initial rename and cleanup

locals.tf

@@ -36,7 +36,7 @@ locals {
   ########################################################################
   # Subnet group
   ########################################################################
-  create_db_subnet_group = true
+  # create_db_subnet_group = true
 
   ########################################################################
   # Enhanced Monitoring
@@ -54,12 +54,12 @@ locals {
   # DB Proxy configuration
   ########################################################################
   proxy_name          = var.proxy_name == null ? "${var.identifier}" : var.proxy_name
-  db_proxy_secret_arn = var.include_proxy ? (local.is_serverless ? try(module.db_cluster_serverless[0].cluster_master_user_secret_arn, null) : try(module.db_instance[0].db_instance_master_user_secret_arn, null)) : null
-  proxy_auth_config = var.include_proxy ? {
+  db_proxy_secret_arn = var.is_proxy_included ? (local.is_serverless ? try(module.db_cluster_serverless[0].cluster_master_user_secret_arn, null) : try(module.db_instance[0].db_instance_master_user_secret_arn, null)) : null
+  proxy_auth_config = var.is_proxy_included ? {
     (var.username) = {
       description = "Proxy user for ${var.username}"
       secret_arn  = local.db_proxy_secret_arn # aws_secretsmanager_secret.superuser.arn
-      iam_auth    = var.rds_proxy_iam_auth
+      iam_auth    = var.proxy_iam_auth
     }
   } : {}
 

main.tf

@@ -13,15 +13,15 @@ resource "random_id" "snapshot_identifier" {
 }
 
 resource "null_resource" "validate_instance_type_proxy" { # TODO: need to enforce dependency in proxy module
-  count = var.is_db_cluster && var.include_proxy ? 1 : 0
+  count = var.is_db_cluster && var.is_proxy_included ? 1 : 0
 
   provisioner "local-exec" {
     command = "Running a check"
   }
 
   lifecycle {
     precondition {
-      condition     = var.is_db_cluster && var.include_proxy
+      condition     = var.is_db_cluster && var.is_proxy_included
       error_message = "Cannot create a proxy for a DB cluster"
     }
   }
@@ -32,8 +32,8 @@ module "db_parameter_group" {
   source          = "./modules/instance_parameter_group"
   count           = local.create_db_parameter_group ? 1 : 0
   name            = var.identifier
-  use_name_prefix = var.parameter_group_use_name_prefix
-  description     = var.parameter_group_description
+  use_name_prefix = var.parameter_group_use_name_prefix # TODO: Convert to local
+  description     = var.parameter_group_description     # TODO: Convert to local
   family          = local.parameter_group_family
   parameters      = local.instance_parameters
   tags            = local.all_tags
@@ -158,7 +158,7 @@ module "db_multi_az_cluster" {
 }
 
 
-module "db_cluster_serverless" { # TODO: Revisit defaults
+module "db_cluster_serverless" { # TODO: Revisit defaults and rename to aurora serverless
   source                      = "./modules/rds_aurora"
   count                       = local.is_serverless ? 1 : 0
   name                        = var.identifier
@@ -188,13 +188,13 @@ module "db_cluster_serverless" { # TODO: Revisit defaults
 
 module "db_proxy" {
   source                                = "./modules/rds_proxy"
-  count                                 = var.include_proxy ? 1 : 0
+  count                                 = var.is_proxy_included ? 1 : 0
   tags                                  = local.all_tags
   name                                  = var.identifier
   auth                                  = local.proxy_auth_config
-  debug_logging                         = var.proxy_debug_logging
+  debug_logging                         = var.proxy_debug_logging_is_enabled
   engine_family                         = var.proxy_engine_family
-  idle_client_timeout                   = var.idle_client_timeout
+  idle_client_timeout                   = var.proxy_idle_client_timeout
   require_tls                           = var.proxy_require_tls
   role_arn                              = try(module.db_instance[0].iam_role_for_aws_services.arn, module.db_cluster_serverless[0].iam_role_for_aws_services.arn, null) # TODO: Fix iam_role_for_aws_services for db_cluster_serverless by adding required IAM resources
   vpc_security_group_ids                = [module.security_group_proxy[0].security_group_id]
@@ -230,7 +230,7 @@ module "security_group" { # TODO: update with another rule for public access
 
 module "security_group_proxy" {
   source                   = "./modules/security_group"
-  count                    = var.include_proxy ? 1 : 0
+  count                    = var.is_proxy_included ? 1 : 0
   name                     = var.identifier
   description              = "RDS PostgreSQL security group for proxy"
   vpc_id                   = var.vpc_id

tests/instance/main.tf

@@ -18,21 +18,20 @@ locals {
 }
 
 module "rds_instance_test" {
-  source     = "../../"
+  source             = "../../"
   create_db_instance = true
-  identifier = local.name
+  identifier         = local.name
 
