Rebase pr

.gitignore

@@ -35,4 +35,7 @@ terraform.rc
 
 .terraform.lock.hcl
 
-backend.hcl
+backend.hcl
+
+# vscode directory
+.vscode/*

README.md

@@ -1,26 +1,33 @@
 > Note: This module is in alpha state and is likely to contain bugs and updates may introduce breaking changes. It is not recommended for production use at this time.
 
 # Terraform Amazon Aurora
-Authors: David Wright ([email protected]) and Tony Vattahil ([email protected])
+Terraform module for automating deployment of Amazon Aurora and related resources following AWS best practices.
+
+## Supported Features
+- Aurora Provisioned cluster (MySQL & PostgreSQL)
+- Aurora Global databases (MySQL & PostgreSQL)
+
+## Deployment Procedure
 
 To deploy the Terraform Amazon Aurora module, do the following:
 
 1. Install Terraform. For instructions and a video tutorial, see [Install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli). 
 
-2. Sign up and log into Terraform Cloud. (There is a free tier available.)
+2. Sign up and log into [Terraform Cloud](https://www.terraform.io/cloud) (There is a free tier available).
+   1.  Create a [Terraform organization](https://www.terraform.io/docs/cloud/users-teams-organizations/organizations.html#creating-organizations).
 
-3. Configure Terraform Cloud API access. Run the following to generate a Terraform Cloud token from the command line interface:
-```
-terraform login
+3. Configure [Terraform Cloud API access](https://learn.hashicorp.com/tutorials/terraform/cloud-login). Run the following to generate a Terraform Cloud token from the command line interface:
+   ```
+   terraform login
 
---For Mac/Linux
-export TERRAFORM_CONFIG="$HOME/.terraform.d/credentials.tfrc.json"
+   --For Mac/Linux
+   export TERRAFORM_CONFIG="$HOME/.terraform.d/credentials.tfrc.json"
 
---For Windows
-export TERRAFORM_CONFIG="$HOME/AppData/Roaming/terraform.d/credentials.tfrc.json"
-```
+   --For Windows
+   export TERRAFORM_CONFIG="$HOME/AppData/Roaming/terraform.d/credentials.tfrc.json"
+   ```
 
-4. Configure the AWS Command Line Interface (AWS CLI). For more information, see [Configuring the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html).
+4. [Install](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) and [configure](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html) the AWS Command Line Interface (AWS CLI).
 
 5. If you don't have git installed, [install git](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git). 
 
@@ -32,15 +39,21 @@ export TERRAFORM_CONFIG="$HOME/AppData/Roaming/terraform.d/credentials.tfrc.json
 
    `cd terraform-aws-rds-aurora/`
 
-8. For setting up a new terraform workspace:
+8. Set up a new terraform workspace.
 
-      - `cd setup_workspace`
-      - `terraform init`
-      - `terraform apply`
-
-9. To create new VPC and deploy Aurora module:
+   ```
+   cd setup_workspace
+   terraform init
+   terraform apply
+   ```
+
+9. Deploy Aurora Terraform module.
+   1. To create VPC and deploy Aurora module
       - Change to the deploy directory. Run `cd ../deploy`
       - Initialize the deploy directory. Run `terraform init`.
       - Start a Terraform run using the configuration files in your deploy directory. Run `terraform apply`  or `terraform apply -var-file="$HOME/.aws/terraform.tfvars"` (Note: The deployment is remotely run in Terraform Cloud)
+   2. To deploy Aurora module into existing VPCs, pass the list of private subnets (var.Private_subnet_ids_p & var.Private_subnet_ids_s) directly to the Aurora module.
+
+## Authors and Contributors
 
-   For existing VPCs, pass the list of private subnets (var.Private_subnet_ids_p & var.Private_subnet_ids_s) directly to the Aurora module.
+David Wright ([email protected]), Tony Vattahil ([email protected]), Arabinda Pani ([email protected]) and [other contributors](https://github.com/aws-ia/terraform-aws-rds-aurora/graphs/contributors).

deploy/main.tf

@@ -67,18 +67,23 @@ module "aurora_vpc_s" {
 ######################################
 
