diff --git a/example/mariaDb/main.tf b/example/mariaDb/main.tf index 6a6dca5..b87858f 100644 --- a/example/mariaDb/main.tf +++ b/example/mariaDb/main.tf @@ -38,10 +38,10 @@ module "mariadb" { engine_name = "MariaDB" allocated_storage = 50 - db_name = "test" - username = "user" - password = "esfsgcGdfawAhdxtfjm!" - port = "3306" + db_name = "test" + username = "user" + manage_master_user_password = true + port = "3306" maintenance_window = "Mon:00:00-Mon:03:00" backup_window = "03:00-06:00" diff --git a/example/mysql-complete/.terraform.lock.hcl b/example/mysql-complete/.terraform.lock.hcl new file mode 100644 index 0000000..bcdeaee --- /dev/null +++ b/example/mysql-complete/.terraform.lock.hcl @@ -0,0 +1,43 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.42.0" + constraints = ">= 4.48.0, >= 5.1.0, >= 5.9.0" + hashes = [ + "h1:Gwe5HXZYD/3M5j6LwKhp8amb1SraCR9p+G96d381RVc=", + "zh:0fb12bd56a3ad777b29f957c56dd2119776dbc01b6074458f597990e368c82de", + "zh:16e99c13bef6e3777f67c240c916f57c01c9c142254cfb2720e08281ff906447", + "zh:218268f5fe73bcb19e9a996f781ab66df0da9e333d1c60612e3c51ad28a5105f", + "zh:220b17f7053d11548f35136669687d30ef1f1036e15393275325fd2b9654c715", + "zh:2256cfd74988ce05eada76b42efffc6fe2bf4d60b61f57e4db4fcf65ced4c666", + "zh:52da19f531e0cb9828f73bca620e30264e63a494bd7f9ce826aabcf010d3a241", + "zh:56069ce08d720280ba39aaf2fdd40c4357ffb54262c80e4d39c4e540a38e76af", + "zh:82c81398e68324029167f813fbb7c54fa3d233e99fa05001d85cbce8bdd08bb3", + "zh:82d6eaa87f5ab318959064e6c89adc2baabaf70b13f2f7de866f62416de05352", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:ade8490cfdd8de8b9a82986588595b67e0ad1048d9e2d3a6f5164320179c2cd0", + "zh:b094ef56ae9bfffd586f46d4f7fb0097798738df758a8f3c51578ee163495c7e", + "zh:bd5e68e1e454bae0f8d73cff8448e814a35855a561c33b745e1b8b525fb06c9f", + "zh:c111c6a854bf121facca1642d528bfa80fb4214554ac6c33e4a59c86bc605b71", + "zh:e04df69a557adbcdf8efc77eb45be748f0acbe800ccede1e0895393c87722a0f", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.0.0" + constraints = "3.0.0" + hashes = [ + "h1:grDzxfnOdFXi90FRIIwP/ZrCzirJ/SfsGBe6cE0Shg4=", + "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b", + "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17", + "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc", + "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2", + "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b", + "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51", + "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc", + "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd", + "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578", + "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515", + ] +} diff --git a/example/mysql-complete/.terraform.tfstate.lock.info b/example/mysql-complete/.terraform.tfstate.lock.info new file mode 100644 index 0000000..eec533c --- /dev/null +++ b/example/mysql-complete/.terraform.tfstate.lock.info @@ -0,0 +1 @@ +{"ID":"d1f3c3ed-270c-c8ad-0f75-7fa01497585e","Operation":"OperationTypeApply","Info":"","Who":"jaihind@jaihind","Version":"1.6.6","Created":"2024-03-22T07:44:03.131426514Z","Path":"terraform.tfstate"} \ No newline at end of file diff --git a/example/mysql-complete/main.tf b/example/mysql-complete/main.tf index 55ecbf8..9742c44 100644 --- a/example/mysql-complete/main.tf +++ b/example/mysql-complete/main.tf @@ -33,7 +33,7 @@ module "mysql" { engine = "mysql" engine_version = "8.0.28" - instance_class = "db.m6i.xlarge." + instance_class = "db.m6i.xlarge" allocated_storage = 5 @@ -41,10 +41,10 @@ module "mysql" { allowed_ip = [module.vpc.vpc_cidr_block] allowed_ports = [3306] - db_name = "test" - username = "user" - password = "esfsgcGdfawAhdxtfjm!" - port = "3306" + db_name = "test" + username = "user" + manage_master_user_password = true + port = "3306" maintenance_window = "Mon:00:00-Mon:03:00" backup_window = "03:00-06:00" diff --git a/example/oracle_db/main.tf b/example/oracle_db/main.tf index 6e3e1ea..37c0bc8 100644 --- a/example/oracle_db/main.tf +++ b/example/oracle_db/main.tf @@ -41,10 +41,10 @@ module "oracle" { storage_encrypted = true family = "oracle-ee-19" - db_name = "test" - username = "admin" - password = "esfsgcGdfawAhdxtfjm!" - port = "1521" + db_name = "test" + username = "admin" + manage_master_user_password = true + port = "1521" maintenance_window = "Mon:00:00-Mon:03:00" backup_window = "03:00-06:00" diff --git a/example/postgreSQL/.terraform.lock.hcl b/example/postgreSQL/.terraform.lock.hcl new file mode 100644 index 0000000..bcdeaee --- /dev/null +++ b/example/postgreSQL/.terraform.lock.hcl @@ -0,0 +1,43 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.42.0" + constraints = ">= 4.48.0, >= 5.1.0, >= 5.9.0" + hashes = [ + "h1:Gwe5HXZYD/3M5j6LwKhp8amb1SraCR9p+G96d381RVc=", + "zh:0fb12bd56a3ad777b29f957c56dd2119776dbc01b6074458f597990e368c82de", + "zh:16e99c13bef6e3777f67c240c916f57c01c9c142254cfb2720e08281ff906447", + "zh:218268f5fe73bcb19e9a996f781ab66df0da9e333d1c60612e3c51ad28a5105f", + "zh:220b17f7053d11548f35136669687d30ef1f1036e15393275325fd2b9654c715", + "zh:2256cfd74988ce05eada76b42efffc6fe2bf4d60b61f57e4db4fcf65ced4c666", + "zh:52da19f531e0cb9828f73bca620e30264e63a494bd7f9ce826aabcf010d3a241", + "zh:56069ce08d720280ba39aaf2fdd40c4357ffb54262c80e4d39c4e540a38e76af", + "zh:82c81398e68324029167f813fbb7c54fa3d233e99fa05001d85cbce8bdd08bb3", + "zh:82d6eaa87f5ab318959064e6c89adc2baabaf70b13f2f7de866f62416de05352", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:ade8490cfdd8de8b9a82986588595b67e0ad1048d9e2d3a6f5164320179c2cd0", + "zh:b094ef56ae9bfffd586f46d4f7fb0097798738df758a8f3c51578ee163495c7e", + "zh:bd5e68e1e454bae0f8d73cff8448e814a35855a561c33b745e1b8b525fb06c9f", + "zh:c111c6a854bf121facca1642d528bfa80fb4214554ac6c33e4a59c86bc605b71", + "zh:e04df69a557adbcdf8efc77eb45be748f0acbe800ccede1e0895393c87722a0f", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.0.0" + constraints = "3.0.0" + hashes = [ + "h1:grDzxfnOdFXi90FRIIwP/ZrCzirJ/SfsGBe6cE0Shg4=", + "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b", + "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17", + "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc", + "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2", + "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b", + "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51", + "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc", + "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd", + "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578", + "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515", + ] +} diff --git a/example/postgreSQL/main.tf b/example/postgreSQL/main.tf index ab9851b..a27479c 100644 --- a/example/postgreSQL/main.tf +++ b/example/postgreSQL/main.tf @@ -43,10 +43,10 @@ module "postgresql" { storage_encrypted = true family = "postgres14" - db_name = "test" - username = "dbname" - password = "esfsgcGdfawAhdxtfjm!" - port = "5432" + db_name = "test" + username = "dbname" + manage_master_user_password = true + port = "5432" maintenance_window = "Mon:00:00-Mon:03:00" backup_window = "03:00-06:00" diff --git a/example/replica-mysql/.terraform.lock.hcl b/example/replica-mysql/.terraform.lock.hcl new file mode 