This module creates an RDS instance. It currently supports master, replica, and cross region replica RDS instances.
module "rds" {
source = "git@github.com:rackspace-infrastructure-automation/aws-terraform-rds?ref=v0.12.8"
engine = "mysql" # Required
instance_class = "db.t2.large" # Required
name = "sample-mysql-rds" # Required
password = "${data.aws_kms_secrets.rds_credentials.plaintext["password"]}" # Required
security_groups = ["${module.vpc.default_sg}"] # Required
storage_encrypted = true # Parameter defaults to false, but enabled for Cross Region Replication example
subnets = "${module.vpc.private_subnets}" # Required
}Full working references are available at examples
There should be no changes required to move from previous versions of this module to version 0.12.0 or higher.
Using aws-terraform-cloudwatch_alarm to create the following CloudWatch Alarms: - free_storage_space_alarm_ticket - replica_lag_alarm_ticket - free_storage_space_alarm_email - write_iops_high_alarm_email - read_iops_high_alarm_email - cpu_high_alarm_email - replica_lag_alarm_email
| Name | Version |
|---|---|
| terraform | >= 0.12 |
| aws | >= 2.7.0 |
| Name | Version |
|---|---|
| aws | >= 2.7.0 |
| Name | Source | Version |
|---|---|---|
| cpu_high_alarm_email | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| free_storage_space_alarm_email | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| free_storage_space_alarm_ticket | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| read_iops_high_alarm_email | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| replica_lag_alarm_email | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| replica_lag_alarm_ticket | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 | |
| write_iops_high_alarm_email | git@github.com:rackspace-infrastructure-automation/aws-terraform-cloudwatch_alarm//?ref=v0.12.6 |
| Name |
|---|
| aws_db_event_subscription |
| aws_db_instance |
| aws_db_option_group |
| aws_db_parameter_group |
| aws_db_subnet_group |
| aws_iam_policy_document |
| aws_iam_role |
| aws_iam_role_policy_attachment |
| aws_route53_record |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| alarm_cpu_limit | CloudWatch CPUUtilization Threshold | number |
60 |
no |
| alarm_free_space_limit | CloudWatch Free Storage Space Limit Threshold (Bytes) | number |
1024000000 |
no |
| alarm_read_iops_limit | CloudWatch Read IOPSLimit Threshold | number |
100 |
no |
| alarm_write_iops_limit | CloudWatch Write IOPSLimit Threshold | number |
100 |
no |
| apply_immediately | Should database modifications be applied immediately? | bool |
false |
no |
| auto_minor_version_upgrade | Boolean value that indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | bool |
true |
no |
| backup_retention_period | The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups. Compass best practice is 30 or more days. | number |
35 |
no |
| backup_window | The daily time range during which automated backups are created if automated backups are enabled. | string |
"05:00-06:00" |
no |
| character_set_name | (Optional) The character set name to use for DB encoding in Oracle instances. This can't be changed. See Oracle Character Sets Supported in Amazon RDS for more information. | string |
"" |
no |
| cloudwatch_exports_logs_list | List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: audit, error, general, slowquery. |
list(string) |
[] |
no |
| copy_tags_to_snapshot | Indicates whether to copy all of the user-defined tags from the DB instance to snapshots of the DB instance. | bool |
true |
no |
| create_option_group | A boolean variable noting if a new option group should be created. | bool |
true |
no |
| create_parameter_group | A boolean variable noting if a new parameter group should be created. | bool |
true |
no |
| create_subnet_group | A boolean variable noting if a new DB subnet group should be created. | bool |
true |
no |
| db_instance_create_timeout | Timeout for creating instances, replicas, and restoring from Snapshots | string |
"60m" |
no |
| db_instance_delete_timeout | Timeout for destroying databases. This includes the time required to take snapshots | string |
"60m" |
no |
| db_instance_update_timeout | Timeout for datbabse modifications | string |
"80m" |
no |
| db_snapshot_id | The name of a DB snapshot (optional). | string |
"" |
no |
| dbname | The DB name to create. If omitted, no database is created initially | string |
"" |
no |
| directory_id | The ID of the Directory Service Active Directory domain. Only applicable for Microsoft SQL engines. | string |
"" |
no |
| enable_deletion_protection | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is false. | bool |
false |
no |
| enable_domain_join | Enable joining an Microsoft SQL Server RDS instance to an AD Directory Service. If enabled, a value must be provided for the directory_id variable. |
bool |
false |
no |
| engine | Database Engine Type. Allowed values: mariadb, mysql, oracle-ee, oracle-se, oracle-se1, oracle-se2, postgres, sqlserver-ee, sqlserver-ex, sqlserver-se, sqlserver-web | string |
n/a | yes |
| engine_version | Database Engine Minor Version http://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBInstance.html | string |
"" |
no |
| environment | Application environment for which this network is being created. one of: ('Development', 'Integration', 'PreProduction', 'Production', 'QA', 'Staging', 'Test') | string |
"Development" |
no |
| event_categories | A list of RDS event categories. Submissions will be made to the provided NotificationTopic for each matching event. Acceptable values can be found with the CLI command 'aws rds describe-event-categories' (OPTIONAL) | list(string) |
