Skip to content

Latest commit

 

History

History
102 lines (89 loc) · 10.7 KB

README.md

File metadata and controls

102 lines (89 loc) · 10.7 KB
Raw

RDS Postgres

Provision a Postgres database using AWS RDS.

Requirements

Name Version
terraform >= 1.6.2
aws ~> 4.0
random ~> 3.0

Providers

Name Version
aws ~> 4.0
random ~> 3.0

Modules

Name Source Version
alarms ../cloudwatch-alarms n/a
client_security_group ../../security-group n/a
customer_kms github.com/thoughtbot/terraform-aws-secrets//customer-managed-kms v0.7.0
parameter_group ../parameter-group n/a
server_security_group ../../security-group n/a

Resources

Name Type
aws_db_instance.this resource
aws_db_subnet_group.this resource
random_id.snapshot_suffix resource
random_password.database resource

Inputs

Name Description Type Default Required
admin_username Username for the admin user string "postgres" no
alarm_actions SNS topic ARNs or other actions to invoke for alarms list(string) [] no
allocated_storage Size in GB for the database instance number n/a yes
allowed_cidr_blocks CIDR blocks allowed to access the database list(string) [] no
allowed_security_group_ids Security group allowed to access the database list(string) [] no
apply_immediately Set to true to immediately apply changes and cause downtime bool false no
auto_minor_version_upgrade Set to false to disable automatic minor version ugprades bool true no
backup_retention_period Number of days to retain backups number 30 no
backup_window UTC time range in which backups can be captured, such as 18:00-22:00 string null no
ca_cert_id Certificate authority for RDS database string "rds-ca-rsa2048-g1" no
client_security_group_name Override the name for the security group; defaults to identifer string "" no
create_client_security_group Set to false to only use existing security groups bool true no
create_cloudwatch_alarms Set to false to disable creation of CloudWatch alarms bool true no
create_default_db Set to false to disable creating a default database bool true no
create_parameter_group Set to false to use existing parameter group bool true no
create_server_security_group Set to false to only use existing security groups bool true no
create_subnet_group Set to false to use existing subnet group bool true no
default_database Name of the default database string "postgres" no
enabled_cloudwatch_logs_exports Set of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported list(string) [] no
engine RDS database engine; defaults to Postgres string "postgres" no
engine_version Version for RDS database engine string n/a yes
force_ssl Set to false to allow unencrypted connections to the database bool true no
identifier Unique identifier for this database string n/a yes
initial_password Override the initial password for the admin user string "" no
instance_class Tier for the database instance string n/a yes
iops The amount of provisioned IOPS. Required if storage type is io1 number null no
kms_key_id KMS key to encrypt data at rest string null no
maintenance_window UTC day/time range during which maintenance can be performed, such as Mon:00:00-Mon:03:00 string null no
max_allocated_storage Maximum size GB after autoscaling number 0 no
multi_az Whether or not to use a high-availability/multi-availability-zone instance bool false no
parameter_group_name Name of the RDS parameter group; defaults to identifier string "" no
performance_insights_enabled Set to false to disable performance insights bool true no
publicly_accessible Set to true to access this database outside the VPC bool false no
server_security_group_ids IDs of VPC security groups for this instance. One of vpc_id or server_security_group_ids is required list(string) [] no
server_security_group_name Override the name for the security group; defaults to identifer string "" no
skip_final_snapshot Set to true to skip a snapshot when destroying bool false no
snapshot_identifier Set this to create the database from an existing snapshot string null no
storage_encrypted Set to false to disable on-disk encryption bool true no
storage_type Storage type for the EBS volume. One of standard (magnetic), gp2 (general purpose SSD), or io1 (provisioned IOPS SSD) string "gp2" no
subnet_group_description Set a description for the subnet group string "Postgres subnet group" no
subnet_group_name Name of the RDS subnet group (defaults to identifier) string null no
subnet_ids Subnets connected to the database; required if creating a subnet group list(string) null no
tags Tags to be applied to created resources map(string) {} no
vpc_id ID of VPC for this instance. One of vpc_id or vpc_security_group_ids is required string null no

Outputs

Name Description
admin_username Admin username for connecting to this database
client_security_group_id Name of the security group created for clients
default_database Name of the default database, if created
host The hostname to use when connecting to this database
identifier Identifier of the created RDS database
initial_password Initial admin password for connecting to this database
instance The created RDS database instance
primary_kms_key KMS key arn in use by primary database instance.
server_security_group_id Name of the security group created for the server