This project contain a group of Terraform modules that will act as an unit to provide you with the needed resources for your projects.
If you need to build the network infrastructure to run your instances in, you can use the network module which will create a VPC, subnets, NAT gateway and internet gateway for you.
Note: If you are looking for simpler modules that accomplish a single responsibility we built as well terraform-modules
This project has been highly inspired by the work of others that have decided to share with the community their work, check the resources section for more info.
Bastion module that will create:
- AWS Instance
- AWS Security Group to allow access to the DB port from other security groups
This module offer us a bastion server that will be deployed to our public subnets and will act as a bridge giving us access to instances deployed to our private subnet
If you ever need to access an instance directly, you can do it by tunneling through the bastion instance.
$ ssh -i <path/to/key> ubuntu@ ssh ubuntu@
| Name | Description | Default | Required |
|---|---|---|---|
| distribution | Ubuntu distribution to be installed | trusty |
no |
| environment | The environment where we are building the resource | production |
no |
| instance_count | The number of instances to create | 1 |
no |
| instance_type | The type of instance to start | t2.small |
no |
| key_name | The name of the SSH key to use on the instance, e.g. moltin | - | yes |
| name | The prefix name for all resources | - | yes |
| subnet_ids | A list of subnet IDs to place in the DB cluster | - | yes |
| vpc_id | The VPC ID to create in | - | yes |
| vpc_security_group_ids | A list of security group IDs to associate with | - | yes |
| Name | Description |
|---|---|
| private_ip | Private IP address to associate with the instance in a VPC |
| public_ip | The public IP address assigned to the instance |
| user | User to access bastion |
Network module that will create:
This module offer us the basic network infrastructure to build our system
| Name | Description | Default | Required |
|---|---|---|---|
| environment | The environment where we are building the resource | production |
no |
| name | The prefix name for all resources | - | yes |
| private_subnet_azs | A list of availability zones to place in the private subnets | - | yes |
| private_subnet_cidrs | A list of private subnet cidr block | - | yes |
| public_subnet_azs | A list of availability zones to place in the public subnets | - | yes |
| public_subnet_cidrs | A list of public subnet cidr block | - | yes |
| vpc_cidr | The cidr block of the desired VPC |
no |
| Name | Description |
|---|---|
| private_subnet_ids | A list of private subnet IDs |
| public_subnet_ids | A list of public subnet IDs |
| vpc_id | The ID of the VPC |
RDS DB Cluster module that will create:
- AWS RDS Cluster
- AWS RDS Cluster Instance
- AWS DB Subnet Group
- AWS Security Group to allow access to the DB port from other security groups
This module offer us a RDS DB Cluster
| Name | Description | Default | Required |
|---|---|---|---|
| backup_retention_period | The backup retention period | - | yes |
| database_name | The name for your database of up to 8 alpha-numeric characters. If you do not provide a name, Amazon RDS will not create a database in the DB cluster you are creating | - | yes |
| environment | The environment where we are building the resource | production |
no |
| final_snapshot_identifier | The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made | - | yes |
| ingress_allow_security_groups | A list of security groups to allow access to the ingress rule on the RDS cluster instance security group | - | yes |
| instance_class | db.r3.large |
no | |
| master_password | Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file | - | yes |
| master_username | Username for the master DB user | - | yes |
| name | The prefix name for all resources | - | yes |
| port | The port on which the DB accepts connections | 3306 |
no |
| preferred_backup_window | The time window on which backups will be made (HH:mm-HH:mm) | - | yes |
| preferred_maintenance_window | The weekly time range during which system maintenance can occur, in (UTC) e.g. wed:04:00-wed:04:30 | - | yes |
| rds_cluster_instance_count | The number of instances to create | 2 |
no |
| skip_final_snapshot | Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from final_snapshot_identifier, by default it's true.There is actually an issue with this option that won't allow you to destroy your RDS cluster unless you specified final_snapshot_identifier, see more here Terraform ignores skip_final_snapshot so it's impossible to delete rds db instance |
true |
no |
| subnet_ids | A list of subnet IDs to place in the DB cluster | - | yes |
| vpc_id | The VPC ID to create in | - | yes |
| Name | Description |
|---|---|
| endpoint | The DNS address of the RDS instance |
| port | The port on which the DB accepts connections |
- Israel Sotomayor - Initial work - zot24
See also the list of contributors who participated in this project.
This project is licensed under the MIT License - see the LICENSE file for details
-
Articles
-
Non directly related but useful
-
GitHub repositories