From 6517921a7ead08d16e6ef6a1f9aa4d53a0d86ddf Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Mon, 20 Jan 2025 05:27:39 -0700 Subject: [PATCH 1/7] Creates and restores snapshot --- terraform-unity/.terraform.lock.hcl | 19 ++++++ terraform-unity/README.md | 1 + .../.terraform.lock.hcl | 22 ++++++- .../terraform-unity-sps-database/README.md | 5 ++ .../check-rds-snapshot.sh | 19 ++++++ .../check_rds_snapshot.sh | 19 ++++++ .../terraform-unity-sps-database/main.tf | 58 ++++++++++++++----- .../terraform-unity-sps-database/outputs.tf | 4 ++ .../terraform-unity-sps-database/versions.tf | 4 ++ terraform-unity/versions.tf | 4 ++ 10 files changed, 140 insertions(+), 15 deletions(-) create mode 100755 terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh create mode 100755 terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh diff --git a/terraform-unity/.terraform.lock.hcl b/terraform-unity/.terraform.lock.hcl index 143c796a..c2396c85 100644 --- a/terraform-unity/.terraform.lock.hcl +++ b/terraform-unity/.terraform.lock.hcl @@ -24,6 +24,25 @@ provider "registry.terraform.io/hashicorp/aws" { ] } +provider "registry.terraform.io/hashicorp/external" { + version = "2.3.4" + hashes = [ + "h1:cCabxnWQ5fX1lS7ZqgUzsvWmKZw9FA7NRxAZ94vcTcc=", + "zh:037fd82cd86227359bc010672cd174235e2d337601d4686f526d0f53c87447cb", + "zh:0ea1db63d6173d01f2fa8eb8989f0809a55135a0d8d424b08ba5dabad73095fa", + "zh:17a4d0a306566f2e45778fbac48744b6fd9c958aaa359e79f144c6358cb93af0", + "zh:298e5408ab17fd2e90d2cd6d406c6d02344fe610de5b7dae943a58b958e76691", + "zh:38ecfd29ee0785fd93164812dcbe0664ebbe5417473f3b2658087ca5a0286ecb", + "zh:59f6a6f31acf66f4ea3667a555a70eba5d406c6e6d93c2c641b81d63261eeace", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:ad0279dfd09d713db0c18469f585e58d04748ca72d9ada83883492e0dd13bd58", + "zh:c69f66fd21f5e2c8ecf7ca68d9091c40f19ad913aef21e3ce23836e91b8cbb5f", + "zh:d4a56f8c48aa86fc8e0c233d56850f5783f322d6336f3bf1916e293246b6b5d4", + "zh:f2b394ebd4af33f343835517e80fc876f79361f4688220833bc3c77655dd2202", + "zh:f31982f29f12834e5d21e010856eddd19d59cd8f449adf470655bfd19354377e", + ] +} + provider "registry.terraform.io/hashicorp/helm" { version = "2.15.0" constraints = "2.15.0" diff --git a/terraform-unity/README.md b/terraform-unity/README.md index 08040a92..14611932 100644 --- a/terraform-unity/README.md +++ b/terraform-unity/README.md @@ -152,6 +152,7 @@ terraform apply -no-color 2>&1 | tee apply_output.txt |------|---------| | [terraform](#requirement\_terraform) | ~> 1.8.2 | | [aws](#requirement\_aws) | 5.67.0 | +| [external](#requirement\_external) | 2.3.4 | | [helm](#requirement\_helm) | 2.15.0 | | [kubernetes](#requirement\_kubernetes) | 2.32.0 | | [null](#requirement\_null) | 3.2.3 | diff --git a/terraform-unity/modules/terraform-unity-sps-database/.terraform.lock.hcl b/terraform-unity/modules/terraform-unity-sps-database/.terraform.lock.hcl index 1aa83893..bf36bf1e 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/.terraform.lock.hcl +++ b/terraform-unity/modules/terraform-unity-sps-database/.terraform.lock.hcl @@ -2,7 +2,8 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.67.0" + version = "5.67.0" + constraints = "5.67.0" hashes = [ "h1:8wkuQvQiqjjm2+gQepy6xFBfimGoesKz1BPcVKWvED8=", "zh:1259c8106c0a3fc0ed3b3eb814ab88d6a672e678b533f47d1bbbe3107949f43e", @@ -23,6 +24,25 @@ provider "registry.terraform.io/hashicorp/aws" { ] } +provider "registry.terraform.io/hashicorp/external" { + version = "2.3.4" + hashes = [ + "h1:cCabxnWQ5fX1lS7ZqgUzsvWmKZw9FA7NRxAZ94vcTcc=", + "zh:037fd82cd86227359bc010672cd174235e2d337601d4686f526d0f53c87447cb", + "zh:0ea1db63d6173d01f2fa8eb8989f0809a55135a0d8d424b08ba5dabad73095fa", + "zh:17a4d0a306566f2e45778fbac48744b6fd9c958aaa359e79f144c6358cb93af0", + "zh:298e5408ab17fd2e90d2cd6d406c6d02344fe610de5b7dae943a58b958e76691", + "zh:38ecfd29ee0785fd93164812dcbe0664ebbe5417473f3b2658087ca5a0286ecb", + "zh:59f6a6f31acf66f4ea3667a555a70eba5d406c6e6d93c2c641b81d63261eeace", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:ad0279dfd09d713db0c18469f585e58d04748ca72d9ada83883492e0dd13bd58", + "zh:c69f66fd21f5e2c8ecf7ca68d9091c40f19ad913aef21e3ce23836e91b8cbb5f", + "zh:d4a56f8c48aa86fc8e0c233d56850f5783f322d6336f3bf1916e293246b6b5d4", + "zh:f2b394ebd4af33f343835517e80fc876f79361f4688220833bc3c77655dd2202", + "zh:f31982f29f12834e5d21e010856eddd19d59cd8f449adf470655bfd19354377e", + ] +} + provider "registry.terraform.io/hashicorp/kubernetes" { version = "2.32.0" constraints = "2.32.0" diff --git a/terraform-unity/modules/terraform-unity-sps-database/README.md b/terraform-unity/modules/terraform-unity-sps-database/README.md index bf4ef3a2..019af412 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/README.md +++ b/terraform-unity/modules/terraform-unity-sps-database/README.md @@ -5,6 +5,7 @@ |------|---------| | [terraform](#requirement\_terraform) | ~> 1.8.2 | | [aws](#requirement\_aws) | 5.67.0 | +| [external](#requirement\_external) | 2.3.4 | | [kubernetes](#requirement\_kubernetes) | 2.32.0 | | [random](#requirement\_random) | 3.6.1 | @@ -13,6 +14,7 @@ | Name | Version | |------|---------| | [aws](#provider\_aws) | 5.67.0 | +| [external](#provider\_external) | 2.3.4 | | [random](#provider\_random) | 3.6.1 | ## Modules @@ -31,9 +33,11 @@ No modules. | [aws_security_group_rule.eks_egress_to_rds](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/resources/security_group_rule) | resource | | [aws_security_group_rule.rds_ingress_from_eks](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/resources/security_group_rule) | resource | | [random_password.db](https://registry.terraform.io/providers/hashicorp/random/3.6.1/docs/resources/password) | resource | +| [aws_db_snapshot.latest_snapshot](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/db_snapshot) | data source | | [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/eks_cluster) | data source | | [aws_security_group.default](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/security_group) | data source | | [aws_ssm_parameter.subnet_ids](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/ssm_parameter) | data source | +| [external_external.rds_final_snapshot_exists](https://registry.terraform.io/providers/hashicorp/external/2.3.4/docs/data-sources/external) | data source | ## Inputs @@ -49,5 +53,6 @@ No modules. | Name | Description | |------|-------------| | [db\_instance\_identifier](#output\_db\_instance\_identifier) | n/a | +| [db\_latest\_snapshot](#output\_db\_latest\_snapshot) | n/a | | [db\_secret\_arn](#output\_db\_secret\_arn) | n/a | diff --git a/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh b/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh new file mode 100755 index 00000000..a3707b05 --- /dev/null +++ b/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +db_id=$1 + +if [ -z ${db_id} ]; then + echo "usage : $0 " >2 + exit 1 +fi + +RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region us-west-2 2> /dev/null)) +aws_result=$? + +if [ ${aws_result} -eq 0 ] && [[ ${RESULT[0]} == "DBSNAPSHOTS" ]]; then + result='true' +else + result='false' +fi + +jq -n --arg exists ${result} '{"db_exists": $exists }' diff --git a/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh b/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh new file mode 100755 index 00000000..a3707b05 --- /dev/null +++ b/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh @@ -0,0 +1,19 @@ +#!/bin/bash + +db_id=$1 + +if [ -z ${db_id} ]; then + echo "usage : $0 " >2 + exit 1 +fi + +RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region us-west-2 2> /dev/null)) +aws_result=$? + +if [ ${aws_result} -eq 0 ] && [[ ${RESULT[0]} == "DBSNAPSHOTS" ]]; then + result='true' +else + result='false' +fi + +jq -n --arg exists ${result} '{"db_exists": $exists }' diff --git a/terraform-unity/modules/terraform-unity-sps-database/main.tf b/terraform-unity/modules/terraform-unity-sps-database/main.tf index 2cfb41d9..3ef384f3 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/main.