From 3792ecd0ec362a51131a5a28abcbfa735743aa9a Mon Sep 17 00:00:00 2001 From: Amanda Snyder Date: Tue, 8 Nov 2022 11:34:16 -0700 Subject: [PATCH 1/5] adding rds performance insights option --- aws/rds/main.tf | 55 ++++++++++++++++++++++---------------------- aws/rds/variables.tf | 5 ++++ 2 files changed, 33 insertions(+), 27 deletions(-) diff --git a/aws/rds/main.tf b/aws/rds/main.tf index b43b302..a2dcc3b 100644 --- a/aws/rds/main.tf +++ b/aws/rds/main.tf @@ -37,33 +37,34 @@ resource "aws_db_subnet_group" "mod" { } resource "aws_db_instance" "mod" { - allocated_storage = var.storage - allow_major_version_upgrade = true - apply_immediately = true - auto_minor_version_upgrade = var.auto_minor_version_upgrade - backup_retention_period = var.backup_retention_period - db_subnet_group_name = var.source_db == "" ? local.subnet_group_name : "" - engine = var.engine - engine_version = var.engine_version - final_snapshot_identifier = "${var.name}-${var.env}-${var.engine}-final-snapshot" - identifier = var.identifier != "" ? var.identifier : "${var.name}-${var.env}-${var.engine}" - iops = var.iops - instance_class = var.node_type - kms_key_id = var.kms_key_id - max_allocated_storage = var.max_allocated_storage - monitoring_interval = var.monitoring_interval - monitoring_role_arn = var.monitoring_interval == 0 ? "" : aws_iam_role.rds_enhanced_monitoring[0].arn - multi_az = var.multi_az - parameter_group_name = local.parameter_group_name - password = "nopassword" - publicly_accessible = var.publicly_accessible - replicate_source_db = var.source_db - skip_final_snapshot = var.skip_final_snapshot - storage_encrypted = var.storage_encrypted - storage_type = var.storage_type - tags = var.tags - username = var.username != "" ? var.username : "${var.name}${var.username_suffix}" - + allocated_storage = var.storage + allow_major_version_upgrade = true + apply_immediately = true + auto_minor_version_upgrade = var.auto_minor_version_upgrade + backup_retention_period = var.backup_retention_period + db_subnet_group_name = var.source_db == "" ? local.subnet_group_name : "" + engine = var.engine + engine_version = var.engine_version + final_snapshot_identifier = "${var.name}-${var.env}-${var.engine}-final-snapshot" + identifier = var.identifier != "" ? var.identifier : "${var.name}-${var.env}-${var.engine}" + iops = var.iops + instance_class = var.node_type + kms_key_id = var.kms_key_id + max_allocated_storage = var.max_allocated_storage + monitoring_interval = var.monitoring_interval + monitoring_role_arn = var.monitoring_interval == 0 ? "" : aws_iam_role.rds_enhanced_monitoring[0].arn + multi_az = var.multi_az + parameter_group_name = local.parameter_group_name + password = "nopassword" + performance_insights_enabled = var.performance_insights_enabled + publicly_accessible = var.publicly_accessible + replicate_source_db = var.source_db + skip_final_snapshot = var.skip_final_snapshot + storage_encrypted = var.storage_encrypted + storage_type = var.storage_type + tags = var.tags + username = var.username != "" ? var.username : "${var.name}${var.username_suffix}" + vpc_security_group_ids = concat( var.vpc_security_group_ids, [aws_security_group.sg_on_rds_instance.id], diff --git a/aws/rds/variables.tf b/aws/rds/variables.tf index 7e42a7f..a7e97c7 100644 --- a/aws/rds/variables.tf +++ b/aws/rds/variables.tf @@ -71,6 +71,11 @@ variable "parameter_group_name" { default = "" } +variable "performance_insights_enabled" { + description = "Specifies whether Performance Insights are enabled. Defaults to false." + default = false +} + variable "publicly_accessible" { description = "Bool to control if instance is publicly accessible." default = true From eda294a1f97c541714568076bbc9293c5889280e Mon Sep 17 00:00:00 2001 From: Amanda Snyder Date: Tue, 8 Nov 2022 11:37:42 -0700 Subject: [PATCH 2/5] adding max allocated storage to database replica --- aws/database_replica/main.tf | 1 + aws/database_replica/variables.tf | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/aws/database_replica/main.tf b/aws/database_replica/main.tf index a5ab2ca..09921dc 100644 --- a/aws/database_replica/main.tf +++ b/aws/database_replica/main.tf @@ -26,6 +26,7 @@ resource "aws_db_instance" "mod" { identifier = var.identifier != "" ? var.identifier : "${var.name}-${var.env}-${local.engine}" instance_class = var.node_type iops = var.iops + max_allocated_storage = var.max_allocated_storage monitoring_interval = var.monitoring_interval monitoring_role_arn = var.monitoring_interval == 0 ? "" : aws_iam_role.rds_enhanced_monitoring[0].arn multi_az = var.multi_az diff --git a/aws/database_replica/variables.tf b/aws/database_replica/variables.tf index d38e1ea..6c130d3 100644 --- a/aws/database_replica/variables.tf +++ b/aws/database_replica/variables.tf @@ -23,6 +23,12 @@ variable "iops" { default = 0 } +variable "max_allocated_storage" { + description = "To enable storage autoscaling, you need to set this value to the upper limit of storage that RDS can automatically scale to. Must be greater then or equal to allocated_storage value." + default = 0 + type = number +} + variable "multi_az" { description = "AWS RDS automatically creates a primary DB Instance and synchronously replicates the data to a standby instance in a different Availability Zone." default = false From f920bfe04eb5b37220c2c775e7ff09df98de0e17 Mon Sep 17 00:00:00 2001 From: Amanda Snyder Date: Tue, 8 Nov 2022 11:54:11 -0700 Subject: [PATCH 3/5] fmt --- aws/database_replica/variables.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/aws/database_replica/variables.tf b/aws/database_replica/variables.tf index 6c130d3..c5aba52 100644 --- a/aws/database_replica/variables.tf +++ b/aws/database_replica/variables.tf @@ -97,4 +97,3 @@ variable "vpc_security_group_ids" { type = list(string) default = [] } - From 0d65065b91a81838852962c5f4af159aac2e8862 Mon Sep 17 00:00:00 2001 From: Amanda Snyder Date: Tue, 8 Nov 2022 11:58:03 -0700 Subject: [PATCH 4/5] update terraform image version for running fmt --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index b2f8243..c9d42e8 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest container: - image: hashicorp/terraform:0.14.7 + image: hashicorp/terraform:1.0.10 steps: - uses: actions/checkout@v1 From 22c47ac4717d8055b465dc7c2fdce50b80de2033 Mon Sep 17 00:00:00 2001 From: Amanda Snyder Date: Tue, 8 Nov 2022 11:59:13 -0700 Subject: [PATCH 5/5] fmt --- aws/rds/main.tf | 56 ++++++++++++++++++++++++------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/aws/rds/main.tf b/aws/rds/main.tf index a2dcc3b..f5a9d8a 100644 --- a/aws/rds/main.tf +++ b/aws/rds/main.tf @@ -37,34 +37,34 @@ resource "aws_db_subnet_group" "mod" { } resource "aws_db_instance" "mod" { - allocated_storage = var.storage - allow_major_version_upgrade = true - apply_immediately = true - auto_minor_version_upgrade = var.auto_minor_version_upgrade - backup_retention_period = var.backup_retention_period - db_subnet_group_name = var.source_db == "" ? local.subnet_group_name : "" - engine = var.engine - engine_version = var.engine_version - final_snapshot_identifier = "${var.name}-${var.env}-${var.engine}-final-snapshot" - identifier = var.identifier != "" ? var.identifier : "${var.name}-${var.env}-${var.engine}" - iops = var.iops - instance_class = var.node_type - kms_key_id = var.kms_key_id - max_allocated_storage = var.max_allocated_storage - monitoring_interval = var.monitoring_interval - monitoring_role_arn = var.monitoring_interval == 0 ? "" : aws_iam_role.rds_enhanced_monitoring[0].arn - multi_az = var.multi_az - parameter_group_name = local.parameter_group_name - password = "nopassword" - performance_insights_enabled = var.performance_insights_enabled - publicly_accessible = var.publicly_accessible - replicate_source_db = var.source_db - skip_final_snapshot = var.skip_final_snapshot - storage_encrypted = var.storage_encrypted - storage_type = var.storage_type - tags = var.tags - username = var.username != "" ? var.username : "${var.name}${var.username_suffix}" - + allocated_storage = var.storage + allow_major_version_upgrade = true + apply_immediately = true + auto_minor_version_upgrade = var.auto_minor_version_upgrade + backup_retention_period = var.backup_retention_period + db_subnet_group_name = var.source_db == "" ? local.subnet_group_name : "" + engine = var.engine + engine_version = var.engine_version + final_snapshot_identifier = "${var.name}-${var.env}-${var.engine}-final-snapshot" + identifier = var.identifier != "" ? var.identifier : "${var.name}-${var.env}-${var.engine}" + iops = var.iops + instance_class = var.node_type + kms_key_id = var.kms_key_id + max_allocated_storage = var.max_allocated_storage + monitoring_interval = var.monitoring_interval + monitoring_role_arn = var.monitoring_interval == 0 ? "" : aws_iam_role.rds_enhanced_monitoring[0].arn + multi_az = var.multi_az + parameter_group_name = local.parameter_group_name + password = "nopassword" + performance_insights_enabled = var.performance_insights_enabled + publicly_accessible = var.publicly_accessible + replicate_source_db = var.source_db + skip_final_snapshot = var.skip_final_snapshot + storage_encrypted = var.storage_encrypted + storage_type = var.storage_type + tags = var.tags + username = var.username != "" ? var.username : "${var.name}${var.username_suffix}" + vpc_security_group_ids = concat( var.vpc_security_group_ids, [aws_security_group.sg_on_rds_instance.id],