Initial commit

.gitignore

+.DS_Store

.gitlab-ci.yml

+image: alpine:latest
+
+variables:
+  TERRAFORM_URL: "https://releases.hashicorp.com/terraform/0.7.13/terraform_0.7.13_linux_amd64.zip"
+
+before_script:
+  - apk update && apk add ca-certificates && update-ca-certificates && apk add openssl
+  - wget -O /tmp/terraform.zip $TERRAFORM_URL
+  - unzip /tmp/terraform.zip -d /usr/local/bin
+
+test:
+  script: terraform validate

README.md

+tf_mod_aws_rds_aurora
+==============
+A Terraform module for creating an RDS Aurora cluster and associated security group.
+
+Input Variables
+---------------
+
+- `vpc_id` - Typically `${module.vpc.vpc_id}`.
+- `security_groups` - Typically ["${module.bastion.security_group}"], and any other security groups required.
+- `subnet_ids` - Subnet ID(s) that the cluster should have instances created within. Required.
+- `aurora_cluster_name` - Name of the cluster. Filters down to instances. Required.
+- `aurora_instance_class` - Class of instances required for Aurora. Defaults to the smallest available, db.t2.small.
+- `aurora_username` - Admin username to use for Aurora. Defaults to "root".
+- `aurora_password` - Admin password to use for Aurora. Required.
+- `aurora_publicly_accessible` - Whether the Aurora cluster is publicly accessible. Defaults to "false".
+- `backup_retention_period` - Defaults to "7", as in days.
+- `backup_window` - Defaults to "00:00-01:00".
+- `maintenance_window` - Defaults to "Sun:01:00-Sun:02:00".
+- `instance_count` - Number of instances in cluster. Defaults to 2.
+- `parameter_group` - DB parameter group of the instances and cluster. Defaults to "aurora5.6".
+- `route53_zone` - Route53 zone ID. Works best with a module. Required.
+
+Outputs
+-------
+
+- `aurora_cluster_id` - The ID of the Aurora cluster.
+- `aurora_instance_id` - The ID(s) of all Aurora instances.
+- `aurora_instance_address` - The private IPv4 addresses of all Aurora instances.
+- `subnet_group_id` - The ID of the subnet group.
+
+Usage
+-----
+
+You can use this module in your Terraform template with the following steps. All variables have defaults set so setting any variables is optional.
+
+1.) Adding a module resource to your template, e.g. `main.tf`
+
+```
+variable "aurora_cluster_name" {}
+variable "aurora_instance_class" {}
+variable "aurora_username" {}
+variable "aurora_password" {}
+variable "aurora_publicly_accessible" {}
+variable "aurora_backup_retention_period" {}
+variable "aurora_backup_window" {}
+variable "aurora_maintenance_window" {}
+variable "aurora_instance_count" {}
+
+#############################################################################################################
+# RDS Aurora Cluster
+#############################################################################################################
+module "aurora" {
+  source = "git::https://git.steamhaus.co.uk/steamhaus/tf_mod_aws_rds_aurora"
+
+  vpc_id                  = "${module.vpc.vpc_id}"
+  security_groups         = ["${module.bastion.security_group}"]
+  subnet_ids              = "${module.vpc.private_subnets}"
+  cluster_name            = "${var.aurora_cluster_name}"
+  instance_class          = "${var.aurora_instance_class}"
+  username                = "${var.aurora_username}"
+  password                = "${var.aurora_password}"
+  publicly_accessible     = "${var.aurora_publicly_accessible}"
+  backup_retention_period = "${var.aurora_backup_retention_period}"
+  backup_window           = "${var.aurora_backup_window}"
+  maintenance_window      = "${var.aurora_maintenance_window}"
+  instance_count          = "${var.aurora_instance_count}"
+  route53_zone            = "${aws_route53_zone.private.id}"
+}
+```

main.tf

+#############################################################################################################
+# Variables
+#############################################################################################################
+variable "vpc_id" {}
+variable "security_groups" {
+  type = "list"
+}
+
+variable "subnet_ids" {
+  type = "list"
+}
+
+variable "cluster_name" {}
+
+variable "instance_class" {
+  default = "db.t2.small"
+}
+
+variable "username" {
+  default = "root"
+}
+variable "password" {}
+
+variable "publicly_accessible" {
+  default = "false"
+}
+
+variable "backup_retention_period" {
+  default = "7"
+}
+
+variable "backup_window" {
+  default = "00:00-01:00"
+}
+
+variable "maintenance_window" {
+  default = "Sun:01:00-Sun:02:00"
+}
+
+variable "instance_count" {
+  default = "2"
+}
+
+variable "parameter_group" {
+    default = "default.aurora5.6"
+}
+
+variable "route53_zone" {}
+
+#############################################################################################################
+# Security Group
+#############################################################################################################
+
+resource "aws_security_group" "aurora" {
+  vpc_id      = "${var.vpc_id}"
+  description = "${var.cluster_name} RDS Aurora SG"
+
+  ingress {
+    from_port       = 3306
+    to_port         = 3306
+    protocol        = "tcp"
+    security_groups = ["${var.security_groups}"]
+  }
+}
+
+#############################################################################################################
+# Subnet Group
+#############################################################################################################
+
+resource "aws_db_subnet_group" "default" {
+  name             = "${var.cluster_name}-subnet"
+  description      = "RDS Aurora Subnet group for ${var.cluster_name}"
+  subnet_ids       = ["${var.subnet_ids}"]
+}
+
+#############################################################################################################
+# Aurora Instances
+#############################################################################################################
+resource "aws_cluster" "default" {
+  cluster_identifier              = "${var.cluster_name}"
+
+  master_username                 = "${var.username}"
+  master_password                 = "${var.password}"
+
+  vpc_security_group_ids          = ["${aws_security_group.aurora.id}"]
+  db_subnet_group_name            = "${aws_db_subnet_group.default.name}"
+  db_cluster_parameter_group_name = "${var.parameter_group}"
+
+  backup_retention_period         = "${var.backup_retention_period}"
+  preferred_backup_window         = "${var.backup_window}"
+  preferred_maintenance_window    = "${var.maintenance_window}"
+}
+
+resource "aws_cluster_instance" "default" {
+  identifier                      = "${var.cluster_name}"
+  cluster_identifier              = "${var.cluster_name}-${count.index}"
+
+  instance_class                  = "$(var.instance_class)"
+  db_subnet_group_name            = "${aws_db_subnet_group.default.name}"
+  db_cluster_parameter_group_name = "${var.parameter_group}"
+  publicly_accessible             = "${var.publicly_accessible}"
+
+  count                           = "${var.instance_count}"
+}
+
+#############################################################################################################
+# Route 53 Records
+#############################################################################################################
+
+resource "aws_route53_record" "private_aurora" {
+  zone_id     = "${var.route53_zone}"
+  name        = "aurora${count.index}.${var.cluster_name}.aws"
+  type        = "CNAME"
+  ttl         = "60"
+  records     = ["${aws_cluster_instance.default.address}"]
+  count       = "${length(split(",", "var.route53_zone")) * var.instance_count}"
+}
+
+#############################################################################################################
+# Outputs
+#############################################################################################################
+output "cluster_id" {
+    value = "${aws_cluster.default.id}"
+}
+
+output "instance_id" {
+    value = "${aws_cluster_instance.default.id}"
+}
+
+output "instance_address" {
+    value = "${aws_cluster_instance.default.address}"
+}
+
+output "subnet_group_id" {
+    value = "${aws_db_subnet_group.default.id}"
+}