Need help with terraform-aws-rds-aurora?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

terraform-aws-modules
158 Stars 227 Forks Other 147 Commits 44 Opened issues

Description

Terraform module which creates RDS Aurora resources on AWS

Services available

!
?

Need anything else?

Contributors list

AWS RDS Aurora Terraform module

Terraform module which creates RDS Aurora resources on AWS.

These types of resources are supported:

Terraform versions

Terraform 0.12 and newer. Pin module version to

~> v3.0
. Submit pull-requests to
master
branch.

Terraform 0.11. Pin module version to

~> v1.0
.

Available features

  • Autoscaling of read-replicas (based on CPU utilization)
  • Enhanced Monitoring

Usage

module "db" {
  source  = "terraform-aws-modules/rds-aurora/aws"
  version = "~> 3.0"

name = "test-aurora-db-postgres96"

engine = "aurora-postgresql" engine_version = "9.6.9"

vpc_id = "vpc-12345678" subnets = ["subnet-12345678", "subnet-87654321"]

replica_count = 1 allowed_security_groups = ["sg-12345678"] allowed_cidr_blocks = ["10.20.0.0/20"] instance_type = "db.r4.large" storage_encrypted = true apply_immediately = true monitoring_interval = 10

db_parameter_group_name = "default" db_cluster_parameter_group_name = "default"

enabled_cloudwatch_logs_exports = ["audit", "error", "general", "slowquery"]

tags = { Environment = "dev" Terraform = "true" } }

Conditional creation

Sometimes you need to have a way to create RDS Aurora resources conditionally but Terraform does not allow to use

count
inside
module
block, so the solution is to specify argument
create_cluster
.
# This RDS cluster will not be created
module "db" {
  source  = "terraform-aws-modules/rds-aurora/aws"
  version = "~> 3.0"

create_cluster = false

... omitted

}

Examples

  • PostgreSQL: A simple example with VPC and PostgreSQL cluster.
  • MySQL: A simple example with VPC and MySQL cluster.
  • Serverless: Serverless PostgreSQL cluster.
  • Advanced: A PostgreSQL cluster with enhanced monitoring and autoscaling enabled.
  • Custom Instance Settings: A PostgreSQL cluster with custom instance settings.

Documentation

Terraform documentation is generated automatically using pre-commit hooks. Follow installation instructions here.

Requirements

| Name | Version | |------|---------| | terraform | >= 0.12.6 | | aws | >= 3.8 | | random | >= 2.2 |

Providers

| Name | Version | |------|---------| | aws | >= 3.8 | | random | >= 2.2 |

Inputs

| Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | allow_major_version_upgrade | Determines whether major engine upgrades are allowed when changing engine version |

