{"id":19165337,"url":"https://github.com/skyscrapers/terraform-rds","last_synced_at":"2026-01-17T23:43:01.911Z","repository":{"id":37850742,"uuid":"71997470","full_name":"skyscrapers/terraform-rds","owner":"skyscrapers","description":"Terraform modules to manage RDS resources","archived":false,"fork":false,"pushed_at":"2026-01-14T07:21:50.000Z","size":206,"stargazers_count":25,"open_issues_count":0,"forks_count":24,"subscribers_count":3,"default_branch":"master","last_synced_at":"2026-01-14T11:20:08.412Z","etag":null,"topics":["aurora","aws","rds","terraform","terraform-modules"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/skyscrapers.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-10-26T11:41:52.000Z","updated_at":"2026-01-14T07:21:32.000Z","dependencies_parsed_at":"2023-01-31T11:31:13.214Z","dependency_job_id":"8103f0f0-fe96-4d9b-936c-4de20d7b7372","html_url":"https://github.com/skyscrapers/terraform-rds","commit_stats":null,"previous_names":[],"tags_count":78,"template":false,"template_full_name":null,"purl":"pkg:github/skyscrapers/terraform-rds","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skyscrapers%2Fterraform-rds","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skyscrapers%2Fterraform-rds/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skyscrapers%2Fterraform-rds/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skyscrapers%2Fterraform-rds/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/skyscrapers","download_url":"https://codeload.github.com/skyscrapers/terraform-rds/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/skyscrapers%2Fterraform-rds/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28522313,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T22:11:28.393Z","status":"ssl_error","status_checked_at":"2026-01-17T22:11:27.841Z","response_time":85,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aurora","aws","rds","terraform","terraform-modules"],"created_at":"2024-11-09T09:27:28.636Z","updated_at":"2026-01-17T23:43:01.903Z","avatar_url":"https://github.com/skyscrapers.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-rds\n\nTerraform modules to manage RDS resources\n\n## rds\n\nCreates a RDS instance, security_group, subnet_group and parameter_group\n\n### Requirements\n\n| Name | Version |\n| ------------------------------------------------------------------------- | ------- |\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 0.12 |\n\n### Providers\n\n| Name | Version |\n| ------------------------------------------------- | ------- |\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | n/a |\n\n### Modules\n\nNo modules.\n\n### Resources\n\n| Name | Type |\n| -------------------------------------------------------------------------------------------------------------------------------------- | -------- |\n| [aws_db_instance.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance) | resource |\n| [aws_db_parameter_group.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_parameter_group) | resource |\n| [aws_db_subnet_group.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_subnet_group) | resource |\n| [aws_security_group.sg_rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.rds_cidr_in](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_security_group_rule.rds_sg_in](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n\n### Inputs\n\n| Name | Description | Type | Default | Required |\n| ------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | --------------- | :------: |\n| \u003ca name=\"input_rds_password\"\u003e\u003c/a\u003e [rds\\_password](#input\\_rds\\_password) | RDS root password | `any` | n/a | yes |\n| \u003ca name=\"input_security_groups\"\u003e\u003c/a\u003e [security\\_groups](#input\\_security\\_groups) | Security groups that are allowed to access the RDS | `list(string)` | n/a | yes |\n| \u003ca name=\"input_security_groups_count\"\u003e\u003c/a\u003e [security\\_groups\\_count](#input\\_security\\_groups\\_count) | Number of security groups provided in `security_groups` variable | `any` | n/a | yes |\n| \u003ca name=\"input_subnets\"\u003e\u003c/a\u003e [subnets](#input\\_subnets) | Subnets to deploy in | `list(string)` | n/a | yes |\n| \u003ca name=\"input_vpc_id\"\u003e\u003c/a\u003e [vpc\\_id](#input\\_vpc\\_id) | ID of the VPC where to deploy in | `any` | n/a | yes |\n| \u003ca name=\"input_allowed_cidr_blocks\"\u003e\u003c/a\u003e [allowed\\_cidr\\_blocks](#input\\_allowed\\_cidr\\_blocks) | CIDR blocks that are allowed to access the RDS | `list(string)` | `[]` | no |\n| \u003ca name=\"input_apply_immediately\"\u003e\u003c/a\u003e [apply\\_immediately](#input\\_apply\\_immediately) | Apply changes immediately | `bool` | `true` | no |\n| \u003ca name=\"input_auto_minor_version_upgrade\"\u003e\u003c/a\u003e [auto\\_minor\\_version\\_upgrade](#input\\_auto\\_minor\\_version\\_upgrade) | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. | `bool` | `true` | no |\n| \u003ca name=\"input_availability_zone\"\u003e\u003c/a\u003e [availability\\_zone](#input\\_availability\\_zone) | The availability zone where you want to launch your instance in | `string` | `\"\"` | no |\n| \u003ca name=\"input_backup_retention_period\"\u003e\u003c/a\u003e [backup\\_retention\\_period](#input\\_backup\\_retention\\_period) | How long do you want to keep RDS backups | `string` | `\"14\"` | no |\n| \u003ca name=\"input_default_parameter_group_family\"\u003e\u003c/a\u003e [default\\_parameter\\_group\\_family](#input\\_default\\_parameter\\_group\\_family) | Parameter group family for the default parameter group, according to the chosen engine and engine version. Defaults to mysql5.7 | `string` | `\"mysql5.7\"` | no |\n| \u003ca name=\"input_deletion_protection\"\u003e\u003c/a\u003e [deletion\\_protection](#input\\_deletion\\_protection) | If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true | `bool` | `false` | no |\n| \u003ca name=\"input_enabled_cloudwatch_logs_exports\"\u003e\u003c/a\u003e [enabled\\_cloudwatch\\_logs\\_exports](#input\\_enabled\\_cloudwatch\\_logs\\_exports) | List of log types to enable for exporting to CloudWatch logs. You can check the available log types per engine in the [AWS RDS documentation](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch). | `list(string)` | `[]` | no |\n| \u003ca name=\"input_engine\"\u003e\u003c/a\u003e [engine](#input\\_engine) | RDS engine: mysql, oracle, postgres. Defaults to mysql | `string` | `\"mysql\"` | no |\n| \u003ca name=\"input_engine_version\"\u003e\u003c/a\u003e [engine\\_version](#input\\_engine\\_version) | Engine version to use, according to the chosen engine. You can check the available engine versions using the [AWS CLI](http://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html). Defaults to 5.7.17 for MySQL. | `string` | `\"5.7.25\"` | no |\n| \u003ca name=\"input_environment\"\u003e\u003c/a\u003e [environment](#input\\_environment) | How do you want to call your environment, this is helpful if you have more than 1 VPC. | `string` | `\"production\"` | no |\n| \u003ca name=\"input_extra_tags\"\u003e\u003c/a\u003e [extra\\_tags](#input\\_extra\\_tags) | A mapping of extra tags to assign to the resource | `map(string)` | `{}` | no |\n| \u003ca name=\"input_maintenance_window\"\u003e\u003c/a\u003e [maintenance\\_window](#input\\_maintenance\\_window) | The window to perform maintenance in. Syntax: \"ddd:hh24:mi-ddd:hh24:mi\". Eg: \"Mon:00:00-Mon:03:00\" | `string` | `null` | no |\n| \u003ca name=\"input_max_allocated_storage\"\u003e\u003c/a\u003e [max\\_allocated\\_storage](#input\\_max\\_allocated\\_storage) | When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to allocated\\_storage. Must be greater than or equal to allocated\\_storage or 0 to disable Storage Autoscaling. | `string` | `\"0\"` | no |\n| \u003ca name=\"input_monitoring_interval\"\u003e\u003c/a\u003e [monitoring\\_interval](#input\\_monitoring\\_interval) | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. Valid Values: 0, 1, 5, 10, 15, 30, 60. | `string` | `\"0\"` | no |\n| \u003ca name=\"input_multi_az\"\u003e\u003c/a\u003e [multi\\_az](#input\\_multi\\_az) | Multi AZ true or false | `bool` | `true` | no |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | The name of the RDS instance | `string` | `\"\"` | no |\n| \u003ca name=\"input_number\"\u003e\u003c/a\u003e [number](#input\\_number) | number of the database default 01 | `string` | `\"01\"` | no |\n| \u003ca name=\"input_performance_insights_enabled\"\u003e\u003c/a\u003e [performance\\_insights\\_enabled](#input\\_performance\\_insights\\_enabled) | Specifies whether Performance Insights is enabled or not. | `bool` | `false` | no |\n| \u003ca name=\"input_performance_insights_kms_key_id\"\u003e\u003c/a\u003e [performance\\_insights\\_kms\\_key\\_id](#input\\_performance\\_insights\\_kms\\_key\\_id) | Custom KMS key to use to encrypt the performance insights data | `string` | `null` | no |\n| \u003ca name=\"input_performance_insights_retention_period\"\u003e\u003c/a\u003e [performance\\_insights\\_retention\\_period](#input\\_performance\\_insights\\_retention\\_period) | Amount of time in days to retain Performance Insights data. Valid values are 7, 731 (2 years) or a multiple of 31. When specifying performance\\_insights\\_retention\\_period | `number` | `7` | no |\n| \u003ca name=\"input_project\"\u003e\u003c/a\u003e [project](#input\\_project) | The current project | `string` | `\"\"` | no |\n| \u003ca name=\"input_publicly_accessible\"\u003e\u003c/a\u003e [publicly\\_accessible](#input\\_publicly\\_accessible) | Bool to control if instance is publicly accessible | `bool` | `false` | no |\n| \u003ca name=\"input_rds_custom_parameter_group_name\"\u003e\u003c/a\u003e [rds\\_custom\\_parameter\\_group\\_name](#input\\_rds\\_custom\\_parameter\\_group\\_name) | A custom parameter group name to attach to the RDS instance. If not provided a default one will be used | `string` | `\"\"` | no |\n| \u003ca name=\"input_rds_username\"\u003e\u003c/a\u003e [rds\\_username](#input\\_rds\\_username) | RDS root user | `string` | `\"root\"` | no |\n| \u003ca name=\"input_size\"\u003e\u003c/a\u003e [size](#input\\_size) | Instance size | `string` | `\"db.t2.small\"` | no |\n| \u003ca name=\"input_skip_final_snapshot\"\u003e\u003c/a\u003e [skip\\_final\\_snapshot](#input\\_skip\\_final\\_snapshot) | Skip final snapshot when destroying RDS | `bool` | `false` | no |\n| \u003ca