forked from terraform-aws-modules/terraform-aws-rds-aurora
-
Notifications
You must be signed in to change notification settings - Fork 0
/
variables.tf
749 lines (621 loc) · 24.4 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
variable "create" {
description = "Whether cluster should be created (affects nearly all resources)"
type = bool
default = true
}
variable "create_cluster" {
description = "Controls if RDS cluster should be created (it affects almost all resources)"
type = bool
default = true
}
variable "create_random_password" {
description = "Whether to create random password for RDS primary cluster"
type = bool
default = true
}
variable "password" {
description = "Master DB password"
type = string
default = ""
}
variable "name" {
description = "Name used across resources created"
type = string
default = ""
}
variable "tags" {
description = "A map of tags to add to all resources"
type = map(string)
default = {}
}
################################################################################
# DB Subnet Group
################################################################################
variable "create_db_subnet_group" {
description = "Determines whether to create the database subnet group or use existing"
type = bool
default = false
}
variable "db_subnet_group_name" {
description = "The name of the subnet group name (existing or created)"
type = string
default = ""
}
variable "db_subnet_group_name_instance" {
description = "The name of the subnet group name (existing or created) for the instances"
type = string
default = ""
}
variable "subnets" {
description = "List of subnet IDs used by database subnet group created"
type = list(string)
default = []
}
################################################################################
# Cluster
################################################################################
variable "is_primary_cluster" {
description = "Determines whether cluster is primary cluster with writer instance (set to `false` for global cluster and replica clusters)"
type = bool
default = true
}
variable "cluster_use_name_prefix" {
description = "Whether to use `name` as a prefix for the cluster"
type = bool
default = false
}
variable "allocated_storage" {
description = "The amount of storage in gibibytes (GiB) to allocate to each DB instance in the Multi-AZ DB cluster. (This setting is required to create a Multi-AZ DB cluster)"
type = number
default = null
}
variable "allow_major_version_upgrade" {
description = "Enable to allow major engine version upgrades when changing engine versions. Defaults to `false`"
type = bool
default = false
}
variable "apply_immediately" {
description = "Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is `false`"
type = bool
default = null
}
variable "availability_zones" {
description = "List of EC2 Availability Zones for the DB cluster storage where DB cluster instances can be created. RDS automatically assigns 3 AZs if less than 3 AZs are configured, which will show as a difference requiring resource recreation next Terraform apply"
type = list(string)
default = null
}
variable "backup_retention_period" {
description = "The days to retain backups for"
type = number
default = null
}
variable "backtrack_window" {
description = "The target backtrack window, in seconds. Only available for `aurora` engine currently. To disable backtracking, set this value to 0. Must be between 0 and 259200 (72 hours)"
type = number
default = null
}
variable "cluster_members" {
description = "List of RDS Instances that are a part of this cluster"
type = list(string)
default = null
}
variable "copy_tags_to_snapshot" {
description = "Copy all Cluster `tags` to snapshots"
type = bool
default = null
}
variable "database_name" {
description = "Name for an automatically created database on cluster creation"
type = string
default = null
}
variable "db_cluster_instance_class" {
description = "The compute and memory capacity of each DB instance in the Multi-AZ DB cluster, for example db.m6g.xlarge. Not all DB instance classes are available in all AWS Regions, or for all database engines"
type = string
default = null
}
variable "db_cluster_db_instance_parameter_group_name" {
description = "Instance parameter group to associate with all instances of the DB cluster. The `db_cluster_db_instance_parameter_group_name` is only valid in combination with `allow_major_version_upgrade`"
type = string
default = null
}
variable "delete_automated_backups" {
description = "Specifies whether to remove automated backups immediately after the DB cluster is deleted"
type = bool
default = null
}
variable "deletion_protection" {
description = "If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to `true`. The default is `false`"
type = bool
default = null
}
variable "enable_global_write_forwarding" {
description = "Whether cluster should forward writes to an associated global cluster. Applied to secondary clusters to enable them to forward writes to an `aws_rds_global_cluster`'s primary cluster"
type = bool
default = null
}
variable "enabled_cloudwatch_logs_exports" {
description = "Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: `audit`, `error`, `general`, `slowquery`, `postgresql`"
