SquareOps Technologies Your DevOps Partner for Accelerating cloud journey.
This Terraform module provisions an Amazon RDS PostgreSQL database on AWS. Amazon RDS (Relational Database Service) is a managed database service that makes it easy to set up, operate, and scale a relational database in the cloud. This module focuses specifically on PostgreSQL database deployments.
- Creates an Amazon RDS PostgreSQL database with customizable configurations.
- Supports various PostgreSQL versions and allows for easy updates.
- Configurable database instance class, storage capacity, and other PostgreSQL-specific settings.
- Provides options for enabling multi-AZ deployment for enhanced availability and disaster recovery.
- Allows customization of backup retention period and automated backups.
- Supports encryption at rest using AWS Key Management Service (KMS) for enhanced security.
- Enables fine-grained control over network access through security groups and VPC settings.
- Offers customizable tags for resource categorization and management.
- CloudWatch Alerts: Set up CloudWatch alarms to monitor the health and performance of your Redis cluster. Integrate these alarms with AWS Simple Notification Service (SNS) to receive real-time alerts. Use AWS Lambda functions to customize your alerting logic, and send notifications to Slack channels for immediate visibility into your RDS POstgresql status.
- Supports useful features to enable storage autoscaling and Replica configuration with desired number of replicas.
module "rds-pg" {
  source                           = "squareops/rds-postgresql/aws"
  name                             = "postgresql"
  db_name                          = "proddb"
  vpc_id                           = "vpc-047eb8acfb73"
  multi_az                         = false
  subnet_ids                       = ["subnet-b39cfc", "subnet-090b8d8"]
  environment                      = "prod"
  create_namespace                 = true
  storage_type                     = "gp3"
  cluster_name                     = ""
  replica_enable                   = false
  replica_count                    = 1
  kms_key_arn                      = "arn:aws:kms:region:2222222222:key/f8c8d802-a34b"
  storage_type                     = "gp3"
  engine_version                   = "15.2"
  instance_class                   = "db.m5.large"
  master_username                  = "pguser"
  allocated_storage                = "20"
  publicly_accessible              = false
  skip_final_snapshot              = true
  backup_window                    = "03:00-06:00"
  maintenance_window               = "Mon:00:00-Mon:03:00"
  major_engine_version             = "15.2"
  deletion_protection              = false
  allowed_security_groups          = ["sg-013cbf880"]
  final_snapshot_identifier_prefix = "final"
  cloudwatch_metric_alarms_enabled = true
  alarm_cpu_threshold_percent      = 70
  disk_free_storage_space          = "10000000" # in bytes
  slack_username                   = "John"
  slack_channel                    = "skaf-dev"
  slack_webhook_url                = "https://hooks/xxxxxxxx"
  custom_user_password             = "postgresqlpasswd"
    cluster_name              = ""
  namespace                 = local.namespace
  create_namespace          = local.create_namespace
  postgresdb_backup_enabled = false
  postgresdb_backup_config = {
    postgres_database_name = "" # Specify the database name or Leave empty if you wish to backup all databases
    cron_for_full_backup   = "*/2 * * * *" # set cronjob for backup
    bucket_uri             = "s3://mongodb-backups-atmosly" # s3 bucket uri
  }
  postgresdb_restore_enabled = false
  postgresdb_restore_config = {
    bucket_uri       = "s3://mongodb-backups-atmosly" #S3 bucket URI (without a trailing slash /) containing the backup dump file.
    backup_file_name = "db5_20241114111607.sql"  #Give .sql or .zip file for restore
  }
}Refer examples for more details.