bool
|
false
| no | | allowed_cidr_blocks | A list of CIDR blocks which are allowed to access the database |
list(string)
|
[]
| no | | allowed_security_groups | A list of Security Group ID's to allow access to. |
list(string)
|
[]
| no | | apply_immediately | Determines whether or not any DB modifications are applied immediately, or during the maintenance window |
bool
|
false
| no | | auto_minor_version_upgrade | Determines whether minor engine upgrades will be performed automatically in the maintenance window |
bool
|
true
| no | | backtrack_window | The target backtrack window, in seconds. Only available for aurora engine currently. To disable backtracking, set this value to 0. Defaults to 0. Must be between 0 and 259200 (72 hours) |
number
|
0
| no | | backup_retention_period | How long to keep backups for (in days) |
number
|
7
| no | | ca_cert_identifier | The identifier of the CA certificate for the DB instance |
string
|
"rds-ca-2019"
| no | | copy_tags_to_snapshot | Copy all Cluster tags to snapshots. |
bool
|
false
| no | | create_cluster | Controls if RDS cluster should be created (it affects almost all resources) |
bool
|
true
| no | | create_monitoring_role | Whether to create the IAM role for RDS enhanced monitoring |
bool
|
true
| no | | create_random_password | Whether to create random password for RDS primary cluster |
bool
|
true
| no | | create_security_group | Whether to create security group for RDS cluster |
bool
|
true
| no | | database_name | Name for an automatically created database on cluster creation |
string
|
""
| no | | db_cluster_parameter_group_name | The name of a DB Cluster parameter group to use |
string
|
null
| no | | db_parameter_group_name | The name of a DB parameter group to use |
string
|
null
| no | | db_subnet_group_name | The existing subnet group name to use |
string
|
""
| no | | deletion_protection | If the DB instance should have deletion protection enabled |
bool
|
false
| no | | enable_http_endpoint | Whether or not to enable the Data API for a serverless Aurora database engine. |
bool
|
false
| no | | enabled_cloudwatch_logs_exports | List of log types to export to cloudwatch |
list(string)
|
[]
| no | | engine | Aurora database engine type, currently aurora, aurora-mysql or aurora-postgresql |
string
|
"aurora"
| no | | engine_mode | The database engine mode. Valid values: global, parallelquery, provisioned, serverless, multimaster. |
string
|
"provisioned"
| no | | engine_version | Aurora database engine version. |
string
|
"5.6.10a"
| no | | final_snapshot_identifier_prefix | The prefix name to use when creating a final snapshot on cluster destroy, appends a random 8 digits to name to ensure it's unique too. |
string
|
"final"
| no | | global_cluster_identifier | The global cluster identifier specified on aws_rds_global_cluster |
string
|
""
| no | | iam_database_authentication_enabled | Specifies whether IAM Database authentication should be enabled or not. Not all versions and instances are supported. Refer to the AWS documentation to see which versions are supported. |
bool
|
false
| no | | iam_partition | IAM Partition to use when generating ARN's. For most regions this can be left at default. China/Govcloud use different partitions |
string
|
"aws"
| no | | iam_roles | A List of ARNs for the IAM roles to associate to the RDS Cluster. |
list(string)
|
[]
| no | | instance_type | Instance type to use at master instance. If instance_type_replica is not set it will use the same type for replica instances |
string
|
""
| no | | instance_type_replica | Instance type to use at replica instance |
string
|
null
| no | | instances_parameters | Customized instance settings. Supported keys: instance_name, instance_type, instance_promotion_tier, publicly_accessible |
list(map(string))
|
[]
| no | | is_primary_cluster | Whether to create a primary cluster (set to false to be a part of a Global database) |
bool
|
true
| no | | kms_key_id | The ARN for the KMS encryption key if one is set to the cluster. |
string
|
""
| no | | monitoring_interval | The interval (seconds) between points when Enhanced Monitoring metrics are collected |
number
|
0
| no | | monitoring_role_arn | IAM role for RDS to send enhanced monitoring metrics to CloudWatch |
string
|
""
| no | | name | Name given resources |
string
|
""
| no | | password | Master DB password |
string
|
""
| no | | performance_insights_enabled | Specifies whether Performance Insights is enabled or not. |
bool
|
false
| no | | performance_insights_kms_key_id | The ARN for the KMS key to encrypt Performance Insights data. |
string
|
""
| no | | permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the role. |
string
|
null
| no | | port | The port on which to accept connections |
string
|
""
| no | | predefined_metric_type | The metric type to scale on. Valid values are RDSReaderAverageCPUUtilization and RDSReaderAverageDatabaseConnections. |
string
|
"RDSReaderAverageCPUUtilization"
| no | | preferred_backup_window | When to perform DB backups |
string
|
"02:00-03:00"
| no | | preferred_maintenance_window | When to perform DB maintenance |
string
|
"sun:05:00-sun:06:00"
| no | | publicly_accessible | Whether the DB should have a public IP address |
bool
|
false
| no | | replica_count | Number of reader nodes to create. If
replica_scale_enable
is
true
, the value of
replica_scale_min
is used instead. |
number
|
1
| no | | replica_scale_connections | Average number of connections to trigger autoscaling at. Default value is 70% of db.r4.large's default max_connections |
number
|
700
| no | | replica_scale_cpu | CPU usage to trigger autoscaling at |
number
|
70
| no | | replica_scale_enabled | Whether to enable autoscaling for RDS Aurora (MySQL) read replicas |
bool
|
false
| no | | replica_scale_in_cooldown | Cooldown in seconds before allowing further scaling operations after a scale in |
number
|
300
| no | | replica_scale_max | Maximum number of replicas to allow scaling for |
number
|
0
| no | | replica_scale_min | Minimum number of replicas to allow scaling for |
number
|
2
| no | | replica_scale_out_cooldown | Cooldown in seconds before allowing further scaling operations after a scale out |
number
|
300
| no | | replication_source_identifier | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. |
string
|
""
| no | | scaling_configuration | Map of nested attributes with scaling properties. Only valid when engine_mode is set to
serverless
|
map(string)
|
{}
| no | | security_group_description | The description of the security group. If value is set to empty string it will contain cluster name in the description. |
string
|
"Managed by Terraform"
| no | | skip_final_snapshot | Should a final snapshot be created on cluster destroy |
bool
|
false
| no | | snapshot_identifier | DB snapshot to create this database from |
string
|
""
| no | | source_region | The source region for an encrypted replica DB cluster. |
string
|
""
| no | | storage_encrypted | Specifies whether the underlying storage layer should be encrypted |
bool
|
true
| no | | subnets | List of subnet IDs to use |
list(string)
|
[]
| no | | tags | A map of tags to add to all resources. |
map(string)
|
{}
| no | | username | Master DB username |
string
|
"root"
| no | | vpc_id | VPC ID |
string
|
""
| no | | vpc_security_group_ids | List of VPC security groups to associate to the cluster in addition to the SG we create in this module |
list(string)
|
[]
| no |

Outputs

| Name | Description | |------|-------------| | this_rds_cluster_arn | The ID of the cluster | | this_rds_cluster_database_name | Name for an automatically created database on cluster creation | | this_rds_cluster_endpoint | The cluster endpoint | | this_rds_cluster_engine_version | The cluster engine version | | this_rds_cluster_hosted_zone_id | Route53 hosted zone id of the created cluster | | this_rds_cluster_id | The ID of the cluster | | this_rds_cluster_instance_endpoints | A list of all cluster instance endpoints | | this_rds_cluster_instance_ids | A list of all cluster instance ids | | this_rds_cluster_master_password | The master password | | this_rds_cluster_master_username | The master username | | this_rds_cluster_port | The port | | this_rds_cluster_reader_endpoint | The cluster reader endpoint | | this_rds_cluster_resource_id | The Resource ID of the cluster | | this_security_group_id | The security group ID of the cluster |

Authors

Currently maintained by Anton Babenko and these awesome contributors.

License

MIT Licensed. See LICENSE for full details.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.