 
-  username                               = "instance_user"
+  username = "instance_user"
 
   apply_immediately                      = true
   publicly_accessible                    = true
-
   subnet_ids                             = concat(module.vpc.public_subnets)
   enabled_cloudwatch_logs_exports        = ["upgrade", "postgresql"]
   cloudwatch_log_group_retention_in_days = 1
-  include_proxy                          = false
-  proxy_debug_logging                    = true
+  is_proxy_included                      = false
+  proxy_debug_logging_is_enabled         = true
 
   # Group variables into maps
   vpc_id = module.vpc.vpc_id
@@ -61,6 +60,7 @@ module "rds_instance_test" {
   data_classification          = "public"
   enable_default_backup        = true
   optional_tags                = local.tags
+  is_kubernetes_app_enabled    = true
 }
 
 ################################################################################

tests/qa/main.tf

@@ -17,7 +17,7 @@ locals {
 
 }
 
-module "rds_instance_test" {
+module "rds_instance_test" { # TODO: change to only use defaults and required variables
   source                                 = "../../"
   identifier                             = local.name
   environment                            = "test"
@@ -33,8 +33,8 @@ module "rds_instance_test" {
   subnet_ids                             = ["subnet-04d5d42ac21fd8e8f", "subnet-0e50a82dec5fc0272", "subnet-0a49d384ff2e8a580"]
   enabled_cloudwatch_logs_exports        = ["upgrade", "postgresql"]
   cloudwatch_log_group_retention_in_days = 1
-  include_proxy                          = true
-  proxy_debug_logging                    = true
+  is_proxy_included                      = true
+  proxy_debug_logging_is_enabled         = true
   enhanced_monitoring_interval           = 0
   allow_major_version_upgrade            = true
   engine_version                         = "16.1"

variables.tf

@@ -60,17 +60,17 @@ variable "replicate_source_db" {
   default     = null
 }
 
-variable "license_model" {
-  description = "License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1"
-  type        = string
-  default     = null
-}
+# variable "license_model" { # TODO: Remove. It's Oracle specific
+#   description = "License model information for this DB instance. Optional, but required for some DB engines, i.e. Oracle SE1"
+#   type        = string
+#   default     = null
+# }
 
-variable "replica_mode" {
-  description = "Specifies whether the replica is in either mounted or open-read-only mode. This attribute is only supported by Oracle instances. Oracle replicas operate in open-read-only mode unless otherwise specified"
-  type        = string
-  default     = null
-}
+# variable "replica_mode" { # TODO: Remove. It's Oracle specific
+#   description = "Specifies whether the replica is in either mounted or open-read-only mode. This attribute is only supported by Oracle instances. Oracle replicas operate in open-read-only mode unless otherwise specified"
+#   type        = string
+#   default     = null
+# }
 
 variable "iam_database_authentication_enabled" {
   description = "Specifies whether or not the mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled"
@@ -292,7 +292,7 @@ variable "restore_to_point_in_time" {
   default     = null
 }
 
-variable "s3_import" {
+variable "s3_import" { # TODO: Remove if only MySQL is supported
   description = "Restore from a Percona Xtrabackup in S3 (only MySQL is supported)"
   type        = map(string)
   default     = null
@@ -328,75 +328,77 @@ variable "subnet_ids" {
   type        = list(string)
 }
 
-# DB parameter group
-variable "create_db_parameter_group" { # Test this
-  description = "Whether to create a database parameter group"
-  type        = bool
-  default     = true
-}
+# # DB parameter group
+# variable "create_db_parameter_group" { # Test this
+#   description = "Whether to create a database parameter group"
+#   type        = bool
+#   default     = true
+# }
 
-variable "parameter_group_name" {
-  description = "Name of the DB parameter group to associate or create"
-  type        = string
-  default     = null
-}
+# variable "parameter_group_name" {
+#   description = "Name of the DB parameter group to associate or create"
+#   type        = string
+#   default     = null
+# }
 
