This Terraform module Manages a DocDB Cluster.
-
Removes Complexity: The module abstracts away much of the underlying complexity of provisioning and managing Amazon DocumentDB clusters, making it easier to create and manage clusters with minimal effort.
-
Reusable Configuration: Define your DocumentDB cluster configuration once and reuse it across different projects or environments, reducing duplication and errors.
-
Configuration Options: The module exposes a wide range of configuration options, allowing you to fine-tune your DocumentDB cluster to meet your specific requirements.
Examples available here
NOTE: These examples use the latest version of this module
module "complete_cluster" {
source = "boldlink/docdb/aws"
version = "<specify_latest_version_here>"
cluster_identifier = local.cluster_name
availability_zones = data.aws_availability_zones.available.names
identifier = "${local.cluster_name}-instance"
instance_class = "db.t3.medium"
instance_count = local.count
final_snapshot_identifier = "${local.cluster_name}-final-snapshot"
master_username = random_string.master_username.result
master_password = random_password.master_password.result
subnet_ids = data.aws_subnets.default.ids
tags = {
environment = "examples"
"user::CostCenter" = "terraform-registry"
}
}
AWS DocumentDB Cluster Documentation
Terraform DocumentDB Cluster Documentation
Name | Version |
---|---|
terraform | >= 0.14.11 |
aws | >=4.60.0 |
Name | Version |
---|---|
aws | 5.28.0 |
No modules.
Name | Type |
---|---|
aws_docdb_cluster.this | resource |
aws_docdb_cluster_instance.this | resource |
aws_docdb_cluster_parameter_group.this | resource |
aws_docdb_subnet_group.this | resource |
aws_security_group.this | resource |
aws_security_group_rule.egress | resource |
aws_security_group_rule.ingress | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
apply_immediately | (Optional) Specifies whether any cluster or database modifications are applied immediately, or during the next maintenance window. Default is false. | string |
false |
no |
auto_minor_version_upgrade | (Optional) Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. Default true | bool |
true |
no |
availability_zone | (Optional, Computed) The EC2 Availability Zone that the DB instance is created in. | string |
null |
no |
availability_zones | (Optional) A list of EC2 Availability Zones that instances in the DB cluster can be created in. | list(string) |
[] |
no |
backup_retention_period | (Optional) The days to retain backups for. Default 1 | number |
7 |
no |
cluster_identifier | (Optional, Forces new resources) The cluster identifier. If omitted, Terraform will assign a random, unique identifier. | string |
null |
no |
cluster_identifier_prefix | (Optional, Forces new resource) Creates a unique cluster identifier beginning with the specified prefix. Conflicts with cluster_identifier. | string |
null |
no |
cluster_parameters | (Optional) A list of documentDB parameters to apply. Setting parameters to system default values may show a difference on imported resources. | list(object({ |
[] |
no |
cluster_timeouts | aws_docdb_cluster provides the following Timeouts configuration options: create, update, delete | map(string) |
{} |
no |
create_cluster_parameter_group | Whether to create cluster parameter group | bool |
false |
no |
create_security_group | Whether to create a Security Group for DocDB cluster. | bool |
true |
no |
db_cluster_parameter_group_name | (Optional) A cluster parameter group to associate with the cluster. | string |
null |
no |
deletion_protection | (Optional) A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. | bool |
false |
no |
enabled_cloudwatch_logs_exports | (Optional) List of log types to export to cloudwatch. If omitted, no logs will be exported. The following log types are supported: audit, profiler | list(string) |
[ |
no |
engine | (Optional) The name of the database engine to be used for this DB cluster and instance. Defaults to docdb. Valid Values: docdb | string |
"docdb" |
no |
engine_version | (Optional) The database engine version. Updating this argument results in an outage. | string |
null |
no |
family | (Required, Forces new resource) The family of the documentDB cluster parameter group. | string |
"docdb4.0" |
no |
identifier | (Optional, Forces new resource) The identifier for the DocDB instance, if omitted, Terraform will assign a random, unique identifier. | string |
null |
no |
identifier_prefix | (Optional, Forces new resource) Creates a unique identifier beginning with the specified prefix. Conflicts with identifier | string |
null |
no |
instance_class | (Required) The instance class to use. For details on CPU and memory, see Scaling for DocDB Instances. db.r5.large, db.r5.xlarge ,db.r5.2xlarge, db.r5.4xlarge, db.r5.12xlarge, db.r5.24xlarge, db.r4.large, db.r4.xlarge, db.r4.2xlarge, db.r4.4xlarge, db.r4.8xlarge, db.r4.16xlarge, db.t3.medium | string |
"db.t3.medium" |
no |
instance_count | Number of DocumentDB cluster instances to be created. | number |
3 |
no |
instance_timeouts | aws_docdb_cluster_instance provides the following Timeouts configuration options: create, update, delete | map(string) |
{} |
no |
kms_key_id | (Optional) The ARN for the KMS encryption key. When specifying kms_key_id, storage_encrypted needs to be set to true. | string |
null |
no |
master_password | (Required unless a snapshot_identifier or unless a global_cluster_identifier is provided when the cluster is the 'secondary' cluster of a global database) Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file. | string |
