From 9b6c0431f9903a84f50ee91d4ee407ec65929bb3 Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Tue, 9 Jun 2015 11:02:19 -0400 Subject: [PATCH 1/7] Initial commit for aws-rds example --- examples/aws-rds/README.md | 0 examples/aws-rds/main.tf | 17 ++++++++++++ examples/aws-rds/outputs.tf | 6 +++++ examples/aws-rds/sg-variables.tf | 9 +++++++ examples/aws-rds/sg.tf | 22 ++++++++++++++++ examples/aws-rds/subnet-variables.tf | 24 +++++++++++++++++ examples/aws-rds/subnets.tf | 19 ++++++++++++++ examples/aws-rds/variables.tf | 39 ++++++++++++++++++++++++++++ 8 files changed, 136 insertions(+) create mode 100644 examples/aws-rds/README.md create mode 100644 examples/aws-rds/main.tf create mode 100644 examples/aws-rds/outputs.tf create mode 100644 examples/aws-rds/sg-variables.tf create mode 100644 examples/aws-rds/sg.tf create mode 100644 examples/aws-rds/subnet-variables.tf create mode 100644 examples/aws-rds/subnets.tf create mode 100644 examples/aws-rds/variables.tf diff --git a/examples/aws-rds/README.md b/examples/aws-rds/README.md new file mode 100644 index 0000000000..e69de29bb2 diff --git a/examples/aws-rds/main.tf b/examples/aws-rds/main.tf new file mode 100644 index 0000000000..87a7f80301 --- /dev/null +++ b/examples/aws-rds/main.tf @@ -0,0 +1,17 @@ +resource "aws_db_instance" "default" { + identifier = "${var.identifier}" + allocated_storage = "${var.storage}" + engine = "${var.engine}" + engine_version = "${var.engine}" + instance_class = "${var.engine_version}" + name = "${var.db_name}" + username = "${var.username}" + password = "${var.password}" + vpc_security_group_ids = ["aws_security_group.default.id"] +} + +resource "aws_db_subnet_group" "default" { + name = "main" + description = "Our main group of subnets" + subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"] +} diff --git a/examples/aws-rds/outputs.tf b/examples/aws-rds/outputs.tf new file mode 100644 index 0000000000..eca564b84c --- /dev/null +++ b/examples/aws-rds/outputs.tf @@ -0,0 +1,6 @@ +output "subnet_group" { + value = "${aws_db_subnet_group.default.name}" +} +output "subnet_group" { + value = "${aws_db_subnet_group.default.name}" +} \ No newline at end of file diff --git a/examples/aws-rds/sg-variables.tf b/examples/aws-rds/sg-variables.tf new file mode 100644 index 0000000000..9c1e5b7193 --- /dev/null +++ b/examples/aws-rds/sg-variables.tf @@ -0,0 +1,9 @@ +variable "cidr_blocks" { + default = ""0.0.0.0/0"" + description = "CIDR for sg" +} + +variable "sg_name" { + default = ""rds_sg"" + description = "Tag Name for sg" +} \ No newline at end of file diff --git a/examples/aws-rds/sg.tf b/examples/aws-rds/sg.tf new file mode 100644 index 0000000000..c1e81b5b93 --- /dev/null +++ b/examples/aws-rds/sg.tf @@ -0,0 +1,22 @@ +resource "aws_security_group" "default" { + name = "main_rds_sg" + description = "Allow all inbound traffic" + + ingress { + from_port = 0 + to_port = 65535 + protocol = "TCP" + cidr_blocks = ["${var.cidr_blocks}"] + } + + egress { + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = "0.0.0.0/0" + } + + tags { + Name = "${var.sg_name}" + } +} diff --git a/examples/aws-rds/subnet-variables.tf b/examples/aws-rds/subnet-variables.tf new file mode 100644 index 0000000000..00fe950dfa --- /dev/null +++ b/examples/aws-rds/subnet-variables.tf @@ -0,0 +1,24 @@ +variable "subnet_1_cidr" { + default = "10.0.1.0/24" + description = "Your AZ" +} + +variable "subnet_2_cidr" { + default = "10.0.2.0/24" + description = "Your AZ" +} + +variable "az_1" { + default = "us-east-1b" + description = "Your AZ" +} + +variable "az_2" { + default = "us-east-1c" + description = "Your AZ" +} + +variable "vpc_id" { + default = "vpc-b6090dd3" + description = "Your VPC ID" +} \ No newline at end of file diff --git a/examples/aws-rds/subnets.tf b/examples/aws-rds/subnets.tf new file mode 100644 index 0000000000..5de7d0d82b --- /dev/null +++ b/examples/aws-rds/subnets.tf @@ -0,0 +1,19 @@ +resource "aws_subnet" "subnet_1" { + vpc_id = "${var.vpc_id}" + cidr_block = "${var.subnet_1_cidr}" + availability_zone = "${var.az_1}" + + tags { + Name = "main_subnet1" + } +} + +resource "aws_subnet" "subnet_2" { + vpc_id = "${var.vpc_id}" + cidr_block = "${var.subnet_2_cidr}" + availability_zone = "${var.az_2}" + + tags { + Name = "main_subnet2" + } +} diff --git a/examples/aws-rds/variables.tf b/examples/aws-rds/variables.tf new file mode 100644 index 0000000000..62f3432ec6 --- /dev/null +++ b/examples/aws-rds/variables.tf @@ -0,0 +1,39 @@ +variable "identifier" { + default = "mydb-rds" + description = "Idnetifier for your DB" +} + +variable "storage" { + default = "10" + description = "Storage size in GB" +} + +variable "engine" { + default = "mysql" + description = "Engine type, supported values mysql" +} + +variable "engine_version" { + default = "5.6.17" + description = "Engine version" +} + +variable "instance_class" { + default = "db.t1.micro" + description = "Instance class" +} + +variable "db_name" { + default = "mydb" + description = "db name" +} + +variable "username" { + default = "user" + description = "User name" +} + +variable "password" { + default = "abcd1234" + description = "password" +} From 074f1ed6258208f4f4f57509c2181d987c72cad1 Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Tue, 9 Jun 2015 12:37:22 -0400 Subject: [PATCH 2/7] Added postgres option --- examples/aws-rds/README.md | 15 +++++++++++++++ examples/aws-rds/main.tf | 10 ++++++---- examples/aws-rds/outputs.tf | 7 +++++-- examples/aws-rds/sg-variables.tf | 4 ++-- examples/aws-rds/sg.tf | 3 ++- examples/aws-rds/subnet-variables.tf | 5 ++--- examples/aws-rds/variables.tf | 13 ++++++++----- 7 files changed, 40 insertions(+), 17 deletions(-) diff --git a/examples/aws-rds/README.md b/examples/aws-rds/README.md index e69de29bb2..f54cd393fc 100644 --- a/examples/aws-rds/README.md +++ b/examples/aws-rds/README.md @@ -0,0 +1,15 @@ +## Creating an RDS insatnce in AWS + +This example provides sample configuration for creating a mysql or postgres insatnce. For Oracle/SQL Servers, replace default values with appropriate values, they are not included in sample since the number of options are high. + +The example creates db subnet groups and a VPC security group as inputs to the instance creation + +For AWS provider, set up your AWS environment as outlined in https://www.terraform.io/docs/providers/aws/index.html + +If you need to use existing security groups and subnets, remove the sg.tf and subnets.tf files and replace the corresponidng sections in main.tf under aws_db_instance + +Several paraneters are externalized, review the different variables.tf files and change them to fit your needs. Carefully review the CIDR blocks, egress/ingress rules, availability zones that are very specific to your account. + +Once ready run 'terraform plan' to review. At the minimum, provide the vpc_id as input variable. + +Once satisfied with plan, run 'terraform apply' \ No newline at end of file diff --git a/examples/aws-rds/main.tf b/examples/aws-rds/main.tf index 87a7f80301..d292a38af9 100644 --- a/examples/aws-rds/main.tf +++ b/examples/aws-rds/main.tf @@ -1,17 +1,19 @@ resource "aws_db_instance" "default" { + depends_on = "aws_security_group.default" identifier = "${var.identifier}" allocated_storage = "${var.storage}" engine = "${var.engine}" - engine_version = "${var.engine}" - instance_class = "${var.engine_version}" + engine_version = "${lookup(var.engine_version, var.engine)}" + instance_class = "${var.instance_class}" name = "${var.db_name}" username = "${var.username}" password = "${var.password}" - vpc_security_group_ids = ["aws_security_group.default.id"] + vpc_security_group_ids = ["${aws_security_group.default.id}"] + db_subnet_group_name = "${aws_db_subnet_group.default.id}" } resource "aws_db_subnet_group" "default" { - name = "main" + name = "main_subnet_group" description = "Our main group of subnets" subnet_ids = ["${aws_subnet.subnet_1.id}", "${aws_subnet.subnet_2.id}"] } diff --git a/examples/aws-rds/outputs.tf b/examples/aws-rds/outputs.tf index eca564b84c..0a3214ff3f 100644 --- a/examples/aws-rds/outputs.tf +++ b/examples/aws-rds/outputs.tf @@ -1,6 +1,9 @@ output "subnet_group" { value = "${aws_db_subnet_group.default.name}" } -output "subnet_group" { - value = "${aws_db_subnet_group.default.name}" +output "db_instance_id" { + value = "${aws_db_instance.default.id}" +} +output "db_instance_address" { + value = "${aws_db_instance.default.address}" } \ No newline at end of file diff --git a/examples/aws-rds/sg-variables.tf b/examples/aws-rds/sg-variables.tf index 9c1e5b7193..8e8cb3172b 100644 --- a/examples/aws-rds/sg-variables.tf +++ b/examples/aws-rds/sg-variables.tf @@ -1,9 +1,9 @@ variable "cidr_blocks" { - default = ""0.0.0.0/0"" + default = "0.0.0.0/0" description = "CIDR for sg" } variable "sg_name" { - default = ""rds_sg"" + default = "rds_sg" description = "Tag Name for sg" } \ No newline at end of file diff --git a/examples/aws-rds/sg.tf b/examples/aws-rds/sg.tf index c1e81b5b93..c55b0799de 100644 --- a/examples/aws-rds/sg.tf +++ b/examples/aws-rds/sg.tf @@ -1,6 +1,7 @@ resource "aws_security_group" "default" { name = "main_rds_sg" description = "Allow all inbound traffic" + vpc_id = "${var.vpc_id}" ingress { from_port = 0 @@ -13,7 +14,7 @@ resource "aws_security_group" "default" { from_port = 0 to_port = 0 protocol = "-1" - cidr_blocks = "0.0.0.0/0" + cidr_blocks = ["0.0.0.0/0"] } tags { diff --git a/examples/aws-rds/subnet-variables.tf b/examples/aws-rds/subnet-variables.tf index 00fe950dfa..07512d9ae8 100644 --- a/examples/aws-rds/subnet-variables.tf +++ b/examples/aws-rds/subnet-variables.tf @@ -10,15 +10,14 @@ variable "subnet_2_cidr" { variable "az_1" { default = "us-east-1b" - description = "Your AZ" + description = "Your Az1, use AWS CLI to find your account specific" } variable "az_2" { default = "us-east-1c" - description = "Your AZ" + description = "Your Az2, use AWS CLI to find your account specific" } variable "vpc_id" { - default = "vpc-b6090dd3" description = "Your VPC ID" } \ No newline at end of file diff --git a/examples/aws-rds/variables.tf b/examples/aws-rds/variables.tf index 62f3432ec6..af15eb8574 100644 --- a/examples/aws-rds/variables.tf +++ b/examples/aws-rds/variables.tf @@ -9,17 +9,20 @@ variable "storage" { } variable "engine" { - default = "mysql" - description = "Engine type, supported values mysql" + default = "postgres" + description = "Engine type, example values mysql, postgres" } variable "engine_version" { - default = "5.6.17" description = "Engine version" + default = { + mysql = "5.6.22" + postgres = "9.4.1" + } } variable "instance_class" { - default = "db.t1.micro" + default = "db.t2.micro" description = "Instance class" } @@ -29,7 +32,7 @@ variable "db_name" { } variable "username" { - default = "user" + default = "myuser" description = "User name" } From 4dd8175535bdc0571b2d45653e5816ba16533ffc Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Thu, 11 Jun 2015 09:58:48 -0400 Subject: [PATCH 3/7] Removed default password, forcing the user to enter while executing --- examples/aws-rds/README.md | 2 ++ examples/aws-rds/variables.tf | 3 +-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/examples/aws-rds/README.md b/examples/aws-rds/README.md index f54cd393fc..1a2915f705 100644 --- a/examples/aws-rds/README.md +++ b/examples/aws-rds/README.md @@ -8,6 +8,8 @@ For AWS provider, set up your AWS environment as outlined in https://www.terrafo If you need to use existing security groups and subnets, remove the sg.tf and subnets.tf files and replace the corresponidng sections in main.tf under aws_db_instance +Pass the password variable through your ENV variable. + Several paraneters are externalized, review the different variables.tf files and change them to fit your needs. Carefully review the CIDR blocks, egress/ingress rules, availability zones that are very specific to your account. Once ready run 'terraform plan' to review. At the minimum, provide the vpc_id as input variable. diff --git a/examples/aws-rds/variables.tf b/examples/aws-rds/variables.tf index af15eb8574..9a006f0a8b 100644 --- a/examples/aws-rds/variables.tf +++ b/examples/aws-rds/variables.tf @@ -37,6 +37,5 @@ variable "username" { } variable "password" { - default = "abcd1234" - description = "password" + description = "password, provide through your ENV variables" } From 22c42c4687a3ac6c12a184e3a2eef56f03484b99 Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Thu, 11 Jun 2015 10:07:18 -0400 Subject: [PATCH 4/7] new lines --- examples/aws-rds/sg-variables.tf | 3 ++- examples/aws-rds/subnet-variables.tf | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/examples/aws-rds/sg-variables.tf b/examples/aws-rds/sg-variables.tf index 8e8cb3172b..a1fefe4130 100644 --- a/examples/aws-rds/sg-variables.tf +++ b/examples/aws-rds/sg-variables.tf @@ -6,4 +6,5 @@ variable "cidr_blocks" { variable "sg_name" { default = "rds_sg" description = "Tag Name for sg" -} \ No newline at end of file +} + diff --git a/examples/aws-rds/subnet-variables.tf b/examples/aws-rds/subnet-variables.tf index 07512d9ae8..35c695088b 100644 --- a/examples/aws-rds/subnet-variables.tf +++ b/examples/aws-rds/subnet-variables.tf @@ -20,4 +20,5 @@ variable "az_2" { variable "vpc_id" { description = "Your VPC ID" -} \ No newline at end of file +} + From 67fe2e7c24827753b982fee7965ca16e876acb32 Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Mon, 15 Jun 2015 17:37:42 -0400 Subject: [PATCH 5/7] missing new line --- examples/aws-rds/outputs.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/aws-rds/outputs.tf b/examples/aws-rds/outputs.tf index 0a3214ff3f..1bf2b0cb8f 100644 --- a/examples/aws-rds/outputs.tf +++ b/examples/aws-rds/outputs.tf @@ -6,4 +6,5 @@ output "db_instance_id" { } output "db_instance_address" { value = "${aws_db_instance.default.address}" -} \ No newline at end of file +} + From f0acc149476c88b045ade9807909a640e9031ae4 Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Mon, 15 Jun 2015 19:46:40 -0400 Subject: [PATCH 6/7] Update README.md --- examples/aws-rds/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/aws-rds/README.md b/examples/aws-rds/README.md index 1a2915f705..dfc8e3746b 100644 --- a/examples/aws-rds/README.md +++ b/examples/aws-rds/README.md @@ -1,4 +1,4 @@ -## Creating an RDS insatnce in AWS +## Creating an RDS instance in AWS This example provides sample configuration for creating a mysql or postgres insatnce. For Oracle/SQL Servers, replace default values with appropriate values, they are not included in sample since the number of options are high. @@ -14,4 +14,4 @@ Several paraneters are externalized, review the different variables.tf files and Once ready run 'terraform plan' to review. At the minimum, provide the vpc_id as input variable. -Once satisfied with plan, run 'terraform apply' \ No newline at end of file +Once satisfied with plan, run 'terraform apply' From 80dbf3ba76c568a4f9c384578b284f397cfea2bb Mon Sep 17 00:00:00 2001 From: Sathiya Shunmugasundaram Date: Mon, 15 Jun 2015 21:56:08 -0400 Subject: [PATCH 7/7] Typo correction --- examples/aws-rds/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/aws-rds/variables.tf b/examples/aws-rds/variables.tf index 9a006f0a8b..ad3156b1be 100644 --- a/examples/aws-rds/variables.tf +++ b/examples/aws-rds/variables.tf @@ -1,6 +1,6 @@ variable "identifier" { default = "mydb-rds" - description = "Idnetifier for your DB" + description = "Identifier for your DB" } variable "storage" {