-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrds.tf
47 lines (44 loc) · 1.6 KB
/
rds.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
resource "aws_security_group" "rds_sg" {
name = "rds-sg"
vpc_id = aws_vpc.bastion_project_vpc.id
}
resource "aws_security_group_rule" "rds_ingress_5432" {
type = "ingress"
from_port = 5432
to_port = 5432
protocol = "tcp"
source_security_group_id = aws_security_group.bastion_sg.id
security_group_id = aws_security_group.rds_sg.id
}
# Create the RDS PostgreSQL database instance
resource "aws_db_instance" "rds_instance" {
allocated_storage = 10
engine = "postgres"
engine_version = "11"
instance_class = "db.t3.micro"
username = "master"
password = "password"
db_subnet_group_name = aws_db_subnet_group.rds-subnet-group.name
vpc_security_group_ids = [aws_security_group.rds_sg.id]
identifier = "postgresql"
skip_final_snapshot = true
deletion_protection = false
multi_az = false
}
# Create the database subnet group, associated with the created subnet
resource "aws_db_subnet_group" "rds-subnet-group" {
name = "rds-subnet-group"
subnet_ids = [aws_subnet.db_subnet_1.id, aws_subnet.db_subnet_2.id]
}
# Create a subnet for the RDS subnet group
resource "aws_subnet" "db_subnet_1" {
vpc_id = aws_vpc.bastion_project_vpc.id
cidr_block = "10.0.3.0/24"
availability_zone = "us-east-1a"
}
# Create a subnet for the RDS subnet group
resource "aws_subnet" "db_subnet_2" {
vpc_id = aws_vpc.bastion_project_vpc.id
cidr_block = "10.0.2.0/24"
availability_zone = "us-east-1b"
}