This terraform deploys an RDS instance.
module "rds" {
source = "github.com/byu-oit/terraform-aws-rds?ref=v3.2.0"
identifier = "example"
engine = "mysql"
engine_version = "8.0"
family = "mysql8.0"
cloudwatch_logs_exports = ["error", "general", "slowquery"]
db_name = "example"
subnet_ids = module.acs.data_subnet_ids
subnet_group_name = module.acs.db_subnet_group_name
vpc_id = module.acs.vpc.id
}- Terraform version 1.0.0 or greater
- AWS Provider version 4.0 or greater
| Name | Type | Description | Default |
|---|---|---|---|
identifier |
string | Identifier for the RDS instance | |
instance_class |
string | The instance class the RDS instance will use | db.t2.small |
engine |
string | The database engine the RDS instance will use | |
engine_version |
string | The engine version to use | |
family |
string | The family of the DB parameter group. According to the AWS Docs, you can list all of the available parameter group families with aws rds describe-db-engine-versions --query "DBEngineVersions[].DBParameterGroupFamily". |
|
db_security_group_name |
string | The (optional) name of the security group to be created for the RDS instance. | ${var.identifier}-db_sg |
db_security_group_description |
string | The (optional) description of the security group to be created for the RDS instance. | "Security group for ${var.identifier} RDS instance" |
db_name |
string | The name of the database that RDS will create | |
ssm_prefix |
string | The SSM Parameter Store Prefix to use when creating the master username and password. | identifier |
master_username |
string | The master username to be used for the RDS instance. If not provided, a random one will be generated (see below). | null |
master_password |
string | The master password to be used for the RDS instnace. If not provided, a random one will be generated (see below). | null |
allocated_storage |
number | The amount of storage to be allocated for the database. If max_allocated_storage is configured, this argument represents the initial storage allocation and differences from the configuration will be ignored automatically when Storage Autoscaling occurs. |
32 |
max_allocated_storage |
number | The max amount of storage for the database. Used for storage autoscaling. | null |
storage_type |
string | Storage type for the database [standard, gp2] | gp2 |
storage_encrypted |
bool | Specifies whether the DB instance is encrypted | true |
vpc_id |
string | VPC ID to put the RDS instance on | |
subnet_ids |
list(string) | A list of VPC subnet IDs to put the RDS instance on | |
subnet_group_name |
string | Database subnet group name (can be retrieved from acs-info) | |
deletion_protection |
bool | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true | true |
skip_final_snapshot |
boolean | If set to true, no final snapshot of the database will be made when its deleted. | false |
cloudwatch_logs_exports |
list(string) | List of log types to enable for exporting to CloudWatch logs. Each engine has different valid values. We strongly recommend adding at least the audit log where possible. |
|
log_retention_in_days |
number | CloudWatch log groups retention in days | 120 |
backup_retention_period |
number | The days to retain backups for. Must be between 0 and 35. Must be greater than 0 if the database is used as a source for a Read Replica. | 7 |
backup_window |
string | The daily time range (in UTC) during which automated backups are created if they are enabled. Syntax: "hh24:mi-hh24:mi". Eg: "09:46-10:16". Must not overlap with maintenance_window. | 07:01-07:31 (this is either midnight or 1am Mountain Time, depending on daylight savings) |
maintenance_window |
string | The window to perform maintenance in. Syntax: "ddd:hh24:mi-ddd:hh24:mi". Eg: "Mon:00:00-Mon:03:00". | null |
multi_az |
bool | If the RDS instance is multi AZ enabled. | false |
iam_database_authentication_enabled |
bool | If IAM authentication is enabled. | false |
security_group_ids |
list(string) | A list of security group ids of security groups to attach to the RDS instance. This is in addition to the security group created in the module. | [] |
parameter_group_parameters |
map(string) | Map of parameters to include in the database parameter group | {} |
performance_insights |
object | If the object is not null performance insights is turned on and configured with the parameter(s) in the object | null |
tags |
map(string) | A map of AWS Tags to attach to each resource created | {} |
ca_cert_identifier |
string | The identifier of the CA certificate for the DB instance. | null |
retention_period_days- The number of days to retain. Setting to null will default the resource default of 7 days
You can provide your own username and password, but please DO NOT COMMIT your password to source code.
If you do not provide your own master_username or master_password then this module will create a random one for you.
In both cases the username and passwords will be stored in SSM Parameter store and available via outputs.
| Name | Type | Description |
|---|---|---|
instance |
object | The RDS Instance object |
security_group |
object | The security group for the RDS Instance |
master_username_parameter |
object | SSM parameter object of the RDS database master username |
master_password_parameter |
object | SSM parameter object of the RDS database password |
parameter_group |
object | The RDS Parameter group assigned to the RDS instance |