Skip to content

Rds mysql module with import support #363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
aditya-facets wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Rds mysql module with import support #363

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
5257ab7
added rds module for mysql
aditya-facets May 22, 2025
c69d022
commit as per ftf validations
aditya-facets May 22, 2025
97de3a7
updated outputs
aditya-facets May 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
100 changes: 59 additions & 41 deletions modules/mysql/rds/0.1/facets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,23 @@
intent: mysql
flavor: rds
version: "0.1"
version: '0.1'
description: Adds MYSQL module of flavor rds
clouds:
- aws
- aws
inputs:
network_details:
optional: false
type: '@outputs/aws_vpc'
default:
resource_type: network
resource_name: default
outputs:
default:
type: '@outputs/mysql'
imports:
- name: mysql_master_instance
resource_address: module.rds-mysql-master.module.db_instance.aws_db_instance.this[0]
required: true
spec:
title: RDS
type: object
Expand All @@ -13,10 +27,10 @@ spec:
title: MySQL Version
description: Version of MySQL
minLength: 1
x-ui-placeholder: "Ex. 8.0"
x-ui-placeholder: Ex. 8.0
enum:
- "8.0"
- "5.7"
- '8.0'
- '5.7'
size:
type: object
title: Size
Expand All @@ -32,20 +46,20 @@ spec:
title: Instance Type
description: Type of Instance for Reader
enum:
- db.t4g.medium
- db.t3.medium
- db.t3.small
- db.t3.micro
- db.t3.large
- db.t3.xlarge
- db.t3.2xlarge
- db.t2.micro
- db.t2.small
- db.t2.medium
- db.t2.large
x-ui-placeholder: "Select writer instance type"
- db.t4g.medium
- db.t3.medium
- db.t3.small
- db.t3.micro
- db.t3.large
- db.t3.xlarge
- db.t3.2xlarge
- db.t2.micro
- db.t2.small
- db.t2.medium
- db.t2.large
x-ui-placeholder: Select writer instance type
required:
- instance
- instance
reader:
type: object
title: Reader
Expand All @@ -56,53 +70,57 @@ spec:
title: Instance Type
description: Type of Instance for Reader
enum:
- db.t4g.medium
- db.t3.medium
- db.t3.small
- db.t3.micro
- db.t3.large
- db.t3.xlarge
- db.t3.2xlarge
- db.t2.micro
- db.t2.small
- db.t2.medium
- db.t2.large
x-ui-placeholder: "Select reader instance type"
- db.t4g.medium
- db.t3.medium
- db.t3.small
- db.t3.micro
- db.t3.large
- db.t3.xlarge
- db.t3.2xlarge
- db.t2.micro
- db.t2.small
- db.t2.medium
- db.t2.large
x-ui-placeholder: Select reader instance type
instance_count:
type: integer
title: Instance Count
description: Number of Reader Instances
x-ui-placeholder: "Enter reader instance count"
x-ui-error-message: "Instance count must be a non-negative integer"
x-ui-placeholder: Enter reader instance count
x-ui-error-message: Instance count must be a non-negative integer
minimum: 0
maximum: 20
required:
- instance
- instance
apply_immediately:
type: boolean
title: Apply Immediately
description: This specifies whether any modifications are applied immediately, or during the next maintenance window. Default is false
description: This specifies whether any modifications are applied immediately,
or during the next maintenance window. Default is false
required:
- size
- mysql_version
- size
- mysql_version
x-ui-order:
- mysql_version
- size
- mysql_version
- size
sample:
$schema: "https://facets-cloud.github.io/facets-schemas/schemas/mysql/mysql.schema.json"
$schema: https://facets-cloud.github.io/facets-schemas/schemas/mysql/mysql.schema.json
kind: mysql
flavor: rds
version: "0.1"
version: '0.1'
disabled: true
metadata:
tags:
managed-by: facets
spec:
mysql_version: "8.0"
mysql_version: '8.0'
apply_immediately: false
size:
writer:
instance: db.t4g.medium
reader:
instance: db.t4g.medium
instance_count: 0
iac:
validated_files:
- variables.tf
24 changes: 24 additions & 0 deletions modules/mysql/rds/0.1/generate_resource_details/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
locals {
data = base64encode(jsonencode({
name = var.name
resource_type = var.resource_type
resource_name = var.resource_name
key = var.key
value = var.value
}))
}