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/main.tf @@ -61,24 +61,54 @@ resource "aws_security_group_rule" "eks_egress_to_rds" { source_security_group_id = aws_security_group.rds_sg.id } +data "external" "rds_final_snapshot_exists" { + program = [ + "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", + format(local.resource_name_prefix, "db") + ] +} + +data "aws_db_snapshot" "latest_snapshot" { + count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0 + db_instance_identifier = format(local.resource_name_prefix, "db") + # db_instance_identifier = aws_db_instance.sps_db.identifier + most_recent = true + + tags = merge(local.common_tags, { + Name = format(local.resource_name_prefix, "db") + Component = "processing" + Stack = "processing" + }) + +} + resource "aws_db_instance" "sps_db" { - identifier = format(local.resource_name_prefix, "db") - allocated_storage = 100 - storage_type = "gp3" - engine = "postgres" - engine_version = "16.4" - instance_class = "db.m5d.large" - db_name = "sps_db" - username = "db_user" - password = aws_secretsmanager_secret_version.db.secret_string - parameter_group_name = "default.postgres16" - skip_final_snapshot = true - publicly_accessible = false - db_subnet_group_name = aws_db_subnet_group.db.name - vpc_security_group_ids = [aws_security_group.rds_sg.id] + identifier = format(local.resource_name_prefix, "db") + allocated_storage = 100 + storage_type = "gp3" + engine = "postgres" + engine_version = "16.4" + instance_class = "db.m5d.large" + db_name = "sps_db" + username = "db_user" + password = aws_secretsmanager_secret_version.db.secret_string + parameter_group_name = "default.postgres16" + skip_final_snapshot = false + final_snapshot_identifier = "${terraform.workspace}-${formatdate("YYYYMMDDhhmmss", timestamp())}" + snapshot_identifier = try(data.aws_db_snapshot.latest_snapshot[0].id, null) + publicly_accessible = false + db_subnet_group_name = aws_db_subnet_group.db.name + vpc_security_group_ids = [aws_security_group.rds_sg.id] tags = merge(local.common_tags, { Name = format(local.resource_name_prefix, "db") Component = "processing" Stack = "processing" }) + + lifecycle { + ignore_changes = [ + snapshot_identifier, + final_snapshot_identifier + ] + } } diff --git a/terraform-unity/modules/terraform-unity-sps-database/outputs.tf b/terraform-unity/modules/terraform-unity-sps-database/outputs.tf index 126657ad..6fb7ec0d 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/outputs.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/outputs.tf @@ -5,3 +5,7 @@ output "db_instance_identifier" { output "db_secret_arn" { value = aws_secretsmanager_secret_version.db.arn } + +output "db_latest_snapshot" { + value = data.aws_db_snapshot.latest_snapshot[0].db_snapshot_arn +} diff --git a/terraform-unity/modules/terraform-unity-sps-database/versions.tf b/terraform-unity/modules/terraform-unity-sps-database/versions.tf index 8fb90635..a5769d48 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/versions.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/versions.tf @@ -13,5 +13,9 @@ terraform { source = "hashicorp/random" version = "3.6.1" } + external = { + source = "hashicorp/external" + version = "2.3.4" + } } } diff --git a/terraform-unity/versions.tf b/terraform-unity/versions.tf index c5b63afa..4d0095ba 100644 --- a/terraform-unity/versions.tf +++ b/terraform-unity/versions.tf @@ -13,6 +13,10 @@ terraform { source = "hashicorp/null" version = "3.2.3" } + external = { + source = "hashicorp/external" + version = "2.3.4" + } aws = { source = "hashicorp/aws" version = "5.67.0" From 30675744d6066b084cc62ff69cc6a7bdbe154ebd Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Wed, 22 Jan 2025 10:27:40 -0700 Subject: [PATCH 2/7] Adding database backups --- .../terraform-unity-sps-database/main.tf | 49 ++++++++++--------- 1 file changed, 27 insertions(+), 22 deletions(-) diff --git a/terraform-unity/modules/terraform-unity-sps-database/main.tf b/terraform-unity/modules/terraform-unity-sps-database/main.tf index 3ef384f3..b17a0d94 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/main.