jprdonnelly/qmi-cloud-tf-modules
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
dev2
qmi-cloud-tf-modules/databases/aws-redshift/main.tf
Manuel Romero 9553c7de64 redshoft
2022-10-05 09:58:08 +02:00

193 lines
4.3 KiB
HCL
Raw Permalink Blame History

terraform {
required_version = ">= 0.14"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.49.0"
}
}
}
resource "random_password" "password" {
length = 16
special = true
override_special = "_!"
min_numeric = 1
upper = true
lower = true
number = true
min_lower = 2
min_upper = 2
min_special = 2
}
locals {
provid5 = substr(var.provision_id, 0, 5)
vpc_id = (var.region == "eu-west-1") ? var.vpc_id_eu : (var.region == "us-east-1") ? var.vpc_id_us : var.vpc_id_ap
subnet_ids = (var.region == "eu-west-1") ? var.subnet_ids_eu : (var.region == "us-east-1") ? var.subnet_ids_us : var.subnet_ids_ap
port = "5439"
tags = {
Deployment = "QMI PoC"
"Cost Center" = "3100"
QMI_user = var.user_id
ProvID = var.provision_id
Name = "qmi-${var.provision_id}"
}
}
module "security_group" {
# SGs created here as Ports differ per Engine. Only Azure Firewall IPs added for now.
source = "terraform-aws-modules/security-group/aws"
version = "~> 4.3"
name = "${var.provision_id}-SG"
description = "${var.provision_id}-SG"
vpc_id = local.vpc_id
# ingress
ingress_cidr_blocks = [
"52.249.189.38/32",
"13.67.39.86/32",
"20.67.110.207/32",
"14.98.59.168/29",
"182.74.33.8/29",
"188.65.156.32/28",
"212.73.252.96/29",
"194.90.96.176/29",
"213.57.84.160/29",
"4.4.97.104/29",
"206.196.17.32/27",
#QCS
"18.205.71.36/32",
"18.232.32.199/32",
"34.237.68.254/32",
"34.247.21.179/32",
"52.31.212.214/32",
"54.154.95.18/32",
"13.210.43.241/32",
"13.236.104.42/32",
"13.236.206.172/32",
"18.138.163.172/32",
"18.142.157.182/32",
"54.179.13.251/32",
#QAA
"54.216.156.88/32",
"3.248.156.131/32",
"52.213.44.55/32",
"18.235.133.252/32",
"3.217.244.242/32",
"18.214.8.201/32",
"54.206.158.27/32",
"3.104.137.20/32",
"3.24.52.178/32",
"54.169.84.213/32",
"13.213.173.37/32",
"13.213.113.162/32"
]
ingress_with_cidr_blocks = [
{
from_port = local.port
to_port = local.port
protocol = "tcp"
description = "Redshift"
},
]
# egress
egress_cidr_blocks = [
"52.249.189.38/32",
"13.67.39.86/32",
"20.67.110.207/32",
"14.98.59.168/29",
"182.74.33.8/29",
"188.65.156.32/28",
"212.73.252.96/29",
"194.90.96.176/29",
"213.57.84.160/29",
"4.4.97.104/29",
"206.196.17.32/27",
#QCS
"18.205.71.36/32",
"18.232.32.199/32",
"34.237.68.254/32",
"34.247.21.179/32",
"52.31.212.214/32",
"54.154.95.18/32",
"13.210.43.241/32",
"13.236.104.42/32",
"13.236.206.172/32",
"18.138.163.172/32",
"18.142.157.182/32",
"54.179.13.251/32",
#QAA
"54.216.156.88/32",
"3.248.156.131/32",
"52.213.44.55/32",
"18.235.133.252/32",
"3.217.244.242/32",
"18.214.8.201/32",
"54.206.158.27/32",
"3.104.137.20/32",
"3.24.52.178/32",
"54.169.84.213/32",
"13.213.173.37/32",
"13.213.113.162/32"
]
egress_with_cidr_blocks = [
{
from_port = local.port
to_port = local.port
protocol = "tcp"
description = "Redshift"
},
]
tags = local.tags
}
module "redshift" {
source = "terraform-aws-modules/redshift/aws"
version = "~> 3.0"
cluster_identifier = "qmi-${var.provision_id}"
cluster_node_type = "dc2.large" #"dc1.large"
cluster_number_of_nodes = 1
cluster_database_name = var.cluster_database_name
cluster_master_username = var.cluster_master_username
cluster_master_password = random_password.password.result
# Group parameters
#wlm_json_configuration = "[{\"query_concurrency\": 5}]"
# DB Subnet Group Inputs
subnets = local.subnet_ids
vpc_security_group_ids = [module.security_group.security_group_id]
publicly_accessible = true
# IAM Roles
#cluster_iam_roles = ["arn:aws:iam::225367859851:role/developer"]
tags = local.tags
}
module "qmi-s3-bucket" {
source = "git::https://gitlab.com/qmi/qmi-cloud-tf-modules.git//s3-bucket?ref=dev2"
provision_id = var.provision_id
region = var.region
user_id = var.user_id
}
Reference in New Issue View Git Blame Copy Permalink