name=\"input_snapshot_identifier\"\u003e\u003c/a\u003e [snapshot\\_identifier](#input\\_snapshot\\_identifier) | Specifies whether or not to create this database from a snapshot. This correlates to the snapshot ID you'd find in the RDS console, e.g: rds:production-2015-06-26-06-05. | `string` | `\"\"` | no |\n| \u003ca name=\"input_storage\"\u003e\u003c/a\u003e [storage](#input\\_storage) | How many GBs of space does your database need? | `string` | `\"10\"` | no |\n| \u003ca name=\"input_storage_encrypted\"\u003e\u003c/a\u003e [storage\\_encrypted](#input\\_storage\\_encrypted) | Encrypt RDS storage | `bool` | `true` | no |\n| \u003ca name=\"input_storage_kms_key_id\"\u003e\u003c/a\u003e [storage\\_kms\\_key\\_id](#input\\_storage\\_kms\\_key\\_id) | Custom KMS key to use to encrypt the storage. Will use the AWS key if left null (default) | `string` | `null` | no |\n| \u003ca name=\"input_storage_type\"\u003e\u003c/a\u003e [storage\\_type](#input\\_storage\\_type) | Type of storage you want to use | `string` | `\"gp2\"` | no |\n| \u003ca name=\"input_subnet_group_name_override\"\u003e\u003c/a\u003e [subnet\\_group\\_name\\_override](#input\\_subnet\\_group\\_name\\_override) | Override the name of the created subnet group | `string` | `null` | no |\n| \u003ca name=\"input_tag\"\u003e\u003c/a\u003e [tag](#input\\_tag) | A tag used to identify an RDS in a project that has more than one RDS | `string` | `\"\"` | no |\n\n### Outputs\n\n| Name | Description |\n| -------------------------------------------------------------------------------------------------------------- | ----------------------------------------- |\n| \u003ca name=\"output_aws_db_subnet_group_id\"\u003e\u003c/a\u003e [aws\\_db\\_subnet\\_group\\_id](#output\\_aws\\_db\\_subnet\\_group\\_id) | The subnet group id of the RDS instance |\n| \u003ca name=\"output_rds_address\"\u003e\u003c/a\u003e [rds\\_address](#output\\_rds\\_address) | The hostname of the RDS instance |\n| \u003ca name=\"output_rds_arn\"\u003e\u003c/a\u003e [rds\\_arn](#output\\_rds\\_arn) | The arn of the RDS instance |\n| \u003ca name=\"output_rds_id\"\u003e\u003c/a\u003e [rds\\_id](#output\\_rds\\_id) | The id of the RDS instance |\n| \u003ca name=\"output_rds_identifier\"\u003e\u003c/a\u003e [rds\\_identifier](#output\\_rds\\_identifier) | The identifier of the RDS instance |\n| \u003ca name=\"output_rds_port\"\u003e\u003c/a\u003e [rds\\_port](#output\\_rds\\_port) | The port of the RDS instance |\n| \u003ca name=\"output_rds_sg_id\"\u003e\u003c/a\u003e [rds\\_sg\\_id](#output\\_rds\\_sg\\_id) | The security group id of the RDS instance |\n\n### Example\n\n```tf\nmodule \"rds\" {\n source = \"github.com/skyscrapers/terraform-rds//rds\"\n vpc_id = \"vpc-e123bc45\"\n subnets = [\"subnet-12345d67\", \"subnet-12345d68\", \"subnet-12345d69\"]\n project = \"myproject\"\n environment = \"production\"\n size = \"db.t2.small\"\n security_groups = [\"sg-12be345678905ebf1\", \"sg-1234567890aef\"]\n enabled_cloudwatch_logs_exports = [\"audit\", \"error\", \"slowquery\"]\n security_groups_count = 2\n rds_password = \"supersecurepassword\"\n multi_az = \"false\"\n}\n```\n\n## Aurora\n\nCreates a Aurora cluster + instances, security_group, subnet_group and parameter_group\n\n### Requirements\n\n| Name | Version |\n| ------------------------------------------------------------------------- | ------- |\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | \u003e= 0.12 |\n\n### Providers\n\n| Name | Version |\n| ------------------------------------------------- | ------- |\n| \u003ca name=\"provider_aws\"\u003e\u003c/a\u003e [aws](#provider\\_aws) | n/a |\n\n### Modules\n\nNo modules.\n\n### Resources\n\n| Name | Type |\n| ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |\n| [aws_db_parameter_group.aurora_mysql](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_parameter_group) | resource |\n| [aws_db_subnet_group.aurora](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_subnet_group) | resource |\n| [aws_rds_cluster.aurora](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster) | resource |\n| [aws_rds_cluster_instance.cluster_instances](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster_instance) | resource |\n| [aws_security_group.sg_aurora](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |\n| [aws_security_group_rule.sg_aurora_in](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |\n| [aws_availability_zones.available](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/availability_zones) | data source |\n| [aws_subnet.subnet](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |\n\n### Inputs\n\n| Name | Description | Type | Default | Required |\n| ------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | ------------------------------------------------------------------------- | :------: |\n| \u003ca name=\"input_password\"\u003e\u003c/a\u003e [password](#input\\_password) | RDS root password | `any` | n/a | yes |\n| \u003ca name=\"input_security_groups\"\u003e\u003c/a\u003e [security\\_groups](#input\\_security\\_groups) | Security groups that are allowed to access the RDS on port 3306 | `list(string)` | n/a | yes |\n| \u003ca name=\"input_subnets\"\u003e\u003c/a\u003e [subnets](#input\\_subnets) | Subnets