| auto_minor_version_upgrade |
Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default true |
bool |
true |
no |
| autoscaling_max_capacity |
Maximum number of read replicas permitted when autoscaling is enabled |
number |
1 |
no |
| autoscaling_min_capacity |
Minimum number of read replicas permitted when autoscaling is enabled |
number |
1 |
no |
| autoscaling_scale_in_cooldown |
Cooldown in seconds before allowing further scaling operations after a scale in |
number |
300 |
no |
| autoscaling_scale_out_cooldown |
Cooldown in seconds before allowing further scaling operations after a scale out |
number |
300 |
no |
| autoscaling_target_connections |
Average number of connections threshold which will initiate autoscaling. Default value is 70% of db.r4/r5/r6g.large's default max_connections |
number |
700 |
no |
| autoscaling_target_cpu |
CPU threshold which will initiate autoscaling |
number |
70 |
no |
| availability_zones |
(optional) describe your variable |
list(string) |
null |
no |
| backup_retention_period |
The days to retain backups for. Default 7 |
number |
7 |
no |
| ca_cert_identifier |
The identifier of the CA certificate for the DB instance |
string |
null |
no |
| database_name |
Name for an automatically created database on cluster creation |
string |
null |
no |
| db_cluster_db_instance_parameter_group_name |
Instance parameter group to associate with all instances of the DB cluster. The db_cluster_db_instance_parameter_group_name is only valid in combination with is_allow_major_version_upgrade |
string |
null |
no |
| db_cluster_parameter_group_name |
Input existed cluster parameter group to associate with the cluster |
string |
null |
no |
| db_cluster_parameters |
A list of DB parameter maps to apply |
list(object({
apply_method = string
name = string
value = string
})) |
[] |
no |
| db_parameter_group_name |
Input existed name of the DB parameter group to associate with instances |
string |
null |
no |
| db_parameters |
A list of DB parameter maps to apply |
list(object({
apply_method = string
name = string
value = string
})) |
[] |
no |
| db_subnet_group_ids |
List of subnet IDs used by database subnet group created |
list(string) |
n/a |
yes |
| db_subnet_group_name |
The name of the subnet group name (existing or created) |
string |
"" |
no |
| deletion_protection |
If the DB instance should have deletion protection enabled. The database can't be deleted when this value is set to true. The default is false |
bool |
false |
no |
| enabled_cloudwatch_logs_exports |
Set of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: audit, error, general, slowquery, postgresql. For this module support only postgresql |
list(string) |
[] |
no |
| endpoints |
Map of additional cluster endpoints and their attributes to be created |
any |
{} |
no |
| engine |
The name of the database engine to be used for this DB cluster. Valid Values: aurora, aurora-mysql, aurora-postgresql |
string |
n/a |
yes |
| engine_mode |
The database engine mode. Valid values: global, multimaster, parallelquery, provisioned, serverless. Defaults to: provisioned |
string |
"provisioned" |
no |
| engine_version |
The database engine version. Updating this argument results in an outage |
string |
n/a |
yes |
| environment |
Environment name used as environment resources name. |
string |
n/a |
yes |
| iam_role_force_detach_policies |
Whether to force detaching any policies the monitoring role has before destroying it |
bool |
null |
no |
| iam_role_managed_policy_arns |
Set of exclusive IAM managed policy ARNs to attach to the monitoring role |
list(string) |
null |
no |
| iam_role_max_session_duration |
Maximum session duration (in seconds) that you want to set for the monitoring role |
number |
null |
no |
| iam_role_permissions_boundary |
The ARN of the policy that is used to set the permissions boundary for the monitoring role |
string |
null |
no |
| iam_roles |
Map of IAM roles and supported feature names to associate with the cluster |
map(map(string)) |
{} |
no |
| instance_class |
Instance type to use at master instance. Note: if autoscaling_enabled is true, this will be the same instance class used on instances created by autoscaling |
string |
"" |
no |
| instances |
Map of cluster instances and any specific/overriding attributes to be created |
any |
{} |
no |
| is_allow_major_version_upgrade |
Enable to allow major engine version upgrades when changing engine versions. Defaults to false |
bool |
false |
no |
| is_apply_immediately |
Specifies whether any cluster modifications are applied immediately, or during the next maintenance window. Default is false |
bool |
false |
no |
| is_autoscaling_enabled |
Determines whether autoscaling of the cluster read replicas is enabled |
bool |
false |
no |
| is_copy_tags_to_snapshot |
