jprdonnelly/qmi-cloud-tf-modules
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
29bef068fa1da8809da2aa94dea188ba1f1e1d77
qmi-cloud-tf-modules/databases/aws-rds/main.tf
Manuel Romero d0c4ada8a0 singgapor region to aws-rds allowed
2021-12-01 10:04:32 +01:00

213 lines
6.1 KiB
HCL
Raw Blame History

terraform {
required_version = ">= 0.13"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.49.0"
}
}
}
provider "aws" {
region = var.region
access_key = var.aws_provider_access_key
secret_key = var.aws_provider_access_secret
alias = "myaws"
}
locals {
provid5 = substr(var.provision_id, 0, 5)
aurora = (var.engine == "aurora-mysql") ? true : (var.engine == "aurora-postgresql") ? true : false
vpc_id = (var.region == "eu-west-1") ? var.vpc_id_eu : (var.region == "us-east-1") ? var.vpc_id_us : var.vpc_id_ap
subnet_ids = (var.region == "eu-west-1") ? var.subnet_ids_eu : (var.region == "us-east-1") ? var.subnet_ids_us : var.subnet_ids_ap
port = (var.engine == "oracle-se2") ? "1521" : (var.engine == "postgres") ? "5432" : (var.engine == "aurora-postgresql") ? "5432" : (var.engine == "sqlserver-ex") ? "1433" : "3306"
name = (var.engine == "sqlserver-ex") ? null : (var.engine == "oracle-se2") ? "ora${local.provid5}" : "qmi${var.provision_id}"
license = (local.aurora == true) ? "general-public-license" : (var.engine == "mariadb") ? "general-public-license" : (var.engine == "postgres") ? "postgresql-license" : (var.engine == "mysql") ? "general-public-license" : "license-included"
engine_version = (var.engine == "oracle-se2") ? "19.0.0.0.ru-2021-04.rur-2021-04.r1" : (var.engine == "postgres") ? "13.3" : (var.engine == "mysql") ? "8.0.25" : (var.engine == "aurora-postgresql") ? "12.6" : (var.engine == "aurora-mysql") ? "5.7.mysql_aurora.2.10.0" : (var.engine == "sqlserver-ex") ? "15.00.4073.23.v1" : "10.5" #mariaDB
major_engine_version = (var.engine == "oracle-se2") ? "19" : (var.engine == "postgres") ? "13" : (var.engine == "mysql") ? "8.0" : (var.engine == "aurora-postgresql") ? "12" : (var.engine == "aurora-mysql") ? "5.7" : (var.engine == "sqlserver-ex") ? "15.00" : "10.5" #mariaDB
family = (var.engine == "oracle-se2") ? "oracle-se2-19" : (var.engine == "postgres") ? "postgres13" : (var.engine == "mysql") ? "mysql8.0" : (var.engine == "aurora-postgresql") ? "aurora-postgresql12" : (var.engine == "aurora-mysql") ? "aurora-mysql5.7" : (var.engine == "sqlserver-ex") ? "sqlserver-ex-15.0" : "mariadb10.5" #mariaDB
tags = {
QMI_user = var.user_id
ProvID = var.provision_id
}
}
module "security_group" {
# SGs created here as Ports differ per Engine. Only Azure Firewall IPs added for now.
source = "terraform-aws-modules/security-group/aws"
version = "~> 4.3"
providers = {
aws = aws.myaws
}
name = "${var.provision_id}-SG"
description = "${var.provision_id}-SG"
vpc_id = local.vpc_id
# ingress
ingress_cidr_blocks = [
"52.249.189.38/32",
"13.67.39.86/32",
"20.67.110.207/32",
"14.98.59.168/29",
"182.74.33.8/29",
"188.65.156.32/28",
"212.73.252.96/29",
"194.90.96.176/29",
"213.57.84.160/29",
"4.4.97.104/29",
"206.196.17.32/27",
"18.205.71.36/32",
"18.232.32.199/32",
"34.237.68.254/32",
"34.247.21.179/32",
"52.31.212.214/32",
"54.154.95.18/32",
"13.210.43.241/32",
"13.236.104.42/32",
"13.236.206.172/32",
"18.138.163.172/32",
"18.142.157.182/32",
"54.179.13.251/32"
]
ingress_with_cidr_blocks = [
{
from_port = local.port
to_port = local.port
protocol = "tcp"
description = "RDS"
},
]
# egress
egress_cidr_blocks = [
"52.249.189.38/32",
"13.67.39.86/32",
"20.67.110.207/32",
"14.98.59.168/29",
"182.74.33.8/29",
"188.65.156.32/28",
"212.73.252.96/29",
"194.90.96.176/29",
"213.57.84.160/29",
"4.4.97.104/29",
"206.196.17.32/27",
"18.205.71.36/32",
"18.232.32.199/32",
"34.237.68.254/32",
"34.247.21.179/32",
"52.31.212.214/32",
"54.154.95.18/32",
"13.210.43.241/32",
"13.236.104.42/32",
"13.236.206.172/32",
"18.138.163.172/32",
"18.142.157.182/32",
"54.179.13.251/32"
]
egress_with_cidr_blocks = [
{
from_port = local.port
to_port = local.port
protocol = "tcp"
description = "RDS"
},
]
tags = local.tags
}
module "common_rds_instance" {
source = "terraform-aws-modules/rds/aws"
version = "~> 3.3"
count = local.aurora ? 0 : 1
providers = {
aws = aws.myaws
}
identifier = "${var.engine}${var.provision_id}"
engine = var.engine
engine_version = local.engine_version
family = local.family # DB parameter group
major_engine_version = local.major_engine_version # DB option group
instance_class = var.instance_size
allocated_storage = var.storage
license_model = local.license
name = local.name
username = "qmirdsuser"
create_random_password = true
random_password_length = 12
port = local.port
multi_az = false
subnet_ids = local.subnet_ids
vpc_security_group_ids = [module.security_group.security_group_id]
publicly_accessible = true
maintenance_window = "Mon:00:00-Mon:03:00"
backup_window = "03:00-06:00"
backup_retention_period = 0
skip_final_snapshot = true
deletion_protection = false
tags = local.tags
}
module "aurora_rds_instance" {
source = "terraform-aws-modules/rds-aurora/aws"
version = "~> 5.2"
count = local.aurora ? 1 : 0
providers = {
aws = aws.myaws
}
name = local.name
engine = var.engine
engine_version = local.engine_version
instance_type = var.instance_size
vpc_id = local.vpc_id
subnets = local.subnet_ids
create_security_group = false
vpc_security_group_ids = [module.security_group.security_group_id]
port = local.port
publicly_accessible = true
username = "qmirdsuser"
create_random_password = true
backup_retention_period = 0
skip_final_snapshot = true
deletion_protection = false
tags = local.tags
}
Reference in New Issue View Git Blame Copy Permalink