+# TODO: Convert to local
 variable "parameter_group_use_name_prefix" { # It is good to have default value as true in case of upgrades as it results in new parameter group to be created with new engine version
   description = "Determines whether to use `parameter_group_name` as is or create a unique name beginning with the `parameter_group_name` as the prefix"
   type        = bool
   default     = true
 }
 
+# TODO: Convert to local
 variable "parameter_group_description" {
   description = "Description of the DB parameter group to create"
   type        = string
   default     = null
 }
 
-variable "parameter_group_family" {
-  description = "The family of the DB parameter group"
-  type        = string
-  default     = null # varies depending on engine and version and instance type
-}
+# variable "parameter_group_family" {
+#   description = "The family of the DB parameter group"
+#   type        = string
+#   default     = null # varies depending on engine and version and instance type
+# }
 
 variable "instance_parameters" {
-  description = "A list of DB parameters (map) to apply"
+  description = "A list of DB parameters (map) to modify"
   type        = list(map(string))
   default     = []
 }
 
-# DB option group
-variable "create_db_option_group" {
-  description = "Create a database option group"
-  type        = bool
-  default     = true
-}
+# # DB option group # Not used by Postgres
+# variable "create_db_option_group" {
+#   description = "Create a database option group"
+#   type        = bool
+#   default     = true
+# }
 
-variable "option_group_name" {
-  description = "Name of the option group"
-  type        = string
-  default     = null
-}
+# variable "option_group_name" {
+#   description = "Name of the option group"
+#   type        = string
+#   default     = null
+# }
 
-variable "option_group_use_name_prefix" {
-  description = "Determines whether to use `option_group_name` as is or create a unique name beginning with the `option_group_name` as the prefix"
-  type        = bool
-  default     = true
-}
+# variable "option_group_use_name_prefix" {
+#   description = "Determines whether to use `option_group_name` as is or create a unique name beginning with the `option_group_name` as the prefix"
+#   type        = bool
+#   default     = true
+# }
 
-variable "option_group_description" {
-  description = "The description of the option group"
-  type        = string
-  default     = null
-}
+# variable "option_group_description" {
+#   description = "The description of the option group"
+#   type        = string
+#   default     = null
+# }
 
-variable "options" {
-  description = "A list of Options to apply"
-  type        = any
-  default     = []
-}
+# variable "options" {
+#   description = "A list of Options to apply"
+#   type        = any
+#   default     = []
+# }
 
-variable "create_db_instance" {
+variable "create_db_instance" { # TODO: Remove
   description = "Whether to create a database instance"
   type        = bool
   default     = true
@@ -736,20 +738,22 @@ variable "cluster_engine_native_audit_fields_included" {
 # Proxy settings
 ################################################################################
 
-variable "include_proxy" {
+variable "is_proxy_included" {
   description = "Optionally include proxy to help manage database connections"
   type        = bool
   default     = false
 }
 
-variable "proxy_debug_logging" {
+variable "proxy_debug_logging_is_enabled" {
   description = "Turn on debug logging for the proxy"
   default     = false
+  type        = bool
 }
 
-variable "idle_client_timeout" {
+variable "proxy_idle_client_timeout" {
   description = "Idle client timeout of the RDS proxy (keep connection alive)"
   default     = 1800
+  type        = number
 }
 
 variable "proxy_require_tls" {
@@ -784,12 +788,12 @@ variable "proxy_security_group_rules" {
   }
 }
 
-variable "rds_proxy_iam_auth" {
+variable "proxy_iam_auth" {
   type    = string
   default = "DISABLED"
   validation {
-    condition     = contains(["DISABLED", "REQUIRED"], var.rds_proxy_iam_auth)
-    error_message = "Invalid value for var.rds_proxy_iam_auth. Supported values: DISABLED, REQUIRED."
+    condition     = contains(["DISABLED", "REQUIRED"], var.proxy_iam_auth)
+    error_message = "Invalid value for var.proxy_iam_auth. Supported values: DISABLED, REQUIRED."
   }
 }
 
@@ -821,7 +825,7 @@ variable "rds_security_group_rules" {
 
 
 variable "is_kubernetes_app_enabled" {
-  description = "Determines whether to create needed resources to enable access from Kubernetes"
+  description = "Determines whether to create needed resources to enable access from Kubernetes. Set this to `true` if you want to access the RDS instance from Kubernetes pods"
   type        = bool
   default     = false
 }