
false |
no |
| apply_immediately | Specifies if database modifications should be applied immediately, or during the next maintenance window | bool |
false |
no |
| arn_custom_backups_kms_key | Arn of your custom KMS Key for backups. | string |
null |
no |
| arn_custom_kms_key | Arn of your custom KMS Key. Useful only if custom_kms_key is set to true | string |
null |
no |
| arn_custom_kms_key_secret | Encrypt AWS secret with CMK | string |
null |
no |
| auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | bool |
true |
no |
| availability_zone | Availability zone to use when Multi AZ is disabled | string |
"eu-west-3a" |
no |
| backup_retention_period | Backup retention period | number |
30 |
no |
| cross_region_backup_replication | Wheter or not enable cross region backups replication | bool |
true |
no |
| deletion_protection | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true | bool |
true |
no |
| force_ssl | Force SSL for DB connections, only works with Postgres engine | string |
true |
no |
| iam_database_authentication_enabled | Specifies whether or not mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled | bool |
false |
no |
| instance_class | Instance class for your RDS instance | string |
"db.t3.micro" |
no |
| maintenance_window | The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' | string |
"Mon:00:00-Mon:03:00" |
no |
| max_allocated_storage | When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance | number |
50 |
no |
| multi_az | Set to true to deploy a multi AZ RDS instance | bool |
false |
no |
| name | Name of your database in your RDS instance | string |
"aws_padok_database_instance" |
no |
| parameters | List of paramaters to add to the database | list(object({ |
[] |
no |
| password_length | Password length for db master user, Minimum length is 25 | number |
40 |
no |
| performance_insights_enabled | Set to true to enable performance insights on your RDS instance | bool |
true |
no |
| port | The port on which the DB accepts connections. Default is chosen depeding on the engine | number |
null |
no |
| publicly_accessible | Boolean to control if instance is publicly accessible. | bool |
false |
no |
| rds_secret_recovery_window_in_days | Secret recovery window in days | number |
10 |
no |
| rds_skip_final_snapshot | If set to true, a final DB snapshot will be created before the DB instance is deleted | bool |
false |
no |
| security_group_ids | Security group IDs allowed to connect to the RDS Instance | list(string) |
[] |
no |
| storage_type | One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD) | string |
"gp2" |
no |
| username | Name of the master user for the database in your RDS Instance | string |
"admin" |
no |
| Name | Description |
|---|---|
| security_group | Security group of the RDS Instance |
| this | RDS Instance |
- Read Replicas
- RDS Proxy
See LICENSE for full details.
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.