type = list(string)
default = []
}
variable "enable_http_endpoint" {
description = "Enable HTTP endpoint (data API). Only valid when engine_mode is set to `serverless`"
type = bool
default = null
}
variable "engine" {
description = "The name of the database engine to be used for this DB cluster. Defaults to `aurora`. Valid Values: `aurora`, `aurora-mysql`, `aurora-postgresql`"
type = string
default = null
}
variable "engine_mode" {
description = "The database engine mode. Valid values: `global`, `multimaster`, `parallelquery`, `provisioned`, `serverless`. Defaults to: `provisioned`"
type = string
default = "provisioned"
}
variable "engine_version" {
description = "The database engine version. Updating this argument results in an outage"
type = string
default = null
}
variable "final_snapshot_identifier" {
description = "The name of your final DB snapshot when this DB cluster is deleted. If omitted, no final snapshot will be made"
type = string
default = null
}
variable "global_cluster_identifier" {
description = "The global cluster identifier specified on `aws_rds_global_cluster`"
type = string
default = null
}
variable "iam_database_authentication_enabled" {
description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
type = bool
default = null
}
variable "iops" {
description = "The amount of Provisioned IOPS (input/output operations per second) to be initially allocated for each DB instance in the Multi-AZ DB cluster"
type = number
default = null
}
variable "kms_key_id" {
description = "The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to `true`"
type = string
default = null
}
variable "manage_master_user_password" {
description = "Set to true to allow RDS to manage the master user password in Secrets Manager. Cannot be set if `master_password` is provided"
type = bool
default = true
}
variable "master_user_secret_kms_key_id" {
description = "The Amazon Web Services KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key"
type = string
default = null
}
variable "master_password" {
description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. Required unless `manage_master_user_password` is set to `true` or unless `snapshot_identifier` or `replication_source_identifier` is provided or unless a `global_cluster_identifier` is provided when the cluster is the secondary cluster of a global database"
type = string
default = null
}
variable "master_username" {
description = "Username for the master DB user. Required unless `snapshot_identifier` or `replication_source_identifier` is provided or unless a `global_cluster_identifier` is provided when the cluster is the secondary cluster of a global database"
type = string
default = null
}
variable "network_type" {
description = "The type of network stack to use (IPV4 or DUAL)"
type = string
default = null
}
variable "port" {
description = "The port on which the DB accepts connections"
type = string
default = null
}
variable "preferred_backup_window" {
description = "The daily time range during which automated backups are created if automated backups are enabled using the `backup_retention_period` parameter. Time in UTC"
type = string
default = "02:00-03:00"
}
variable "preferred_maintenance_window" {
description = "The weekly time range during which system maintenance can occur, in (UTC)"
type = string
default = "sun:05:00-sun:06:00"
}
variable "replication_source_identifier" {
description = "ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica"
type = string
default = null
}
variable "restore_to_point_in_time" {
description = "Map of nested attributes for cloning Aurora cluster"
type = map(string)
default = {}
}
variable "s3_import" {
description = "Configuration map used to restore from a Percona Xtrabackup in S3 (only MySQL is supported)"
type = map(string)
default = {}
}
variable "scaling_configuration" {
description = "Map of nested attributes with scaling properties. Only valid when `engine_mode` is set to `serverless`"
type = map(string)
default = {}
}
variable "serverlessv2_scaling_configuration" {
description = "Map of nested attributes with serverless v2 scaling properties. Only valid when `engine_mode` is set to `provisioned`"
type = map(string)
default = {}
}
variable "skip_final_snapshot" {
description = "Determines whether a final snapshot is created before the cluster is deleted. If true is specified, no snapshot is created"
type = bool
default = false
}
variable "snapshot_identifier" {
description = "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot"
type = string
default = null
}
variable "source_region" {
description = "The source region for an encrypted replica DB cluster"
type = string
default = null
}
variable "storage_encrypted" {
description = "Specifies whether the DB cluster is encrypted. The default is `true`"
type = bool
default = true
}
variable "storage_type" {
description = "Determines the storage type for the DB cluster. Optional for Single-AZ, required for Multi-AZ DB clusters. Valid values for Single-AZ: `aurora`, `\"\"` (default, both refer to Aurora Standard), `aurora-iopt1` (Aurora I/O Optimized). Valid values for Multi-AZ: `io1` (default)."
type = string
default = null
}
variable "cluster_tags" {
description = "A map of tags to add to only the cluster. Used for AWS Instance Scheduler tagging"
type = map(string)
default = {}
}
variable "vpc_security_group_ids" {
description = "List of VPC security groups to associate to the cluster in addition to the security group created"
type = list(string)
default = []
}
variable "cluster_timeouts" {
description = "Create, update, and delete timeout configurations for the cluster"
type = map(string)
default = {}
}
################################################################################
# Cluster Instance(s)
################################################################################
variable "instances" {
description = "Map of cluster instances and any specific/overriding attributes to be created"
type = any
default = {}
}
variable "auto_minor_version_upgrade" {
description = "Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default `true`"
type = bool
default = null
}
variable "ca_cert_identifier" {
description = "The identifier of the CA certificate for the DB instance"
type = string
default = null
}
variable "db_parameter_group_name" {
description = "The name of the DB parameter group"
type = string
default = null
}
variable "instances_use_identifier_prefix" {
description = "Determines whether cluster instance identifiers are used as prefixes"
type = bool
default = false
}
variable "instance_class" {
description = "Instance type to use at master instance. Note: if `autoscaling_enabled` is `true`, this will be the same instance class used on instances created by autoscaling"
type = string
default = ""
}
variable "monitoring_interval" {
description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to `0` to disable. Default is `0`"
type = number
default = 0
}
variable "performance_insights_enabled" {
description = "Specifies whether Performance Insights is enabled or not"
type = bool
default = null
}
variable "performance_insights_kms_key_id" {
description = "The ARN for the KMS key to encrypt Performance Insights data"
type = string
default = null
}
variable "performance_insights_retention_period" {
description = "Amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years)"
type = number
default = null
}
variable "publicly_accessible" {
description = "Determines whether instances are publicly accessible. Default `false`"
type = bool
default = null
}
variable "instance_timeouts" {
description = "Create, update, and delete timeout configurations for the cluster instance(s)"
type = map(string)
default = {}
}
variable "cluster_identifier_instance" {
description = "The cluster identifier for instances"
type = string
default = null
}
################################################################################
# Cluster Endpoint(s)
################################################################################
variable "endpoints" {
description = "Map of additional cluster endpoints and their attributes to be created"
type = any
default = {}
}
################################################################################
# Cluster IAM Roles
################################################################################
variable "iam_roles" {
description = "Map of IAM roles and supported feature names to associate with the cluster"
type = map(map(string))
default = {}
}
################################################################################
# Enhanced Monitoring
################################################################################
variable "create_monitoring_role" {
description = "Determines whether to create the IAM role for RDS enhanced monitoring"
type = bool
default = true
}
variable "monitoring_role_arn" {
description = "IAM role used by RDS to send enhanced monitoring metrics to CloudWatch"
type = string
default = ""
}
variable "iam_role_name" {
description = "Friendly name of the monitoring role"
type = string
default = null
}
variable "iam_role_use_name_prefix" {
description = "Determines whether to use `iam_role_name` as is or create a unique name beginning with the `iam_role_name` as the prefix"
type = bool
default = false
}
variable "iam_role_description" {
description = "Description of the monitoring role"
type = string
default = null
}
variable "iam_role_path" {
description = "Path for the monitoring role"
type = string
default = null
}
variable "iam_role_managed_policy_arns" {
description = "Set of exclusive IAM managed policy ARNs to attach to the monitoring role"
type = list(string)
default = null
}
variable "iam_role_permissions_boundary" {
description = "The ARN of the policy that is used to set the permissions boundary for the monitoring role"
type = string
default = null
}
variable "iam_role_force_detach_policies" {
description = "Whether to force detaching any policies the monitoring role has before destroying it"
type = bool
default = null
}
variable "iam_role_max_session_duration" {
description = "Maximum session duration (in seconds) that you want to set for the monitoring role"
type = number
default = null
}
################################################################################
# Autoscaling
################################################################################
variable "autoscaling_enabled" {
description = "Determines whether autoscaling of the cluster read replicas is enabled"
type = bool
default = false
}
variable "autoscaling_max_capacity" {
description = "Maximum number of read replicas permitted when autoscaling is enabled"
type = number
default = 2
}
variable "autoscaling_min_capacity" {
description = "Minimum number of read replicas permitted when autoscaling is enabled"
type = number
default = 0
}
variable "autoscaling_policy_name" {
description = "Autoscaling policy name"
type = string
default = "target-metric"
}
variable "predefined_metric_type" {
description = "The metric type to scale on. Valid values are `RDSReaderAverageCPUUtilization` and `RDSReaderAverageDatabaseConnections`"
