Manage your RDS Cluster like a Hero: Part 1
Using the best of AWS, Terraform, and Ansible to manage your RDS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
data "aws_rds_engine_version" "postgresql" {
engine = "aurora-postgresql"
filter {
name = "engine-mode"
values = ["serverless"]
}
}
module "aurora_postgresql_v2" {
source = "terraform-aws-modules/rds-aurora/aws"
version = "~>v8.3.1"
name = "${local.project}-postgresqlv2"
engine = data.aws_rds_engine_version.postgresql.engine
engine_mode = "provisioned"
engine_version = data.aws_rds_engine_version.postgresql.version
storage_encrypted = true
deletion_protection = true
vpc_id = local.vpc_id
subnets = local.private_subnets
create_db_subnet_group = true
create_security_group = true
copy_tags_to_snapshot = true
master_username = local.aurora_master_username
manage_master_user_password = true
iam_database_authentication_enabled = true
monitoring_interval = 60
serverlessv2_scaling_configuration = {
min_capacity = 1
max_capacity = 2
}
instance_class = "db.serverless"
instances = {
one = {}
}
tags = local.tags
}
serverlessv2_scaling_configuration
describing the amount of ACU (Aurora capacity units) that we want to use for the cluster. Each ACU enables roughly one unit of a CPU and 2 GB of RAM.instances
block defines how many instances we will add to the cluster, each map inside defines an instance. If we were using a normal RDS instance, inside the blocks we would define which kind of RDS instance we would use. But in this case, it was not needed since we are in the serverless world.- Setting up the application user and database
- Assigning the user an admin role in the said database
- Running migrations to establish the database tables

But wait. Ansible works, typically using bastion hosts to jump between networks to do the configurations. How can you bypass that?