n/a | yes |
master_username | (Required unless a snapshot_identifier or unless a global_cluster_identifier is provided when the cluster is the 'secondary' cluster of a global database) Username for the master DB user | string |
n/a | yes |
name | (Optional, Forces new resource) The name of the documentDB cluster parameter group. If omitted, Terraform will assign a random, unique name. | string |
null |
no |
name_prefix | (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with name. | string |
null |
no |
port | (Optional) The port on which the DB accepts connections | number |
27017 |
no |
preferred_backup_window | (Optional) The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.Time in UTC Default: A 30-minute window selected at random from an 8-hour block of time per regionE.g., 04:00-09:00 | string |
"04:00-05:00" |
no |
preferred_maintenance_window | (Optional) The weekly time range during which system maintenance can occur, in (UTC) e.g., wed:04:00-wed:04:30 | string |
"sun:01:00-sun:03:30" |
no |
promotion_tier | (Optional) Default 0. Failover Priority setting on instance level. The reader who has lower tier has higher priority to get promoter to writer. | number |
0 |
no |
security_group_egress_rules | (Optional) Egress rules to add to the security group | any |
{} |
no |
security_group_ingress_rules | (Optional) Ingress rules to add to the security group | any |
{} |
no |
skip_final_snapshot | (Optional) Determines whether a final DB snapshot is created before the DB cluster is deleted. If true is specified, no DB snapshot is created. If false is specified, a DB snapshot is created before the DB cluster is deleted, using the value from final_snapshot_identifier. Default is false. | bool |
false |
no |
snapshot_identifier | (Optional) Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot. | string |
null |
no |
storage_encrypted | (Optional) Specifies whether the DB cluster is encrypted. The default is false. | bool |
true |
no |
subnet_ids | (Required) A list of VPC subnet IDs. | list(string) |
[] |
no |
subnet_name_prefix | (Optional, Forces new resource) Creates a unique name beginning with the specified prefix. Conflicts with name. | string |
null |
no |
tags | (Optional) A map of tags to assign to the DB cluster. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level. | map(string) |
{} |
no |
vpc_id | (Optional, Forces new resource) VPC ID. Defaults to the region's default VPC. | string |
null |
no |
vpc_security_group_ids | (Optional) List of VPC security groups to associate with the Cluster | list(string) |
[] |
no |
Name | Description |
---|---|
ca_cert_identifier | (Optional) The identifier of the CA certificate for the DB instance. |
cluster_arn | Amazon Resource Name (ARN) of cluster |
cluster_members | List of DocDB Instances that are a part of this cluster |
cluster_resource_id | The DocDB Cluster Resource ID |
endpoint | The DNS address of the DocDB instance |
engine_version | The database engine version |
hosted_zone_id | The Route53 Hosted Zone ID of the endpoint |
id | The DocDB Cluster Identifier |
instance_arn | Amazon Resource Name (ARN) of cluster instance |
kms_key_id | The ARN for the KMS encryption key if one is set to the cluster. |
port | The database port |
preferred_backup_window | The daily time range during which automated backups are created if automated backups are enabled. |
reader_endpoint | A read-only endpoint for the DocDB cluster, automatically load-balanced across replicas |
storage_encrypted | Specifies whether the DB cluster is encrypted. |
tags_all | A map of tags assigned to the resource, including those inherited from the provider default_tags |
writer | Boolean indicating if this instance is writable. False indicates this instance is a read replica. |
This repository uses third party software:
- pre-commit - Used to help ensure code and documentation consistency
- Install with
brew install pre-commit
- Manually use with
pre-commit run
- Install with
- terraform 0.14.11 For backwards compatibility we are using version 0.14.11 for testing making this the min version tested and without issues with terraform-docs.
- terraform-docs - Used to generate the Inputs and Outputs sections
- Install with
brew install terraform-docs
- Manually use via pre-commit
- Install with
- tflint - Used to lint the Terraform code
- Install with
brew install tflint
- Manually use via pre-commit
- Install with
The example stacks are used by BOLDLink developers to validate the modules by building an actual stack on AWS.
Some of the modules have dependencies on other modules (ex. Ec2 instance depends on the VPC module) so we create them first and use data sources on the examples to use the stacks.
Any supporting resources will be available on the tests/supportingResources
and the lifecycle is managed by the Makefile
targets.
Resources on the test/supportingResources
folder are not intended for demo or actual implementation purposes, and can be used for reference.
The makefile contain in this repo is optimized for linux paths and the main purpose is to execute testing for now.
- Create all tests stacks including any supporting resources:
make tests
- Clean all tests except existing supporting resources:
make clean
- Clean supporting resources - this is done separately so you can test your module build/modify/destroy independently.
make cleansupporting
- !!!DANGER!!! Clean the state files from examples and test/supportingResources - use with CAUTION!!!
make cleanstatefiles