feat: added rds layer and updated readme about community edition

LocalStack/Database/LabMysql/main.tf

@@ -0,0 +1,59 @@
+/**
+* # LabMysql
+*
+* This will not deploy on LocalStack. Both free and community editions
+* have rds disabled. License upgrade is needed to use rds.
+*/
+
+module "rds" {
+  source  = "terraform-aws-modules/rds/aws"
+  version = "7.1.0"
+
+  db_name                = "LabMysql001"
+  identifier             = "labmysql001"
+  username               = "mysqldba"
+  instance_class         = "db.t4g.xlarge"
+  engine                 = "mysql"
+  engine_version         = "8.4.9"
+  family                 = "mysql8.4"
+  major_engine_version   = "8.4"
+  skip_final_snapshot    = true
+  deletion_protection    = false
+  storage_type           = "gp3"
+  storage_encrypted      = true
+  kms_key_id             = module.KmsKeys.cmks.database.arn
+  allocated_storage      = 15
+  max_allocated_storage  = 30
+  multi_az               = true
+  create_db_subnet_group = true
+  subnet_ids             = data.terraform_remote_state.vpc.outputs.private_subnets
+  vpc_security_group_ids = [module.DatabaseSg.id]
+}
+
+module "KmsKeys" {
+  source = "../../../modules/security_identity_compliance/CustomerManagedKmsKeys"
+
+  create-allpurpose-key   = false
+  create-backup-key       = false
+  create-database-key     = true
+  create-eksebs-key       = false
+  create-log-key          = false
+  create-notify-key       = false
+  create-secret-key       = false
+  create-storage-key      = false
+  deletion_window_in_days = 7
+}
+
+module "DatabaseSg" {
+  source      = "../../../modules/compute/security_group"
+  name        = "example-sg"
+  description = "SG of RDS instance"
+  vpc-id      = data.terraform_remote_state.vpc.outputs.vpc_id
+  ingress = {
+    r1 = "tcp,3306,3306,${data.terraform_remote_state.vpc.outputs.vpc_cidr_block},AllowMyVpc"
+  }
+  egress = {
+    r1 = "-1,-1,-1,0.0.0.0/0,Allow egress ipv4"
+    r2 = "-1,-1,-1,::/0,Allow egress ipv6"
+  }
+}