forked from cloudposse/terraform-aws-rds
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
317 lines (266 loc) · 9.99 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
variable "dns_zone_id" {
type = string
default = ""
description = "The ID of the DNS Zone in Route53 where a new DNS record will be created for the DB host name"
}
variable "host_name" {
type = string
default = "db"
description = "The DB host name created in Route53"
}
variable "security_group_ids" {
type = list(string)
default = []
description = "The IDs of the security groups from which to allow `ingress` traffic to the DB instance"
}
variable "allowed_cidr_blocks" {
type = list(string)
default = []
description = "The whitelisted CIDRs which to allow `ingress` traffic to the DB instance"
}
variable "associate_security_group_ids" {
type = list(string)
default = []
description = "The IDs of the existing security groups to associate with the DB instance"
}
variable "database_name" {
type = string
description = "The name of the database to create when the DB instance is created"
}
variable "database_user" {
type = string
default = ""
description = "(Required unless a `snapshot_identifier` or `replicate_source_db` is provided) Username for the master DB user"
}
variable "database_password" {
type = string
default = ""
description = "(Required unless a snapshot_identifier or replicate_source_db is provided) Password for the master DB user"
}
variable "database_port" {
type = number
description = "Database port (_e.g._ `3306` for `MySQL`). Used in the DB Security Group to allow access to the DB instance from the provided `security_group_ids`"
}
variable "deletion_protection" {
type = bool
description = "Set to true to enable deletion protection on the RDS instance"
default = false
}
variable "multi_az" {
type = bool
description = "Set to true if multi AZ deployment must be supported"
default = false
}
variable "storage_type" {
type = string
description = "One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD)"
default = "standard"
}
variable "storage_encrypted" {
type = bool
description = "(Optional) Specifies whether the DB instance is encrypted. The default is false if not specified"
default = true
}
variable "iops" {
type = number
description = "The amount of provisioned IOPS. Setting this implies a storage_type of 'io1'. Default is 0 if rds storage type is not 'io1'"
default = 0
}
variable "allocated_storage" {
type = number
description = "The allocated storage in GBs"
}
variable "max_allocated_storage" {
type = number
description = "The upper limit to which RDS can automatically scale the storage in GBs"
default = 0
}
variable "engine" {
type = string
description = "Database engine type"
# http://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html
# - mysql
# - postgres
# - oracle-*
# - sqlserver-*
}
variable "engine_version" {
type = string
description = "Database engine version, depends on engine type"
# http://docs.aws.amazon.com/cli/latest/reference/rds/create-db-instance.html
}
variable "major_engine_version" {
type = string
description = "Database MAJOR engine version, depends on engine type"
default = ""
# https://docs.aws.amazon.com/cli/latest/reference/rds/create-option-group.html
}
variable "license_model" {
type = string
description = "License model for this DB. Optional, but required for some DB Engines. Valid values: license-included | bring-your-own-license | general-public-license"
default = ""
}
variable "instance_class" {
type = string
description = "Class of RDS instance"
# https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html
}
# This is for custom parameters to be passed to the DB
# We're "cloning" default ones, but we need to specify which should be copied
variable "db_parameter_group" {
type = string
description = "The DB parameter group family name. The value depends on DB engine used. See [DBParameterGroupFamily](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_CreateDBParameterGroup.html#API_CreateDBParameterGroup_RequestParameters) for instructions on how to retrieve applicable value."
# "mysql5.6"
# "postgres9.5"
}
variable "publicly_accessible" {
type = bool
description = "Determines if database can be publicly available (NOT recommended)"
default = false
}
variable "subnet_ids" {
description = "List of subnet IDs for the DB. DB instance will be created in the VPC associated with the DB subnet group provisioned using the subnet IDs. Specify one of `subnet_ids`, `db_subnet_group_name` or `availability_zone`"
type = list(string)
default = []
}
variable "availability_zone" {
type = string
default = null
description = "The AZ for the RDS instance. Specify one of `subnet_ids`, `db_subnet_group_name` or `availability_zone`. If `availability_zone` is provided, the instance will be placed into the default VPC or EC2 Classic"
}
variable "db_subnet_group_name" {
type = string
default = null
description = "Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. Specify one of `subnet_ids`, `db_subnet_group_name` or `availability_zone`"
}
variable "vpc_id" {
type = string
description = "VPC ID the DB instance will be created in"
}
variable "auto_minor_version_upgrade" {
type = bool
description = "Allow automated minor version upgrade (e.g. from Postgres 9.5.3 to Postgres 9.5.4)"
default = true
}
variable "allow_major_version_upgrade" {
type = bool
description = "Allow major version upgrade"
default = false
}
variable "apply_immediately" {
type = bool
description = "Specifies whether any database modifications are applied immediately, or during the next maintenance window"
default = false
}
variable "maintenance_window" {
type = string
description = "The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi' UTC "
default = "Mon:03:00-Mon:04:00"
}
variable "skip_final_snapshot" {
type = bool
description = "If true (default), no snapshot will be made before deleting DB"
default = true
}
variable "copy_tags_to_snapshot" {
type = bool
description = "Copy tags from DB to a snapshot"
default = true
}
variable "backup_retention_period" {
type = number
description = "Backup retention period in days. Must be > 0 to enable backups"
default = 0
}
variable "backup_window" {
type = string
description = "When AWS can perform DB snapshots, can't overlap with maintenance window"
default = "22:00-03:00"
}
variable "db_parameter" {
type = list(object({
apply_method = string
name = string
value = string
}))
default = []
description = "A list of DB parameters to apply. Note that parameters may differ from a DB family to another"
}
variable "db_options" {
type = list(object({
db_security_group_memberships = list(string)
option_name = string
port = number
version = string
vpc_security_group_memberships = list(string)
option_settings = list(object({
name = string
value = string
}))
}))
default = []
description = "A list of DB options to apply with an option group. Depends on DB engine"
}
variable "snapshot_identifier" {
type = string
description = "Snapshot identifier e.g: rds:production-2019-06-26-06-05. If specified, the module create cluster from the snapshot"
default = null
}
variable "final_snapshot_identifier" {
type = string
description = "Final snapshot identifier e.g.: some-db-final-snapshot-2019-06-26-06-05"
default = ""
}
variable "parameter_group_name" {
type = string
description = "Name of the DB parameter group to associate"
default = ""
}
variable "option_group_name" {
type = string
description = "Name of the DB option group to associate"
default = ""
}
variable "kms_key_arn" {
type = string
description = "The ARN of the existing KMS key to encrypt storage"
default = ""
}
variable "performance_insights_enabled" {
type = bool
default = false
description = "Specifies whether Performance Insights are enabled."
}
variable "performance_insights_kms_key_id" {
type = string
default = null
description = "The ARN for the KMS key to encrypt Performance Insights data. Once KMS key is set, it can never be changed."
}
variable "performance_insights_retention_period" {
type = number
default = 7
description = "The amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years)."
}
variable "enabled_cloudwatch_logs_exports" {
type = list(string)
default = []
description = "List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL)."
}
variable "ca_cert_identifier" {
type = string
description = "The identifier of the CA certificate for the DB instance"
default = "rds-ca-2019"
}
variable "monitoring_interval" {
description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. Valid Values are 0, 1, 5, 10, 15, 30, 60."
default = "0"
}
variable "monitoring_role_arn" {
type = string
description = "The ARN for the IAM role that permits RDS to send enhanced monitoring metrics to CloudWatch Logs"
default = null
}
variable "iam_database_authentication_enabled" {
description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
default = false
}