diff --git a/.github/workflows/dynamic-readme.yml b/.github/workflows/dynamic-readme.yml
new file mode 100644
index 0000000..41bb5db
--- /dev/null
+++ b/.github/workflows/dynamic-readme.yml
@@ -0,0 +1,17 @@
+name: update-templates
+
+on:
+ push:
+ branches:
+ - main
+ workflow_dispatch:
+
+jobs:
+ update-templates:
+ permissions:
+ contents: write
+ pull-requests: write
+ pages: write
+ uses: thoughtbot/templates/.github/workflows/dynamic-readme.yaml@main
+ secrets:
+ token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/elasticache-redis-auth-token.yml b/.github/workflows/elasticache-redis-auth-token.yml
new file mode 100644
index 0000000..883cb49
--- /dev/null
+++ b/.github/workflows/elasticache-redis-auth-token.yml
@@ -0,0 +1,23 @@
+name: elasticache-redis/auth-token
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - elasticache-redis/auth-token/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: elasticache-redis/auth-token
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/elasticache-redis-replication-group.yml b/.github/workflows/elasticache-redis-replication-group.yml
new file mode 100644
index 0000000..e5e6030
--- /dev/null
+++ b/.github/workflows/elasticache-redis-replication-group.yml
@@ -0,0 +1,23 @@
+name: elasticache-redis/replication-group
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - elasticache-redis/replication-group/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: elasticache-redis/replication-group
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/kafka.yml b/.github/workflows/kafka.yml
new file mode 100644
index 0000000..0b88d0f
--- /dev/null
+++ b/.github/workflows/kafka.yml
@@ -0,0 +1,23 @@
+name: kafka
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - kafka/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: kafka
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-admin-login.yml b/.github/workflows/rds-postgres-admin-login.yml
new file mode 100644
index 0000000..5c9253f
--- /dev/null
+++ b/.github/workflows/rds-postgres-admin-login.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/admin-login
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/admin-login/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/admin-login
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-cloudwatch-alarms.yml b/.github/workflows/rds-postgres-cloudwatch-alarms.yml
new file mode 100644
index 0000000..fa67734
--- /dev/null
+++ b/.github/workflows/rds-postgres-cloudwatch-alarms.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/cloudwatch-alarms
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/cloudwatch-alarms/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/cloudwatch-alarms
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-parameter-group.yml b/.github/workflows/rds-postgres-parameter-group.yml
new file mode 100644
index 0000000..6746b39
--- /dev/null
+++ b/.github/workflows/rds-postgres-parameter-group.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/parameter-group
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/parameter-group/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/parameter-group
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-primary-instance.yml b/.github/workflows/rds-postgres-primary-instance.yml
new file mode 100644
index 0000000..dfbfd9d
--- /dev/null
+++ b/.github/workflows/rds-postgres-primary-instance.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/primary-instance
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/primary-instance/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/primary-instance
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-rds-postgres-login.yml b/.github/workflows/rds-postgres-rds-postgres-login.yml
new file mode 100644
index 0000000..3972559
--- /dev/null
+++ b/.github/workflows/rds-postgres-rds-postgres-login.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/rds-postgres-login
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/rds-postgres-login/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/rds-postgres-login
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/rds-postgres-replica.yml b/.github/workflows/rds-postgres-replica.yml
new file mode 100644
index 0000000..db92a32
--- /dev/null
+++ b/.github/workflows/rds-postgres-replica.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/replica
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/replica/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/replica
