From 52e900238a8bca26dce279e1b4aa1b7dce4f0c63 Mon Sep 17 00:00:00 2001 From: pkuber-tamr Date: Wed, 30 Jun 2021 17:36:12 -0400 Subject: [PATCH 1/3] Accept list of security groups and return list of ports used by RDS --- CHANGELOG.md | 5 +++ README.md | 7 ++-- VERSION | 2 +- examples/minimal/README.md | 7 +++- examples/minimal/main.tf | 26 +++++++++++-- examples/minimal/outputs.tf | 7 ++++ examples/minimal/variables.tf | 18 +++++++++ main.tf | 11 +----- modules/rds-postgres-ports/README.md | 46 +++++++++++++++++++++++ modules/rds-postgres-ports/outputs.tf | 7 ++++ modules/rds-postgres-ports/variables.tf | 13 +++++++ modules/rds-postgres-sg/README.md | 50 ------------------------- modules/rds-postgres-sg/main.tf | 28 -------------- modules/rds-postgres-sg/outputs.tf | 3 -- modules/rds-postgres-sg/variables.tf | 27 ------------- modules/rds-postgres-sg/versions.tf | 6 --- outputs.tf | 6 +-- 17 files changed, 133 insertions(+), 136 deletions(-) create mode 100644 examples/minimal/outputs.tf create mode 100644 modules/rds-postgres-ports/README.md create mode 100644 modules/rds-postgres-ports/outputs.tf create mode 100644 modules/rds-postgres-ports/variables.tf delete mode 100644 modules/rds-postgres-sg/README.md delete mode 100644 modules/rds-postgres-sg/main.tf delete mode 100644 modules/rds-postgres-sg/outputs.tf delete mode 100644 modules/rds-postgres-sg/variables.tf delete mode 100644 modules/rds-postgres-sg/versions.tf diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e6615a..69addda 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # Tamr Terraform Template Repo +## v2.0.0 - June 30th 2021 +* Accepts a list of security groups +* Returns a list of ports used by RDS +* Removes ability for the creation of security groups + ## v1.0.0 - April 12th 2021 * Updates minimum Terraform version to 13 * Updates minimum AWS provider version to 3.36.0 diff --git a/README.md b/README.md index c5d9af1..156ceff 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This repo follows the [terraform standard module structure](https://www.terrafor Inline example implementation of the module. This is the most basic example of what it would look like to use this module. ``` module "rds_postgres" { - source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=0.4.0" + source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=2.0.0" postgres_name = "example_rds_postgres" parameter_group_name = "example-rds-postgres-pg" identifier_prefix = "example-rds-" @@ -29,7 +29,6 @@ This terraform module will create: * an AWS RDS Postgres instance * a database parameter group * a database subnet group -* a security group for the rds instance ## Requirements @@ -49,7 +48,6 @@ This terraform module will create: | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | | password | The password for the master DB user. | `string` | n/a | yes | | rds\_subnet\_ids | VPC subnet IDs in subnet group | `list(string)` | n/a | yes | | subnet\_group\_name | The name of the subnet group to add the RDS instance to | `string` | n/a | yes | @@ -64,6 +62,7 @@ This terraform module will create: | db\_port | The port on which the database accepts connections. | `number` | `5432` | no | | engine\_version | Version of RDS Postgres | `string` | `"12.3"` | no | | identifier\_prefix | Identifier prefix for the RDS instance | `string` | `"tamr-rds-"` | no | +| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | `[]` | no | | instance\_class | Instance class | `string` | `"db.m4.large"` | no | | maintenance\_window | Maintenance window | `string` | `"sun:04:32-sun:05:02"` | no | | max\_allocated\_storage | Max allocate storage | `number` | `1000` | no | @@ -84,7 +83,7 @@ This terraform module will create: | rds\_hostname | n/a | | rds\_postgres\_id | ID of the of the RDS instance | | rds\_postgres\_pg\_id | ID of the RDS postgres parameter group | -| rds\_sg\_id | ID of the security group attached to the rds instance | +| rds\_security\_group\_ids | List of security group ids attached to the rds instance | | rds\_username | n/a | diff --git a/VERSION b/VERSION index 3eefcb9..227cea2 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.0.0 +2.0.0 diff --git a/examples/minimal/README.md b/examples/minimal/README.md index 0e0304f..5af147e 100644 --- a/examples/minimal/README.md +++ b/examples/minimal/README.md @@ -12,11 +12,16 @@ No provider. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | +| name-prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes | | subnet\_ids | List of at least 2 subnets in different AZs for DB subnet group | `list(string)` | n/a | yes | | vpc\_id | VPC ID of network. | `string` | n/a | yes | +| additional\_ports | Additional ports to add to the output of this module | `list(number)` | `[]` | no | +| ports | Ports used by the Elasticsearch | `list(number)` | 
[
  5432
]
| no | ## Outputs -No output. +| Name | Description | +|------|-------------| +| ingress\_ports | List of ingress ports | diff --git a/examples/minimal/main.tf b/examples/minimal/main.tf index af17377..57767da 100644 --- a/examples/minimal/main.tf +++ b/examples/minimal/main.tf @@ -1,12 +1,12 @@ module "rds_postgres" { - # source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=0.4.0" + # source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=2.0.0" source = "../.." identifier_prefix = "example-rds-pg-" postgres_name = "example0" parameter_group_name = "example-rds-postgres-pg" - username = "example-tamr-master" - password = "foo" #tfsec:ignore:GEN003 + username = "exampleUsername" + password = "examplePassword" #tfsec:ignore:GEN003 vpc_id = var.vpc_id subnet_group_name = "example_subnet_group" @@ -14,3 +14,23 @@ module "rds_postgres" { rds_subnet_ids = var.subnet_ids ingress_sg_ids = var.ingress_sg_ids } + +module "sg-ports" { + # source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=2.0.0" + source = "../../modules/rds-postgres-ports" +} + +module "rds-postgres-sg" { + source = "git::git@github.com:Datatamer/terraform-aws-security-groups.git?ref=1.0.0" + vpc_id = var.vpc_id + ingress_cidr_blocks = [ + "1.2.3.0/24" + ] + egress_cidr_blocks = [ + "0.0.0.0/0" + ] + ingress_ports = module.sg-ports.ingress_ports + sg_name_prefix = var.name-prefix + egress_protocol = "all" + ingress_protocol = "tcp" +} diff --git a/examples/minimal/outputs.tf b/examples/minimal/outputs.tf new file mode 100644 index 0000000..f5dbe82 --- /dev/null +++ b/examples/minimal/outputs.tf @@ -0,0 +1,7 @@ +output "ingress_ports" { + value = concat( + var.ports, + var.additional_ports, + ) + description = "List of ingress ports" +} diff --git a/examples/minimal/variables.tf b/examples/minimal/variables.tf index 2351263..0bd2af5 100644 --- a/examples/minimal/variables.tf +++ b/examples/minimal/variables.tf @@ -12,3 +12,21 @@ variable "ingress_sg_ids" { description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)" type = list(string) } + +variable "name-prefix" { + description = "A string to prepend to names of resources created by this example" +} + +variable "ports" { + type = list(number) + description = "Ports used by RDS Postgres" + default = [ + 5432 + ] +} + +variable "additional_ports" { + type = list(number) + description = "Additional ports to add to the output of this module" + default = [] +} diff --git a/main.tf b/main.tf index decbb1e..d3ddb41 100644 --- a/main.tf +++ b/main.tf @@ -10,15 +10,6 @@ resource "aws_db_subnet_group" "rds_postgres_subnet_group" { subnet_ids = var.rds_subnet_ids } -module "rds_sg" { - source = "./modules/rds-postgres-sg" - ingress_sg_ids = var.ingress_sg_ids - vpc_id = var.vpc_id - security_group_name = var.security_group_name - additional_cidrs = var.additional_cidrs - additional_tags = var.additional_tags -} - resource "aws_db_instance" "rds_postgres" { name = var.postgres_name @@ -39,7 +30,7 @@ resource "aws_db_instance" "rds_postgres" { db_subnet_group_name = aws_db_subnet_group.rds_postgres_subnet_group.name