type = string
default = "RDSReaderAverageCPUUtilization"
}
variable "autoscaling_scale_in_cooldown" {
description = "Cooldown in seconds before allowing further scaling operations after a scale in"
type = number
default = 300
}
variable "autoscaling_scale_out_cooldown" {
description = "Cooldown in seconds before allowing further scaling operations after a scale out"
type = number
default = 300
}
variable "autoscaling_target_cpu" {
description = "CPU threshold which will initiate autoscaling"
type = number
default = 70
}
variable "autoscaling_target_connections" {
description = "Average number of connections threshold which will initiate autoscaling. Default value is 70% of db.r4/r5/r6g.large's default max_connections"
type = number
default = 700
}
################################################################################
# Security Group
################################################################################
variable "create_security_group" {
description = "Determines whether to create security group for RDS cluster"
type = bool
default = true
}
variable "security_group_name" {
description = "The security group name. Default value is (`var.name`)"
type = string
default = ""
}
variable "security_group_use_name_prefix" {
description = "Determines whether the security group name (`var.name`) is used as a prefix"
type = bool
default = true
}
variable "security_group_description" {
description = "The description of the security group. If value is set to empty string it will contain cluster name in the description"
type = string
default = null
}
variable "vpc_id" {
description = "ID of the VPC where to create security group"
type = string
default = ""
}
variable "security_group_rules" {
description = "Map of security group rules to add to the cluster security group created"
type = any
default = {}
}
variable "security_group_tags" {
description = "Additional tags for the security group"
type = map(string)
default = {}
}
################################################################################
# Cluster Parameter Group
################################################################################
variable "create_db_cluster_parameter_group" {
description = "Determines whether a cluster parameter should be created or use existing"
type = bool
default = false
}
variable "db_cluster_parameter_group_name" {
description = "The name of the DB cluster parameter group"
type = string
default = null
}
variable "db_cluster_parameter_group_use_name_prefix" {
description = "Determines whether the DB cluster parameter group name is used as a prefix"
type = bool
default = true
}
variable "db_cluster_parameter_group_description" {
description = "The description of the DB cluster parameter group. Defaults to \"Managed by Terraform\""
type = string
default = null
}
variable "db_cluster_parameter_group_family" {
description = "The family of the DB cluster parameter group"
type = string
default = ""
}
variable "db_cluster_parameter_group_parameters" {
description = "A list of DB cluster parameters to apply. Note that parameters may differ from a family to an other"
type = list(map(string))
default = []
}
################################################################################
# DB Parameter Group
################################################################################
variable "create_db_parameter_group" {
description = "Determines whether a DB parameter should be created or use existing"
type = bool
default = false
}
variable "db_parameter_group_use_name_prefix" {
description = "Determines whether the DB parameter group name is used as a prefix"
type = bool
default = true
}
variable "db_parameter_group_description" {
description = "The description of the DB parameter group. Defaults to \"Managed by Terraform\""
type = string
default = null
}
variable "db_parameter_group_family" {
description = "The family of the DB parameter group"
type = string
default = ""
}
variable "db_parameter_group_parameters" {
description = "A list of DB parameters to apply. Note that parameters may differ from a family to an other"
type = list(map(string))
default = []
}
variable "putin_khuylo" {
description = "Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!"
type = bool
default = true
}
################################################################################
# CloudWatch Log Group
################################################################################
variable "create_cloudwatch_log_group" {
description = "Determines whether a CloudWatch log group is created for each `enabled_cloudwatch_logs_exports`"
type = bool
default = false
}
variable "cloudwatch_log_group_retention_in_days" {
description = "The number of days to retain CloudWatch logs for the DB instance"
type = number
default = 7
}
variable "cloudwatch_log_group_kms_key_id" {
description = "The ARN of the KMS Key to use when encrypting log data"
type = string
default = null
}
################################################################################
# Cluster Activity Stream
################################################################################
variable "create_db_cluster_activity_stream" {
description = "Determines whether a cluster activity stream is created."
type = bool
default = false
}
variable "db_cluster_activity_stream_mode" {
description = "Specifies the mode of the database activity stream. Database events such as a change or access generate an activity stream event. One of: sync, async"
type = string
default = null
}
variable "db_cluster_activity_stream_kms_key_id" {
description = "The AWS KMS key identifier for encrypting messages in the database activity stream"
type = string
default = null
}
variable "engine_native_audit_fields_included" {
description = "Specifies whether the database activity stream includes engine-native audit fields. This option only applies to an Oracle DB instance. By default, no engine-native audit fields are included"
type = bool
default = false
}