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/security-group-ingress.yml b/.github/workflows/security-group-ingress.yml
new file mode 100644
index 0000000..4f8011c
--- /dev/null
+++ b/.github/workflows/security-group-ingress.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/security-group-ingress
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/security-group-ingress/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/security-group-ingress
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/security-group.yml b/.github/workflows/security-group.yml
new file mode 100644
index 0000000..aa756fa
--- /dev/null
+++ b/.github/workflows/security-group.yml
@@ -0,0 +1,23 @@
+name: rds-postgres/security-group
+on:
+ pull_request:
+ branches:
+ - main
+ paths:
+ - rds-postgres/security-group/**
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ terraform:
+ uses: ./.github/workflows/terraform.yml
+ concurrency: ${{ github.workflow }}
+ with:
+ module: rds-postgres/security-group
+ permissions:
+ id-token: write
+ contents: write
+ checks: write
+ pull-requests: write
diff --git a/.github/workflows/terraform-missing.yml b/.github/workflows/terraform-missing.yml
new file mode 100644
index 0000000..806f136
--- /dev/null
+++ b/.github/workflows/terraform-missing.yml
@@ -0,0 +1,23 @@
+name: terraform-missing
+on:
+ pull_request:
+ branches:
+ - main
+ types:
+ - closed
+ - opened
+ - reopened
+ - synchronize
+jobs:
+ check-terraform-missing:
+ runs-on: [ubuntu-20.04]
+ defaults:
+ run:
+ shell: bash
+ steps:
+
+ - name: Checkout
+ uses: actions/checkout@v2
+
+ - name: Find missing workflows
+ run: bin/find-missing-github-workflows
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
new file mode 100644
index 0000000..dddbf14
--- /dev/null
+++ b/.github/workflows/terraform.yml
@@ -0,0 +1,86 @@
+name: Terraform
+on:
+ workflow_call:
+ inputs:
+ terraform_version:
+ default: 1.6.2
+ type: string
+ module:
+ type: string
+ required: true
+
+jobs:
+ validate:
+ name: Terraform
+ runs-on:
+ - ubuntu-20.04
+ defaults:
+ run:
+ shell: bash
+ working-directory: ${{ inputs.module }}
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.pull_request.head.ref }}
+
+ - name: Setup Terraform
+ uses: hashicorp/setup-terraform@v2
+ with:
+ terraform_version: ${{ inputs.terraform_version }}
+ terraform_wrapper: false
+
+ - name: Setup Node
+ uses: actions/setup-node@v2
+ with:
+ node-version: '14'
+
+ - name: Terraform Format
+ id: fmt
+ run: terraform fmt -check
+
+ - name: Cache tflint
+ uses: actions/cache@v3
+ with:
+ path: ~/.tflint.d/plugins
+ key: ${{ matrix.os }}-tflint-${{ hashFiles('.tflint.hcl') }}
+
+ - name: Setup TFLint
+ uses: terraform-linters/setup-tflint@v1
+ with:
+ tflint_version: v0.45.0
+
+ - name: Init tflint
+ id: lintinit
+ run: tflint --init --config="$GITHUB_WORKSPACE/.tflint.hcl"
+ env:
+ GITHUB_TOKEN: ${{ github.token }}
+
+ - name: Run tflint
+ id: lint
+ run: tflint --config="$GITHUB_WORKSPACE/.tflint.hcl" --format=compact
+
+ docs:
+ name: tf-docs
+ runs-on:
+ - ubuntu-20.04
+ needs: validate
+ defaults:
+ run:
+ shell: bash
+ working-directory: ${{ inputs.module }}
+
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.pull_request.head.ref }}
+
+ - name: Update Docs
+ uses: terraform-docs/gh-actions@v1.0.0
+ with:
+ working-dir: ${{ inputs.module }}
+ output-file: README.md
+ output-method: inject
+ git-push: "true"
diff --git a/.terraform-docs.yml b/.terraform-docs.yml
new file mode 100644
index 0000000..b41d4bd
--- /dev/null
+++ b/.terraform-docs.yml
@@ -0,0 +1,11 @@
+formatter: markdown
+
+output:
+ file: README.md
+ mode: inject
+
+settings:
+ hide-empty: true
+
+ # Avoid reading locked version from running validate
+ lockfile: false
diff --git a/.tflint.hcl b/.tflint.hcl
index 445d038..567896c 100644
--- a/.tflint.hcl
+++ b/.tflint.hcl
@@ -1,6 +1,6 @@
plugin "aws" {
enabled = true
- version = "0.15.0"
+ version = "0.36.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}
diff --git a/.tool-versions b/.tool-versions
index 8dae7b4..0d0436e 100644
--- a/.tool-versions
+++ b/.tool-versions
@@ -1,3 +1,3 @@
-terraform 0.15.5
-terraform-docs 0.12.1
+terraform 1.6.2
+terraform-docs 0.16.0
tflint 0.38.1
diff --git a/README.md b/README.md
index 77b4019..b2bc17e 100644
--- a/README.md
+++ b/README.md
@@ -11,3 +11,7 @@ Modules:
* [User Login](./rds-postgres/user-login/README.md)
