feat(rds): add basic rds module and dev-rds environment

2025-11-17 13:22:58 +08:00 · 2025-11-17 13:22:58 +08:00 · 00a315ea4c
commit 00a315ea4c
parent 4420416bf1
7 changed files with 188 additions and 0 deletions
--- a/iac-template/terraform-standard/config/resources/dev-rds/rds.yaml
+++ b/iac-template/terraform-standard/config/resources/dev-rds/rds.yaml
@ -0,0 +1,33 @@
+name_prefix: "dev-rds"
+
+engine: "postgres"
+engine_version: "15.5"
+instance_class: "db.t3.micro"
+
+username: "admin"
+password: "StrongPassword123"
+
+allocated_storage: 20
+max_allocated_storage: 100
+
+multi_az: false
+
+publicly_accessible: false
+
+subnet_ids:
+  - "subnet-aaa"
+  - "subnet-bbb"
+
+vpc_security_group_ids:
+  - "sg-xxxx"
+
+parameters:
+  - name: "log_min_duration_statement"
+    value: "1000"
+  - name: "log_statement"
+    value: "ddl"
+
+tags:
+  Environment: "dev"
+  Owner: "Platform"
+
--- a/iac-template/terraform-standard/envs/dev-rds/Makefile
+++ b/iac-template/terraform-standard/envs/dev-rds/Makefile
@ -0,0 +1,17 @@
+
+SHELL := /bin/bash
+
+TF=terraform
+
+init:
+	$(TF) init --upgrade
+
+plan:
+	$(TF) plan
+
+apply:
+	$(TF) apply -auto-approve
+
+destroy:
+	$(TF) destroy -auto-approve
+
--- a/iac-template/terraform-standard/envs/dev-rds/main.tf
+++ b/iac-template/terraform-standard/envs/dev-rds/main.tf
@ -0,0 +1,36 @@
+
+locals {
+  account = yamldecode(
+    file("${path.root}/../../config/accounts/dev.yaml")
+  )
+
+  rds_conf = yamldecode(
+    file("${path.root}/../../config/resources/dev-rds/rds.yaml")
+  )
+}
+
+module "rds" {
+  source = "../../modules/rds"
+
+  name_prefix            = local.rds_conf.name_prefix
+  engine                 = local.rds_conf.engine
+  engine_version         = local.rds_conf.engine_version
+  instance_class         = local.rds_conf.instance_class
+
+  username               = local.rds_conf.username
+  password               = local.rds_conf.password
+
+  allocated_storage      = local.rds_conf.allocated_storage
+  max_allocated_storage  = local.rds_conf.max_allocated_storage
+
+  multi_az               = local.rds_conf.multi_az
+  publicly_accessible    = local.rds_conf.publicly_accessible
+
+  subnet_ids             = local.rds_conf.subnet_ids
+  vpc_security_group_ids = local.rds_conf.vpc_security_group_ids
+
+  parameters             = local.rds_conf.parameters
+
+  tags = merge(local.account.tags, local.rds_conf.tags)
+}
+
--- a/iac-template/terraform-standard/envs/dev-rds/outputs.tf
+++ b/iac-template/terraform-standard/envs/dev-rds/outputs.tf
@ -0,0 +1,8 @@
+output "rds_endpoint" {
+  value = module.rds.endpoint
+}
+
+output "rds_arn" {
+  value = module.rds.arn
+}
+
--- a/iac-template/terraform-standard/modules/rds/main.tf
+++ b/iac-template/terraform-standard/modules/rds/main.tf
@ -0,0 +1,53 @@
+resource "aws_db_subnet_group" "this" {
+  name       = "${var.name_prefix}-subnet-group"
+  subnet_ids = var.subnet_ids
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-subnet-group"
+  })
+}
+
+resource "aws_db_parameter_group" "this" {
+  name   = "${var.name_prefix}-pg"
+  family = "${var.engine}${substr(var.engine_version, 0, 2)}"  # auto detect "postgres15"
+
+  dynamic "parameter" {
+    for_each = var.parameters
+
+    content {
+      name  = parameter.value.name
+      value = parameter.value.value
+    }
+  }
+
+  tags = merge(var.tags, {
+    Name = "${var.name_prefix}-pg"
+  })
+}
+
+resource "aws_db_instance" "this" {
+  identifier              = var.name_prefix
+
+  engine                  = var.engine
+  engine_version          = var.engine_version
+  instance_class          = var.instance_class
+
+  username                = var.username
+  password                = var.password
+
+  allocated_storage       = var.allocated_storage
+  max_allocated_storage   = var.max_allocated_storage
+
+  multi_az                = var.multi_az
+  publicly_accessible     = var.publicly_accessible
+
+  db_subnet_group_name    = aws_db_subnet_group.this.name
+  vpc_security_group_ids  = var.vpc_security_group_ids
+  parameter_group_name    = aws_db_parameter_group.this.name
+
+  skip_final_snapshot     = true
+
+  tags = merge(var.tags, {
+    Name = var.name_prefix
+  })
+}
--- a/iac-template/terraform-standard/modules/rds/outputs.tf
+++ b/iac-template/terraform-standard/modules/rds/outputs.tf
@ -0,0 +1,7 @@
+output "endpoint" {
+  value = aws_db_instance.this.endpoint
+}
+
+output "arn" {
+  value = aws_db_instance.this.arn
+}
--- a/iac-template/terraform-standard/modules/rds/variables.tf
+++ b/iac-template/terraform-standard/modules/rds/variables.tf
@ -0,0 +1,34 @@
+variable "name_prefix" { type = string }
+
+variable "engine" { type = string }
+variable "engine_version" { type = string }
+variable "instance_class" { type = string }
+
+variable "username" { type = string }
+variable "password" { type = string }
+
+variable "allocated_storage" { type = number }
+variable "max_allocated_storage" { type = number }
+
+variable "multi_az" { type = bool }
+variable "publicly_accessible" { type = bool }
+
+variable "subnet_ids" {
+  type = list(string)
+}
+
+variable "vpc_security_group_ids" {
+  type = list(string)
+}
+
+variable "parameters" {
+  type = list(object({
+    name  = string
+    value = string
+  }))
+  default = []
+}
+
+variable "tags" {
+  type = map(string)
+}