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/main.tf @@ -61,38 +61,43 @@ resource "aws_security_group_rule" "eks_egress_to_rds" { source_security_group_id = aws_security_group.rds_sg.id } -data "external" "rds_final_snapshot_exists" { - program = [ - "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", - format(local.resource_name_prefix, "db") - ] -} - data "aws_db_snapshot" "latest_snapshot" { count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0 db_instance_identifier = format(local.resource_name_prefix, "db") # db_instance_identifier = aws_db_instance.sps_db.identifier most_recent = true - tags = merge(local.common_tags, { - Name = format(local.resource_name_prefix, "db") - Component = "processing" - Stack = "processing" - }) + # tags = merge(local.common_tags, { + # Name = format(local.resource_name_prefix, "db") + # Component = "processing" + # Stack = "processing" + # }) + +} +data "external" "rds_final_snapshot_exists" { + program = [ + "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", + format(local.resource_name_prefix, "db") + ] } resource "aws_db_instance" "sps_db" { - identifier = format(local.resource_name_prefix, "db") - allocated_storage = 100 - storage_type = "gp3" - engine = "postgres" - engine_version = "16.4" - instance_class = "db.m5d.large" - db_name = "sps_db" - username = "db_user" - password = aws_secretsmanager_secret_version.db.secret_string - parameter_group_name = "default.postgres16" + identifier = format(local.resource_name_prefix, "db") + allocated_storage = 100 + storage_type = "gp3" + engine = "postgres" + engine_version = "16.4" + instance_class = "db.m5d.large" + db_name = "sps_db" + username = "db_user" + password = aws_secretsmanager_secret_version.db.secret_string + parameter_group_name = "default.postgres16" + + backup_retention_period = 7 + backup_window = "01:00-02:00" + storage_encrypted = true + skip_final_snapshot = false final_snapshot_identifier = "${terraform.workspace}-${formatdate("YYYYMMDDhhmmss", timestamp())}" snapshot_identifier = try(data.aws_db_snapshot.latest_snapshot[0].id, null) From 48c5dae669735a4087825dd7ff9cb9bf75138129 Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Wed, 22 Jan 2025 13:39:01 -0700 Subject: [PATCH 3/7] Moving the data sections to the data file --- .../terraform-unity-sps-database/data.tf | 21 +++++++++++++++++++ .../terraform-unity-sps-database/main.tf | 20 ------------------ 2 files changed, 21 insertions(+), 20 deletions(-) diff --git a/terraform-unity/modules/terraform-unity-sps-database/data.tf b/terraform-unity/modules/terraform-unity-sps-database/data.tf index 266c660f..eae765e2 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/data.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/data.tf @@ -13,3 +13,24 @@ data "aws_security_group" "default" { values = ["${format(local.resource_name_prefix, "eks")}-node"] } } + +data "aws_db_snapshot" "latest_snapshot" { + count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0 + db_instance_identifier = format(local.resource_name_prefix, "db") + # db_instance_identifier = aws_db_instance.sps_db.identifier + most_recent = true + + # tags = merge(local.common_tags, { + # Name = format(local.resource_name_prefix, "db") + # Component = "processing" + # Stack = "processing" + # }) + +} + +data "external" "rds_final_snapshot_exists" { + program = [ + "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", + format(local.resource_name_prefix, "db") + ] +} diff --git a/terraform-unity/modules/terraform-unity-sps-database/main.tf b/terraform-unity/modules/terraform-unity-sps-database/main.tf index b17a0d94..cc593baf 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/main.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/main.tf @@ -61,26 +61,6 @@ resource "aws_security_group_rule" "eks_egress_to_rds" { source_security_group_id = aws_security_group.rds_sg.id } -data "aws_db_snapshot" "latest_snapshot" { - count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0 - db_instance_identifier = format(local.resource_name_prefix, "db") - # db_instance_identifier = aws_db_instance.sps_db.identifier - most_recent = true - - # tags = merge(local.common_tags, { - # Name = format(local.resource_name_prefix, "db") - # Component = "processing" - # Stack = "processing" - # }) - -} - -data "external" "rds_final_snapshot_exists" { - program = [ - "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", - format(local.resource_name_prefix, "db") - ] -} resource "aws_db_instance" "sps_db" { identifier = format(local.resource_name_prefix, "db") From 6f042b71d969685ab10cb12d9530df3dc566959a Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Wed, 22 Jan 2025 14:26:24 -0700 Subject: [PATCH 4/7] Parametrizing the AWS region --- .../terraform-unity-sps-database/README.md | 1 + .../check-rds-snapshot.sh | 19 ------------------- .../check_rds_snapshot.sh | 3 ++- .../terraform-unity-sps-database/data.tf | 16 +++++++++------- 4 files changed, 12 insertions(+), 27 deletions(-) delete mode 100755 terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh diff --git a/terraform-unity/modules/terraform-unity-sps-database/README.md b/terraform-unity/modules/terraform-unity-sps-database/README.md index 019af412..286b091b 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/README.md +++ b/terraform-unity/modules/terraform-unity-sps-database/README.md @@ -35,6 +35,7 @@ No modules. | [random_password.db](https://registry.terraform.io/providers/hashicorp/random/3.6.1/docs/resources/password) | resource | | [aws_db_snapshot.latest_snapshot](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/db_snapshot) | data source | | [aws_eks_cluster.cluster](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/eks_cluster) | data source | +| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/region) | data source | | [aws_security_group.default](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/security_group) | data source | | [aws_ssm_parameter.subnet_ids](https://registry.terraform.io/providers/hashicorp/aws/5.67.0/docs/data-sources/ssm_parameter) | data source | | [external_external.rds_final_snapshot_exists](https://registry.terraform.io/providers/hashicorp/external/2.3.4/docs/data-sources/external) | data source | diff --git a/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh b/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh deleted file mode 100755 index a3707b05..00000000 --- a/terraform-unity/modules/terraform-unity-sps-database/check-rds-snapshot.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -db_id=$1 - -if [ -z ${db_id} ]; then - echo "usage : $0 " >2 - exit 1 -fi - -RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region us-west-2 2> /dev/null)) -aws_result=$? - -if [ ${aws_result} -eq 0 ] && [[ ${RESULT[0]} == "DBSNAPSHOTS" ]]; then - result='true' -else - result='false' -fi - -jq -n --arg exists ${result} '{"db_exists": $exists }' diff --git a/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh b/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh index a3707b05..826f78da 100755 --- a/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh +++ b/terraform-unity/modules/terraform-unity-sps-database/check_rds_snapshot.sh @@ -1,13 +1,14 @@ #!/bin/bash db_id=$1 +aws_region=$2 if [ -z ${db_id} ]; then echo "usage : $0 " >2 exit 1 fi -RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region us-west-2 2> /dev/null)) +RESULT=($(aws rds describe-db-snapshots --db-instance-identifier $db_id --output text --region $aws_region 2> /dev/null)) aws_result=$? if [ ${aws_result} -eq 0 ] && [[ ${RESULT[0]} == "DBSNAPSHOTS" ]]; then diff --git a/terraform-unity/modules/terraform-unity-sps-database/data.tf b/terraform-unity/modules/terraform-unity-sps-database/data.tf index eae765e2..033b2068 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/data.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/data.tf @@ -1,3 +1,5 @@ +data "aws_region" "current" {} + data "aws_eks_cluster" "cluster" { name = format(local.resource_name_prefix, "eks") } @@ -17,20 +19,20 @@ data "aws_security_group" "default" { data "aws_db_snapshot" "latest_snapshot" { count = data.external.rds_final_snapshot_exists.result.db_exists ? 