Add s3_import option (#14)

umotif-public · Jun 23, 2021 · ec25e87 · ec25e87
1 parent 0a726bc
commit ec25e87
Show file tree

Hide file tree

Showing 7 changed files with 86 additions and 66 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,18 @@ All notable changes to this project will be documented in this file.
 <a name="unreleased"></a>
 ## [Unreleased]
 
+
+
+<a name="3.1.0"></a>
+## [3.1.0] - 2021-06-04
+
+- Update aws partition sourcing and add IAM role tags ([#12](https://github.com/umotif-public/terraform-aws-rds-aurora/issues/12))
+
+
+<a name="3.0.0"></a>
+## [3.0.0] - 2021-03-08
+
+- Add support for China partition ([#11](https://github.com/umotif-public/terraform-aws-rds-aurora/issues/11))
 - Update README.md
 
 
@@ -84,7 +96,9 @@ All notable changes to this project will be documented in this file.
 - Initial commit
 
 
-[Unreleased]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/2.2.0...HEAD
+[Unreleased]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/3.1.0...HEAD
+[3.1.0]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/3.0.0...3.1.0
+[3.0.0]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/2.2.0...3.0.0
 [2.2.0]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/2.1.2...2.2.0
 [2.1.2]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/2.1.1...2.1.2
 [2.1.1]: https://github.com/umotif-public/terraform-aws-rds-aurora/compare/2.1.0...2.1.1

diff --git a/README.md b/README.md
@@ -5,18 +5,18 @@ Terraform module which creates AWS RDS Aurora resources. It supports MySQL, Post
 
 ## Terraform versions
 
-Terraform 0.13. Pin module version to `~> v3.1`. Submit pull-requests to `master` branch.
+Terraform 0.13. Pin module version to `~> v3.2`. Submit pull-requests to `main` branch.
 