to deploy in | `list(string)` | n/a | yes |\n| \u003ca name=\"input_amount_of_instances\"\u003e\u003c/a\u003e [amount\\_of\\_instances](#input\\_amount\\_of\\_instances) | The amount of Aurora instances you need, for HA you need minumum 2 | `number` | `1` | no |\n| \u003ca name=\"input_apply_immediately\"\u003e\u003c/a\u003e [apply\\_immediately](#input\\_apply\\_immediately) | Apply changes immediately | `bool` | `true` | no |\n| \u003ca name=\"input_backup_retention_period\"\u003e\u003c/a\u003e [backup\\_retention\\_period](#input\\_backup\\_retention\\_period) | How long do you want to keep RDS backups | `string` | `\"14\"` | no |\n| \u003ca name=\"input_cluster_parameter_group_name\"\u003e\u003c/a\u003e [cluster\\_parameter\\_group\\_name](#input\\_cluster\\_parameter\\_group\\_name) | Optional parameter group you can set for the RDS Aurora cluster | `string` | `\"\"` | no |\n| \u003ca name=\"input_default_ports\"\u003e\u003c/a\u003e [default\\_ports](#input\\_default\\_ports) | n/a | `map` | \u003cpre\u003e{\u003cbr\u003e \"aurora\": \"3306\",\u003cbr\u003e \"aurora-postgresql\": \"5432\"\u003cbr\u003e}\u003c/pre\u003e | no |\n| \u003ca name=\"input_deletion_protection\"\u003e\u003c/a\u003e [deletion\\_protection](#input\\_deletion\\_protection) | If the DB cluster should have deletion protection enabled. The database can't be deleted when this value is set to true | `bool` | `false` | no |\n| \u003ca name=\"input_enabled_cloudwatch_logs_exports\"\u003e\u003c/a\u003e [enabled\\_cloudwatch\\_logs\\_exports](#input\\_enabled\\_cloudwatch\\_logs\\_exports) | List of log types to enable for exporting to CloudWatch logs. You can check the available log types per engine in the [AWS Aurora documentation](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch). | `list(string)` | `[]` | no |\n| \u003ca name=\"input_engine\"\u003e\u003c/a\u003e [engine](#input\\_engine) | Optional parameter to set the Aurora engine | `string` | `\"aurora\"` | no |\n| \u003ca name=\"input_engine_version\"\u003e\u003c/a\u003e [engine\\_version](#input\\_engine\\_version) | Optional parameter to set the Aurora engine version | `string` | `\"5.6.10a\"` | no |\n| \u003ca name=\"input_environment\"\u003e\u003c/a\u003e [environment](#input\\_environment) | How do you want to call your environment, this is helpful if you have more than 1 VPC. | `string` | `\"production\"` | no |\n| \u003ca name=\"input_extra_tags\"\u003e\u003c/a\u003e [extra\\_tags](#input\\_extra\\_tags) | A mapping of extra tags to assign to the resource | `map(string)` | `{}` | no |\n| \u003ca name=\"input_family\"\u003e\u003c/a\u003e [family](#input\\_family) | n/a | `string` | `\"aurora5.6\"` | no |\n| \u003ca name=\"input_instance_parameter_group_name\"\u003e\u003c/a\u003e [instance\\_parameter\\_group\\_name](#input\\_instance\\_parameter\\_group\\_name) | Optional parameter group you can set for the RDS instances inside an Aurora cluster | `string` | `\"\"` | no |\n| \u003ca name=\"input_instance_promotion_tiers\"\u003e\u003c/a\u003e [instance\\_promotion\\_tiers](#input\\_instance\\_promotion\\_tiers) | Set promotion tier for each instance in the cluster. The size of the list must be equal to `var.amount_of_instances`. If ommitted or set to [], the default of 0 will be used. | `list(number)` | `[]` | no |\n| \u003ca name=\"input_instance_size_override\"\u003e\u003c/a\u003e [instance\\_size\\_override](#input\\_instance\\_size\\_override) | Provide different instance sizes for each individual aurora instance in the cluster. The size of the list must be equal to `var.amount_of_instances`. If ommitted or set to [], this module will use `var.size` for all the instances in the cluster. | `list(string)` | `[]` | no |\n| \u003ca name=\"input_performance_insights_enabled\"\u003e\u003c/a\u003e [performance\\_insights\\_enabled](#input\\_performance\\_insights\\_enabled) | Specifies whether Performance Insights is enabled or not. | `bool` | `false` | no |\n| \u003ca name=\"input_project\"\u003e\u003c/a\u003e [project](#input\\_project) | The current project | `string` | `\"\"` | no |\n| \u003ca name=\"input_rds_instance_name_overrides\"\u003e\u003c/a\u003e [rds\\_instance\\_name\\_overrides](#input\\_rds\\_instance\\_name\\_overrides) | List of names to override the default RDS instance names / identifiers. | `list(string)` | `null` | no |\n| \u003ca name=\"input_rds_username\"\u003e\u003c/a\u003e [rds\\_username](#input\\_rds\\_username) | RDS root user | `string` | `\"root\"` | no |\n| \u003ca name=\"input_size\"\u003e\u003c/a\u003e [size](#input\\_size) | Instance size | `string` | `\"db.t2.small\"` | no |\n| \u003ca name=\"input_skip_final_snapshot\"\u003e\u003c/a\u003e [skip\\_final\\_snapshot](#input\\_skip\\_final\\_snapshot) | Skip final snapshot when destroying RDS | `bool` | `false` | no |\n| \u003ca name=\"input_snapshot_identifier\"\u003e\u003c/a\u003e [snapshot\\_identifier](#input\\_snapshot\\_identifier) | Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot | `string` | `null` | no |\n| \u003ca name=\"input_storage_encrypted\"\u003e\u003c/a\u003e [storage\\_encrypted](#input\\_storage\\_encrypted) | Encrypt RDS storage | `bool` | `true` | no |\n| \u003ca name=\"input_tag\"\u003e\u003c/a\u003e [tag](#input\\_tag) | A tag used to identify an RDS in a project that has more than one RDS | `string` | `\"\"` | no |\n\n### Outputs\n\n| Name | Description |\n| --------------------------------------------------------------------------------------------------------------------------- | ----------- |\n| \u003ca name=\"output_aurora_cluster_id\"\u003e\u003c/a\u003e [aurora\\_cluster\\_id](#output\\_aurora\\_cluster\\_id) | n/a |\n| \u003ca name=\"output_aurora_cluster_instances_id\"\u003e\u003c/a\u003e [aurora\\_cluster\\_instances\\_id](#output\\_aurora\\_cluster\\_instances\\_id) | n/a |\n| \u003ca name=\"output_aurora_port\"\u003e\u003c/a\u003e [aurora\\_port](#output\\_aurora\\_port) | n/a |\n| \u003ca name=\"output_aurora_sg_id\"\u003e\u003c/a\u003e [aurora\\_sg\\_id](#output\\_aurora\\_sg\\_id) | n/a |\n| \u003ca name=\"output_endpoint\"\u003e\u003c/a\u003e [endpoint](#output\\_endpoint) | n/a |\n| \u003ca name=\"output_reader_endpoint\"\u003e\u003c/a\u003e [reader\\_endpoint](#output\\_reader\\_endpoint) | n/a |\n\n### Example\n\n```tf\nmodule \"aurora\" {\n source = \"github.com/skyscrapers/terraform-rds//aurora\"\n project = \"myproject\"\n environment = \"production\"\n size = \"db.t2.small\"\n password = \"supersecurepassword\"\n subnets = [\"subnet-12345d67\", \"subnet-12345d68\", \"subnet-12345d69\"]\n amount_of_instances = 1\n security_groups = [\"sg-12be345678905ebf1\", \"sg-1234567890aef\"]\n enabled_cloudwatch_logs_exports = [\"audit\", \"error\", \"slowquery\"]\n}\n```\n\n## rds-replica\n\nCreates an RDS read replica instance, the replica `security_group` and a `subnet_group` if not passed as parameter\n\n### Inputs\n\n| Name | Description | Type | Default | Required |\n| ---------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | :----------: | :---------------------------------------------------------: | :------: |\n| engine | | string | n/a | yes |\n| subnets | Subnets to deploy in | list(string) | n/a | yes |\n| vpc\\_id | ID of the VPC where to deploy in | string | n/a | yes |\n| allowed\\_cidr\\_blocks | CIDR blocks that are allowed to access the RDS | list(string) | `[]` | no |\n| auto\\_minor\\_version\\_upgrade | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. | string | `\"true\"` | no |\n| backup\\_retention\\_period | How long do you want to keep RDS Slave backups | number | `\"14\"` | no |\n| custom\\_parameter\\_group\\_name | A custom parameter group name to attach to the RDS instance. If not provided it will use the default from the master instance | string | `\"\"` | no |\n| enabled\\_cloudwatch\\_logs\\_exports | List of log types to enable for exporting to CloudWatch logs. You can check the available log types per engine in the \\[AWS RDS documentation\\]\\(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER\\_LogAccess.html#USER\\_LogAccess.Procedural.UploadtoCloudWatch\\). | list(string) | `[]` | no |\n| environment | How do you want to call your environment, this is helpful if you have more than 1 VPC. | string | `\"production\"` | no |\n| name | An optional custom name to give to the module's resources | string | `\"\"` | no |\n| number\\_of\\_replicas | number of database repliacs default 1 | string | `\"1\"` | no |\n| multi\\_az | Multi AZ true or false | bool | `false` | no |\n| ports | | map | `{ \"mysql\": \"3306\", \"oracle\": \"1521\", \"postgres\": \"5432\" }` | no |\n| project | The current project | string | `\"\"` | no |\n| replicate\\_source\\_db | RDS source to replicate from | string | `\"\"` | no |\n| publicly\\_accessible | Bool to control if instance is publicly accessible | `false` | no |\n| security\\_groups | Security groups that are allowed to access the RDS | list(string) | `[]` | no |\n| size | Instance size | string | `\"db.t2.small\"` | no |\n| storage\\_encrypted | Encrypt RDS storage | string | `\"true\"` | no |\n| tag | A tag used to identify an RDS in a project that has more than one RDS | string | `\"\"` | no |\n| max\\_allocated\\_storage | When configured, the upper limit to which Amazon RDS can automatically scale the storage of the DB instance. Configuring this will automatically ignore differences to allocated\\_storage. Must be greater than or equal to allocated\\_storage or 0 to disable Storage Autoscaling. If not set the default of the master instance is set. | string | `null` | no |\n| allocated_storage | How many GBs of space does your database need? If not set the default of the master instance is set. | string | `null` | no |\n\n### Outputs\n\n| Name | Description |\n| ------------ | ----------- |\n| rds\\_address | |\n| rds\\_arn | |\n| rds\\_sg\\_id | |\n\n### Example\n\n```tf\nmodule \"rds\" {\n source = \"github.com/skyscrapers/terraform-rds//rds-replica\"\n project = \"myproject\"\n environment = \"production\"\n size = \"db.t2.small\"\n engine = \"postgres\"\n security_groups = [\"sg-12be345678905ebf1\", \"sg-1234567890aef\"]\n replicate_source_db = \"arn:aws:rds:eu-west-1:123456789012:db:myproject-production-something-rds01\"\n vpc_id = \"vpc-e123bc45\"\n subnets = [\"subnet-12345d67\", \"subnet-12345d68\", \"subnet-12345d69\"]\n}\n```\n\n## snapshot-cross-account-replicator\n\nThis module creates snapshots of RDS instances based on a [configured frequency](#input\\_snapshot\\_schedule\\_expression), and replicates them to a different region in a different AWS account.