1 : 0 db_instance_identifier = format(local.resource_name_prefix, "db") - # db_instance_identifier = aws_db_instance.sps_db.identifier - most_recent = true + most_recent = true # tags = merge(local.common_tags, { - # Name = format(local.resource_name_prefix, "db") - # Component = "processing" - # Stack = "processing" + # Name = format(local.resource_name_prefix, "db") + # Component = "processing" + # Stack = "processing" # }) } data "external" "rds_final_snapshot_exists" { program = [ - "./modules/terraform-unity-sps-database/check_rds_snapshot.sh", - format(local.resource_name_prefix, "db") + "${path.module}/check_rds_snapshot.sh", + format(local.resource_name_prefix, "db"), + data.aws_region.current.name ] } From 1036bc3f2386a29a9c56d8cb715053122bad7ff9 Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Thu, 23 Jan 2025 07:46:25 -0700 Subject: [PATCH 5/7] Adding flag for output --- terraform-unity/modules/terraform-unity-sps-database/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform-unity/modules/terraform-unity-sps-database/outputs.tf b/terraform-unity/modules/terraform-unity-sps-database/outputs.tf index 6fb7ec0d..86f061ac 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/outputs.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/outputs.tf @@ -7,5 +7,5 @@ output "db_secret_arn" { } output "db_latest_snapshot" { - value = data.aws_db_snapshot.latest_snapshot[0].db_snapshot_arn + value = data.external.rds_final_snapshot_exists.result.db_exists ? data.aws_db_snapshot.latest_snapshot[0].db_snapshot_arn : null } From 6ecab2018deaec623e3b595b88cb2b074a8c3673 Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Mon, 27 Jan 2025 04:24:05 -0700 Subject: [PATCH 6/7] Adding tags to the snapshot --- terraform-unity/modules/terraform-unity-sps-database/main.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform-unity/modules/terraform-unity-sps-database/main.tf b/terraform-unity/modules/terraform-unity-sps-database/main.tf index cc593baf..fa1aaaf9 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/main.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/main.tf @@ -77,6 +77,7 @@ resource "aws_db_instance" "sps_db" { backup_retention_period = 7 backup_window = "01:00-02:00" storage_encrypted = true + copy_tags_to_snapshot = true skip_final_snapshot = false final_snapshot_identifier = "${terraform.workspace}-${formatdate("YYYYMMDDhhmmss", timestamp())}" From 8834f773d93d187c14740883e5b3f26023862c0e Mon Sep 17 00:00:00 2001 From: Luca Cinquini Date: Mon, 27 Jan 2025 08:15:26 -0700 Subject: [PATCH 7/7] Changing the name of the final snapshot --- .../modules/terraform-unity-sps-database/data.tf | 6 ------ .../modules/terraform-unity-sps-database/main.tf | 13 ++++++++----- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/terraform-unity/modules/terraform-unity-sps-database/data.tf b/terraform-unity/modules/terraform-unity-sps-database/data.tf index 033b2068..590ab61d 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/data.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/data.tf @@ -21,12 +21,6 @@ data "aws_db_snapshot" "latest_snapshot" { db_instance_identifier = format(local.resource_name_prefix, "db") most_recent = true - # tags = merge(local.common_tags, { - # Name = format(local.resource_name_prefix, "db") - # Component = "processing" - # Stack = "processing" - # }) - } data "external" "rds_final_snapshot_exists" { diff --git a/terraform-unity/modules/terraform-unity-sps-database/main.tf b/terraform-unity/modules/terraform-unity-sps-database/main.tf index fa1aaaf9..f0187c27 100644 --- a/terraform-unity/modules/terraform-unity-sps-database/main.tf +++ b/terraform-unity/modules/terraform-unity-sps-database/main.tf @@ -75,12 +75,15 @@ resource "aws_db_instance" "sps_db" { parameter_group_name = "default.postgres16" backup_retention_period = 7 - backup_window = "01:00-02:00" - storage_encrypted = true - copy_tags_to_snapshot = true + # 07:00-08:00 GMT = 01:00-02:00 PST + backup_window = "07:00-08:00" + storage_encrypted = true + copy_tags_to_snapshot = true - skip_final_snapshot = false - final_snapshot_identifier = "${terraform.workspace}-${formatdate("YYYYMMDDhhmmss", timestamp())}" + skip_final_snapshot = false + # rds:unity-luca-1-dev-sps-db-2025-01-26-12-14 + # unity-luca-1-dev-sps-20250122213608 + final_snapshot_identifier = "${terraform.workspace}-db-${formatdate("YYYY-MM-DD-hh-mm", timestamp())}" snapshot_identifier = try(data.aws_db_snapshot.latest_snapshot[0].id, null) publicly_accessible = false db_subnet_group_name = aws_db_subnet_group.db.name