Merge pull request #5 from yuvraj-squareops1/main

added replica option and fixes for storage autoscaling

Author: RohitSquareops

README.md

@@ -0,0 +1,58 @@
+## PostgreSQL with Replica Example
+![squareops_avatar]
+
+[squareops_avatar]: https://squareops.com/wp-content/uploads/2022/12/squareops-logo.png
+
+### [SquareOps Technologies](https://squareops.com/) Your DevOps Partner for Accelerating cloud journey.
+<br>
+
+This example will be very useful for users who are new to a module and want to quickly learn how to use it. By reviewing the examples, users can gain a better understanding of how the module works, what features it supports, and how to customize it to their specific needs.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.43.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.43.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_kms"></a> [kms](#module\_kms) | terraform-aws-modules/kms/aws | n/a |
+| <a name="module_rds-pg"></a> [rds-pg](#module\_rds-pg) | squareops/rds-postgresql/aws | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | squareops/vpc/aws | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_instance_endpoint"></a> [instance\_endpoint](#output\_instance\_endpoint) | Connection endpoint of the RDS instance. |
+| <a name="output_instance_name"></a> [instance\_name](#output\_instance\_name) | Name of the database instance. |
+| <a name="output_instance_password"></a> [instance\_password](#output\_instance\_password) | Password for accessing the database (Note: Terraform does not track this password after initial creation). |
+| <a name="output_instance_username"></a> [instance\_username](#output\_instance\_username) | Master username for accessing the database. |
+| <a name="output_master_user_secret_arn"></a> [master\_user\_secret\_arn](#output\_master\_user\_secret\_arn) | n/a |
+| <a name="output_parameter_group_id"></a> [parameter\_group\_id](#output\_parameter\_group\_id) | ID of the parameter group associated with the RDS instance. |
+| <a name="output_rds-mysql_replica_db_instance_name"></a> [rds-mysql\_replica\_db\_instance\_name](#output\_rds-mysql\_replica\_db\_instance\_name) | The name of the database instance |
+| <a name="output_replica_instances_endpoints"></a> [replica\_instances\_endpoints](#output\_replica\_instances\_endpoints) | Connection endpoint of the RDS replica instances. |
+| <a name="output_security_group"></a> [security\_group](#output\_security\_group) | ID of the security group associated with the RDS instance. |
+| <a name="output_subnet_group_id"></a> [subnet\_group\_id](#output\_subnet\_group\_id) | ID of the subnet group associated with the RDS instance. |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/complete-psql-replica/README.md

@@ -0,0 +1,113 @@
+locals {
+  region      = "us-east-2"
+  name        = "postgresql"
+  family      = "postgres15"
+  vpc_cidr    = "10.20.0.0/16"
+  environment = "prod"
+  storage_type  = "gp3"
+  engine_version = "15.2"
+  instance_class = "db.m5d.large"
+  replica_enable = true
+  replica_count = 1
+  current_identity = data.aws_caller_identity.current.arn
+  allowed_security_groups = ["sg-0a680afd35"]
+  additional_tags = {
+    Owner      = "Organization_Name"
+    Expires    = "Never"
+    Department = "Engineering"
+  }
+}
+
+data "aws_caller_identity" "current" {}
+data "aws_region" "current" {}
+
+module "kms" {
+  source = "terraform-aws-modules/kms/aws"
+
+  deletion_window_in_days = 7
+  description             = "Complete key example showing various configurations available"
+  enable_key_rotation     = true
+  is_enabled              = true
+  key_usage               = "ENCRYPT_DECRYPT"
+  multi_region            = true
+
+  # Policy
+  enable_default_policy                  = true
+  key_owners                             = [local.current_identity]
+  key_administrators                     = [local.current_identity]
+  key_users                              = [local.current_identity]
+  key_service_users                      = [local.current_identity]
+  key_statements = [
+    {
+      sid = "CloudWatchLogs"
+      actions = [
+        "kms:Encrypt*",
+        "kms:Decrypt*",
+        "kms:ReEncrypt*",
+        "kms:GenerateDataKey*",
+        "kms:Describe*"
+      ]
+      resources = ["*"]
+
+      principals = [
+        {
+          type        = "AWS"
+          identifiers = ["*"]
+        }
+      ]
+    }
+  ]
+
+  # Aliases
+  aliases = ["${local.name}"]
+
+  tags = local.additional_tags
+}
+
+
+module "vpc" {
+  source                = "squareops/vpc/aws"
+  name                  = local.name
+  vpc_cidr              = local.vpc_cidr
+  environment           = local.environment
+  availability_zones    = ["us-east-2a", "us-east-2b"]
+  public_subnet_enabled = true
+  auto_assign_public_ip = true
+  intra_subnet_enabled                            = false
+  private_subnet_enabled                          = true
+  one_nat_gateway_per_az                          = false
+  database_subnet_enabled                         = true
+}
+
+module "rds-pg" {
+  source                           = "squareops/rds-postgresql/aws"
+  name                             = local.name
+  db_name                          = "postgres"
+  family                           = local.family
+  multi_az                         = "true"
+  vpc_id                           = module.vpc.vpc_id
+  subnet_ids                       = module.vpc.database_subnets ## db subnets
+  environment                      = local.environment
+  replica_enable                   = local.replica_enable
+  replica_count                    = local.replica_count
+  kms_key_arn                      = module.kms.key_arn
+  storage_type                     = local.storage_type
+  engine_version                   = local.engine_version
+  instance_class                   = local.instance_class
+  master_username                  = "pguser"
+  allocated_storage                = "20"
+  max_allocated_storage            = 120
+  publicly_accessible              = false
+  skip_final_snapshot              = true
+  backup_window                    = "03:00-06:00"
+  maintenance_window               = "Mon:00:00-Mon:03:00"
+  final_snapshot_identifier_prefix = "final"
+  major_engine_version             = local.engine_version
+  deletion_protection              = true
+  cloudwatch_metric_alarms_enabled = true
+  alarm_cpu_threshold_percent      = 70
+  disk_free_storage_space          = "10000000" # in bytes
+  slack_username                   = "Admin"
+  slack_channel                    = "postgresql-notification"
+  slack_webhook_url                = "https://hooks/xxxxxxxx"
+}

examples/complete-psql-replica/main.tf

@@ -0,0 +1,48 @@
+output "instance_endpoint" {
+  description = "Connection endpoint of the RDS instance."
+  value       = module.rds-pg.db_instance_endpoint
+}
+output "replica_instances_endpoints" {
+  description = "Connection endpoint of the RDS replica instances."
+  value       = module.rds-pg.replica_db_instance_endpoint
+}
+
+output "instance_name" {
+  description = "Name of the database instance."
+  value       = module.rds-pg.db_instance_name
+}
+
+output "rds-mysql_replica_db_instance_name" {
+  description = "The name of the database instance"
+  value       = module.rds-pg.replica_db_instance_name
+}
+
+output "instance_username" {
+  description = "Master username for accessing the database."
+  value       = module.rds-pg.db_instance_username
+}
+
+output "instance_password" {
+  description = "Password for accessing the database (Note: Terraform does not track this password after initial creation)."
+  value       = module.rds-pg.db_instance_password
+  sensitive = false
+}
+
+output "security_group" {
+  description = "ID of the security group associated with the RDS instance."
+  value       = module.rds-pg.rds_dedicated_security_group
+}
+
+output "parameter_group_id" {
+  description = "ID of the parameter group associated with the RDS instance."
+  value       = module.rds-pg.db_parameter_group_id
+}
+
+output "subnet_group_id" {
+  description = "ID of the subnet group associated with the RDS instance."
+  value       = module.rds-pg.db_subnet_group_id
+}
+
+output "master_user_secret_arn" {
+  value = module.rds-pg.master_credential_secret_arn
+}

examples/complete-psql-replica/output.tf

@@ -0,0 +1,6 @@
+provider "aws" {
+  region = local.region
+  default_tags {
+    tags = local.additional_tags
+  }
+}

examples/complete-psql-replica/provider.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.43.0"
+    }
+  }
+}

examples/complete-psql-replica/version.tf

@@ -18,17 +18,24 @@ This example will be very useful for users who are new to a module and want to q
 
 ## Providers
 
-No providers.
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.43.0 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_kms"></a> [kms](#module\_kms) | terraform-aws-modules/kms/aws | n/a |
 | <a name="module_rds-pg"></a> [rds-pg](#module\_rds-pg) | squareops/rds-postgresql/aws | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | squareops/vpc/aws | n/a |
 
 ## Resources
 
-No resources.
+| Name | Type |
+|------|------|
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
@@ -42,7 +49,10 @@ No inputs.
 | <a name="output_instance_name"></a> [instance\_name](#output\_instance\_name) | Name of the database instance. |
 | <a name="output_instance_password"></a> [instance\_password](#output\_instance\_password) | Password for accessing the database (Note: Terraform does not track this password after initial creation). |
 | <a name="output_instance_username"></a> [instance\_username](#output\_instance\_username) | Master username for accessing the database. |
+| <a name="output_master_user_secret_arn"></a> [master\_user\_secret\_arn](#output\_master\_user\_secret\_arn) | n/a |
 | <a name="output_parameter_group_id"></a> [parameter\_group\_id](#output\_parameter\_group\_id) | ID of the parameter group associated with the RDS instance. |
+| <a name="output_rds-mysql_replica_db_instance_name"></a> [rds-mysql\_replica\_db\_instance\_name](#output\_rds-mysql\_replica\_db\_instance\_name) | The name of the database instance |
+| <a name="output_replica_instances_endpoints"></a> [replica\_instances\_endpoints](#output\_replica\_instances\_endpoints) | Connection endpoint of the RDS replica instances. |
 | <a name="output_security_group"></a> [security\_group](#output\_security\_group) | ID of the security group associated with the RDS instance. |
 | <a name="output_subnet_group_id"></a> [subnet\_group\_id](#output\_subnet\_group\_id) | ID of the subnet group associated with the RDS instance. |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->