* [Redis](./elasticacahe-redis/README.md) (ElastiCache)
* [Cluster](./elasticacahe-redis/cluster/README.md)
+
+
+
+
\ No newline at end of file
diff --git a/bin/find-missing-github-workflows b/bin/find-missing-github-workflows
new file mode 100755
index 0000000..3a0edaa
--- /dev/null
+++ b/bin/find-missing-github-workflows
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+set -e
+
+find_missing() {
+ git ls-files \
+ | grep -e ".*\.tf$" \
+ | grep -v modules \
+ | grep -v templates \
+ | xargs -n1 dirname \
+ | sort \
+ | uniq \
+ | while read root; do
+ workflow=".github/workflows/$(echo "$root" | sed "s|[^a-z0-9-]|-|g").yml"
+
+ if ! [ -f "$workflow" ]; then
+ echo "Expected to find workflow $workflow"
+ fi
+ done
+}
+
+missing=$(find_missing)
+
+if [ -n "$missing" ]; then
+ echo "$missing" >&2
+ exit 1
+fi
diff --git a/elasticache-redis/auth-token/README.md b/elasticache-redis/auth-token/README.md
index b3e87ae..20b2531 100644
--- a/elasticache-redis/auth-token/README.md
+++ b/elasticache-redis/auth-token/README.md
@@ -15,22 +15,22 @@ token is changed.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | ~> 4.0 |
+| [aws](#provider\_aws) | ~> 5.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
-| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function?ref=v0.4.0 | |
-| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret?ref=v0.4.0 | |
-| [security\_group](#module\_security\_group) | ../../security-group | |
+| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function | v0.4.0 |
+| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret | v0.4.0 |
+| [security\_group](#module\_security\_group) | ../../security-group | n/a |
## Resources
diff --git a/elasticache-redis/auth-token/versions.tf b/elasticache-redis/auth-token/versions.tf
index 540414a..bc31fc9 100644
--- a/elasticache-redis/auth-token/versions.tf
+++ b/elasticache-redis/auth-token/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/elasticache-redis/replication-group/README.md b/elasticache-redis/replication-group/README.md
index 0418d69..cdc7cb5 100644
--- a/elasticache-redis/replication-group/README.md
+++ b/elasticache-redis/replication-group/README.md
@@ -7,23 +7,23 @@ Provision a Redis cluster using AWS ElastiCache.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
| [random](#requirement\_random) | ~> 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.67.0 |
-| [random](#provider\_random) | 3.5.1 |
+| [aws](#provider\_aws) | ~> 5.0 |
+| [random](#provider\_random) | ~> 3.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| [client\_security\_group](#module\_client\_security\_group) | ../../security-group | n/a |
-| [customer\_kms](#module\_customer\_kms) | github.com/thoughtbot/terraform-aws-secrets//customer-managed-kms | 3e5155d |
+| [customer\_kms](#module\_customer\_kms) | github.com/thoughtbot/terraform-aws-secrets//customer-managed-kms | v0.7.0 |
| [server\_security\_group](#module\_server\_security\_group) | ../../security-group | n/a |
## Resources
diff --git a/elasticache-redis/replication-group/main.tf b/elasticache-redis/replication-group/main.tf
index 6a40a3a..66f4570 100644
--- a/elasticache-redis/replication-group/main.tf
+++ b/elasticache-redis/replication-group/main.tf
@@ -68,7 +68,7 @@ module "server_security_group" {
allowed_security_group_ids = concat(
var.allowed_security_group_ids,
- module.client_security_group.*.id
+ module.client_security_group[*].id
)
name = coalesce(
@@ -128,8 +128,8 @@ resource "aws_cloudwatch_metric_alarm" "cpu" {
CacheClusterId = local.instances[count.index]
}
- alarm_actions = var.alarm_actions.*.arn
- ok_actions = var.alarm_actions.*.arn
+ alarm_actions = var.alarm_actions[*].arn
+ ok_actions = var.alarm_actions[*].arn
}
resource "aws_cloudwatch_metric_alarm" "memory" {
@@ -150,8 +150,8 @@ resource "aws_cloudwatch_metric_alarm" "memory" {
CacheClusterId = local.instances[count.index]
}
- alarm_actions = var.alarm_actions.*.arn
- ok_actions = var.alarm_actions.*.arn
+ alarm_actions = var.alarm_actions[*].arn
+ ok_actions = var.alarm_actions[*].arn
}
resource "aws_cloudwatch_metric_alarm" "check_cpu_balance" {
@@ -164,8 +164,8 @@ resource "aws_cloudwatch_metric_alarm" "check_cpu_balance" {
threshold = "0"
treat_missing_data = "notBreaching"
- alarm_actions = var.alarm_actions.*.arn
- ok_actions = var.alarm_actions.*.arn
+ alarm_actions = var.alarm_actions[*].arn
+ ok_actions = var.alarm_actions[*].arn
metric_query {
id = "e1"
