Terraform module to create an AWS RDS Aurora cluster.
IMPORTANT: We do not pin modules to versions in our examples. We highly recommend that in your code you pin the version to the exact version you are using so that your infrastructure remains stable.
Default behaviour of this module is to create a two-node cluster, a writer and a reader for high availability.
This can be changed by updating var.instance_count
. By default all instances use the same settings. To configure settings per instance, use var.instance_config
.
NOTE: keys in var.instance_count
start from 1
. See the endpoints-and-instance-config example to see it used.
Name | Version |
---|---|
terraform | >= 1.8 |
aws | >= 5.81.0 |
Name | Version |
---|---|
aws | >= 5.81.0 |
Name | Source | Version |
---|---|---|
rds_enhanced_monitoring_role | schubergphilis/mcaf-role/aws | ~> 0.4.0 |
Name | Type |
---|---|
aws_db_parameter_group.default | resource |
aws_db_subnet_group.default | resource |
aws_rds_cluster.default | resource |
aws_rds_cluster_endpoint.default | resource |
aws_rds_cluster_instance.first | resource |
aws_rds_cluster_instance.rest | resource |
aws_rds_cluster_parameter_group.default | resource |
aws_rds_global_cluster.default | resource |
aws_security_group.default | resource |
aws_vpc_security_group_ingress_rule.default | resource |
aws_kms_alias.rds | data source |
aws_subnet.selected | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
engine | The engine type of the Aurora cluster | string |
n/a | yes |
name | The name for the Aurora Cluster | string |
n/a | yes |
subnet_ids | List of subnet IDs to deploy Aurora in | list(string) |
n/a | yes |
allocated_storage | The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. (Required for Multi-AZ DB cluster) | number |
null |
no |
allow_major_version_upgrade | Enable to allow major engine version upgrades when changing engine versions | bool |
false |
no |
apply_immediately | Specifies whether any cluster modifications are applied immediately | bool |
true |
no |
auto_minor_version_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window | bool |
true |
no |
auto_pause | Whether to enable automatic pause | bool |
true |
no |
backtrack_window | The target backtrack window, in seconds. Only available for mysql engines. Must be between 0 (disabled) and 259200 (72 hours) |
number |
0 |
no |
backup_retention_period | Number of days to retain backups for | number |
7 |
no |
ca_cert_identifier | Identifier of the CA certificate for the DB instance | string |
"rds-ca-rsa2048-g1" |
no |
cluster_family | The family of the DB cluster parameter group | string |
null |
no |
cluster_parameters | A list of cluster DB parameters to apply | list(object({ |
[ |
no |
database | The name of the first database to be created when the cluster is created | string |
null |
no |
database_parameters | A list of instance DB parameters to apply | list(object({ |
null |
no |
db_cluster_instance_class | The compute and memory capacity of each DB instance in the Multi-AZ DB cluster. Only set this variable if you are deploying a Multi-AZ DB cluster. (Required for Multi-AZ DB cluster) | string |
null |
no |
deletion_protection | A boolean indicating if the DB instance should have deletion protection enable | bool |
true |
no |
enable_cloudwatch_logs_exports | Set to false to disable logging to cloudwatch | bool |
true |
no |
enable_http_endpoint | Enable Aurora Serverless HTTP endpoint (Data API) | bool |
false |
no |
enabled_cloudwatch_logs_exports | List of log types to export to cloudwatch, by default all supported types are exported | list(string) |
null |
no |
endpoints | A map of additional cluster endpoints to be created | map(object({ |
{} |
no |
engine_mode | The engine mode of the Aurora cluster | string |
"provisioned" |
no |
engine_version | The engine version of the Aurora cluster | string |
null |
no |
final_snapshot_identifier | Identifier of the final snapshot to create before deleting the cluster | string |
null |
no |
global_database_primary | Whether the cluster is part of a global database as the primary cluster | bool |
false |
no |
global_database_secondary | Whether the cluster is part of a global database as the seconday cluster | object({ |
null |
no |
iam_database_authentication_enabled | Specify if mapping AWS IAM accounts to database accounts is enabled. | bool |
true |
no |
iam_roles | A list of IAM Role ARNs to associate with the cluster | list(string) |
null |
no |
instance_class | The class of RDS instances to attach to the cluster instances (not used when engine_mode set to serverless ) |
string |
null |
no |
instance_config | Map of instance specific settings that override values set elsewhere in the module, map keys should match instance number | map(object({ |
null |
no |
instance_count | The number of RDS instances to attach (not used when engine_mode set to serverless ) |
number |
2 |
no |
iops | The amount of Provisioned IOPS to be initially allocated for each DB instance. (Required for Multi-AZ DB cluster) | number |
null |
no |
kms_key_id | ARN of KMS key to encrypt storage and performance insights data | string |
null |
no |
manage_master_user | Set to false to provide a custom password using master_password |
bool |
true |
no |
master_password | Password for the master DB user, must set manage_master_user to false if specifying a custom password |
string |
null |
no |
master_user_secret_kms_key_id | ID of KMS key to encrypt the master user Secrets Manager secret | string |
null |
no |
master_username | Username for the master DB user | string |
null |
no |
max_capacity | The maximum capacity of the serverless cluster | number |
8 |
no |
min_capacity | The minimum capacity of the serverless cluster | number |
1 |
no |
monitoring_interval | The interval (seconds) for collecting enhanced monitoring metrics | string |
null |
no |
parameter_group_name | The name for the DB / RDS cluster parameter groups | string |
null |
no |
performance_insights | Specifies whether Performance Insights is enabled or not | bool |
true |
no |
performance_insights_retention_period | Amount of time in days to retain Performance Insights data, must be 7 , 731 (2 years) or a multiple of 31 |
number |
7 |
no |
permissions_boundary | The ARN of the policy that is used to set the permissions boundary for the role | string |
null |
no |
preferred_backup_window | The daily time range during which automated backups are created, in UTC e.g. 04:00-09:00 | string |
null |
no |
preferred_maintenance_window | The weekly time range during which system maintenance can occur, in UTC e.g. wed:04:00-wed:04:30 | string |
null |
no |
publicly_accessible | Control if instances in cluster are publicly accessible | string |
false |
no |
seconds_until_auto_pause | The time, in seconds, before an Aurora Serverless DB cluster is paused | number |
1800 |
no |
security_group_ingress_rules | Security Group ingress rules | list(object({ |
[] |
no |
snapshot_identifier | Database snapshot identifier to create the database from | string |
null |
no |
storage_encrypted | Specifies whether the DB cluster is encrypted | bool |
true |
no |
storage_type | Specifies the storage type to be associated with the DB cluster. (Required for Multi-AZ DB cluster) | string |
null |
no |
tags | A mapping of tags to assign to the bucket | map(string) |
null |
no |
timeout_action | The action to take when the timeout is reached | string |
"RollbackCapacityChange" |
no |
Name | Description |
---|---|
arn | ARN of the Aurora cluster |
cluster_identifier | The RDS Cluster Identifier |
cluster_resource_id | The RDS Cluster Resource ID |
custom_endpoints | The DNS addresses of the custom endpoints. |
database | Name of the first database created when the cluster was created |
endpoint | DNS address of the RDS instance |
global_cluster_identifier | If the cluster is the primary of a global cluster, the global cluster ID |
global_cluster_writer_endpoint | If the cluster is the primary of a global cluster, the global cluster writer endpoint |
id | ID of the Aurora cluster |
instance_ids | Aurora instances IDs |
master_user_secret | The generated database master user secret when var.manage_master_user is set to true |
master_username | Username for the master DB user |
port | Port on which the DB accepts connections |
reader_endpoint | A load-balanced read-only endpoint for the Aurora cluster |
security_group_id | The securitiry group id that is attached to the Aurora cluster |
100% Open Source and licensed under the Apache License Version 2.0. See LICENSE for full details.