AWS RDS Instances Setup Using Terraform
Posted By : Faisal Ansari | 31-Aug-2019
Terraform
Terraform allows you to build, change and improve infrastructure safely and predictably. It is an open-source tool that encodes APIs into declarative configuration files that can be edited, shared, reviewed, coded and versioned among all the team members.
Why Terraform for launching AWS RDS instance
When doing manually we have configured various things such as parameter group, subnet group, security group and many more.
There can be several errors while launching RDS manually for each environment, there are several chances something unexpectedly goes wrong.
Using Terraform to launch AWS RDS Instance
Prerequisite
AWS access key and secret access key.
Steps
1. We will first download and configure terraform first.
2. Download terraform first from https://www.terraform.io/downloads.html
3. The setting is very easy after download move terraforms in a separate directory and mention its $path in your file system.
4. Now make a separate folder for your project. For example, I will be using rds-terra
mkdir rds-terra
cd rds-terra
5. In the folder, oodles create a file main.tf and enter the following data
nano main.tf
This file includes all your modules and AWS access key.
6. Enter the following data into the file.
provider "aws" {
access_key = "${var.access_key}"
secret_key = "${var.secret_key}"
region = "${var.region}"
}
replace all the values with your respective values.
7. Now create a folder named Database.
mkdir Database
8. In it create three files in folder Database
touch output.tf main.tf variables.tf
9. Enter the following data in the following files on by one.
-
In main.tf
resource "aws_db_subnet_group" "DB-SubnetGroup" {
subnet_ids = ["${var.subnet1}","${var.subnet2}"]
}
resource "aws_db_parameter_group" "PM-Group" {
family = "mysql5.7"
name = "${var.name}"
}
resource "aws_security_group" "allow_tlsss" {
name = "${var.name}-allow_tlsss"
description = "Allow TLS inbound traffic"
vpc_id = "${var.vpc_id}"
ingress {
# TLS (change to whatever ports you need)
from_port = 3306
to_port = 3306
protocol = "tcp"
# Please limit your entry to IPs and ports that are only necessary.
# Opening to 0.0.0.0/0 can lead to security vulnerabilities please change if it is production environment.
cidr_blocks = ["${var.cidrblocks}"]
}
tags = {
Name = "allow_all"
}
}
resource "aws_db_instance" "DB-Chart" {
db_subnet_group_name = "${aws_db_subnet_group.DB-SubnetGroup.name}"
parameter_group_name = "${aws_db_parameter_group.PM-Group.name}"
availability_zone = "${var.azzone}"
allocated_storage = 20
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7"
instance_class = "${var.db_chart_instance_class}"
name = "${var.db_chart_instance_name}"
username = "${var.db_chart_master_username}"
password = "${var.db_chart_master_password}"
identifier = "${var.name}-chart"
apply_immediately = true
final_snapshot_identifier = "${var.name}-chart"
skip_final_snapshot = true
multi_az = false
vpc_security_group_ids = ["${aws_security_group.allow_tlsss.id}"]
Replace the values with your respective values.
-
In variabels.tf use the following variables format to provide your variable info accordingly
variable "subnet1" {}
variable "subnet2" {}
variable "name" {}
variable "azzone" {}
variable "db_chart_instance_class" {}
variable "db_chart_master_username" {}
variable "db_chart_master_password" {}
variable "db_chart_instance_name" {}
variable "vpc_id" {}
variable "cidr" {}
variable "cidrblocks" {}
Leave Output.tf as blank
10. Now return to parent main.tf in which we provided access key and insert the following data by replacing your respective values.
module "Databases" {
source = "./Database"
name = "${var.name}"
subnet1 = "${module.VPC.subnet_ids}"
subnet2 = "${module.VPC.subnet_idsa}"
azzone = "${module.EC2.azzone}"
vpc_id = "${var.vpc_id}"
db_chart_instance_name = "${var.db_chart_instance_name}"
db_chart_instance_class = "${var.db_chart_instance_class}"
db_chart_master_username = "${var.db_chart_master_username}"
db_chart_master_password = "${var.db_chart_master_password}"
cidr = "${module.VPC.cidrblock}"
cidrblocks = "${module.EC2.PrivateIPAddress}/32"
}
Now your Code is ready let's try run terraform and launch our database rds instance automatically. Run the following command.
terraform plan
terraform init
terraform apply
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Faisal Ansari
He is an tech evangelist and has a keen interest in the field of Cloud and IOT.He's also very adaptive to latest technologies and open source tools.At spare time he likes to read and do blogs on latest technologies.