 ## Usage
 
 ```hcl
 module "rds-aurora-mysql" {
   source = "umotif-public/rds-aurora/aws"
-  version = "~> 3.1.0"
+  version = "~> 3.2.0"
 
   name_prefix         = "example-aurora-mysql"
   engine              = "aurora-mysql"
-  engine_version      = "5.7.mysql_aurora.2.09.2"
+  engine_version      = "5.7.mysql_aurora.2.10.0"
   deletion_protection = true
 
   vpc_id  = module.vpc.vpc_id
@@ -164,14 +164,14 @@ No modules.
 | <a name="input_iam_roles"></a> [iam\_roles](#input\_iam\_roles) | A List of ARNs for the IAM roles to associate to the RDS Cluster. | `list(string)` | `[]` | no |
 | <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | Instance type to use | `string` | n/a | yes |
 | <a name="input_instances_parameters"></a> [instances\_parameters](#input\_instances\_parameters) | Individual settings for instances. | `list` | `[]` | no |
-| <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | The ARN for the KMS encryption key if one is set to the cluster. | `string` | `""` | no |
+| <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | The ARN for the KMS encryption key if one is set to the cluster. | `string` | `null` | no |
 | <a name="input_monitoring_interval"></a> [monitoring\_interval](#input\_monitoring\_interval) | The interval (seconds) between points when Enhanced Monitoring metrics are collected. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. | `number` | `0` | no |
-| <a name="input_monitoring_role_arn"></a> [monitoring\_role\_arn](#input\_monitoring\_role\_arn) | IAM role for RDS to send enhanced monitoring metrics to CloudWatch | `string` | `""` | no |
+| <a name="input_monitoring_role_arn"></a> [monitoring\_role\_arn](#input\_monitoring\_role\_arn) | IAM role for RDS to send enhanced monitoring metrics to CloudWatch | `string` | `null` | no |
 | <a name="input_name_prefix"></a> [name\_prefix](#input\_name\_prefix) | Prefix Name used across all resources | `string` | n/a | yes |
 | <a name="input_parameters"></a> [parameters](#input\_parameters) | A list of parameter objects | <pre>list(object({<br>    name  = string<br>    value = string<br>  }))</pre> | `[]` | no |
 | <a name="input_password"></a> [password](#input\_password) | Master DB password | `string` | `""` | no |
 | <a name="input_performance_insights_enabled"></a> [performance\_insights\_enabled](#input\_performance\_insights\_enabled) | Specifies whether Performance Insights is enabled or not. | `bool` | `false` | no |
-| <a name="input_performance_insights_kms_key_id"></a> [performance\_insights\_kms\_key\_id](#input\_performance\_insights\_kms\_key\_id) | The ARN for the KMS key to encrypt Performance Insights data. | `string` | `""` | no |
+| <a name="input_performance_insights_kms_key_id"></a> [performance\_insights\_kms\_key\_id](#input\_performance\_insights\_kms\_key\_id) | The ARN for the KMS key to encrypt Performance Insights data. | `string` | `null` | no |
 | <a name="input_permissions_boundary"></a> [permissions\_boundary](#input\_permissions\_boundary) | The ARN of the policy that is used to set the permissions boundary for the role. | `string` | `null` | no |
 | <a name="input_port"></a> [port](#input\_port) | The port on which to accept connections | `string` | `""` | no |
 | <a name="input_predefined_metric_type"></a> [predefined\_metric\_type](#input\_predefined\_metric\_type) | The metric type to scale on. Valid values are RDSReaderAverageCPUUtilization and RDSReaderAverageDatabaseConnections. | `string` | `"RDSReaderAverageCPUUtilization"` | no |
@@ -187,13 +187,14 @@ No modules.
 | <a name="input_replica_scale_max"></a> [replica\_scale\_max](#input\_replica\_scale\_max) | Maximum number of replicas to allow scaling for | `number` | `0` | no |
 | <a name="input_replica_scale_min"></a> [replica\_scale\_min](#input\_replica\_scale\_min) | Minimum number of replicas to allow scaling for | `number` | `2` | no |
 | <a name="input_replica_scale_out_cooldown"></a> [replica\_scale\_out\_cooldown](#input\_replica\_scale\_out\_cooldown) | Cooldown in seconds before allowing further scaling operations after a scale out | `number` | `300` | no |
-| <a name="input_replication_source_identifier"></a> [replication\_source\_identifier](#input\_replication\_source\_identifier) | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. | `string` | `""` | no |