multi_az = true publicly_accessible = false - vpc_security_group_ids = [module.rds_sg.rds_sg_id] + vpc_security_group_ids = var.ingress_sg_ids parameter_group_name = aws_db_parameter_group.rds_postgres_pg.name maintenance_window = var.maintenance_window diff --git a/modules/rds-postgres-ports/README.md b/modules/rds-postgres-ports/README.md new file mode 100644 index 0000000..6db767f --- /dev/null +++ b/modules/rds-postgres-ports/README.md @@ -0,0 +1,46 @@ +# Tamr AWS RDS Postgres Ports Module +This module returns a list of ports used by the RDS Postgres Service. + +# Examples +## Basic +Inline example implementation of the module. This is the most basic example of what it would look like to use this module. +``` +module "rds_postgres" { + source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres//modules/es-ports?ref=2.0.0" +} +``` + +# Resources Created +This module creates no resources. + + +## Requirements + +No requirements. + +## Providers + +No provider. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| additional\_ports | Additional ports to add to the output of this module | `list(number)` | `[]` | no | +| ports | Ports used by RDS Postgres | `list(number)` | 
[
  5432
]
| no | + +## Outputs + +| Name | Description | +|------|-------------| +| ingress\_ports | List of ingress ports | + + + +# References +This repo is based on: +* [terraform standard module structure](https://www.terraform.io/docs/modules/index.html#standard-module-structure) +* [templated terraform module](https://github.com/tmknom/template-terraform-module) + +# License +Apache 2 Licensed. See LICENSE for full details. diff --git a/modules/rds-postgres-ports/outputs.tf b/modules/rds-postgres-ports/outputs.tf new file mode 100644 index 0000000..f5dbe82 --- /dev/null +++ b/modules/rds-postgres-ports/outputs.tf @@ -0,0 +1,7 @@ +output "ingress_ports" { + value = concat( + var.ports, + var.additional_ports, + ) + description = "List of ingress ports" +} diff --git a/modules/rds-postgres-ports/variables.tf b/modules/rds-postgres-ports/variables.tf new file mode 100644 index 0000000..459414a --- /dev/null +++ b/modules/rds-postgres-ports/variables.tf @@ -0,0 +1,13 @@ +variable "ports" { + type = list(number) + description = "Ports used by RDS Postgres" + default = [ + 5432 + ] +} + +variable "additional_ports" { + type = list(number) + description = "Additional ports to add to the output of this module" + default = [] +} diff --git a/modules/rds-postgres-sg/README.md b/modules/rds-postgres-sg/README.md deleted file mode 100644 index 622d1f2..0000000 --- a/modules/rds-postgres-sg/README.md +++ /dev/null @@ -1,50 +0,0 @@ -# Tamr AWS RDS Security Groups Terraform Module -This terraform module creates the security group and the security group rules for the AWS RDS instance - -# Example -``` -module "rds_sg" { - source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git//modules/rds-postgres-sg?ref=0.4.0" - ingress_sg_ids = ["sg-examplesparksecuritygroup1", "sg-examplesparksecuritygroup2", "sg-exampletamrvmsecuritygroup"] - vpc_id = "vpc-examplevpcid" - security_group_name = "examplerdssecuritygroup" - additional_cidrs = ["1.2.3.4/32"] -} -``` - -# Resources Created -This terraform module will create: -* a security group for the RDS instance -* security group rules if additional CIDRs are provided - - -## Requirements - -| Name | Version | -|------|---------| -| terraform | >= 0.12 | -| aws | >= 2.45.0 | - -## Providers - -| Name | Version | -|------|---------| -| aws | >= 2.45.0 | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | -| vpc\_id | VPC ID for the rds security group | `string` | n/a | yes | -| additional\_cidrs | Additional CIDR to connect to RDS Postgres instance | `list(string)` | `[]` | no | -| additional\_tags | Additional tags to set on the RDS instance | `map(string)` | `{}` | no | -| security\_group\_name | Name for the security group for the rds instance | `string` | `"tamr_rds_sg"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| rds\_sg\_id | n/a | - - diff --git a/modules/rds-postgres-sg/main.tf b/modules/rds-postgres-sg/main.tf deleted file mode 100644 index cb1b12a..0000000 --- a/modules/rds-postgres-sg/main.tf +++ /dev/null @@ -1,28 +0,0 @@ -resource "aws_security_group" "rds_postgres_sg" { - name = var.security_group_name - description = "VPC Security group that will be attached to the RDS Postgres instance" - vpc_id = var.vpc_id - tags = var.additional_tags -} - -resource "aws_security_group_rule" "pg_ingress" { - description = "Ingress rule to Postgres DB instance." - count = length(var.ingress_sg_ids) - from_port = 5432 - protocol = "tcp" - security_group_id = aws_security_group.rds_postgres_sg.id - to_port = 5432 - type = "ingress" - source_security_group_id = var.ingress_sg_ids[count.index] -} - -resource "aws_security_group_rule" "additional_cidrs" { - description = "Rule for ingress from additional CIDRs to Postgres" - count = length(var.additional_cidrs) == 0 ? 0 : 1 - from_port = 5432 - protocol = "tcp" - security_group_id = aws_security_group.rds_postgres_sg.id - to_port = 5432 - type = "ingress" - cidr_blocks = var.additional_cidrs -} diff --git a/modules/rds-postgres-sg/outputs.tf b/modules/rds-postgres-sg/outputs.tf deleted file mode 100644 index 15bacf7..0000000 --- a/modules/rds-postgres-sg/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "rds_sg_id" { - value = aws_security_group.rds_postgres_sg.id -} diff --git a/modules/rds-postgres-sg/variables.tf b/modules/rds-postgres-sg/variables.tf deleted file mode 100644 index bd4dd72..0000000 --- a/modules/rds-postgres-sg/variables.tf +++ /dev/null @@ -1,27 +0,0 @@ -variable "security_group_name" { - description = "Name for the security group for the rds instance" - type = string - default = "tamr_rds_sg" -} - -variable "ingress_sg_ids" { - description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)" - type = list(string) -} - -variable "vpc_id" { - description = "VPC ID for the rds security group" - type = string -} - -variable "additional_cidrs" { - description = "Additional CIDR to connect to RDS Postgres instance" - type = list(string) - default = [] -} - -variable "additional_tags" { - description = "Additional tags to set on the RDS instance" - type = map(string) - default = {} -} diff --git a/modules/rds-postgres-sg/versions.tf b/modules/rds-postgres-sg/versions.tf deleted file mode 100644 index 86921ea..0000000 --- a/modules/rds-postgres-sg/versions.tf +++ /dev/null @@ -1,6 +0,0 @@ -terraform { - required_version = ">= 0.12" - required_providers { - aws = ">= 2.45.0" - } -} diff --git a/outputs.tf b/outputs.tf index 0b5a6fc..d2b9e06 100644 --- a/outputs.tf +++ b/outputs.tf @@ -8,9 +8,9 @@ output "rds_postgres_id" { description = "ID of the of the RDS instance" } -output "rds_sg_id" { - value = module.rds_sg.rds_sg_id - description = "ID of the security group attached to the rds instance" +output "rds_security_group_ids" { + value = var.ingress_sg_ids + description = "List of security group ids attached to the rds instance" } output "rds_hostname" { From c24a960dc6811d28fa8c437f7c6c90ddc254607c Mon Sep 17 00:00:00 2001 From: pkuber-tamr Date: Thu, 1 Jul 2021 12:56:28 -0400 Subject: [PATCH 2/3] Fixing/changing code based on comments --- README.md | 2 +- examples/minimal/README.md | 9 +++++---- examples/minimal/local.tfvars | 8 +++++--- examples/minimal/main.tf | 14 +++++--------- examples/minimal/outputs.tf | 9 +++++---- examples/minimal/variables.tf | 21 +++++++++------------ main.tf | 2 +- modules/rds-postgres-ports/README.md | 2 +- outputs.tf | 2 +- variables.tf | 2 +- 10 files changed, 34 insertions(+), 37 deletions(-) diff --git a/README.md b/README.md index 156ceff..3198376 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,7 @@ This terraform module will create: |------|-------------|------|---------|:--------:| | password | The password for the