[] |
no |
| existing_monitoring_role | ARN of an existing enhanced monitoring role to use for this instance. (OPTIONAL) | string |
"" |
no |
| existing_option_group_name | The existing option group to use for this instance. (OPTIONAL) | string |
"" |
no |
| existing_parameter_group_name | The existing parameter group to use for this instance. (OPTIONAL) | string |
"" |
no |
| existing_subnet_group | The existing DB subnet group to use for this instance (OPTIONAL) | string |
"" |
no |
| family | Parameter Group Family Name (ex. mysql5.7, sqlserver-se-12.0, postgres9.5, postgres10, postgres11, postgres12, oracle-se-12.1, mariadb10.1) | string |
"" |
no |
| final_snapshot_suffix | string appended to the final snapshot name with a - delimiter |
string |
"" |
no |
| iam_authentication_enabled | Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled | bool |
false |
no |
| instance_class | The database instance type. | string |
n/a | yes |
| internal_record_name | Record Name for the new Resource Record in the Internal Hosted Zone | string |
"" |
no |
| internal_zone_id | The Route53 Internal Hosted Zone ID | string |
"" |
no |
| internal_zone_name | TLD for Internal Hosted Zone | string |
"" |
no |
| kms_key_id | KMS Key Arn to use for storage encryption. (OPTIONAL) | string |
"" |
no |
| license_model | License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1 | string |
"" |
no |
| maintenance_window | The daily time range during which automated backups are created if automated backups are enabled. | string |
"Sun:07:00-Sun:08:00" |
no |
| max_storage_size | Select Max RDS Volume Size in GB. Value other than 0 will enable storage autoscaling | number |
0 |
no |
| monitoring_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. | number |
0 |
no |
| multi_az | Create a multi-AZ RDS database instance | bool |
true |
no |
| name | The name to use for the resources created in this module. This is interpreted differently depending on the 'name_is_wholename' variable, but only for the instance name, all other resources treat the value as a prefix. | string |
n/a | yes |
| name_is_wholename | If 'false' the 'name' variable is treated as a prefix, otherwise it is treated as the wholename for the db_instance only - other resources still use it as a prefix. This variable eases the process of importing a db instance into the module's namespace (e.g.in a restore situation). | bool |
false |
no |
| notification_topic | SNS Topic ARN to use for customer notifications from CloudWatch alarms. (OPTIONAL) | string |
"" |
no |
| options | List of custom options to apply to the option group. | list |
[] |
no |
| parameters | List of custom parameters to apply to the parameter group. | list(map(string)) |
[] |
no |
| password | Password for the local administrator account. | string |
n/a | yes |
| performance_insights_kms_key_id | KMS Key ID for performance insights (if retention specified). | string |
"" |
no |
| performance_insights_retention_period | Retention duration for performance insights. Can be enabled with one of the two AWS allowed values of 7 or 731. See https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.Enabling.html for further details. | number |
0 |
no |
| port | The port on which the DB accepts connections | string |
"" |
no |
| publicly_accessible | Boolean value that indicates whether the database instance is an Internet-facing instance. | bool |
false |
no |
| rackspace_alarms_enabled | Specifies whether non-emergency rackspace alarms will create a ticket. | bool |
false |
no |
| rackspace_managed | Boolean parameter controlling if instance will be fully managed by Rackspace support teams, created CloudWatch alarms that generate tickets, and utilize Rackspace managed SSM documents. | bool |
true |
no |
| read_replica | Specifies whether this RDS instance is a read replica. | string |
false |
no |
| security_groups | A list of EC2 security groups to assign to this resource | list(string) |
n/a | yes |
| skip_final_snapshot | Boolean value to control if the DB instance will take a final snapshot when destroyed. This value should be set to false if a final snapshot is desired. | bool |
false |
no |
| source_db | The ID of the source DB instance. For cross region replicas, the full ARN should be provided | string |
"" |
no |
| storage_encrypted | Specifies whether the DB instance is encrypted | bool |
false |
no |
| storage_iops | The amount of provisioned IOPS. Setting this implies a storage_type of 'io1' | number |
0 |
no |
| storage_size | Select RDS Volume Size in GB. | string |
"" |
no |
| storage_type | Select RDS Volume Type. | string |
"gp2" |
no |
| subnets | Subnets for RDS Instances | list(string) |
n/a | yes |
| tags | Custom tags to apply to all resources. | map(string) |
{} |
no |
| timezone | The server time zone | string |
"" |
no |
| username | The name of master user for the client DB instance. | string |
"dbadmin" |
no |
| Name | Description |
|---|---|
| db_endpoint | Database endpoint |
| db_endpoint_address | Address of database endpoint |
| db_endpoint_port | Port of database endpoint |
| db_instance | The DB instance identifier |
| db_instance_arn | The DB instance ARN |
| jdbc_connection_string | JDBC connection string for database |
| monitoring_role | The IAM role used for Enhanced Monitoring |
| option_group | The Option Group used by the DB Instance |
| parameter_group | The Parameter Group used by the DB Instance |
| subnet_group | The DB Subnet Group used by the DB Instance |