(IaC) Parte 5: Provisionando um banco de dados no AWS RDS com Terraform

Opa, bora seguir na nossa trilha de IaC, hoje com Terraform e AWS RDS. Tenho certeza que vocês vão gostar, afinal o que o artigo vai abordar é bem utilizado no mercado e mostrarei um case real mesmo, com boas práticas. Pegue seu café, se acomode na sua cadeira e bora aprender mais sobre IaC e Terraform.🚀

  • Nosso cenário:
https://www.terraform.io/downloads.html
$ wget https://releases.hashicorp.com/terraform/0.12.24/terraform_0.12.24_linux_amd64.zip
$ unzip terraform_0.12.24_linux_amd64.zip
$ sudo mv terraform /usr/local/bin/
$ terraform --version
provider "aws" {
shared_credentials_file = "/home/user/.aws/credentials"
profile = "myprofile"
region = "sa-east-1"
}
resource "aws_db_instance" "default" {
allocated_storage = var.allocated_storage
storage_type = var.storage_type
engine = var.engine
engine_version = var.engine_version
instance_class = var.instance_class
name = var.name
username = var.username
password = var.password
port = var.port
identifier = var.identifier
parameter_group_name = var.parameter_group_name
skip_final_snapshot = var.skip_final_snapshot
}
variable "engine" {
description = "The database engine"
type = string
default = "mysql"
}
variable "allocated_storage" {
description = "The amount of allocated storage."
type = number
default = 20
}
variable "storage_type" {
description = "type of the storage"
type = string
default = "gp2"
}
variable "username" {
description = "Username for the master DB user."
default = "databaseteste"
type = string
}
variable "password" {
description = "password of the database"
default = "password"
type = string
}
variable "instance_class" {
description = "The RDS instance class"
default = "db.t2.micro"
type = string
}
variable "parameter_group_name" {
description = "Name of the DB parameter group to associate"
default = "default.mysql5.7"
type = string
}
variable "engine_version" {
description = "The engine version"
default = "5.7"
type = number
}
variable "skip_final_snapshot" {
description = "skip snapshot"
default = "true"
type = string
}
variable "identifier" {
description = "The name of the RDS instance"
default = "terraform-database-test"
type = string
}
variable "port" {
description = "The port on which the DB accepts connections"
default = "3306"
type = number
}
variable "name" {
description = "The database name"
default = "Mysqldatabase"
type = string
}
$ terraform initInitializing the backend...Initializing provider plugins...The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.aws: version = "~> 2.58"Terraform has been successfully initialized!You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
$ terraform plan --out rds-plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.
------------------------------------------------------------------------An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:# aws_db_instance.default[0] will be created
+ resource "aws_db_instance" "default" {
+ address = (known after apply)
+ allocated_storage = 20
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = "terraform-database-test"
+ identifier_prefix = (known after apply)
+ instance_class = "db.t2.micro"
+ kms_key_id = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "mydb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ status = (known after apply)
+ storage_type = "gp2"
+ timezone = (known after apply)
+ username = "databaseteste"
+ vpc_security_group_ids = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.------------------------------------------------------------------------Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.
$ terraform apply rds-planAn execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:# aws_db_instance.default[0] will be created
+ resource "aws_db_instance" "default" {
+ address = (known after apply)
+ allocated_storage = 20
+ apply_immediately = (known after apply)
+ arn = (known after apply)
+ auto_minor_version_upgrade = true
+ availability_zone = (known after apply)
+ backup_retention_period = (known after apply)
+ backup_window = (known after apply)
+ ca_cert_identifier = (known after apply)
+ character_set_name = (known after apply)
+ copy_tags_to_snapshot = false
+ db_subnet_group_name = (known after apply)
+ delete_automated_backups = true
+ endpoint = (known after apply)
+ engine = "mysql"
+ engine_version = "5.7"
+ hosted_zone_id = (known after apply)
+ id = (known after apply)
+ identifier = "terraform-database-test"
+ identifier_prefix = (known after apply)
+ instance_class = "db.t2.micro"
+ kms_key_id = (known after apply)
+ license_model = (known after apply)
+ maintenance_window = (known after apply)
+ monitoring_interval = 0
+ monitoring_role_arn = (known after apply)
+ multi_az = (known after apply)
+ name = "mydb"
+ option_group_name = (known after apply)
+ parameter_group_name = "default.mysql5.7"
+ password = (sensitive value)
+ performance_insights_enabled = false
+ performance_insights_kms_key_id = (known after apply)
+ performance_insights_retention_period = (known after apply)
+ port = (known after apply)
+ publicly_accessible = false
+ replicas = (known after apply)
+ resource_id = (known after apply)
+ skip_final_snapshot = true
+ status = (known after apply)
+ storage_type = "gp2"
+ timezone = (known after apply)
+ username = "databaseteste"
+ vpc_security_group_ids = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yesaws_db_instance.default[0]: Creating...
aws_db_instance.default[0]: Still creating... [10s elapsed]
aws_db_instance.default[0]: Still creating... [20s elapsed]
aws_db_instance.default[0]: Still creating... [30s elapsed]
aws_db_instance.default[0]: Still creating... [40s elapsed]
aws_db_instance.default[0]: Still creating... [50s elapsed]
Instância criada no AWS RDS
Sumário da instância MySQL criada
$ terraform destroy 
aws_db_instance.default[0]: Refreshing state... [id=terraform-database-test]
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
- destroy
Terraform will perform the following actions:# aws_db_instance.default[0] will be destroyed
Instância sendo deletada
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yesaws_db_instance.default[0]: Destroying... [id=terraform-database-test]
aws_db_instance.default[0]: Still destroying... [id=terraform-database-test, 10s elapsed]
aws_db_instance.default[0]: Still destroying... [id=terraform-database-test, 20s elapsed]

Senior Linux Administrator at IBM

Senior Linux Administrator at IBM