master DB user. | `string` | n/a | yes | | rds\_subnet\_ids | VPC subnet IDs in subnet group | `list(string)` | n/a | yes | +| security\_group\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | | subnet\_group\_name | The name of the subnet group to add the RDS instance to | `string` | n/a | yes | | vpc\_id | VPC ID for the rds security group | `string` | n/a | yes | | additional\_cidrs | Additional CIDR to connect to RDS Postgres instance | `list(string)` | `[]` | no | @@ -62,7 +63,6 @@ This terraform module will create: | db\_port | The port on which the database accepts connections. | `number` | `5432` | no | | engine\_version | Version of RDS Postgres | `string` | `"12.3"` | no | | identifier\_prefix | Identifier prefix for the RDS instance | `string` | `"tamr-rds-"` | no | -| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | `[]` | no | | instance\_class | Instance class | `string` | `"db.m4.large"` | no | | maintenance\_window | Maintenance window | `string` | `"sun:04:32-sun:05:02"` | no | | max\_allocated\_storage | Max allocate storage | `number` | `1000` | no | diff --git a/examples/minimal/README.md b/examples/minimal/README.md index 5af147e..d9249cf 100644 --- a/examples/minimal/README.md +++ b/examples/minimal/README.md @@ -11,17 +11,18 @@ No provider. | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | -| name-prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes | +| ingress\_cidr\_blocks | CIDR blocks to attach to security groups for ingress | `list(string)` | n/a | yes | +| name\_prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes | +| security\_group\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes | | subnet\_ids | List of at least 2 subnets in different AZs for DB subnet group | `list(string)` | n/a | yes | | vpc\_id | VPC ID of network. | `string` | n/a | yes | -| additional\_ports | Additional ports to add to the output of this module | `list(number)` | `[]` | no | -| ports | Ports used by the Elasticsearch | `list(number)` | 
[
  5432
]
| no | +| egress\_cidr\_blocks | CIDR blocks to attach to security groups for egress | `list(string)` | 
[
  "0.0.0.0/0"
]
| no | ## Outputs | Name | Description | |------|-------------| | ingress\_ports | List of ingress ports | +| rds | n/a | diff --git a/examples/minimal/local.tfvars b/examples/minimal/local.tfvars index e676e60..d49d87f 100644 --- a/examples/minimal/local.tfvars +++ b/examples/minimal/local.tfvars @@ -1,3 +1,5 @@ -vpc_id = "vpc-example" -subnet_ids = ["subnet-az1", "subnet-az2"] -ingress_sg_ids = ["example-spark-service-access-sg", "example-tamr-vm-sg"] +vpc_id = "vpc-example" +subnet_ids = ["subnet-az1", "subnet-az2"] +security_group_ids = ["example-spark-service-access-sg", "example-tamr-vm-sg"] +name_prefix = "test" # Replace me for a more specific prefix +ingress_cidr_blocks = ["1.2.3.0/24"] diff --git a/examples/minimal/main.tf b/examples/minimal/main.tf index 57767da..36a8fc8 100644 --- a/examples/minimal/main.tf +++ b/examples/minimal/main.tf @@ -12,25 +12,21 @@ module "rds_postgres" { subnet_group_name = "example_subnet_group" # Network requirement: DB subnet group needs a subnet in at least two Availability Zones rds_subnet_ids = var.subnet_ids - ingress_sg_ids = var.ingress_sg_ids + security_group_ids = module.rds-postgres-sg.security_group_ids } module "sg-ports" { - # source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=2.0.0" + # source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git//modules/rds-postgres-ports?ref=2.0.0" source = "../../modules/rds-postgres-ports" } module "rds-postgres-sg" { source = "git::git@github.com:Datatamer/terraform-aws-security-groups.git?ref=1.0.0" vpc_id = var.vpc_id - ingress_cidr_blocks = [ - "1.2.3.0/24" - ] - egress_cidr_blocks = [ - "0.0.0.0/0" - ] + ingress_cidr_blocks = var.ingress_cidr_blocks + egress_cidr_blocks = var.egress_cidr_blocks ingress_ports = module.sg-ports.ingress_ports - sg_name_prefix = var.name-prefix + sg_name_prefix = var.name_prefix egress_protocol = "all" ingress_protocol = "tcp" } diff --git a/examples/minimal/outputs.tf b/examples/minimal/outputs.tf index f5dbe82..9512893 100644 --- a/examples/minimal/outputs.tf +++ b/examples/minimal/outputs.tf @@ -1,7 +1,8 @@ output "ingress_ports" { - value = concat( - var.ports, - var.additional_ports, - ) + value = module.sg-ports description = "List of ingress ports" } + +output "rds" { + value = module.rds_postgres +} diff --git a/examples/minimal/variables.tf b/examples/minimal/variables.tf index 0bd2af5..e72210b 100644 --- a/examples/minimal/variables.tf +++ b/examples/minimal/variables.tf @@ -8,25 +8,22 @@ variable "subnet_ids" { description = "List of at least 2 subnets in different AZs for DB subnet group" } -variable "ingress_sg_ids" { +variable "security_group_ids" { description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)" type = list(string) } -variable "name-prefix" { +variable "name_prefix" { description = "A string to prepend to names of resources created by this example" } -variable "ports" { - type = list(number) - description = "Ports used by RDS Postgres" - default = [ - 5432 - ] +variable "ingress_cidr_blocks" { + description = "CIDR blocks to attach to security groups for ingress" + type = list(string) } -variable "additional_ports" { - type = list(number) - description = "Additional ports to add to the output of this module" - default = [] +variable "egress_cidr_blocks" { + description = "CIDR blocks to attach to security groups for egress" + type = list(string) + default = ["0.0.0.0/0"] } diff --git a/main.tf b/main.tf index d3ddb41..8ae2800 100644 --- a/main.tf +++ b/main.tf @@ -30,7 +30,7 @@ resource "aws_db_instance" "rds_postgres" { db_subnet_group_name = aws_db_subnet_group.rds_postgres_subnet_group.name multi_az = true publicly_accessible = false - vpc_security_group_ids = var.ingress_sg_ids + vpc_security_group_ids = var.security_group_ids parameter_group_name = aws_db_parameter_group.rds_postgres_pg.name maintenance_window = var.maintenance_window diff --git a/modules/rds-postgres-ports/README.md b/modules/rds-postgres-ports/README.md index 6db767f..cdba9b4 100644 --- a/modules/rds-postgres-ports/README.md +++ b/modules/rds-postgres-ports/README.md @@ -6,7 +6,7 @@ This module returns a list of ports used by the RDS Postgres Service. Inline example implementation of the module. This is the most basic example of what it would look like to use this module. ``` module "rds_postgres" { - source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres//modules/es-ports?ref=2.0.0" + source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres//modules/rds-postgres-ports?ref=2.0.0" } ``` diff --git a/outputs.tf b/outputs.tf index d2b9e06..45a7d00 100644 --- a/outputs.tf +++ b/outputs.tf @@ -9,7 +9,7 @@ output "rds_postgres_id" { } output "rds_security_group_ids" { - value = var.ingress_sg_ids + value = var.security_group_ids description = "List of security group ids attached to the rds instance" } diff --git a/variables.tf b/variables.tf index 6794118..20f166f 100644 --- a/variables.tf +++ b/variables.tf @@ -115,7 +115,7 @@ variable "security_group_name" { default = "tamr_rds_sg" } -variable "ingress_sg_ids" { +variable "security_group_ids" { description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)" type = list(string) } From 7f98db55e52dac80f7599f584b24447c9579b1c3 Mon Sep 17 00:00:00 2001 From: pkuber-tamr Date: Thu, 1 Jul 2021 13:38:40 -0400 Subject: [PATCH 3/3] Updating description for security_group_id --- variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/variables.tf b/variables.tf index 20f166f..2d25dad 100644 --- a/variables.tf +++ b/variables.tf @@ -116,7 +116,7 @@ variable "security_group_name" { } variable "security_group_ids" { - description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)" + description = "List of security group IDs to associate" type = list(string) }