@@ -231,7 +231,7 @@ locals {
instance_count = var.replica_count + 1
instance_size = split(".", var.node_type)[2]
instances = sort(aws_elasticache_replication_group.this.member_clusters)
- owned_security_group_ids = module.server_security_group.*.id
+ owned_security_group_ids = module.server_security_group[*].id
replica_enabled = var.replica_count > 0
shared_security_group_ids = var.server_security_group_ids
diff --git a/elasticache-redis/replication-group/outputs.tf b/elasticache-redis/replication-group/outputs.tf
index 9c8c6d7..3028e4f 100644
--- a/elasticache-redis/replication-group/outputs.tf
+++ b/elasticache-redis/replication-group/outputs.tf
@@ -1,6 +1,6 @@
output "client_security_group_id" {
description = "Name of the security group created for clients"
- value = join("", module.client_security_group.*.id)
+ value = join("", module.client_security_group[*].id)
}
output "initial_auth_token" {
@@ -20,5 +20,5 @@ output "id" {
output "server_security_group_id" {
description = "Name of the security group created for the server"
- value = join("", module.server_security_group.*.id)
+ value = join("", module.server_security_group[*].id)
}
diff --git a/elasticache-redis/replication-group/versions.tf b/elasticache-redis/replication-group/versions.tf
index b26e354..cc98794 100644
--- a/elasticache-redis/replication-group/versions.tf
+++ b/elasticache-redis/replication-group/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
random = {
source = "hashicorp/random"
diff --git a/kafka/README.md b/kafka/README.md
index 1645bd7..32e00fd 100644
--- a/kafka/README.md
+++ b/kafka/README.md
@@ -24,14 +24,14 @@ module "kafka_staging" {
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.67.0 |
+| [aws](#provider\_aws) | ~> 5.0 |
## Modules
@@ -70,5 +70,5 @@ module "kafka_staging" {
|------|-------------|
| [bootstrap\_brokers](#output\_bootstrap\_brokers) | Comma separated list of one or more hostname:port pairs of kafka brokers suitable to bootstrap connectivity to the kafka cluster |
| [bootstrap\_brokers\_tls](#output\_bootstrap\_brokers\_tls) | TLS connection host:port pairs |
-| [zookeeper\_connect\_string](#output\_zookeeper\_connect\_string) | n/a |
+| [zookeeper\_connect\_string](#output\_zookeeper\_connect\_string) | The connection string to use to connect to the Zookeeper cluster |
\ No newline at end of file
diff --git a/kafka/outputs.tf b/kafka/outputs.tf
index 14ffbd6..525ef35 100644
--- a/kafka/outputs.tf
+++ b/kafka/outputs.tf
@@ -1,5 +1,6 @@
output "zookeeper_connect_string" {
- value = aws_msk_cluster.this.zookeeper_connect_string
+ description = "The connection string to use to connect to the Zookeeper cluster"
+ value = aws_msk_cluster.this.zookeeper_connect_string
}
output "bootstrap_brokers" {
diff --git a/kafka/versions.tf b/kafka/versions.tf
index 540414a..bc31fc9 100644
--- a/kafka/versions.tf
+++ b/kafka/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/rds-postgres/admin-login/README.md b/rds-postgres/admin-login/README.md
index 29b14e9..fc639be 100644
--- a/rds-postgres/admin-login/README.md
+++ b/rds-postgres/admin-login/README.md
@@ -15,22 +15,22 @@ suitable for application credentials. We recommend you combine this module with
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | ~> 4.0 |
+| [aws](#provider\_aws) | ~> 5.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
-| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function?ref=v0.4.0 | |
-| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret?ref=v0.4.0 | |
-| [security\_group](#module\_security\_group) | ../../security-group | |
+| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function | v0.4.0 |
+| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret | v0.4.0 |
+| [security\_group](#module\_security\_group) | ../../security-group | n/a |
## Resources
diff --git a/rds-postgres/admin-login/versions.tf b/rds-postgres/admin-login/versions.tf
index 540414a..bc31fc9 100644
--- a/rds-postgres/admin-login/versions.tf
+++ b/rds-postgres/admin-login/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/rds-postgres/cloudwatch-alarms/README.md b/rds-postgres/cloudwatch-alarms/README.md
index 37fe220..7e15278 100644
--- a/rds-postgres/cloudwatch-alarms/README.md
+++ b/rds-postgres/cloudwatch-alarms/README.md
@@ -7,18 +7,14 @@ Creates useful CloudWatch Alarms for an RDS Postgres database.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.67.0 |
-
-## Modules
-
-No modules.
