Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve RDS configurability #206

Closed
5 tasks done
anayeaye opened this issue Aug 1, 2023 · 7 comments
Closed
5 tasks done

Improve RDS configurability #206

anayeaye opened this issue Aug 1, 2023 · 7 comments
Assignees
@anayeaye @amarouane-ABDELHAK @jjfrench

Comments

@anayeaye
Copy link
Collaborator

anayeaye commented Aug 1, 2023
edited
Loading

What

  1. Make RDS construct instance type configurable with a sensible default
  2. Make Postgres engine version configurable
  3. Add configuration parameters to support deploying new encrypted RDS instances

Why

Hard coded default instance type is small and will need to be increased as usage increases (especially public facing implementations like GHGC)
Postgresql engine version should be updated periodically for latest improvements and security upgrades from AWS and veda-backend CDK should support instantiating new versions of the backend with the latest postgresql engine.

PI Objective

https://github.com/NASA-IMPACT/veda-architecture/issues/285

AC

  • Tested impact of changes on existing database (what is downtime? does the change cause the database to be destroyed?)
  • Dev and staging database in lower environments can be safely deployed without user impact.
  • RDS instance size/type configurable
  • RDS postgres engine version is configurable
  • RDS encryption configurable
    [ ] All RDS instances in MCP are encrypted (RDS for veda-backend is fully configurable)
@anayeaye anayeaye mentioned this issue Aug 1, 2023
Closed
3 tasks
@slesaad
Copy link
Member

slesaad commented Aug 3, 2023
edited
Loading

Added the database instance type configuration option in GHGC: https://github.com/US-GHG-Center/ghgc-backend/pull/16/files

@anayeaye
Copy link
Collaborator Author

anayeaye commented Aug 4, 2023

@amarouane-ABDELHAK I added you to this issue because you've already done some of the work in GHG. Hope that's OK! Will probably ping you on the VEDA PRs when we integrate the changes...

@amarouane-ABDELHAK
Copy link

I have submitted a PR to configure to make the size and the type of RDS configurable: RDS PR

@anayeaye
Copy link
Collaborator Author

Here's GHGC's update for configuring RDS encryption US-GHG-Center#34

@anayeaye
Copy link
Collaborator Author

#218 (review)

@anayeaye
Copy link
Collaborator Author

anayeaye commented Nov 8, 2023

Update: most unencrypted RDS have been removed we still need to replace a backend-prod and a fapi-prod with encrypted instances.

@anayeaye
Copy link
Collaborator Author

anayeaye commented Nov 8, 2023

This issue was intended to add configurability to RDS veda-backend and we can now deploy new instances as encrypted, and for existing/new we can configure postgres engine version, instance type and size so the task is complete. The operational need will be resolved in the mono-repo production deployments in progress.

@anayeaye anayeaye closed this as completed Nov 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anayeaye anayeaye

@amarouane-ABDELHAK amarouane-ABDELHAK

@jjfrench jjfrench

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@anayeaye @slesaad @amarouane-ABDELHAK @jjfrench