feat(aurora): custom password (#33)

Young-ook · Apr 25, 2022 · 996d726 · 996d726
1 parent 016dcaf
commit 996d726
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 6 deletions.
diff --git a/examples/mysql/tc1.tfvars → examples/mysql/fixture.tc1.tfvars b/examples/mysql/tc1.tfvars → examples/mysql/fixture.tc1.tfvars
@@ -1,8 +1,8 @@
 aws_region = "ap-northeast-2"
 azs        = ["ap-northeast-2a", "ap-northeast-2b", "ap-northeast-2c"]
 cidrs      = ["10.0.0.0/16"]
-name       = "aurora-mysql-tc1"
-tags       = { env = "dev" }
+name       = "aurora-mysql-tc1-multi-az"
+tags       = { test = "tc1" }
 aurora_cluster = {
   engine            = "aurora-mysql"
   version           = "5.7.12"

diff --git a/examples/mysql/tc2.tfvars → examples/mysql/fixture.tc2.tfvars b/examples/mysql/tc2.tfvars → examples/mysql/fixture.tc2.tfvars
@@ -1,8 +1,8 @@
 aws_region = "ap-northeast-2"
 azs        = ["ap-northeast-2a", "ap-northeast-2b", "ap-northeast-2c"]
 cidrs      = ["10.0.0.0/16"]
-name       = "aurora-mysql-tc2"
-tags       = { env = "dev" }
+name       = "aurora-mysql-tc2-cluster-only"
+tags       = { test = "tc2" }
 aurora_cluster = {
   engine            = "aurora-mysql"
   version           = "5.7.12"

diff --git a/examples/mysql/fixture.tc3.tfvars b/examples/mysql/fixture.tc3.tfvars
@@ -0,0 +1,20 @@
+aws_region = "ap-northeast-2"
+azs        = ["ap-northeast-2a", "ap-northeast-2b", "ap-northeast-2c"]
+cidrs      = ["10.0.0.0/16"]
+name       = "aurora-mysql-tc3-custom-pw"
+tags       = { test = "tc3" }
+aurora_cluster = {
+  engine            = "aurora-mysql"
+  version           = "5.7.12"
+  port              = "3306"
+  user              = "yourid"
+  password          = "supersecret"
+  database          = "yourdb"
+  backup_retention  = "1"
+  apply_immediately = "false"
+}
+aurora_instances = [
+  {
+    instance_type = "db.t3.medium"
+  },
+]
diff --git a/main.tf b/main.tf
@@ -6,6 +6,7 @@ locals {
   compatibility     = (local.enabled ? lookup(var.aurora_cluster, "engine", "aurora-mysql") : "aurora-mysql")
   default_cluster   = (local.compatibility == "aurora-mysql" ? local.default_mysql_cluster : local.default_postgresql_cluster)
   default_instances = (local.compatibility == "aurora-mysql" ? local.default_mysql_instances : local.default_postgresql_instances)
+  password          = lookup(var.aurora_cluster, "password", random_password.password.result)
 }
 
 # security/password
@@ -71,7 +72,7 @@ resource "aws_rds_cluster" "db" {
   skip_final_snapshot                 = lookup(var.aurora_cluster, "skip_final_snapshot", local.default_cluster.skip_final_snapshot)
   database_name                       = lookup(var.aurora_cluster, "database", local.default_cluster.database)
   master_username                     = lookup(var.aurora_cluster, "user", local.default_cluster.user)
-  master_password                     = random_password.password.result
+  master_password                     = local.password
   iam_database_authentication_enabled = lookup(var.aurora_cluster, "iam_auth_enabled", local.default_cluster.iam_auth_enabled)
   snapshot_identifier                 = lookup(var.aurora_cluster, "snapshot_id", local.default_cluster.snapshot_id)
   backup_retention_period             = lookup(var.aurora_cluster, "backup_retention", local.default_cluster.backup_retention)

diff --git a/outputs.tf b/outputs.tf
@@ -23,6 +23,6 @@ output "user" {
   sensitive   = true
   value = zipmap(
     ["database", "name", "password"],
-    [aws_rds_cluster.db.database_name, aws_rds_cluster.db.master_username, random_password.password.result]
+    [aws_rds_cluster.db.database_name, aws_rds_cluster.db.master_username, local.password]
   )
 }