How to create an RDS instance with Terraform
·
2 min read
Terraform's RDS support makes it easy to create a database instance. Here's a cheatsheet:
resource "aws_db_instance" "mydb1" {
allocated_storage = 256 # gigabytes
backup_retention_period = 7 # in days
db_subnet_group_name = "${var.rds_public_subnet_group}"
engine = "postgres"
engine_version = "9.5.4"
identifier = "mydb1"
instance_class = "db.r3.large"
multi_az = false
name = "mydb1"
parameter_group_name = "mydbparamgroup1" # if you have tuned it
password = "${trimspace(file("${path.module}/secrets/mydb1-password.txt"))}"
port = 5432
publicly_accessible = true
storage_encrypted = true # you should always do this
storage_type = "gp2"
username = "mydb1"
vpc_security_group_ids = ["${aws_security_group.mydb1.id}"]
}
Here's the security group you need:
resource "aws_security_group" "mydb1" {
name = "mydb1"
description = "RDS postgres servers (terraform-managed)"
vpc_id = "${var.rds_vpc_id}"
# Only postgres in
ingress {
from_port = 5432
to_port = 5432
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
# Allow all outbound traffic.
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
You can get these values from the EC2 console (don't forget them!):
variable "rds_vpc_id" {
default = "vpc-XXXXXXXX"
description = "Our default RDS virtual private cloud (rds_vpc)."
}
variable "rds_public_subnets" {
default = "subnet-YYYYYYYY,subnet-YYYYYYYY,subnet-YYYYYYYY,subnet-YYYYYYYY"
description = "The public subnets of our RDS VPC rds-vpc."
}
variable "rds_public_subnet_group" {
default = "default-vpc-XXXXXXXX"
description = "Apparently the group name, according to the RDS launch wizard."
}