feat: add rds resource

humanitec-architecture · Jan 4, 2024 · c52309d · c52309d
1 parent 4f2b3c2
commit c52309d
Show file tree

Hide file tree

Showing 23 changed files with 1,192 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,4 @@
 .terraform
 .terraform.lock.hcl
 terraform.tfstate*
+terraform.tfvars
diff --git a/examples/rds/basic-mysql/README.md b/examples/rds/basic-mysql/README.md
@@ -0,0 +1,48 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| terraform | >= 1.3.0 |
+| aws | ~> 5.0 |
+| humanitec | ~> 0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| aws | ~> 5.0 |
+| humanitec | ~> 0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| rds | ../../../humanitec-resource-defs/rds/basic | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_security_group.mysql](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_vpc_security_group_ingress_rule.k8s_node_mysql](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource |
+| [humanitec_application.app](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/application) | resource |
+| [humanitec_resource_definition_criteria.rds](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| access\_key | AWS Access Key | `string` | n/a | yes |
+| humanitec\_org\_id | Humanitec organization where resource definitions will be applied | `string` | n/a | yes |
+| humanitec\_token | Humanitec API token | `string` | n/a | yes |
+| k8s\_node\_security\_group\_id | AWS Security Group ID of the kubernetes nodes to allow access to the AWS RDS cluster | `string` | n/a | yes |
+| name | Name that will be used in resouces' names | `string` | n/a | yes |
+| region | AWS Region to create resources | `string` | n/a | yes |
+| secret\_key | AWS Secret Key | `string` | n/a | yes |
+| subnet\_ids | AWS Subnet IDs to use for the AWS RDS cluster | `set(string)` | n/a | yes |
+| vpc\_id | AWS VPC ID | `string` | n/a | yes |
+| humanitec\_host | Humanitec API host url | `string` | `"https://api.humanitec.io"` | no |
+| resource\_packs\_aws\_rev | AWS Resource Pack git branch | `string` | `"refs/heads/main"` | no |
+| resource\_packs\_aws\_url | AWS Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-aws.git"` | no |
+<!-- END_TF_DOCS -->
diff --git a/examples/rds/basic-mysql/main.tf b/examples/rds/basic-mysql/main.tf
@@ -0,0 +1,53 @@
+resource "humanitec_application" "app" {
+  id   = var.name
+  name = var.name
+}
+
+module "rds" {
+  source = "../../../humanitec-resource-defs/rds/basic"
+
+  prefix                 = "${var.name}-"
+  resource_packs_aws_rev = var.resource_packs_aws_rev
+  resource_packs_aws_url = var.resource_packs_aws_url
+
+  access_key = var.access_key
+  secret_key = var.secret_key
+  region     = var.region
+
+  name          = "${var.name}-database"
+  database_name = "my_database"
+  username      = "username"
+  password      = "password"
+
+  type                 = "mysql"
+  engine               = "mysql"
+  engine_version       = "8.0"
+  group_family         = "mysql8.0"
+  major_engine_version = "8.0"
+
+  create_db_subnet_group = true
+  db_subnet_group_name   = "${var.name}-subnet-group"
+  subnet_ids             = var.subnet_ids
+
+  vpc_security_group_ids = [aws_security_group.mysql.id]
+}
+
+resource "humanitec_resource_definition_criteria" "rds" {
+  resource_definition_id = module.rds.id
+  app_id                 = humanitec_application.app.id
+}
+
+resource "aws_security_group" "mysql" {
+  name        = "mysql"
+  description = "mysql"
+  vpc_id      = var.vpc_id
+}
+
+resource "aws_vpc_security_group_ingress_rule" "k8s_node_mysql" {
+  security_group_id = aws_security_group.mysql.id
+
+  referenced_security_group_id = var.k8s_node_security_group_id
+  from_port                    = 5432
+  ip_protocol                  = "tcp"
+  to_port                      = 5432
+}
diff --git a/examples/rds/basic-mysql/providers.tf b/examples/rds/basic-mysql/providers.tf
@@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+    humanitec = {
+      source  = "humanitec/humanitec"
+      version = "~> 0"
+    }
+  }
+
+  required_version = ">= 1.3.0"
+}
+
+provider "aws" {
+  region     = var.region
+  access_key = var.access_key
+  secret_key = var.secret_key
+}
+
+provider "humanitec" {
+  host   = var.humanitec_host
+  org_id = var.humanitec_org_id
+  token  = var.humanitec_token
+}
diff --git a/examples/rds/basic-mysql/terraform.tfvars.example b/examples/rds/basic-mysql/terraform.tfvars.example
@@ -0,0 +1,36 @@
+
+# AWS Access Key
+access_key = ""
+
+# Humanitec API host url
+humanitec_host = "https://api.humanitec.io"
+
+# Humanitec organization where resource definitions will be applied
+humanitec_org_id = ""
+
+# Humanitec API token
+humanitec_token = ""
+
+# AWS Security Group ID of the kubernetes nodes to allow access to the AWS RDS cluster
+k8s_node_security_group_id = ""
+
+# Name that will be used in resouces' names
+name = ""
+
+# AWS Region to create resources
+region = ""
+
+# AWS Resource Pack git branch
+resource_packs_aws_rev = "refs/heads/main"
+
+# AWS Resource Pack git url
+resource_packs_aws_url = "https://github.com/humanitec-architecture/resource-packs-aws.git"
+
+# AWS Secret Key
+secret_key = ""
+
+# AWS Subnet IDs to use for the AWS RDS cluster
+subnet_ids = ""
+
+# AWS VPC ID
+vpc_id = ""
diff --git a/examples/rds/basic-mysql/variables.tf b/examples/rds/basic-mysql/variables.tf
@@ -0,0 +1,62 @@
+variable "name" {
+  type        = string
