From bf53103b2d955362b0f0383fb6ba9824cefbf9ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Roberto?= <31750084+jrpradojr@users.noreply.github.com> Date: Thu, 10 Feb 2022 10:47:56 -0300 Subject: [PATCH] Added option to specify backup and maintenance window on RDS and Aurora (#14) * Added option to specify backup and maintenance window on RDS and Aurora * terraform-docs: automated update action Co-authored-by: jrpradojr --- README.md | 5 ++++- _variables.tf | 20 +++++++++++++++++++- aurora.tf | 1 + rds.tf | 2 ++ 4 files changed, 26 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 312688c..fdbdb27 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ | allow\_security\_group\_ids | List of Security Group IDs to allow connection to this DB | `list(string)` | `[]` | no | | apply\_immediately | Apply changes immediately or wait for the maintainance window | `bool` | `true` | no | | backup | Enables automatic backup with AWS Backup | `bool` | n/a | yes | +| backup\_window | (RDS Only) The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance\_window | `string` | `"03:00-03:30"` | no | | cluster\_parameters | A list of Cluster parameters (map) to apply | `list(map(string))` | `[]` | no | | count\_aurora\_instances | Number of Aurora Instances | `number` | `"1"` | no | | create\_cluster\_parameter\_group | Whether to create a cluster parameter group | `bool` | `false` | no | @@ -49,6 +50,7 @@ | instance\_class | n/a | `string` | n/a | yes | | kms\_key\_arn | KMS Key ARN to use a CMK instead of default shared key, when storage\_encrypted is true | `string` | `""` | no | | license\_model | License model information for this DB instance (Optional, but required for some DB engines, i.e. Oracle SE1 and SQL Server) | `string` | `null` | no | +| maintenance\_window | (RDS Only) The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' | `string` | `"Sun:04:00-Sun:05:00"` | no | | major\_engine\_version | Specifies the major version of the engine that this option group should be associated with | `string` | `""` | no | | max\_allocated\_storage | Argument higher than the allocated\_storage to enable Storage Autoscaling, size in GB. 0 to disable Storage Autoscaling | `number` | `0` | no | | monitoring\_interval | The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance | `number` | `0` | no | @@ -63,7 +65,8 @@ | parameter\_group\_name | Name of the DB parameter group to associate or create | `string` | `null` | no | | performance\_insights\_enabled | Enable performance insights on instance | `bool` | `false` | no | | port | Port number for this DB (usually 3306 for MySQL and 5432 for Postgres) | `number` | n/a | yes | -| preferred\_backup\_window | Preferred Backup Window | `string` | `"07:00-09:00"` | no | +| preferred\_backup\_window | (Aurora Only) The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance\_window | `string` | `"07:00-09:00"` | no | +| preferred\_maintenance\_window | (Aurora Only) The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30 | `string` | `"Sun:04:00-Sun:05:00"` | no | | publicly\_accessible | (Optional) Bool to control if instance is publicly accessible | `bool` | `false` | no | | retention | Snapshot retention period in days | `number` | n/a | yes | | secret\_method | Use ssm for SSM parameters store which is the default option, or secretsmanager for AWS Secrets Manager | `string` | `"ssm"` | no | diff --git a/_variables.tf b/_variables.tf index 2244e17..154c8f3 100644 --- a/_variables.tf +++ b/_variables.tf @@ -138,7 +138,7 @@ variable "db_subnet_group_subnet_ids" { } variable "preferred_backup_window" { - description = "Preferred Backup Window" + description = "(Aurora Only) The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window" type = string default = "07:00-09:00" } @@ -296,3 +296,21 @@ variable "monitoring_interval" { description = "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance" default = 0 } + +variable "maintenance_window" { + type = string + description = "(RDS Only) The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00'" + default = "Sun:04:00-Sun:05:00" +} + +variable "backup_window" { + description = "(RDS Only) The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window" + type = string + default = "03:00-03:30" +} + +variable "preferred_maintenance_window" { + type = string + description = "(Aurora Only) The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30" + default = "Sun:04:00-Sun:05:00" +} diff --git a/aurora.tf b/aurora.tf index 02baa8f..c55b616 100644 --- a/aurora.tf +++ b/aurora.tf @@ -8,6 +8,7 @@ resource "aws_rds_cluster" "aurora_cluster" { master_password = random_string.rds_db_password.result backup_retention_period = var.retention preferred_backup_window = var.preferred_backup_window + preferred_maintenance_window = var.preferred_maintenance_window snapshot_identifier = var.snapshot_identifier != "" ? var.snapshot_identifier : null db_subnet_group_name = try(aws_db_subnet_group.rds_subnet_group[0].id, var.db_subnet_group_id) iam_database_authentication_enabled = var.iam_database_authentication_enabled diff --git a/rds.tf b/rds.tf index 2bb4275..caae0aa 100644 --- a/rds.tf +++ b/rds.tf @@ -33,6 +33,8 @@ resource "aws_db_instance" "rds_db" { enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports monitoring_interval = var.monitoring_interval monitoring_role_arn = var.monitoring_interval > 0 ? aws_iam_role.rds_monitoring[count.index].arn : "" + maintenance_window = var.maintenance_window + backup_window = var.backup_window tags = { Backup = var.backup