Skip to content
/ terraform-aws-rds-postgres-example Public

An example Amazon RDS for PostgreSQL database that can be used from an AWS EC2 Ubuntu Virtual Machine

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rgl/terraform-aws-rds-postgres-example

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.github/workflows
.github/workflows
 
 
.vscode
.vscode
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
.tflint.hcl
.tflint.hcl
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
app.tf
app.tf
 
 
db.tf
db.tf
 
 
inputs.tf
inputs.tf
 
 
outputs.tf
outputs.tf
 
 
providers.tf
providers.tf
 
 
provision-app.sh
provision-app.sh
 
 
provision-firewall.sh
provision-firewall.sh
 
 
provision-tools.sh
provision-tools.sh
 
 
renovate.json5
renovate.json5
 
 
renovate.sh
renovate.sh
 
 
vpc.tf
vpc.tf
 
 

Repository files navigation

About

Lint

An example Amazon RDS for PostgreSQL database that can be used from an AWS EC2 Ubuntu Virtual Machine.

NB For an Amazon RDS Aurora PostgreSQL example see the rgl/terraform-aws-rds-aurora-postgres-example repository.

This will:

  • Use the Amazon RDS for PostgreSQL service.
    • Create a Database Instance.
  • Create an example Ubuntu Virtual Machine.
    • Can be used to access the Database Instance.
  • Create a VPC and all the required plumbing required for the Ubuntu Virtual Machine to use an Amazon RDS PostgreSQL Database Instance.

Usage (on a Ubuntu Desktop)

Install the tools:

./provision-tools.sh

Set the account credentials using SSO:

# set the account credentials.
# see https://docs.aws.amazon.com/cli/latest/userguide/sso-configure-profile-token.html#sso-configure-profile-token-auto-sso
aws configure sso
# dump the configured profile and sso-session.
cat ~/.aws/config
# set the environment variables to use a specific profile.
export AWS_PROFILE=my-profile
unset AWS_ACCESS_KEY_ID
unset AWS_SECRET_ACCESS_KEY
unset AWS_DEFAULT_REGION
# show the user, user amazon resource name (arn), and the account id, of the
# profile set in the AWS_PROFILE environment variable.
aws sts get-caller-identity

Or, set the account credentials using an access key:

# set the account credentials.
# NB get these from your aws account iam console.
#    see Managing access keys (console) at
#        https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_CreateAccessKey
export AWS_ACCESS_KEY_ID='TODO'
export AWS_SECRET_ACCESS_KEY='TODO'
# set the default region.
export AWS_DEFAULT_REGION='eu-west-1'
# show the user, user amazon resource name (arn), and the account id.
aws sts get-caller-identity

Review main.tf.

Initialize terraform:

make terraform-init

Launch the example:

rm -f terraform.log
make terraform-apply

Show the terraform state:

make terraform-show

At VM initialization time cloud-init will run the provision-app.sh script to launch the example application.

After VM initialization is done (check the instance system log for cloud-init entries), test the app endpoint:

while ! wget -qO- "http://$(terraform output --raw app_ip_address)/test"; do sleep 3; done

And open a shell inside the VM:

ssh "ubuntu@$(terraform output --raw app_ip_address)"
cloud-init status --wait
less /var/log/cloud-init-output.log
systemctl status app
journalctl -u app
exit

Try accessing the PostgreSQL Database Instance, from within the AWS VPC, using psql:

ssh "ubuntu@$(terraform output --raw app_ip_address)" \
  LC_ALL='C.UTF-8' \
  PGSSLMODE='verify-full' \
  PGHOST="$(printf '%q' "$(terraform output --raw db_address)")" \
  PGDATABASE='postgres' \
  PGUSER="$(printf '%q' "$(terraform output --raw db_admin_username)")" \
  PGPASSWORD="$(printf '%q' "$(terraform output --raw db_admin_password)")" \
  psql \
    --echo-all \
    --no-password \
    --variable ON_ERROR_STOP=1 \
    <<'EOF'
-- show information the postgresql version.
select version();
-- show information about the current connection.
select current_user, current_database(), inet_client_addr(), inet_client_port(), inet_server_addr(), inet_server_port(), pg_backend_pid(), pg_postmaster_start_time();
-- show information about the current tls connection.
select case when ssl then concat('YES (', version, ')') else 'NO' end as ssl from pg_stat_ssl where pid=pg_backend_pid();
-- list roles.
\dg
-- list databases.
\l
EOF

Open an interactive psql session, show the PostgreSQL version, and exit:

ssh -t "ubuntu@$(terraform output --raw app_ip_address)" \
  LC_ALL='C.UTF-8' \
  PGSSLMODE='verify-full' \
  PGHOST="$(printf '%q' "$(terraform output --raw db_address)")" \
  PGDATABASE='postgres' \
  PGUSER="$(printf '%q' "$(terraform output --raw db_admin_username)")" \
  PGPASSWORD="$(printf '%q' "$(terraform output --raw db_admin_password)")" \
  psql
select version();
exit

Destroy the example:

make terraform-destroy

List this repository dependencies (and which have newer versions):

GITHUB_COM_TOKEN='YOUR_GITHUB_PERSONAL_TOKEN' ./renovate.sh

References

About

An example Amazon RDS for PostgreSQL database that can be used from an AWS EC2 Ubuntu Virtual Machine

Topics

aws postgres terraform postgresql aws-rds aws-rds-postgres

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages