Commit b3457db2 authored by drechsau's avatar drechsau

initial RDS work

parent 470c97e4
terraform {
backend "s3" {
bucket = "geeks-terraform"
key = "drone-deploy/drone/rds/terraform.tfstate"
region = "us-east-2"
#dynamodb_table = "geeks-tf-state"
}
}
data "terraform_remote_state" "vpc" {
backend = "s3"
config {
bucket = "geeks-terraform"
key = "drone-deploy/vpc/terraform.tfstate"
region = "us-east-2"
}
}
output "drone_deploy_rds_id" {
value = "${aws_db_instance.drone-deploy-rds.id}"
}
resource "aws_db_instance" "drone-deploy-rds" {
identifier = "drone-deploy-rds"
allocated_storage = 20
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7.19"
auto_minor_version_upgrade = "true"
instance_class = "db.t2.micro"
name = "drone"
username = "droneuser"
port = 3306
publicly_accessible = false
availability_zone = "us-east-2a"
vpc_security_group_ids = ["${aws_security_group.drone_rds_inbound_sg.id}"]
db_subnet_group_name = "${aws_db_subnet_group.drone_rds_subnet_group.name}"
parameter_group_name = "default.mysql5.7"
multi_az = false
backup_retention_period = 1
backup_window = "07:34-08:04"
maintenance_window = "tue:10:25-tue:10:55"
final_snapshot_identifier = "drone-deploy-rds-final"
# storage_encrypted = "true"
# security_group_names = []
# MUCHO better way of doing things but don't care right now
# password = "${trimspace(file("${path.module}/secrets/mydb1-password.txt"))}"
password = "efdafa0e8367e5f914798caef3c94b3c8e"
tags {
Name = "${var.name}-rds"
"mike:owner" = "${var.owner}"
"mike:env" = "prod"
"mike:product" = "${var.name}"
}
}
# allow inbound from our drone instances running on sn-drone-deploy-mgmt-*
resource "aws_security_group" "drone_rds_inbound_sg" {
name = "${var.name}_rds_sg"
description = "Allow mgmt subnets access to mysql"
vpc_id = "${data.terraform_remote_state.vpc.the_vpc_id}"
# access from sn-drone-deploy-mgmt-a
ingress {
from_port = 3306
to_port = 3306
protocol = "tcp"
cidr_blocks = [
"${data.terraform_remote_state.vpc.drone-deploy-mgmt-cidr}",
]
}
tags {
Name = "${var.name}_rds_inbound_sg"
"mike:owner" = "${var.owner}"
"mike:env" = "prod"
"mike:product" = "${var.name}"
}
}
resource "aws_db_subnet_group" "drone_rds_subnet_group" {
name = "drone_rds_subnet_group"
subnet_ids = [
"${data.terraform_remote_state.vpc.databases-subnets}",
]
tags {
Name = "${var.name}_rds_inbound_subnet_group"
"mike:owner" = "${var.owner}"
"mike:env" = "prod"
"mike:product" = "${var.name}"
}
}
../../terraform.tfvars
\ No newline at end of file
../../variables.tf
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment