Merge pull request #5 from AndreyMulin/master

RDS Storage type and parameters

Author: sugdyzhekov

rds.tf

@@ -9,7 +9,7 @@ resource "aws_db_instance" "default" {
   skip_final_snapshot                 = true
   allocated_storage                   = local.disk_size
   max_allocated_storage               = 1000
-  storage_type                        = "gp2"
+  storage_type                        = local.storage_type
   storage_encrypted                   = true
   multi_az                            = local.multi_az
   backup_window                       = local.backup_window
@@ -23,8 +23,11 @@ resource "aws_db_instance" "default" {
   enabled_cloudwatch_logs_exports     = local.logs_set
   monitoring_interval                 = local.enhanced_monitoring_interval
   performance_insights_enabled        = local.performance_insights_enabled
-  iam_database_authentication_enabled = true
+  iam_database_authentication_enabled = local.iam_database_authentication_enabled
   tags                                = local.tags
+  lifecycle {
+    ignore_changes = [password]
+  }
 }
 
 resource "aws_db_instance" "parameterized" {
@@ -39,7 +42,7 @@ resource "aws_db_instance" "parameterized" {
   skip_final_snapshot                 = true
   allocated_storage                   = local.disk_size
   max_allocated_storage               = 1000
-  storage_type                        = "gp2"
+  storage_type                        = local.storage_type
   storage_encrypted                   = true
   multi_az                            = local.multi_az
   backup_window                       = local.backup_window
@@ -53,6 +56,9 @@ resource "aws_db_instance" "parameterized" {
   enabled_cloudwatch_logs_exports     = local.logs_set
   monitoring_interval                 = local.enhanced_monitoring_interval
   performance_insights_enabled        = local.performance_insights_enabled
-  iam_database_authentication_enabled = true
+  iam_database_authentication_enabled = local.iam_database_authentication_enabled
   tags                                = local.tags
+  lifecycle {
+    ignore_changes = [password]
+  }
 }

variables.tf

@@ -97,47 +97,61 @@ variable "deletion_protection" {
   description = "The database can't be deleted when this value is set to true."
   default     = false
 }
+variable "storage_type" {
+  description = "One of 'standard', 'gp2', 'gp3' (new generation of general purpose SSD), or 'io1'."
+  default     = "gp3"
+}
+variable "identifier" {
+  description = "The name of the RDS instance"
+  default     = ""
+}
+variable "iam_database_authentication_enabled" {
+  description = "Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled"
+  default     = true
+}
 
 locals {
-  name                    = var.name
-  id                      = lower(replace(var.name, " ", "-"))
-  subnet_group_name       = lower(replace(var.name, " ", "-"))
-  username                = var.username == "" ? random_pet.username.id : var.username
-  password                = var.password == "" ? random_password.password.result : var.password
-  database                = var.database == "" ? random_pet.db_name.id : var.database
-  parameter_group_name    = var.parameter_group_name
-  rds_with_param_group    = local.parameter_group_name == "" ? 0 : 1
-  rds_without_param_group = local.parameter_group_name == "" ? 1 : 0
-  parameter_prefix        = var.parameter_prefix == "" ? "" : "${var.parameter_prefix}/${local.id}"
-  store_parameters        = var.parameter_prefix == "" ? 0 : 1
-  instance_type           = var.instance_type
-  engine_version          = var.engine_version
-  family                  = "mysql${var.engine_version}"
-  disk_size               = var.disk_size
-  multi_az                = var.multi_az
-  backup_window           = var.backup_window
-  backup_retention_period = var.backup_retention_period
-  publicly_accessible     = var.publicly_accessible
-  apply_immediately       = var.apply_immediately
-  deletion_protection     = var.deletion_protection
-  trusted_cidr_blocks     = var.trusted_cidr_blocks
-  db_subnets              = var.db_subnets
-  vpc_id                  = data.aws_subnet.default.vpc_id
-  address                 = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.address) : join("", aws_db_instance.parameterized.*.address)
-  hosted_zone_id          = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.hosted_zone_id) : join("", aws_db_instance.parameterized.*.hosted_zone_id)
-  rds_id                  = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.id) : join("", aws_db_instance.parameterized.*.id)
-  logs_set = compact([
+  name                                = var.name
+  id                                  = length(var.identifier) > 0 ? var.identifier : lower(replace(var.name, " ", "-"))
+  subnet_group_name                   = lower(replace(var.name, " ", "-"))
+  username                            = var.username == "" ? random_pet.username.id : var.username
+  password                            = var.password == "" ? random_password.password.result : var.password
+  database                            = var.database == "" ? random_pet.db_name.id : var.database
+  parameter_group_name                = var.parameter_group_name
+  rds_with_param_group                = local.parameter_group_name == "" ? 0 : 1
+  rds_without_param_group             = local.parameter_group_name == "" ? 1 : 0
+  parameter_prefix                    = var.parameter_prefix == "" ? "" : "${var.parameter_prefix}/${local.id}"
+  store_parameters                    = var.parameter_prefix == "" ? 0 : 1
+  instance_type                       = var.instance_type
+  engine_version                      = var.engine_version
+  family                              = "mysql${var.engine_version}"
+  disk_size                           = var.disk_size
+  multi_az                            = var.multi_az
+  backup_window                       = var.backup_window
+  backup_retention_period             = var.backup_retention_period
+  publicly_accessible                 = var.publicly_accessible
+  apply_immediately                   = var.apply_immediately
+  deletion_protection                 = var.deletion_protection
+  trusted_cidr_blocks                 = var.trusted_cidr_blocks
+  db_subnets                          = var.db_subnets
+  vpc_id                              = data.aws_subnet.default.vpc_id
+  address                             = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.address) : join("", aws_db_instance.parameterized.*.address)
+  hosted_zone_id                      = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.hosted_zone_id) : join("", aws_db_instance.parameterized.*.hosted_zone_id)
+  rds_id                              = local.parameter_group_name == "" ? join("", aws_db_instance.default.*.id) : join("", aws_db_instance.parameterized.*.id)
+  storage_type                        = var.storage_type
+  iam_database_authentication_enabled = var.iam_database_authentication_enabled
+  logs_set                            = compact([
     var.enable_audit_log ? "audit" : "",
     var.enable_error_log ? "error" : "",
     var.enable_general_log ? "general" : "",
     var.enable_slowquery_log ? "slowquery" : "",
   ])
   enhanced_monitoring_interval = var.enhanced_monitoring_interval
   performance_insights_enabled = var.performance_insights_enabled
-  tags = merge({
+  tags                         = merge({
     Name          = var.name,
     Module        = "RDS MySQL"
-    ModuleVersion = "v0.4.0"
+    ModuleVersion = "v0.5.0"
     ModuleSource  = "https://github.com/jetbrains-infra/terraform-aws-rds-mysql"
   }, var.tags)
 }