resource "null_resource" "generate-resource-details" {
triggers = {
name = var.name
resource_type = var.resource_type
resource_name = var.resource_name
key = var.key
value = var.value
always = timestamp()
}

provisioner "local-exec" {
command = "mkdir -p resource-details; echo ${local.data} | base64 -d > resource-details/${md5(local.data)}.json"
}
}
21 changes: 21 additions & 0 deletions modules/mysql/rds/0.1/generate_resource_details/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
variable "name" {
type = string
}

variable "resource_type" {
type = string
}

variable "resource_name" {
type = string
default = "NA"
}

variable "key" {
type = string
default = "NA"
}

variable "value" {
type = string
}
193 changes: 193 additions & 0 deletions modules/mysql/rds/0.1/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,193 @@
locals {
reader_count = lookup(var.instance.spec.size, "reader", {}) == {} ? 0 : lookup(lookup(var.instance.spec.size, "reader", {}), "replica_count", lookup(lookup(var.instance.spec.size, "reader", {}), "instance_count", 0))
reader_db_instances = local.reader_count > 0 ? {
for index in range(local.reader_count) :
"replica-${index}" => {
instance_class = var.instance.spec.size.reader.instance
}
} : {}
writer_db_instances = {
"master" = {
instance_class = var.instance.spec.size.writer.instance
}
}
db_cluster_name = length(lower("${var.environment.unique_name}-${var.instance_name}")) >= 30 ? substr("fc-${md5(lower("${var.environment.unique_name}-${var.instance_name}"))}", 0, 20) : lower("${var.environment.unique_name}-${var.instance_name}")

advanced = lookup(lookup(var.instance, "advanced", {}), "rds", {})
advanced_rds_mysql = lookup(local.advanced, "rds-mysql", {})

version = lookup(var.instance.spec, "mysql_version", null)
metadata = lookup(var.instance, "metadata", {})
user_defined_tags = lookup(local.metadata, "tags", {})
iops = local.storage_type == "gp2" ? null : local.storage_type == "gp3" && local.allocated_storage < 400 ? null : lookup(local.advanced_rds_mysql, "iops", 12000) < 12000 ? 12000 : lookup(local.advanced_rds_mysql, "iops", 12000)
tags = merge(local.user_defined_tags, var.environment.cloud_tags)
multi_az = lookup(local.advanced_rds_mysql, "multi_az", false)
storage_type = lookup(local.advanced_rds_mysql, "storage_type", "gp3")
allocated_storage = lookup(local.advanced_rds_mysql, "allocated_storage", 50)
max_allocated_storage = lookup(local.advanced_rds_mysql, "max_allocated_storage", 200)
availability_zone = lookup(local.advanced_rds_mysql, "availability_zone", null) == null ? var.inputs.network_details.attributes.legacy_outputs.vpc_details.azs[0] : lookup(local.advanced_rds_mysql, "availability_zone", null)
snapshot = lookup(local.advanced_rds_mysql, "snapshot_identifier", null) != null ? true : false

