How to create Aurora Serverless database cluster with secret manager in Terraform

1
votes

I've been reading this page: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster

The example there is mainly for the provisioned database, I'm new to the serverless database, is there an Terraform example to create a serverless Aurora database cluster (SQL db), using the secret stored in the secret manager?

Many thanks.

2
amazon-web-servicesterraformterraform-provider-awsamazon-auroraaws-aurora-serverless

2 Answers

2
votes

The basic example of creating serveless aurora is:

resource "aws_rds_cluster" "default" {
  cluster_identifier      = "aurora-cluster-demo"
  engine                  = "aurora-mysql"  
  engine_mode             = "serverless"  
  database_name           = "myauroradb"  
  enable_http_endpoint    = true  
  master_username         = "root"
  master_password         = "chang333eme321"
  backup_retention_period = 1
  
  skip_final_snapshot     = true
  
  scaling_configuration {
    auto_pause               = true
    min_capacity             = 1    
    max_capacity             = 2
    seconds_until_auto_pause = 300
    timeout_action           = "ForceApplyCapacityChange"
  }  
}

I'm not sure what do you want to do with secret manager. Its not clear from your question, so I'm providing any example for it.

2
votes

I'm guessing you want to randomize the master_password? You can do something like this:

master_password = random_password.DatabaseMasterPassword.result

The SSM parameter can be created like so:

resource "aws_ssm_parameter" "SSMDatabaseMasterPassword" {
  name  = "database-master-password"
  type  = "SecureString"
  value = random_password.DatabaseMasterPassword.result
}

The random password can be defined like so:

resource "random_password" "DatabaseMasterPassword" {
  length           = 24
  special          = true
  override_special = "!#$%^*()-=+_?{}|"
}