Add Terraform resources (#1)

aknysh · web-flow · commit 9632fc20f3b8 · 2017-08-25T21:03:26.000-04:00
* Add Terraform resources

* Fix LICENSE

* Add README.md and tests

* Fix variable names
diff --git a/.gitignore b/.gitignore
@@ -1,59 +1,9 @@
-# Logs
-logs
-*.log
-npm-debug.log*
-yarn-debug.log*
-yarn-error.log*
+# Compiled files
+*.tfstate
+*.tfstate.backup
 
-# Runtime data
-pids
-*.pid
-*.seed
-*.pid.lock
-
-# Directory for instrumented libs generated by jscoverage/JSCover
-lib-cov
-
-# Coverage directory used by tools like istanbul
-coverage
-
-# nyc test coverage
-.nyc_output
-
-# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
-.grunt
-
-# Bower dependency directory (https://bower.io/)
-bower_components
-
-# node-waf configuration
-.lock-wscript
-
-# Compiled binary addons (http://nodejs.org/api/addons.html)
-build/Release
-
-# Dependency directories
-node_modules/
-jspm_packages/
-
-# Typescript v1 declaration files
-typings/
-
-# Optional npm cache directory
-.npm
-
-# Optional eslint cache
-.eslintcache
-
-# Optional REPL history
-.node_repl_history
-
-# Output of 'npm pack'
-*.tgz
-
-# Yarn Integrity file
-.yarn-integrity
-
-# dotenv environment variables file
-.env
+# Module directory
+.terraform/
 
+.idea
+*.iml
diff --git a/LICENSE b/LICENSE
@@ -186,7 +186,7 @@
       same "printed page" as the copyright notice for easier
       identification within third-party archives.
 
-   Copyright {yyyy} {name of copyright owner}
+   Copyright 2017 Cloud Posse, LLC
 
    Licensed under the Apache License, Version 2.0 (the "License");
    you may not use this file except in compliance with the License.
diff --git a/README.md b/README.md
@@ -1,2 +1,100 @@
 # tf_rds
-Terraform Template for AWS RDS
+Terraform module for AWS RDS
+
+
+The module will create:
+* DB instance (MySQL, Postgres, SQL Server, Oracle)
+* DB Parameter Group
+* DB Subnet Group
+* DB Security Group
+* DNS Record in Route53 for the DB endpoint
+
+
+
+## Input Variables
+
+- `stage` - The deployment stage (_e.g._ `prod`, `staging`, `dev`)
+- `namespace` - The namespace of the application the DB instance belongs to (_e.g._ `global`, `shared`, or the name of your company like `cloudposse`)
+- `name` - The name of the application the DB instance belongs to
+- `dns_zone_id` - The ID of the DNS Zone in Route53 where a new DNS record will be created for the DB host name
+- `host_name` - The DB host name created in Route53
+- `security_group_ids` - The IDs of the security groups from which to allow `ingress` traffic to the DB instance
+- `database_name` - The name of the database (_e.g._ `wordpress`)
+- `database_user` - Admin user name (_e.g._ `admin`)
+- `database_password` - Admin password
+- `database_port` - Database port (_e.g._ `3306` for `MySQL`). Used in the DB Security Group to allow access to the DB instance from the provided `security_group_ids`
+- `multi_az` - Default `false`. Set to `true` for a multi-AZ deployment (recommended for production)
+- `storage_type` - One of `standard` (magnetic), `gp2` (general purpose SSD), or `io1` (provisioned IOPS SSD). Default `standard` (magnetic)
+- `iops` - The amount of provisioned IOPS. Setting this implies a storage_type of `io1`. Default is `0` if rds storage type is not `io1`
+- `allocated_storage` - The number of GBs to allocate for DB storage. Must be an integer, _e.g._ `10`
+- `engine` - Engine type, such as `mysql` or `postgres`
+- `engine_version` - DB Engine version, _e.g._ `9.5.4` for `Postgres`
+- `instance_class` - Instance class, _e.g._ `db.t2.micro`
+- `db_parameter_group` - DB Parameter Group, _e.g._ `mysql5.6` for MySQL, `postgres9.5` for `Postgres`
+- `publicly_accessible` - Determines if the DB instance can be publicly accessed from the Internet. Default `false`
+- `subnet_ids` - List of subnets IDs in the VPC, _e.g._ `["sb-1234567890", "sb-0987654321"]`
+- `vpc_id` - VPC ID the DB instance will be connected to
+- `auto_minor_version_upgrade` - Automatically upgrade minor version of the DB (eg. from Postgres 9.5.3 to Postgres 9.5.4). Default `true`
+- `allow_major_version_upgrade` - Allow upgrading of major version of database (eg. from Postgres 9.5.x to Postgres 9.6.x). Default `false`
+- `apply_immediately` - Specifies whether any database modifications are applied immediately, or during the next maintenance window. Default `false`
+- `maintenance_window` - The window to perform maintenance in. Default `"Mon:03:00-Mon:04:00"`
+- `skip_final_snapshot` - If `true` (default), DB won't be backed up before deletion
+- `copy_tags_to_snapshot` - Copy all tags from RDS database to snapshot. Default `true`
+- `backup_retention_period` - Backup retention period in days (default `0`). Must be `> 0` to enable backups
+- `backup_window` - When to perform DB snapshots. Default `"22:00-03:00"`. Can't overlap with the maintenance window
+
+
+
+## Outputs
+
+- `instance_id` - ID of the instance
+- `instance_address` - Address of the instance
+- `instance_endpoint` - DNS Endpoint of the instance
+- `subnet_group_id` - ID of the Subnet Group
+- `security_group_id` - ID of the Security Group
+- `parameter_group_id` - ID of the Parameter Group
+- `hostname` - DNS host name of the instance
+
+
+
+## Usage
+
+
+```
+module "rds_instance" {
+      source                      = "git::https://github.com/cloudposse/tf_rds.git?ref=tags/0.1.0"
+      stage                       = "prod"
+      namespace                   = "cloudposse"
+      name                        = "app"
+      dns_zone_id                 = "Z89FN1IW975KPE"
+      host_name                   = "db"
+      security_group_ids          = ["sg-xxxxxxxx"]
+      database_name               = "wordpress"
+      database_user               = "admin"
+      database_password           = "xxxxxxxxxxxx"
+      database_port               = 3306
+      multi_az                    = true
+      storage_type                = "gp2"
+      allocated_storage           = "100"
+      engine                      = "mysql"
+      engine_version              = "5.7.17"
+      instance_class              = "db.t2.medium"
+      db_parameter_group          = "mysql5.6"
+      publicly_accessible         = false
+      subnet_ids                  = ["sb-xxxxxxxxx", "sb-xxxxxxxxx"]
+      vpc_id                      = "vpc-xxxxxxxx"
+      auto_minor_version_upgrade  = true
+      allow_major_version_upgrade = false
+      apply_immediately           = false
+      maintenance_window          = "Mon:03:00-Mon:04:00"
+      skip_final_snapshot         = false
+      copy_tags_to_snapshot       = true
+      backup_retention_period     = 7
+      backup_window               = "22:00-03:00"
+}
+```
+
+
+# License
+
+Apache 2 Licensed. See LICENSE for full details.
diff --git a/main.tf b/main.tf
@@ -0,0 +1,77 @@
+module "label" {
+  source    = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0"
+  namespace = "${var.namespace}"
+  name      = "${var.name}"
+  stage     = "${var.stage}"
+}
+
+resource "aws_db_instance" "default" {
+  identifier                  = "${module.label.id}"
+  name                        = "${var.database_name}"
+  username                    = "${var.database_user}"
+  password                    = "${var.database_password}"
+  port                        = "${var.database_port}"
+  engine                      = "${var.engine}"
+  engine_version              = "${var.engine_version}"
+  instance_class              = "${var.instance_class}"
+  allocated_storage           = "${var.allocated_storage}"
+  vpc_security_group_ids      = ["${aws_security_group.default.id}"]
+  db_subnet_group_name        = "${aws_db_subnet_group.default.name}"
+  parameter_group_name        = "${aws_db_parameter_group.default.name}"
+  multi_az                    = "${var.multi_az}"
+  storage_type                = "${var.storage_type}"
+  iops                        = "${var.iops}"
+  publicly_accessible         = "${var.publicly_accessible}"
+  allow_major_version_upgrade = "${var.allow_major_version_upgrade}"
+  auto_minor_version_upgrade  = "${var.auto_minor_version_upgrade}"
+  apply_immediately           = "${var.apply_immediately}"
+  maintenance_window          = "${var.maintenance_window}"
+  skip_final_snapshot         = "${var.skip_final_snapshot}"
+  copy_tags_to_snapshot       = "${var.copy_tags_to_snapshot}"
+  backup_retention_period     = "${var.backup_retention_period}"
+  backup_window               = "${var.backup_window}"
+  tags                        = "${module.label.tags}"
+}
+
+resource "aws_db_parameter_group" "default" {
+  name   = "${module.label.id}"
+  family = "${var.db_parameter_group}"
+  tags   = "${module.label.tags}"
+}
+
+resource "aws_db_subnet_group" "default" {
+  name       = "${module.label.id}"
+  subnet_ids = ["${var.subnet_ids}"]
+  tags       = "${module.label.tags}"
+}
+
+resource "aws_security_group" "default" {
+  name        = "${module.label.id}"
+  description = "Allow inbound traffic from the security groups"
+  vpc_id      = "${var.vpc_id}"
+
+  ingress {
+    from_port       = "${var.database_port}"
+    to_port         = "${var.database_port}"
+    protocol        = "tcp"
+    security_groups = ["${var.security_group_ids}"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags        = "${module.label.tags}"
+}
+
+module "dns_host_name" {
+  source    = "git::https://github.com/cloudposse/tf_hostname.git?ref=tags/0.1.0"
+  namespace = "${var.namespace}"
+  name      = "${var.host_name}"
+  stage     = "${var.stage}"
+  zone_id   = "${var.dns_zone_id}"
+  records   = ["${aws_db_instance.default.endpoint}"]
+}
diff --git a/outputs.tf b/outputs.tf
@@ -0,0 +1,27 @@
+output "instance_id" {
+  value = "${aws_db_instance.default.id}"
+}
+
+output "instance_address" {
+  value = "${aws_db_instance.default.address}"
+}
+
+output "instance_endpoint" {
+  value = "${aws_db_instance.default.endpoint}"
+}
+
+output "subnet_group_id" {
+  value = "${aws_db_subnet_group.default.id}"
+}
+
+output "security_group_id" {
+  value = "${aws_security_group.default.id}"
+}
+
+output "parameter_group_id" {
+  value = "${aws_db_parameter_group.default.id}"
+}
+
+output "hostname" {
+  value = "${module.dns_host_name.hostname}"
+}
diff --git a/tests/rds_instance.tf b/tests/rds_instance.tf
@@ -0,0 +1,31 @@
+module "rds_instance" {
+  source                      = "git::https://github.com/cloudposse/tf_rds.git?ref=tags/0.1.0"
+  stage                       = "prod"
+  namespace                   = "cloudposse"
+  name                        = "app"
+  dns_zone_id                 = "Z89FN1IW975KPE"
+  host_name                   = "db"
+  security_group_ids          = ["sg-xxxxxxxx"]
+  database_name               = "wordpress"
+  database_user               = "admin"
+  database_password           = "xxxxxxxxxxxx"
+  database_port               = 3306
+  multi_az                    = true
+  storage_type                = "gp2"
+  allocated_storage           = "100"
+  engine                      = "mysql"
+  engine_version              = "5.7.17"
+  instance_class              = "db.t2.medium"
+  db_parameter_group          = "mysql5.6"
+  publicly_accessible         = false
+  subnet_ids                  = ["sb-xxxxxxxxx", "sb-xxxxxxxxx"]
+  vpc_id                      = "vpc-xxxxxxxx"
+  auto_minor_version_upgrade  = true
+  allow_major_version_upgrade = false
+  apply_immediately           = false
+  maintenance_window          = "Mon:03:00-Mon:04:00"
+  skip_final_snapshot         = false
+  copy_tags_to_snapshot       = true
+  backup_retention_period     = 7
+  backup_window               = "22:00-03:00"
+}
diff --git a/variables.tf b/variables.tf