The required IAM permissions to create resources from this module can be found here
| Name | Version | 
|---|---|
| terraform | >= 1.0 | 
| aws | >= 5.0.0 | 
| Name | Version | 
|---|---|
| archive | n/a | 
| aws | >= 5.0.0 | 
| random | n/a | 
| Name | Source | Version | 
|---|---|---|
| backup_restore | ./modules/db-backup-restore | n/a | 
| cw_sns_slack | ./lambda | n/a | 
| db | terraform-aws-modules/rds/aws | 6.1.0 | 
| db_replica | terraform-aws-modules/rds/aws | 6.1.0 | 
| security_group_rds | terraform-aws-modules/security-group/aws | ~> 5.0 | 
| Name | Type | 
|---|---|
| aws_cloudwatch_metric_alarm.cache_cpu | resource | 
| aws_cloudwatch_metric_alarm.disk_free_storage_space_too_low | resource | 
| aws_kms_ciphertext.slack_url | resource | 
| aws_kms_key.this | resource | 
| aws_lambda_permission.sns_lambda_slack_invoke | resource | 
| aws_secretsmanager_secret.secret_master_db | resource | 
| aws_secretsmanager_secret_version.rds_credentials | resource | 
| aws_security_group_rule.cidr_ingress | resource | 
| aws_security_group_rule.default_ingress | resource | 
| aws_sns_topic.slack_topic | resource | 
| aws_sns_topic_subscription.slack-endpoint | resource | 
| random_password.master | resource | 
| archive_file.lambdazip | data source | 
| aws_availability_zones.available | data source | 
| aws_region.current | data source | 
| Name | Description | Type | Default | Required | 
|---|---|---|---|---|
| additional_tags | A map of additional tags to apply to the AWS resources | map(string) | { | no | 
| alarm_actions | Alarm action list | list(string) | [] | no | 
| alarm_cpu_threshold_percent | CPU threshold alarm level | number | 75 | no | 
| allocated_storage | The allocated storage capacity for the database in gibibytes (GiB) | number | 20 | no | 
| allowed_cidr_blocks | A list of CIDR blocks that are allowed to access the database | list(any) | [] | no | 
| allowed_security_groups | A list of Security Group IDs to allow access to the database | list(any) | [] | no | 
| apply_immediately | Specifies whether any cluster modifications are applied immediately or during the next maintenance window | bool | false | no | 
| backup_retention_period | The number of days to retain backups for | number | 5 | no | 
| backup_window | The preferred window for taking automated backups of the database | string | "03:00-06:00" | no | 
| bucket_provider_type | Choose what type of provider you want (s3, gcs) | string | "s3" | no | 
| cloudwatch_metric_alarms_enabled | Boolean flag to enable/disable CloudWatch metrics alarms | bool | false | no | 
| cluster_name | Specifies the name of the EKS cluster to deploy the MySQL application on. | string | "" | no | 
| create_db_subnet_group | Whether to create a database subnet group | bool | true | no | 
| create_namespace | Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. | string | false | no | 
| create_security_group | Whether to create a security group for the database | bool | true | no | 
| custom_user_password | Custom password for the RDS master user | string | "" | no | 
| cw_sns_topic_arn | The username to use when sending notifications to Slack. | string | "" | no | 
| db_name | The name of the automatically created database on cluster creation | string | "" | no | 
| deletion_protection | Specifies whether accidental deletion protection is enabled | bool | true | no | 
| disk_free_storage_space | Alarm threshold for the 'lowFreeStorageSpace' alarm | string | "10000000000" | no | 
| enable_ssl_connection | Whether to enable SSL connection to the database | bool | false | no | 
| enable_storage_autoscaling | Whether enable storage autoscaling or not | bool | true | no | 
| engine | The name of the database engine to be used for this DB cluster | string | "postgres" | no | 
| engine_version | The database engine version. Updating this argument results in an outage | string | "" | no | 
| environment | Select enviroment type: dev, demo, prod | string | "" | no | 
| family | The version of the Postgresql DB family being created | string | "postgres15" | no | 
| final_snapshot_identifier_prefix | The prefix name for the final snapshot on cluster destroy | string | "final" | no | 
| instance_class | The instance type for the database | string | "db.m5.large" | no | 
| kms_key_arn | The ARN for the KMS encryption key. Set this to the destination KMS ARN when creating an encrypted replica. If storage_encrypted is set to true and kms_key_id is not specified, the default KMS key created in your account will be used | string | null | no | 
| maintenance_window | The preferred window for performing database maintenance | string | "Mon:00:00-Mon:03:00" | no | 
| major_engine_version | The major engine version for the database. Updating this argument results in an outage | string | "" | no | 
| manage_master_user_password | Whether to manage the master user password of the RDS primary cluster automatically | bool | false | no | 
| master_username | The username for the RDS primary cluster | string | "" | no | 
| max_allocated_storage | The Maximum storage capacity for the database value after autoscaling | number | null | no | 
| multi_az | Enable multi-AZ for disaster recovery | bool | false | no | 