max_connections = lookup(var.instance.spec, "max_connections", {})
db_parameter_group_parameters = lookup(local.advanced_rds_mysql, "parameters", [])
db_parameter_group_parameters_map = { for param in local.db_parameter_group_parameters : param.name => param }
reader_db_parameter_group_parameters_map = lookup(local.max_connections, "reader", null) == null ? local.db_parameter_group_parameters_map : merge(local.db_parameter_group_parameters_map, {
max_connections = {
name = "max_connections"
value = lookup(local.max_connections, "reader")
}
})
writer_db_parameter_group_parameters_map = lookup(local.max_connections, "writer", null) == null ? local.db_parameter_group_parameters_map : merge(local.db_parameter_group_parameters_map, {
max_connections = {
name = "max_connections"
value = lookup(local.max_connections, "writer")
}
})
reader_db_parameter_group_parameters = [
for k, v in local.reader_db_parameter_group_parameters_map : v
]
writer_db_parameter_group_parameters = [
for k, v in local.writer_db_parameter_group_parameters_map : v
]
}

module "mysql-password" {
source = "github.com/Facets-cloud/facets-utility-modules//password"
length = 20
}

module "mysql_security_group" {
source = "terraform-aws-modules/security-group/aws"
version = "~> 4.0"

name = local.db_cluster_name
description = "MySQL security group for ${local.db_cluster_name}"
vpc_id = var.inputs.network_details.attributes.legacy_outputs.vpc_details.vpc_id

# ingress
ingress_with_cidr_blocks = [
{
from_port = 3306
to_port = 3306
protocol = "tcp"
description = "MySQL access from within VPC since db is private"
cidr_blocks = var.inputs.network_details.attributes.legacy_outputs.vpc_details.vpc_cidr
},
]

tags = local.tags
}

module "rds-mysql-master" {
source = "./terraform-aws-rds-master"
identifier = "${local.db_cluster_name}-writer"
instance_class = lookup(local.writer_db_instances.master, "instance_class", "db.t4g.medium")
engine = "mysql"
engine_version = local.version
db_name = lookup(local.advanced_rds_mysql, "db_name", "")
family = "mysql${local.version}"
subnet_ids = var.inputs.network_details.attributes.legacy_outputs.vpc_details.private_subnet_objects.id
major_engine_version = local.version
storage_encrypted = lookup(local.advanced_rds_mysql, "storage_encrypted", true)
allocated_storage = local.allocated_storage
max_allocated_storage = local.max_allocated_storage
storage_type = local.storage_type
iops = local.iops
username = lookup(local.advanced_rds_mysql, "username", "root")
monitoring_interval = lookup(local.advanced_rds_mysql, "monitoring_interval", 10)
password = module.mysql-password.result
port = 3306
create_db_subnet_group = true
multi_az = local.multi_az
availability_zone = local.availability_zone
domain_iam_role_name = lookup(local.advanced_rds_mysql, "domain_iam_role_name", null)
vpc_security_group_ids = [module.mysql_security_group.security_group_id]
monitoring_role_name = "${local.db_cluster_name}-writer-monitoring-role"
create_monitoring_role = true
backup_retention_period = lookup(local.advanced_rds_mysql, "backup_retention_period", 1)
deletion_protection = lookup(local.advanced_rds_mysql, "deletion_protection", false)
skip_final_snapshot = lookup(local.advanced_rds_mysql, "skip_final_snapshot", true)
maintenance_window = lookup(local.advanced_rds_mysql, "maintenance_window", "sun:01:00-sun:02:00")
backup_window = lookup(local.advanced_rds_mysql, "backup_window", "03:00-06:00")
snapshot_identifier = lookup(local.advanced_rds_mysql, "snapshot_identifier", null)
s3_import = lookup(local.advanced_rds_mysql, "s3_import", null)
tags = local.tags
db_instance_tags = lookup(local.advanced_rds_mysql, "db_instance_tags", {})
options = lookup(local.advanced_rds_mysql, "options", [])
enabled_cloudwatch_logs_exports = lookup(local.advanced_rds_mysql, "enabled_cloudwatch_logs_exports", ["general"])
performance_insights_enabled = lookup(local.advanced_rds_mysql, "performance_insights_enabled", false)
performance_insights_retention_period = lookup(local.advanced_rds_mysql, "performance_insights_retention_period", 7)
create_random_password = false
create_cloudwatch_log_group = lookup(local.advanced_rds_mysql, "create_cloudwatch_log_group", true)
parameters = local.writer_db_parameter_group_parameters
parameter_group_name = lookup(local.advanced_rds_mysql, "parameter_group_name", null)
apply_immediately = lookup(var.instance.spec, "apply_immediately", false)
timeouts = {
create = "120m"
delete = "60m"
update = "60m"
}
}