\nTo achieve this it creates several Lambda functions that take care of the copy operations in the different steps.\n\nAs an example, let's say we want to back up an RDS instance in AWS account `111111111111` in region `eu-west-1` to the AWS account `222222222222` in region `eu-central-1`. The whole replication process takes place in 4 steps:\n\n1. A snapshot is created from the RDS instance, in the account `111111111111` in region `eu-west-1` . If the instance is KMS encrypted, the snapshot will be encrypted with the same key\n2. The initial snapshot is copied to region `eu-central-1` within the source account `111111111111`. Snapshots cannot be copied to a different AWS account and region in the same copy operation, so it needs to happen in two steps. In this step, the snapshot is re-encrypted using a [KMS key](#input\\_target\\_account\\_kms\\_key\\_id) in the target AWS account and region (`222222222222` \u0026 `eu-central-1`)\n3. The resulting snapshot from step (2) is then copied over to its final destination, in account `222222222222` in region `eu-central-1`.\n\nThere are Lambda functions in place that will take care of cleaning up the initial and intermediate snapshots resulting from steps (1) and (2).\n\nThere's another Lambda function running in account `222222222222` in region `eu-central-1` that will periodically run and delete those snapshots that are older than the [configured retention period](#input\\_retention\\_period).\n\nFor monitoring, the module creates two SNS topics where CloudWatch will post alert messages in case there's problems running the Lambda functions. These SNS topics can be subscribed to upstream monitoring services like OpsGenie.\n\nTake into account that for the copy operation and re-encryption process to work properly, the policy of the [provided KMS key](#input\\_target\\_account\\_kms\\_key\\_id) in the target account needs to allow usage access to the root user of the source account. IAM policies to further grant access to the Lambda functions will be created within the module. [Check this AWS documentation page](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ShareSnapshot.html#USER_ShareSnapshot.Encrypted.KeyPolicy) to know more about how encrpyted snapshots can be shared between different accounts.\n\n### Example\n\n```terraform\ndata \"aws_caller_identity\" \"source\" {\n provider = aws.source\n}\n\nmodule \"rds_replication\" {\n source = \"github.com/skyscrapers/terraform-rds//snapshot-cross-account-replicator?ref=6.1.0\"\n\n name = \"AuroraReplicator\"\n is_aurora_cluster = true\n rds_instance_ids = var.rds_cluster_ids\n snapshot_schedule_period = 12\n retention_period = 4\n target_account_kms_key_id = aws_kms_key.rds_target.id\n\n providers = {\n aws.source = aws.source\n aws.intermediate = aws.intermediate\n aws.target = aws.target\n }\n}\n\nresource \"aws_kms_key\" \"rds_target\" {\n provider = aws.target\n\n description = \"KMS key used to encrypt RDS\"\n policy = data.aws_iam_policy_document.rds_replication_key.json\n\n lifecycle {\n prevent_destroy = true\n }\n}\n\ndata \"aws_iam_policy_document\" \"rds_replication_key\" {\n provider = aws.target\n\n statement {\n sid = \"Enable IAM policies in source \u0026 target accounts\"\n effect = \"Allow\"\n actions = [\"kms:*\"]\n resources = [\"*\"]\n\n principals {\n type = \"AWS\"\n identifiers = [\n \"arn:aws:iam::${data.aws_caller_identity.source.account_id}:root\",\n \"arn:aws:iam::${var.target_aws_account}:root\"\n ]\n }\n }\n}\n```\n\n### Requirements\n\n| Name | Version |\n| ------------------------------------------------------------------------- | ------- |\n| \u003ca name=\"requirement_terraform\"\u003e\u003c/a\u003e [terraform](#requirement\\_terraform) | ~\u003e 1.0 |\n| \u003ca name=\"requirement_aws\"\u003e\u003c/a\u003e [aws](#requirement\\_aws) | ~\u003e 3.61 |\n\n### Providers\n\n| Name | Version |\n| ---------------------------------------------------------------------------------------- | ------- |\n| \u003ca name=\"provider_archive\"\u003e\u003c/a\u003e [archive](#provider\\_archive) | n/a |\n| \u003ca name=\"provider_aws.intermediate\"\u003e\u003c/a\u003e [aws.intermediate](#provider\\_aws.intermediate) | ~\u003e 3.61 |\n| \u003ca name=\"provider_aws.source\"\u003e\u003c/a\u003e [aws.source](#provider\\_aws.source) | ~\u003e 3.61 |\n| \u003ca name=\"provider_aws.target\"\u003e\u003c/a\u003e [aws.target](#provider\\_aws.target) | ~\u003e 3.61 |\n\n### Modules\n\n| Name | Source | Version |\n| ------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------ | ------- |\n| \u003ca name=\"module_cleanup_intermediate_lambda_monitoring\"\u003e\u003c/a\u003e [cleanup\\_intermediate\\_lambda\\_monitoring](#module\\_cleanup\\_intermediate\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n| \u003ca name=\"module_cleanup_source_lambda_monitoring\"\u003e\u003c/a\u003e [cleanup\\_source\\_lambda\\_monitoring](#module\\_cleanup\\_source\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n| \u003ca name=\"module_cleanup_target_lambda_monitoring\"\u003e\u003c/a\u003e [cleanup\\_target\\_lambda\\_monitoring](#module\\_cleanup\\_target\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n| \u003ca name=\"module_step_1_lambda_monitoring\"\u003e\u003c/a\u003e [step\\_1\\_lambda\\_monitoring](#module\\_step\\_1\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n| \u003ca name=\"module_step_2_lambda_monitoring\"\u003e\u003c/a\u003e [step\\_2\\_lambda\\_monitoring](#module\\_step\\_2\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n| \u003ca name=\"module_step_3_lambda_monitoring\"\u003e\u003c/a\u003e [step\\_3\\_lambda\\_monitoring](#module\\_step\\_3\\_lambda\\_monitoring) | github.com/skyscrapers/terraform-cloudwatch//lambda_function | 2.0.1 |\n\n### Resources\n\n| Name | Type |\n| --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |\n| [aws_cloudwatch_event_rule.invoke_cleanup_intermediate_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.invoke_cleanup_source_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.invoke_cleanup_target_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.invoke_step_1_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.invoke_step_2_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_rule.invoke_step_3_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |\n| [aws_cloudwatch_event_target.invoke_cleanup_intermediate_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.invoke_cleanup_source_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.invoke_cleanup_target_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.invoke_step_1_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.invoke_step_2_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_cloudwatch_event_target.invoke_step_3_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |\n| [aws_iam_role.source_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role.target_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |\n| [aws_iam_role_policy.source_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |\n| [aws_iam_role_policy.source_lambda_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |\n| [aws_iam_role_policy.target_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |\n| [aws_iam_role_policy.target_lambda_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |\n| [aws_iam_role_policy_attachment.source_lambda_exec_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_iam_role_policy_attachment.target_lambda_exec_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |\n| [aws_lambda_function.cleanup_intermediate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_function.cleanup_source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_function.cleanup_target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_function.step_1](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_function.step_2](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_function.step_3](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |\n| [aws_lambda_permission.invoke_cleanup_intermediate_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lambda_permission.invoke_cleanup_source_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lambda_permission.invoke_cleanup_target_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lambda_permission.invoke_step_1_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lambda_permission.invoke_step_2_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_lambda_permission.invoke_step_3_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |\n| [aws_sns_topic.source_region_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |\n| [aws_sns_topic.target_region_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |\n| [aws_sns_topic_policy.source_region_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource |\n| [aws_sns_topic_policy.target_region_topic](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_policy) | resource |\n| [archive_file.lambda_zip](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |\n| [aws_caller_identity.source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |\n| [aws_caller_identity.target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |\n| [aws_db_instance.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/db_instance) | data source |\n| [aws_iam_policy_document.lambda_kms_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.source_lambda_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.source_lambda_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.source_retion_sns_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.target_lambda_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.target_lambda_permissions](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_iam_policy_document.target_retion_sns_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |\n| [aws_kms_key.target_key](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/kms_key) | data source |\n| [aws_rds_cluster.