| name | The name of the RDS instance | string | "" | no | 
| namespace | Name of the Kubernetes namespace where the MYSQL deployment will be deployed. | string | "postgresdb" | no | 
| ok_actions | The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN) | list(string) | [] | no | 
| performance_insights_enabled | Specifies whether Performance Insights are enabled | bool | false | no | 
| performance_insights_retention_period | The amount of time in days to retain Performance Insights data. Valid values are 7,731(2 years) or a multiple of31 | number | 7 | no | 
| port | The port number for the database | number | 5432 | no | 
| postgresdb_backup_config | configuration options for MySQL database backups. It includes properties such as the S3 bucket URI, the S3 bucket region, and the cron expression for full backups. | map(string) | { | no | 
| postgresdb_backup_enabled | Specifies whether to enable backups for MySQL database. | bool | false | no | 
| postgresdb_restore_config | Configuration options for restoring dump to the MySQL database. | any | { | no | 
| postgresdb_restore_enabled | Specifies whether to enable restoring dump to the MySQL database. | bool | false | no | 
| publicly_accessible | Specifies whether the RDS instance is publicly accessible over the internet | bool | false | no | 
| random_password_length | The length of the randomly generated password for the RDS primary cluster (default: 16) | number | 16 | no | 
| replica_count | The number of replica instance | number | 1 | no | 
| replica_enable | Whether enable replica DB | bool | false | no | 
| replicate_source_db | Specifies that this resource is a replicate database, and uses the specified value as the source database identifier | string | null | no | 
| skip_final_snapshot | Determines whether a final DB snapshot is created before the DB instance is deleted. If set to true, no DB snapshot is created. If set to false, a DB snapshot is created before the DB instance is deleted, using the value from final_snapshot_identifier | bool | true | no | 
| slack_channel | The Slack channel where notifications will be posted. | string | "" | no | 
| slack_notification_enabled | Whether to enable/disable slack notification. | bool | false | no | 
| slack_username | The username to use when sending notifications to Slack. | string | "" | no | 
| slack_webhook_url | The Slack Webhook URL where notifications will be sent. | string | "" | no | 
| snapshot_identifier | Specifies whether to create the database from a snapshot. Use the snapshot ID found in the RDS console, e.g., rds:production-2015-06-26-06-05 | string | null | no | 
| storage_encrypted | Specifies whether to enable database encryption | bool | true | no | 
| storage_type | The storage type for the database storage like gp2,gp3,io1 | string | "gp2" | no | 
| subnet_ids | A list of subnet IDs used by the database subnet group | list(any) | [] | no | 
| vpc_id | The ID of the VPC where the RDS cluster will be deployed | string | "" | no | 
| Name | Description | 
|---|---|
| db_instance_endpoint | Connection endpoint of the RDS instance. | 
| db_instance_name | Name of the database instance | 
| db_instance_password | Password for accessing the database. | 
| db_instance_username | Master username for accessing the database. | 
| db_name | The database name used in the RDS module | 
| db_parameter_group_id | ID of the parameter group associated with the RDS instance. | 
| db_subnet_group_id | ID of the subnet group associated with the RDS instance. | 
| master_credential_secret_arn | The ARN of the master user secret (Only available when manage_master_user_password is set to true) | 
| rds_dedicated_security_group | ID of the security group associated with the RDS instance. | 
| replica_db_instance_endpoint | Connection endpoint of the RDS instance. | 
| replica_db_instance_name | Name of the replica database s | 
To report an issue with a project:
- Check the repository's issue tracker on GitHub
- Search to check if the issue has already been reported
- If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Make sure to provide enough context and details.
Apache License, Version 2.0, January 2004 (https://www.apache.org/licenses/LICENSE-2.0)
To support our GitHub project by liking it, you can follow these steps:
- 
Visit the repository: Navigate to the GitHub repository 
- 
Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project. 
- 
Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes. 
Staring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.
We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.
- We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 5 years.
- Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
- Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
- DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
- Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.
- 24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.
We provide support on all of our projects, no matter how small or large they may be.
To find more information about our company, visit squareops.com, follow us on Linkedin, or fill out a job application. If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to contact us.