module "rds-mysql-replica" {
for_each = local.reader_db_instances
replicate_source_db = module.rds-mysql-master.db_instance_id
source = "./terraform-aws-rds-master"
identifier = "${local.db_cluster_name}-${each.key}"
instance_class = lookup(local.reader_db_instances["${each.key}"], "instance_class", "db.t4g.medium")
engine = "mysql"
engine_version = local.version
family = "mysql${local.version}"
subnet_ids = var.inputs.network_details.attributes.legacy_outputs.vpc_details.private_subnet_objects.id
major_engine_version = local.version
storage_encrypted = lookup(local.advanced_rds_mysql, "storage_encrypted", true)
iops = local.iops
# allocated_storage = lookup(local.advanced_rds_mysql, "allocated_storage", 20)
max_allocated_storage = local.max_allocated_storage
storage_type = local.storage_type
username = lookup(local.advanced_rds_mysql, "username", "root")
monitoring_interval = lookup(local.advanced_rds_mysql, "monitoring_interval", 10)
password = module.mysql-password.result
port = 3306
create_db_subnet_group = false
multi_az = local.multi_az
availability_zone = local.availability_zone
domain_iam_role_name = lookup(local.advanced_rds_mysql, "domain_iam_role_name", null)
vpc_security_group_ids = [module.mysql_security_group.security_group_id]
monitoring_role_name = "${local.db_cluster_name}-reader-${each.key}-monitoring-role"
create_monitoring_role = true
backup_retention_period = lookup(local.advanced_rds_mysql, "backup_retention_period", 0)
deletion_protection = lookup(local.advanced_rds_mysql, "deletion_protection", false)
skip_final_snapshot = lookup(local.advanced_rds_mysql, "skip_final_snapshot", true)
maintenance_window = lookup(local.advanced_rds_mysql, "maintenance_window", "sun:01:00-sun:02:00")
backup_window = lookup(local.advanced_rds_mysql, "backup_window", "03:00-06:00")
snapshot_identifier = lookup(local.advanced_rds_mysql, "snapshot_identifier", null)
s3_import = lookup(local.advanced_rds_mysql, "s3_import", null)
tags = local.tags
db_instance_tags = lookup(local.advanced_rds_mysql, "db_instance_tags", {})
options = lookup(local.advanced_rds_mysql, "options", [])
enabled_cloudwatch_logs_exports = lookup(local.advanced_rds_mysql, "enabled_cloudwatch_logs_exports", ["general"])
performance_insights_enabled = lookup(local.advanced_rds_mysql, "performance_insights_enabled", false)
performance_insights_retention_period = lookup(local.advanced_rds_mysql, "performance_insights_retention_period", 7)
create_random_password = false
create_cloudwatch_log_group = lookup(local.advanced_rds_mysql, "create_cloudwatch_log_group", true)
parameter_group_name = lookup(local.advanced_rds_mysql, "parameter_group_name", null)
parameters = local.reader_db_parameter_group_parameters
apply_immediately = lookup(var.instance.spec, "apply_immediately", false)
timeouts = {
create = "120m"
delete = "60m"
update = "60m"
}
}



module "mysql-root-password" {
source = "./generate_resource_details"
name = "Basic Authentication Password for Mysql RDS"
value = module.mysql-password.result
resource_type = "Databases"
resource_name = local.db_cluster_name
key = "DB-Name: ${local.db_cluster_name}"
}
Loading
Loading