+| <a name="input_replication_source_identifier"></a> [replication\_source\_identifier](#input\_replication\_source\_identifier) | ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica. | `any` | `null` | no |
 | <a name="input_restore_to_point_in_time"></a> [restore\_to\_point\_in\_time](#input\_restore\_to\_point\_in\_time) | Restore to point in time configuration. See docs for arguments https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#restore_to_point_in_time-argument-reference | `map(string)` | `{}` | no |
+| <a name="input_s3_import"></a> [s3\_import](#input\_s3\_import) | Restore from a Percona XtraBackup stored in S3 bucket. Only Aurora MySQL is supported. | `map(string)` | `null` | no |
 | <a name="input_scaling_configuration"></a> [scaling\_configuration](#input\_scaling\_configuration) | Map of nested attributes with scaling properties. Only valid when engine\_mode is set to `serverless` | `map(string)` | `{}` | no |
 | <a name="input_security_group_description"></a> [security\_group\_description](#input\_security\_group\_description) | The description of the security group. If value is set to empty string it will contain cluster name in the description. | `string` | `""` | no |
 | <a name="input_skip_final_snapshot"></a> [skip\_final\_snapshot](#input\_skip\_final\_snapshot) | Should a final snapshot be created on cluster destroy | `bool` | `false` | no |
-| <a name="input_snapshot_identifier"></a> [snapshot\_identifier](#input\_snapshot\_identifier) | DB snapshot to create this database from | `string` | `""` | no |
-| <a name="input_source_region"></a> [source\_region](#input\_source\_region) | The source region for an encrypted replica DB cluster. | `string` | `""` | no |
+| <a name="input_snapshot_identifier"></a> [snapshot\_identifier](#input\_snapshot\_identifier) | DB snapshot to create this database from | `string` | `null` | no |
+| <a name="input_source_region"></a> [source\_region](#input\_source\_region) | The source region for an encrypted replica DB cluster. | `any` | `null` | no |
 | <a name="input_storage_encrypted"></a> [storage\_encrypted](#input\_storage\_encrypted) | Specifies whether the underlying storage layer should be encrypted | `bool` | `true` | no |
 | <a name="input_subnets"></a> [subnets](#input\_subnets) | List of subnet IDs to use | `list(string)` | `[]` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A map of tags to add to all resources. | `map(string)` | `{}` | no |

diff --git a/examples/aurora-mysql/main.tf b/examples/aurora-mysql/main.tf
@@ -8,19 +8,12 @@ data "aws_region" "current" {}
 #####
 # VPC and subnets
 #####
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 2.64"
-
-  name = "simple-rds-aurora-vpc"
-
-  cidr = "10.0.0.0/16"
-
-  azs             = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
-  private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
-  public_subnets  = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
+data "aws_vpc" "default" {
+  default = true
+}
 
-  enable_nat_gateway = false
+data "aws_subnet_ids" "all" {
+  vpc_id = data.aws_vpc.default.id
 }
 
 #############
@@ -35,8 +28,8 @@ module "aurora" {
   engine_version      = "5.7.mysql_aurora.2.09.0"
   deletion_protection = false
 
-  vpc_id  = module.vpc.vpc_id
-  subnets = module.vpc.public_subnets
+  vpc_id  = data.aws_vpc.default.id
+  subnets = data.aws_subnet_ids.all.ids
 
   kms_key_id = module.kms.key_arn
 

diff --git a/examples/aurora-postgres/main.tf b/examples/aurora-postgres/main.tf
@@ -5,24 +5,17 @@ provider "aws" {
 #####
 # VPC and subnets
 #####
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 2.64"
-
-  name = "simple-vpc-aurora-postgres"
-
-  cidr = "10.0.0.0/16"
-
-  azs            = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
-  public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
-
-  enable_nat_gateway = false
+data "aws_vpc" "default" {
+  default = true
+}
 
-  tags = {
-    Environment = "test"
-  }
+data "aws_subnet_ids" "all" {
+  vpc_id = data.aws_vpc.default.id
 }
 
+#############
+# RDS Aurora
+#############
 module "aurora-postgresql" {
   source = "../.."
 
@@ -44,9 +37,8 @@ module "aurora-postgresql" {
     }
   ]
 
-
-  vpc_id  = module.vpc.vpc_id
-  subnets = module.vpc.public_subnets
+  vpc_id  = data.aws_vpc.default.id
+  subnets = data.aws_subnet_ids.all.ids
 
   replica_count = 1
   instance_type = "db.t3.medium"

diff --git a/examples/serverless/main.tf b/examples/serverless/main.tf
@@ -5,24 +5,17 @@ provider "aws" {
 #####
 # VPC and subnets
 #####
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "~> 2.64"
-
-  name = "simple-vpc-aurora-serverless"
-
-  cidr = "10.0.0.0/16"
-
-  azs            = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
-  public_subnets = ["10.0.101.0/24", "10.0.102.0/24", "10.0.103.0/24"]
-
-  enable_nat_gateway = false
+data "aws_vpc" "default" {
+  default = true
+}
 
-  tags = {
-    Environment = "test"
-  }
+data "aws_subnet_ids" "all" {
+  vpc_id = data.aws_vpc.default.id
 }
 
+#############
+# RDS Aurora
+#############
 module "aurora-serverless" {
   source = "../../"
 
@@ -34,8 +27,8 @@ module "aurora-serverless" {
 
   replica_count = 0
 
-  vpc_id  = module.vpc.vpc_id
-  subnets = module.vpc.public_subnets
+  vpc_id  = data.aws_vpc.default.id
+  subnets = data.aws_subnet_ids.all.ids
 
   instance_type       = "db.t3.medium"
   apply_immediately   = true

diff --git a/main.tf b/main.tf
@@ -94,7 +94,6 @@ resource "aws_db_subnet_group" "main" {
 #####
 # Standard RDS cluster
 #####
-
 resource "aws_rds_cluster" "main" {
   count = var.enable_global_cluster ? 0 : 1
 
@@ -140,6 +139,17 @@ resource "aws_rds_cluster" "main" {
 
   enabled_cloudwatch_logs_exports = [for log in var.enabled_cloudwatch_logs_exports : log.name]
 
+  dynamic "s3_import" {
+    for_each = var.s3_import != null ? [var.s3_import] : []
+    content {
+      source_engine         = "mysql"
+      source_engine_version = s3_import.value.source_engine_version
+      bucket_name           = s3_import.value.bucket_name
+      bucket_prefix         = lookup(s3_import.value, "bucket_prefix", null)
+      ingestion_role        = s3_import.value.ingestion_role
+    }
+  }
+
   dynamic "restore_to_point_in_time" {
     for_each = length(keys(var.restore_to_point_in_time)) == 0 ? [] : [var.restore_to_point_in_time]
 
@@ -223,6 +233,17 @@ resource "aws_rds_cluster" "global" {
 
   enabled_cloudwatch_logs_exports = [for log in var.enabled_cloudwatch_logs_exports : log.name]
 
+  dynamic "s3_import" {
+    for_each = var.s3_import != null ? [var.s3_import] : []
+    content {
+      source_engine         = "mysql"
+      source_engine_version = s3_import.value.source_engine_version
+      bucket_name           = s3_import.value.bucket_name
+      bucket_prefix         = lookup(s3_import.value, "bucket_prefix", null)
+      ingestion_role        = s3_import.value.ingestion_role
+    }
+  }
+
   dynamic "restore_to_point_in_time" {
     for_each = length(keys(var.restore_to_point_in_time)) == 0 ? [] : [var.restore_to_point_in_time]
 

diff --git a/variables.tf b/variables.tf
@@ -153,7 +153,7 @@ variable "scaling_configuration" {
 variable "snapshot_identifier" {
   description = "DB snapshot to create this database from"
   type        = string
-  default     = ""
+  default     = null
 }
 
 variable "storage_encrypted" {
@@ -165,7 +165,7 @@ variable "storage_encrypted" {
 variable "kms_key_id" {
   description = "The ARN for the KMS encryption key if one is set to the cluster."
   type        = string
-  default     = ""
+  default     = null
 }
 
 variable "engine" {
@@ -248,7 +248,7 @@ variable "performance_insights_enabled" {
 variable "performance_insights_kms_key_id" {
   description = "The ARN for the KMS key to encrypt Performance Insights data."
   type        = string
-  default     = ""
+  default     = null
 }
 
 variable "iam_database_authentication_enabled" {
@@ -277,12 +277,12 @@ variable "engine_mode" {
 
 variable "replication_source_identifier" {
   description = "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica."
-  default     = ""
+  default     = null
 }
 
 variable "source_region" {
   description = "The source region for an encrypted replica DB cluster."
-  default     = ""
+  default     = null
 }
 
 variable "vpc_security_group_ids" {
@@ -358,7 +358,7 @@ variable "permissions_boundary" {
 variable "monitoring_role_arn" {
   description = "IAM role for RDS to send enhanced monitoring metrics to CloudWatch"
   type        = string
-  default     = ""
+  default     = null
 }
 
 variable "create_monitoring_role" {
@@ -421,3 +421,9 @@ variable "aws_partition" {
     error_message = "Argument \"aws_partition\" must be either \"public\" or \"china\"."
   }
 }
+
+variable "s3_import" {
+  description = "Restore from a Percona XtraBackup stored in S3 bucket. Only Aurora MySQL is supported."
+  type        = map(string)
+  default     = null
+}