Small fixes on naming and to work with secrets manager (#7)

DNXLabs · Oct 22, 2021 · 9f09559 · 9f09559
1 parent bd457a5
commit 9f09559
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 8 deletions.
diff --git a/aurora.tf b/aurora.tf
@@ -1,6 +1,6 @@
 resource "aws_rds_cluster" "aurora_cluster" {
   count                               = var.db_type == "aurora" ? 1 : 0
-  cluster_identifier                  = var.identifier
+  cluster_identifier                  = var.identifier == "" ? "${var.environment_name}-${var.name}" : var.identifier
   engine                              = var.engine
   engine_version                      = var.engine_version
   database_name                       = var.database_name
@@ -17,7 +17,7 @@ resource "aws_rds_cluster" "aurora_cluster" {
 
 resource "aws_rds_cluster_instance" "cluster_instances" {
   count                   = var.db_type == "aurora" ? var.count_aurora_instances : 0
-  identifier              = "${var.identifier}-${count.index}"
+  identifier              = var.identifier == "" ? "${var.environment_name}-${var.name}-${count.index}" : "${var.identifier}-${count.index}"
   cluster_identifier      = aws_rds_cluster.aurora_cluster[0].id
   instance_class          = var.instance_class
   engine                  = aws_rds_cluster.aurora_cluster[0].engine

diff --git a/secrets-manager.tf b/secrets-manager.tf
@@ -1,6 +1,6 @@
 resource "aws_secretsmanager_secret" "rds" {
   count                   = var.secret_method == "secretsmanager" ? 1 : 0
-  name                    = "/rds/${var.environment_name}-${var.identifier}"
+  name                    = var.identifier == "" ? "/rds/${var.environment_name}-${var.name}" : "/rds/${var.identifier}"
   recovery_window_in_days = 0
 }
 
@@ -16,14 +16,10 @@ locals {
     reader_endpoint = var.db_type == "aurora" ? aws_rds_cluster.aurora_cluster[0].reader_endpoint : "null"
   }
   rds_secret = local.secrets
-
-
 }
 
-
 resource "aws_secretsmanager_secret_version" "rds" {
   count         = var.secret_method == "secretsmanager" ? 1 : 0
   secret_id     = aws_secretsmanager_secret.rds[0].id
   secret_string = jsonencode(local.rds_secret)
-
 }
diff --git a/ssm.tf b/ssm.tf
@@ -19,6 +19,7 @@ resource "aws_ssm_parameter" "rds_db_user" {
 }
 
 resource "aws_ssm_parameter" "rds_endpoint" {
+  count       = var.secret_method == "ssm" ? 1 : 0
   name        = "/rds/${var.environment_name}-${var.name}/ENDPOINT"
   description = "RDS Endpoint"
   type        = "String"
@@ -27,14 +28,15 @@ resource "aws_ssm_parameter" "rds_endpoint" {
 
 
 resource "aws_ssm_parameter" "rds_reader_endpoint" {
-  count       = var.db_type == "aurora" ? 1 : 0
+  count       = var.db_type == "aurora" && var.secret_method == "ssm" ? 1 : 0
   name        = "/rds/${var.environment_name}-${var.name}/READER_ENDPOINT"
   description = "RDS Reader Endpoint"
   type        = "String"
   value       = aws_rds_cluster.aurora_cluster[0].reader_endpoint
 }
 
 resource "aws_ssm_parameter" "rds_db_address" {
+  count       = var.secret_method == "ssm" ? 1 : 0
   name        = "/rds/${var.environment_name}-${var.name}/HOST"
   description = "RDS Hostname"
   type        = "String"