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/rds_cluster) | data source |\n| [aws_region.intermediate](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n| [aws_region.source](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n| [aws_region.target](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |\n\n### Inputs\n\n| Name | Description | Type | Default | Required |\n| ------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------------- | ----------------------- | :------: |\n| \u003ca name=\"input_name\"\u003e\u003c/a\u003e [name](#input\\_name) | Name of the setup | `string` | n/a | yes |\n| \u003ca name=\"input_rds_instance_ids\"\u003e\u003c/a\u003e [rds\\_instance\\_ids](#input\\_rds\\_instance\\_ids) | List of IDs of the RDS instances to back up. If using Aurora, provide the cluster IDs instead | `list(string)` | n/a | yes |\n| \u003ca name=\"input_target_account_kms_key_id\"\u003e\u003c/a\u003e [target\\_account\\_kms\\_key\\_id](#input\\_target\\_account\\_kms\\_key\\_id) | KMS key to use to encrypt replicated RDS snapshots in the target AWS account | `string` | n/a | yes |\n| \u003ca name=\"input_is_aurora_cluster\"\u003e\u003c/a\u003e [is\\_aurora\\_cluster](#input\\_is\\_aurora\\_cluster) | Whether we're backing up Aurora clusters instead of RDS instances | `bool` | `false` | no |\n| \u003ca name=\"input_lambda_monitoring_metric_period\"\u003e\u003c/a\u003e [lambda\\_monitoring\\_metric\\_period](#input\\_lambda\\_monitoring\\_metric\\_period) | The metric period to use for the Lambdas CloudWatch alerts for monitoring. This should be equal or higher than the snapshoting period | `number` | `21600` | no |\n| \u003ca name=\"input_retention_period\"\u003e\u003c/a\u003e [retention\\_period](#input\\_retention\\_period) | Snapshot retention period in days | `number` | `14` | no |\n| \u003ca name=\"input_snapshot_schedule_expression\"\u003e\u003c/a\u003e [snapshot\\_schedule\\_expression](#input\\_snapshot\\_schedule\\_expression) | Snapshot frequency specified as a CloudWatch schedule expression. Can either be a `rate()` or `cron()` expression. Check the [AWS documentation](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html#CronExpressions) on how to compose such expression. | `string` | `\"cron(0 */6 * * ? *)\"` | no |\n| \u003ca name=\"input_aurora_storage_type\"\u003e\u003c/a\u003e [storage\\_type](#input\\_snapshot\\_schedule\\_expression) | Determine storage type for your Aurora RDS. Valid values for Single-AZ: aurora, \\\"\\\" (default, both refer to Aurora Standard), aurora-iopt1 (Aurora I/O Optimized). Valid values for Multi-AZ: io1 (default). | `string` | `null` | no |\n\n### Outputs\n\n| Name | Description |\n| ----------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------- |\n| \u003ca name=\"output_source_region_sns_topic_arn\"\u003e\u003c/a\u003e [source\\_region\\_sns\\_topic\\_arn](#output\\_source\\_region\\_sns\\_topic\\_arn) | SNS topic ARN for the lambdas in the source region |\n| \u003ca name=\"output_target_region_sns_topic_arn\"\u003e\u003c/a\u003e [target\\_region\\_sns\\_topic\\_arn](#output\\_target\\_region\\_sns\\_topic\\_arn) | SNS topic ARN for the lambdas in the target region |\n\n## rds-proxy\n\nCreate an RDS proxy and configure IAM role to use for reading AWS Secrets to access the database.\n\n### Inputs\n\n| Name | Description | Type | Default | Required |\n| ---------------------------- | ----------------------------------------------------------------------------------------------------- | -------------- | ------- | :------: |\n| db_cluster_identifier | ID of the database instance to set as the proxy target | `any` | n/a | yes |\n| db_secret_arns | AWS Secret Manager ARNs to use to access the database credentials | `list` | n/a | yes |\n| engine | RDS engine: MYSQL or POSTGRES | `any` | n/a | yes |\n| environment | The current environment | `any` | n/a | yes |\n| project | The current project | `any` | n/a | yes |\n| security_groups | Security groups that are allowed to access the RDS | `list(string)` | n/a | yes |\n| subnets | Subnets to deploy in | `list(string)` | n/a | yes |\n| proxy_connection_timeout | The number of seconds for a proxy to wait for a connection to become available in the connection pool | `number` | `120` | no |\n| proxy_max_connection_percent | The maximum size of the connection pool for each target in a target group | `number` | `100` | no |\n| idle_client_timeout | The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. | `number` | `1800` | no |\n| debug_logging | Whether the proxy includes detailed information about SQL statements in its logs. | `bool` | `false` | no |\n| reader_endpoint | Whether to include an extra reader endpoint. | `bool` | `false` | no |\n\n### Outputs\n\n| Name | Description |\n| -------------- | ----------------------------- |\n| proxy_endpoint | Endpoint of the created proxy |\n\n### Example\n\n```tf\nmodule \"rds_proxy\" {\n source = \"github.com/skyscrapers/terraform-rds//rds_proxy\"\n subnets = data.terraform_remote_state.networking.outputs.private_db_subnets\n project = var.project\n environment = terraform.workspace\n engine = \"MYSQL\"\n security_groups = [\"sg-aaaaa\", \"sg-bbbb\"]\n db_cluster_identifier = module.rds_database.rds_id\n db_secret_arns = [aws_secretsmanager_secret.db_user_rw.arn, aws_secretsmanager_secret.db_user_ro.arn]\n} \n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskyscrapers%2Fterraform-rds","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fskyscrapers%2Fterraform-rds","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fskyscrapers%2Fterraform-rds/lists"}