github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/examples/terraform-aws-rds-example/main.tf

github.com/darmach/terratest@v0.34.8-0.20210517103231-80931f95e3ff/examples/terraform-aws-rds-example/main.tf (about)

     1  # ---------------------------------------------------------------------------------------------------------------------
     2  # PIN TERRAFORM VERSION TO >= 0.12
     3  # The examples have been upgraded to 0.12 syntax
     4  # ---------------------------------------------------------------------------------------------------------------------
     5  
     6  terraform {
     7    # This module is now only being tested with Terraform 0.13.x. However, to make upgrading easier, we are setting
     8    # 0.12.26 as the minimum version, as that version added support for required_providers with source URLs, making it
     9    # forwards compatible with 0.13.x code.
    10    required_version = ">= 0.12.26"
    11  }
    12  
    13  # ---------------------------------------------------------------------------------------------------------------------
    14  # DEPLOY INTO THE DEFAULT VPC AND SUBNETS
    15  # To keep this example simple, we are deploying into the Default VPC and its subnets. In real-world usage, you should
    16  # deploy into a custom VPC and private subnets. Given the subnet group needs to span multiple AZs and hence subnets we
    17  # have deployed it across all the subnets of the default VPC.
    18  # ---------------------------------------------------------------------------------------------------------------------
    19  
    20  data "aws_vpc" "default" {
    21    default = true
    22  }
    23  
    24  data "aws_subnet_ids" "all" {
    25    vpc_id = data.aws_vpc.default.id
    26  }
    27  
    28  # ---------------------------------------------------------------------------------------------------------------------
    29  # CREATE AN SUBNET GROUP ACROSS ALL THE SUBNETS OF THE DEFAULT ASG TO HOST THE RDS INSTANCE
    30  # ---------------------------------------------------------------------------------------------------------------------
    31  
    32  resource "aws_db_subnet_group" "example" {
    33    name       = var.name
    34    subnet_ids = data.aws_subnet_ids.all.ids
    35  
    36    tags = {
    37      Name = var.name
    38    }
    39  }
    40  
    41  # ---------------------------------------------------------------------------------------------------------------------
    42  # CREATE A CUSTOM PARAMETER GROUP AND AN OPTION GROUP FOR CONFIGURABILITY
    43  # ---------------------------------------------------------------------------------------------------------------------
    44  
    45  resource "aws_db_option_group" "example" {
    46    name                 = var.name
    47    engine_name          = var.engine_name
    48    major_engine_version = var.major_engine_version
    49  
    50    tags = {
    51      Name = var.name
    52    }
    53  
    54    option {
    55      option_name = "MARIADB_AUDIT_PLUGIN"
    56  
    57      option_settings {
    58        name  = "SERVER_AUDIT_EVENTS"
    59        value = "CONNECT"
    60      }
    61    }
    62  }
    63  
    64  resource "aws_db_parameter_group" "example" {
    65    name   = var.name
    66    family = var.family
    67  
    68    tags = {
    69      Name = var.name
    70    }
    71  
    72    parameter {
    73      name  = "general_log"
    74      value = "0"
    75    }
    76  }
    77  
    78  # ---------------------------------------------------------------------------------------------------------------------
    79  # CREATE A SECURITY GROUP TO ALLOW ACCESS TO THE RDS INSTANCE
    80  # ---------------------------------------------------------------------------------------------------------------------
    81  
    82  resource "aws_security_group" "db_instance" {
    83    name   = var.name
    84    vpc_id = data.aws_vpc.default.id
    85  }
    86  
    87  resource "aws_security_group_rule" "allow_db_access" {
    88    type              = "ingress"
    89    from_port         = var.port
    90    to_port           = var.port
    91    protocol          = "tcp"
    92    security_group_id = aws_security_group.db_instance.id
    93    cidr_blocks       = ["0.0.0.0/0"]
    94  }
    95  
    96  # ---------------------------------------------------------------------------------------------------------------------
    97  # CREATE THE DATABASE INSTANCE
    98  # ---------------------------------------------------------------------------------------------------------------------
    99  
   100  resource "aws_db_instance" "example" {
   101    identifier             = var.name
   102    engine                 = var.engine_name
   103    engine_version         = var.engine_version
   104    port                   = var.port
   105    name                   = var.database_name
   106    username               = var.username
   107    password               = var.password
   108    instance_class         = var.instance_class
   109    allocated_storage      = var.allocated_storage
   110    skip_final_snapshot    = true
   111    license_model          = var.license_model
   112    db_subnet_group_name   = aws_db_subnet_group.example.id
   113    vpc_security_group_ids = [aws_security_group.db_instance.id]
   114    publicly_accessible    = true
   115    parameter_group_name   = aws_db_parameter_group.example.id
   116    option_group_name      = aws_db_option_group.example.id
   117  
   118    tags = {
   119      Name = var.name
   120    }
   121  }
   122