From 65469a92f63c21dd682f334bc517a0ae156d65cc Mon Sep 17 00:00:00 2001 From: Nathan Zimmerman Date: Mon, 29 Jan 2024 12:06:18 -0600 Subject: [PATCH] Support encrypted RDS instance (#28) --- terraform/veda-wfs3/rds.tf | 1 + terraform/veda-wfs3/variables.tf | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/terraform/veda-wfs3/rds.tf b/terraform/veda-wfs3/rds.tf index d54bf83..e6b5cc5 100644 --- a/terraform/veda-wfs3/rds.tf +++ b/terraform/veda-wfs3/rds.tf @@ -58,6 +58,7 @@ resource "aws_db_instance" "db" { backup_retention_period = 7 username = "postgres" password = var.db_password + storage_encrypted = var.db_encrypted allow_major_version_upgrade = true parameter_group_name = aws_db_parameter_group.default.name } diff --git a/terraform/veda-wfs3/variables.tf b/terraform/veda-wfs3/variables.tf index 7645237..9d459e9 100755 --- a/terraform/veda-wfs3/variables.tf +++ b/terraform/veda-wfs3/variables.tf @@ -37,6 +37,12 @@ variable "db_password" { sensitive = true } +variable "db_encrypted" { + description = "Whether RDS storage should be encrypted" + type = bool + default = false +} + variable "dns_zone_name" { }