+  description = "Name that will be used in resouces' names"
+}
+
+variable "access_key" {
+  type        = string
+  description = "AWS Access Key"
+}
+
+variable "secret_key" {
+  type        = string
+  description = "AWS Secret Key"
+}
+
+variable "region" {
+  type        = string
+  description = "AWS Region to create resources"
+}
+
+variable "humanitec_org_id" {
+  type        = string
+  description = "Humanitec organization where resource definitions will be applied"
+}
+
+variable "humanitec_token" {
+  type        = string
+  description = "Humanitec API token"
+}
+
+variable "humanitec_host" {
+  type        = string
+  default     = "https://api.humanitec.io"
+  description = "Humanitec API host url"
+}
+
+variable "resource_packs_aws_url" {
+  description = "AWS Resource Pack git url"
+  type        = string
+  default     = "https://github.com/humanitec-architecture/resource-packs-aws.git"
+}
+
+variable "resource_packs_aws_rev" {
+  description = "AWS Resource Pack git branch"
+  type        = string
+  default     = "refs/heads/main"
+}
+
+variable "vpc_id" {
+  description = "AWS VPC ID"
+  type        = string
+}
+
+variable "subnet_ids" {
+  description = "AWS Subnet IDs to use for the AWS RDS cluster"
+  type        = set(string)
+}
+
+variable "k8s_node_security_group_id" {
+  description = "AWS Security Group ID of the kubernetes nodes to allow access to the AWS RDS cluster"
+  type        = string
+}
diff --git a/examples/rds/basic-postgres/README.md b/examples/rds/basic-postgres/README.md
@@ -0,0 +1,48 @@
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| terraform | >= 1.3.0 |
+| aws | ~> 5.0 |
+| humanitec | ~> 0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| aws | ~> 5.0 |
+| humanitec | ~> 0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| rds | ../../../humanitec-resource-defs/rds/basic | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_security_group.postgres](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
+| [aws_vpc_security_group_ingress_rule.k8s_node_postgres](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/vpc_security_group_ingress_rule) | resource |
+| [humanitec_application.app](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/application) | resource |
+| [humanitec_resource_definition_criteria.rds](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| access\_key | AWS Access Key | `string` | n/a | yes |
+| humanitec\_org\_id | Humanitec organization where resource definitions will be applied | `string` | n/a | yes |
+| humanitec\_token | Humanitec API token | `string` | n/a | yes |
+| k8s\_node\_security\_group\_id | AWS Security Group ID of the kubernetes nodes to allow access to the AWS RDS cluster | `string` | n/a | yes |
+| name | Name that will be used in resouces' names | `string` | n/a | yes |
+| region | AWS Region to create resources | `string` | n/a | yes |
+| secret\_key | AWS Secret Key | `string` | n/a | yes |
+| subnet\_ids | AWS Subnet IDs to use for the AWS RDS cluster | `set(string)` | n/a | yes |
+| vpc\_id | AWS VPC ID | `string` | n/a | yes |
+| humanitec\_host | Humanitec API host url | `string` | `"https://api.humanitec.io"` | no |
+| resource\_packs\_aws\_rev | AWS Resource Pack git branch | `string` | `"refs/heads/main"` | no |
+| resource\_packs\_aws\_url | AWS Resource Pack git url | `string` | `"https://github.com/humanitec-architecture/resource-packs-aws.git"` | no |
+<!-- END_TF_DOCS -->
diff --git a/examples/rds/basic-postgres/main.tf b/examples/rds/basic-postgres/main.tf
@@ -0,0 +1,48 @@
+resource "humanitec_application" "app" {
+  id   = var.name
+  name = var.name
+}
+
+module "rds" {
+  source = "../../../humanitec-resource-defs/rds/basic"
+
+  prefix                 = "${var.name}-"
+  resource_packs_aws_rev = var.resource_packs_aws_rev
+  resource_packs_aws_url = var.resource_packs_aws_url
+
+  access_key = var.access_key
+  secret_key = var.secret_key
+  region     = var.region
+
+  name          = "${var.name}-database"
+  database_name = "my_database"
+  username      = "username"
+  password      = "password"
+
+  create_db_subnet_group = true
+  db_subnet_group_name   = "${var.name}-subnet-group"
+  subnet_ids             = var.subnet_ids
+
+  vpc_security_group_ids = [aws_security_group.postgres.id]
+}
+
+resource "humanitec_resource_definition_criteria" "rds" {
+  resource_definition_id = module.rds.id
+  app_id                 = humanitec_application.app.id
+}
+
+resource "aws_security_group" "postgres" {
+  name        = "postgres"
+  description = "postgres"
+  vpc_id      = var.vpc_id
+}
+
+resource "aws_vpc_security_group_ingress_rule" "k8s_node_postgres" {
+  security_group_id = aws_security_group.postgres.id
+
+  referenced_security_group_id = var.k8s_node_security_group_id
+  from_port                    = 5432
+  ip_protocol                  = "tcp"
+  to_port                      = 5432
+}
+
diff --git a/examples/rds/basic-postgres/providers.tf b/examples/rds/basic-postgres/providers.tf
@@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+    humanitec = {
+      source  = "humanitec/humanitec"
+      version = "~> 0"
+    }
+  }
+
+  required_version = ">= 1.3.0"
+}
+
+provider "aws" {
+  region     = var.region
+  access_key = var.access_key
+  secret_key = var.secret_key
+}
+
+provider "humanitec" {
+  host   = var.humanitec_host
+  org_id = var.humanitec_org_id
+  token  = var.humanitec_token
+}