Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/joatmon08/terraform-aws-postgres
https://github.com/joatmon08/terraform-aws-postgres
Last synced: about 2 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/joatmon08/terraform-aws-postgres
- Owner: joatmon08
- License: bsd-2-clause
- Created: 2023-09-18T18:28:15.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2024-06-05T15:13:41.000Z (7 months ago)
- Last Synced: 2024-10-12T23:53:36.963Z (2 months ago)
- Language: HCL
- Size: 68.4 KB
- Stars: 2
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# terraform-aws-postgres
Sample module creating RDS PostgreSQL database, Boundary targets, and Consul registration.
It is intended to run with an operator, which means defining provider variables inline.Full demo at: https://github.com/joatmon08/hashicorp-stack-demoapp
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | ~> 1.0 |
| [aws](#requirement\_aws) | >= 5.0 |
| [boundary](#requirement\_boundary) | >= 1.0 |
| [consul](#requirement\_consul) | >= 2.18 |
| [vault](#requirement\_vault) | >= 3.20 |## Providers
| Name | Version |
|------|---------|
| [aws](#provider\_aws) | 5.17.0 |
| [boundary](#provider\_boundary) | 1.1.9 |
| [consul](#provider\_consul) | 2.18.0 |
| [random](#provider\_random) | 3.5.1 |
| [vault](#provider\_vault) | 3.20.1 |## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [aws_db_instance.database](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance) | resource |
| [boundary_credential_library_vault.database_admin](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/credential_library_vault) | resource |
| [boundary_credential_library_vault.database_app](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/credential_library_vault) | resource |
| [boundary_host_catalog_static.database](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/host_catalog_static) | resource |
| [boundary_host_set_static.database](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/host_set_static) | resource |
| [boundary_host_static.database](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/host_static) | resource |
| [boundary_target.database_admin](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/target) | resource |
| [boundary_target.database_app](https://registry.terraform.io/providers/hashicorp/boundary/latest/docs/resources/target) | resource |
| [consul_config_entry.service_defaults](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/resources/config_entry) | resource |
| [consul_node.database](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/resources/node) | resource |
| [consul_service.database](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/resources/service) | resource |
| [random_password.database](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
| [random_pet.database](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
| [vault_database_secret_backend_connection.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/database_secret_backend_connection) | resource |
| [vault_database_secret_backend_role.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/database_secret_backend_role) | resource |
| [vault_kubernetes_auth_backend_role.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/kubernetes_auth_backend_role) | resource |
| [vault_kv_secret_v2.postgres](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/kv_secret_v2) | resource |
| [vault_mount.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/mount) | resource |
| [vault_mount.static](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/mount) | resource |
| [vault_policy.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/policy) | resource |
| [vault_policy.transit](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/policy) | resource |
| [vault_transit_secret_backend_key.transit](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/resources/transit_secret_backend_key) | resource |
| [aws_security_group.database](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) | data source |
| [consul_service_health.database](https://registry.terraform.io/providers/hashicorp/consul/latest/docs/data-sources/service_health) | data source |
| [vault_kv_secret_v2.postgres](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/data-sources/kv_secret_v2) | data source |
| [vault_policy_document.db](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/data-sources/policy_document) | data source |
| [vault_policy_document.transit](https://registry.terraform.io/providers/hashicorp/vault/latest/docs/data-sources/policy_document) | data source |## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [additional\_service\_account\_names](#input\_additional\_service\_account\_names) | Additional service account names to allow access to database credentials | `list(string)` | `[]` | no |
| [allow\_major\_version\_upgrade](#input\_allow\_major\_version\_upgrade) | Allow major version upgrades of database | `bool` | `true` | no |
| [boundary\_address](#input\_boundary\_address) | Boundary address | `string` | n/a | yes |
| [boundary\_credentials\_store\_id](#input\_boundary\_credentials\_store\_id) | Boundary credentials store ID | `string` | n/a | yes |
| [boundary\_password](#input\_boundary\_password) | Boundary password | `string` | n/a | yes |
| [boundary\_scope\_id](#input\_boundary\_scope\_id) | Boundary scope ID for setting up target to database | `string` | n/a | yes |
| [boundary\_username](#input\_boundary\_username) | Boundary address | `string` | n/a | yes |
| [business\_unit](#input\_business\_unit) | Business unit | `string` | n/a | yes |
| [consul\_address](#input\_consul\_address) | Consul address | `string` | n/a | yes |
| [consul\_datacenter](#input\_consul\_datacenter) | Consul datacenter | `string` | `null` | no |
| [consul\_token](#input\_consul\_token) | Consul token | `string` | n/a | yes |
| [db\_instance\_class](#input\_db\_instance\_class) | Database instance class | `string` | `"db.t3.micro"` | no |
| [db\_name](#input\_db\_name) | Database name to create in instance | `string` | n/a | yes |
| [environment](#input\_environment) | Environment | `string` | n/a | yes |
| [org\_name](#input\_org\_name) | Organization to search for VPC resources, including database subnet group | `string` | n/a | yes |
| [postgres\_db\_version](#input\_postgres\_db\_version) | PostgreSQL version | `string` | `"14.9"` | no |
| [postgres\_port](#input\_postgres\_port) | Database port | `number` | `5432` | no |
| [use\_vault\_for\_db\_password](#input\_use\_vault\_for\_db\_password) | Use Vault for database password | `bool` | `true` | no |
| [vault\_address](#input\_vault\_address) | Vault address | `string` | n/a | yes |
| [vault\_kubernetes\_auth\_path](#input\_vault\_kubernetes\_auth\_path) | Vault Kubernetes auth path | `string` | `"kubernetes"` | no |
| [vault\_namespace](#input\_vault\_namespace) | Vault namespace | `string` | n/a | yes |
| [vault\_token](#input\_vault\_token) | Vault token | `string` | n/a | yes |
| [vault\_transit\_secrets\_engine\_mount](#input\_vault\_transit\_secrets\_engine\_mount) | Override default Vault transit secrets engine mount | `string` | `"transit"` | no |## Outputs
| Name | Description |
|------|-------------|
| [boundary\_target\_postgres](#output\_boundary\_target\_postgres) | n/a |
| [boundary\_target\_postgres\_app](#output\_boundary\_target\_postgres\_app) | n/a |
| [database\_secret\_name](#output\_database\_secret\_name) | Name of secret with database admin credentials |
| [database\_static\_path](#output\_database\_static\_path) | Path to static secrets related to database service |
| [product\_database\_address](#output\_product\_database\_address) | n/a |
| [vault\_paths](#output\_vault\_paths) | n/a |