 module "aurora" {
-  source     = "../"
-  region     = var.region
-  sec_region = var.sec_region
-  #vpc_id               = module.aurora_vpc.vpc_id
-  Private_subnet_ids_p = [module.aurora_vpc_p.private_subnet_1a_id, module.aurora_vpc_p.private_subnet_2a_id, module.aurora_vpc_p.private_subnet_3a_id]
-  Private_subnet_ids_s = var.setup_globaldb ? [module.aurora_vpc_s.private_subnet_1a_id, module.aurora_vpc_s.private_subnet_2a_id, module.aurora_vpc_s.private_subnet_3a_id] : null
-  engine               = var.engine
-  engine_version_pg    = var.engine_version_pg
-  engine_version_mysql = var.engine_version_mysql
-  password             = var.password
-  setup_globaldb       = var.setup_globaldb
-  tags                 = module.vpc_label.tags
-  monitoring_interval  = var.monitoring_interval
-  storage_encrypted    = var.storage_encrypted
+  source                   = "../"
+  region                   = var.region
+  sec_region               = var.sec_region
+  #vpc_id                  = module.aurora_vpc.vpc_id
+  Private_subnet_ids_p     = [module.aurora_vpc_p.private_subnet_1a_id, module.aurora_vpc_p.private_subnet_2a_id, module.aurora_vpc_p.private_subnet_3a_id]
+  Private_subnet_ids_s     = var.setup_globaldb ? [module.aurora_vpc_s.private_subnet_1a_id, module.aurora_vpc_s.private_subnet_2a_id, module.aurora_vpc_s.private_subnet_3a_id] : null
+  engine                   = var.engine
+  engine_version_pg        = var.engine_version_pg
+  engine_version_mysql     = var.engine_version_mysql
+  username                 = var.username
+  password                 = var.password
+  setup_globaldb           = var.setup_globaldb
+  setup_as_secondary       = var.setup_as_secondary
+  tags                     = module.vpc_label.tags
+  monitoring_interval      = var.monitoring_interval
+  storage_encrypted        = var.storage_encrypted
+  primary_instance_count   = var.primary_instance_count
+  secondary_instance_count = var.secondary_instance_count
+  snapshot_identifier      = var.snapshot_identifier
 }

deploy/variables.tf

@@ -1,10 +1,10 @@
 variable "region" {
-  description = "The name of the primary region you wish to deploy into"
+  description = "The name of the primary AWS region you wish to deploy into"
   default = "us-east-2"
 }
 
 variable "sec_region" {
-  description = "The name of the secondary region you wish to deploy into"
+  description = "The name of the secondary AWS region you wish to deploy into"
   default = "us-west-2"
 }
 
@@ -24,6 +24,13 @@ variable "delimiter" {
   description = "delimiter, which could be used between name, namespace and env"
   default     = "-"
 }
+
+variable "username" {
+  description = "Master DB username"
+  type        = string
+  default     = "root"
+}
+
 variable "password" {
   default     = ""
   description = "If no password is provided, a random password will be generated"
@@ -40,15 +47,15 @@ variable "engine" {
 }
 
 variable "engine_version_pg" {
-  description = "Aurora database engine version."
+  description = "Aurora PostgreSQL database engine version."
   type        = string
-  default     = "12.4"
+  default     = "13.3"
 }
 
 variable "engine_version_mysql" {
-  description = "Aurora database engine version."
+  description = "Aurora MySQL database engine version."
   type        = string
-  default     = "5.7.mysql_aurora.2.10.0"
+  default     = "5.7.mysql_aurora.2.10.1"
 }
 
 variable "setup_globaldb" {
@@ -57,6 +64,12 @@ variable "setup_globaldb" {
   default     = false
 }
 
+variable "setup_as_secondary" {
+  description = "Setup aws_rds_cluster.primary Terraform resource as Secondary Aurora cluster after an unplanned Aurora Global DB failover"
+  type        = bool
+  default     = false
+}
+
 variable "monitoring_interval" {
   description = "Enhanced Monitoring interval in seconds"
   type        = number
@@ -67,8 +80,23 @@ variable "monitoring_interval" {
   } 
 }
 
+variable "snapshot_identifier" {
+  description = "id of snapshot to restore. If you do not want to restore a db, leave the default empty string."
+  default     = ""
+}
+
 variable "storage_encrypted" {
-  description = "Specifies whether the underlying storage layer should be encrypted"
+  description = "Specifies whether the underlying Aurora storage layer should be encrypted"
   type        = bool
   default     = false
+}
+
+variable "primary_instance_count" {
+  description = "instance count for primary Aurora cluster"
+  default = 2
+}
+
+variable "secondary_instance_count" {
+  description = "instance count for secondary Aurora cluster"
+  default = 1
 }

locals.tf

@@ -114,4 +114,12 @@ locals {
     value        = 1
     apply_method = "immediate"
   }]
+
+  logs_set = compact([
+    var.enable_audit_log && (var.engine != "aurora-postgresql") ? "audit" : "",
+    var.enable_error_log && (var.engine != "aurora-postgresql") ? "error" : "",
+    var.enable_general_log && (var.engine != "aurora-postgresql") ? "general" : "",
+    var.enable_slowquery_log && (var.engine != "aurora-postgresql") ? "slowquery" : "",
+    var.enable_postgresql_log && (var.engine == "aurora-postgresql") ? "postgresql" : "",
+  ])
 }