59 lines
1.8 KiB
Terraform
59 lines
1.8 KiB
Terraform
/**
|
|
* # LabMysql
|
|
*
|
|
* This will not deploy on LocalStack. Both free and community editions
|
|
* have rds disabled. License upgrade is needed to use rds.
|
|
*/
|
|
|
|
module "rds" {
|
|
source = "terraform-aws-modules/rds/aws"
|
|
version = "7.1.0"
|
|
|
|
db_name = "LabMysql001"
|
|
identifier = "labmysql001"
|
|
username = "mysqldba"
|
|
instance_class = "db.t4g.xlarge"
|
|
engine = "mysql"
|
|
engine_version = "8.4.9"
|
|
family = "mysql8.4"
|
|
major_engine_version = "8.4"
|
|
skip_final_snapshot = true
|
|
deletion_protection = false
|
|
storage_type = "gp3"
|
|
storage_encrypted = true
|
|
kms_key_id = module.KmsKeys.cmks.database.arn
|
|
allocated_storage = 15
|
|
max_allocated_storage = 30
|
|
multi_az = true
|
|
create_db_subnet_group = true
|
|
subnet_ids = data.terraform_remote_state.vpc.outputs.private_subnets
|
|
vpc_security_group_ids = [module.DatabaseSg.id]
|
|
}
|
|
|
|
module "KmsKeys" {
|
|
source = "../../../modules/security_identity_compliance/CustomerManagedKmsKeys"
|
|
|
|
create-allpurpose-key = false
|
|
create-backup-key = false
|
|
create-database-key = true
|
|
create-eksebs-key = false
|
|
create-log-key = false
|
|
create-notify-key = false
|
|
create-secret-key = false
|
|
create-storage-key = false
|
|
deletion_window_in_days = 7
|
|
}
|
|
|
|
module "DatabaseSg" {
|
|
source = "../../../modules/compute/security_group"
|
|
name = "example-sg"
|
|
description = "SG of RDS instance"
|
|
vpc-id = data.terraform_remote_state.vpc.outputs.vpc_id
|
|
ingress = {
|
|
r1 = "tcp,3306,3306,${data.terraform_remote_state.vpc.outputs.vpc_cidr_block},AllowMyVpc"
|
|
}
|
|
egress = {
|
|
r1 = "-1,-1,-1,0.0.0.0/0,Allow egress ipv4"
|
|
r2 = "-1,-1,-1,::/0,Allow egress ipv6"
|
|
}
|
|
} |