Copy all Cluster tags to snapshots |
bool |
true |
no |
| is_create_cluster |
Whether cluster should be created (affects nearly all resources) |
bool |
true |
no |
| is_create_db_cluster_parameter_group |
Whether to create db cluster parameter group or not |
bool |
true |
no |
| is_create_db_parameter_group |
Whether to create db parameter group or not |
bool |
true |
no |
| is_create_db_subnet_group |
Determines whether to create the databae subnet group or use existing |
bool |
true |
no |
| is_create_monitoring_role |
Determines whether to create the IAM role for RDS enhanced monitoring |
bool |
true |
no |
| is_create_random_password |
Determines whether to create random password for RDS primary cluster |
bool |
true |
no |
| is_create_security_group |
Determines whether to create security group for RDS cluster |
bool |
true |
no |
| is_iam_database_authentication_enabled |
Specifies whether or mappings of AWS Identity and Access Management (IAM) accounts to database accounts is enabled |
bool |
false |
no |
| is_instances_use_identifier_prefix |
Determines whether cluster instance identifiers are used as prefixes |
bool |
false |
no |
| is_skip_final_snapshot |
Determines whether a final snapshot is created before the cluster is deleted. If true is specified, no snapshot is created |
bool |
false |
no |
| is_storage_encrypted |
Specifies whether the DB cluster is encrypted. The default is true |
bool |
false |
no |
| kms_key_id |
The ARN for the KMS encryption key. When specifying kms_key_id, is_storage_encrypted needs to be set to true |
string |
null |
no |
| master_password |
Password for the master DB user. Note - when specifying a value here, 'create_random_password' should be set to false |
string |
"" |
no |
| master_username |
Username for the master DB user |
string |
"root" |
no |
| monitoring_interval |
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for instances. Set to 0 to disble. Default is 0 |
number |
0 |
no |
| monitoring_role_arn |
IAM role used by RDS to send enhanced monitoring metrics to CloudWatch |
string |
"" |
no |
| name |
Name used across resources created |
string |
n/a |
yes |
| performance_insights_enabled |
Specifies whether Performance Insights is enabled or not. Default false |
bool |
false |
no |
| performance_insights_kms_key_id |
The ARN for the KMS key to encrypt Performance Insights data |
string |
null |
no |
| performance_insights_retention_period |
Amount of time in days to retain Performance Insights data. Either 7 (7 days) or 731 (2 years). Default to 7 |
number |
7 |
no |
| port |
The port on which the DB accepts connections |
number |
null |
no |
| predefined_metric_type |
The metric type to scale on. Valid values are RDSReaderAverageCPUUtilization and RDSReaderAverageDatabaseConnections |
string |
"RDSReaderAverageCPUUtilization" |
no |
| preferred_backup_window |
The daily time range during which automated backups are created if automated backups are enabled using the backup_retention_period parameter. Time in UTC |
string |
"20:00-21:00" |
no |
| preferred_maintenance_window |
The weekly time range during which system maintenance can occur, in (UTC) |
string |
"sat:22:00-sat:23:00" |
no |
| prefix |
The prefix name of customer to be displayed in AWS console and resource. |
string |
n/a |
yes |
| publicly_accessible |
Determines whether instances are publicly accessible. Default false |
bool |
false |
no |
| random_password_length |
Length of random password to create. Defaults to 10 |
number |
10 |
no |
| replication_source_identifier |
ARN of a source DB cluster or DB instance if this DB cluster is to be created as a Read Replica |
string |
null |
no |
| restore_to_point_in_time |
Map of nested attributes for cloning Aurora cluster |
map(string) |
{} |
no |
| scaling_configuration |
Map of nested attributes with scaling properties. Only valid when engine_mode is set to serverless |
map(string) |
{} |
no |
| security_group_description |
The description of the security group. If value is set to empty string it will contain cluster name in the description |
string |
null |
no |
| security_group_egress_rules |
A map of security group egress rule defintions to add to the security group created |
any |
{} |
no |
| security_group_ingress_rules |
Map of ingress and any specific/overriding attributes to be created |
any |
{} |
no |
| snapshot_identifier |
Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot |
string |
null |
no |
| tags |
Tags to add more; default tags contian {terraform=true, environment=var.environment} |
map(string) |
{} |
no |
| vpc_id |
ID of the VPC where to create security group |
string |
n/a |
yes |
| vpc_security_group_ids |
List of VPC security groups to associate to the cluster in addition to the SG we create in this module |
list(string) |
[] |
no |