100644 index 0000000..bcdeaee --- /dev/null +++ b/example/replica-mysql/.terraform.lock.hcl @@ -0,0 +1,43 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.42.0" + constraints = ">= 4.48.0, >= 5.1.0, >= 5.9.0" + hashes = [ + "h1:Gwe5HXZYD/3M5j6LwKhp8amb1SraCR9p+G96d381RVc=", + "zh:0fb12bd56a3ad777b29f957c56dd2119776dbc01b6074458f597990e368c82de", + "zh:16e99c13bef6e3777f67c240c916f57c01c9c142254cfb2720e08281ff906447", + "zh:218268f5fe73bcb19e9a996f781ab66df0da9e333d1c60612e3c51ad28a5105f", + "zh:220b17f7053d11548f35136669687d30ef1f1036e15393275325fd2b9654c715", + "zh:2256cfd74988ce05eada76b42efffc6fe2bf4d60b61f57e4db4fcf65ced4c666", + "zh:52da19f531e0cb9828f73bca620e30264e63a494bd7f9ce826aabcf010d3a241", + "zh:56069ce08d720280ba39aaf2fdd40c4357ffb54262c80e4d39c4e540a38e76af", + "zh:82c81398e68324029167f813fbb7c54fa3d233e99fa05001d85cbce8bdd08bb3", + "zh:82d6eaa87f5ab318959064e6c89adc2baabaf70b13f2f7de866f62416de05352", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:ade8490cfdd8de8b9a82986588595b67e0ad1048d9e2d3a6f5164320179c2cd0", + "zh:b094ef56ae9bfffd586f46d4f7fb0097798738df758a8f3c51578ee163495c7e", + "zh:bd5e68e1e454bae0f8d73cff8448e814a35855a561c33b745e1b8b525fb06c9f", + "zh:c111c6a854bf121facca1642d528bfa80fb4214554ac6c33e4a59c86bc605b71", + "zh:e04df69a557adbcdf8efc77eb45be748f0acbe800ccede1e0895393c87722a0f", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.0.0" + constraints = "3.0.0" + hashes = [ + "h1:grDzxfnOdFXi90FRIIwP/ZrCzirJ/SfsGBe6cE0Shg4=", + "zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b", + "zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17", + "zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc", + "zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2", + "zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b", + "zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51", + "zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc", + "zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd", + "zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578", + "zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515", + ] +} diff --git a/example/replica-mysql/main.tf b/example/replica-mysql/main.tf index e592fac..536e341 100644 --- a/example/replica-mysql/main.tf +++ b/example/replica-mysql/main.tf @@ -36,7 +36,7 @@ module "mysql" { engine_version = "8.0" instance_class = "db.t4g.large" replica_instance_class = "db.t4g.large" - allocated_storage = 20 + allocated_storage = 32 identifier = "" snapshot_identifier = "" kms_key_id = "" @@ -45,7 +45,7 @@ module "mysql" { db_name = "replica" username = "replica_mysql" - password = "clkjvnsdikjhdsijfsdli" + password = "cdsjhcjjkxnna5s" port = 3306 maintenance_window = "Mon:00:00-Mon:03:00" diff --git a/main.tf b/main.tf index 2068326..ae60191 100644 --- a/main.tf +++ b/main.tf @@ -274,7 +274,8 @@ resource "aws_db_instance" "this" { db_name = var.db_name username = local.username - password = local.password + password = var.manage_master_user_password != null ? null : local.password + manage_master_user_password = var.manage_master_user_password port = var.port domain = var.domain domain_iam_role_name = var.domain_iam_role_name diff --git a/variables.tf b/variables.tf index 682dc81..e248e02 100644 --- a/variables.tf +++ b/variables.tf @@ -162,6 +162,12 @@ variable "password" { description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file" } +variable "manage_master_user_password" { + type = bool + default = null + description = "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if password is provided." +} + variable "port" { type = string default = null