+| [aws](#provider\_aws) | ~> 5.0 |
## Resources
@@ -26,6 +22,7 @@ No modules.
|------|------|
| [aws_cloudwatch_metric_alarm.check_cpu_balance](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_cloudwatch_metric_alarm.cpu](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
+| [aws_cloudwatch_metric_alarm.db_connections_limit](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_cloudwatch_metric_alarm.disk](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_cloudwatch_metric_alarm.memory](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_metric_alarm) | resource |
| [aws_ec2_instance_type.instance_attributes](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ec2_instance_type) | data source |
@@ -36,10 +33,8 @@ No modules.
|------|-------------|------|---------|:--------:|
| [alarm\_actions](#input\_alarm\_actions) | SNS topic ARNs or other actions to invoke for alarms | `list(string)` | `[]` | no |
| [allocated\_storage](#input\_allocated\_storage) | Size in GB for the database instance | `number` | n/a | yes |
+| [db\_connections\_limit\_threshold](#input\_db\_connections\_limit\_threshold) | The percentage threshold for number of database connections. Default: 80 | `number` | `80` | no |
+| [db\_memory\_threshold](#input\_db\_memory\_threshold) | The percentage threshold of FreeableMemory left for the Database. Default: 20 | `number` | `20` | no |
| [identifier](#input\_identifier) | Identifier of the database to monitor | `string` | n/a | yes |
| [instance\_class](#input\_instance\_class) | Tier for the database instance to monitor | `string` | n/a | yes |
-
-## Outputs
-
-No outputs.
diff --git a/rds-postgres/cloudwatch-alarms/versions.tf b/rds-postgres/cloudwatch-alarms/versions.tf
index 540414a..bc31fc9 100644
--- a/rds-postgres/cloudwatch-alarms/versions.tf
+++ b/rds-postgres/cloudwatch-alarms/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/rds-postgres/parameter-group/README.md b/rds-postgres/parameter-group/README.md
index 5197a13..883ec26 100644
--- a/rds-postgres/parameter-group/README.md
+++ b/rds-postgres/parameter-group/README.md
@@ -7,18 +7,14 @@ Provision a Postgres-compatible RDS parameter group.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | ~> 4.0 |
-
-## Modules
-
-No modules.
+| [aws](#provider\_aws) | ~> 5.0 |
## Resources
diff --git a/rds-postgres/parameter-group/versions.tf b/rds-postgres/parameter-group/versions.tf
index 540414a..bc31fc9 100644
--- a/rds-postgres/parameter-group/versions.tf
+++ b/rds-postgres/parameter-group/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/rds-postgres/primary-instance/README.md b/rds-postgres/primary-instance/README.md
index 481943f..4882f41 100644
--- a/rds-postgres/primary-instance/README.md
+++ b/rds-postgres/primary-instance/README.md
@@ -7,16 +7,16 @@ Provision a Postgres database using AWS RDS.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
| [random](#requirement\_random) | ~> 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.57.1 |
-| [random](#provider\_random) | 3.4.3 |
+| [aws](#provider\_aws) | ~> 5.0 |
+| [random](#provider\_random) | ~> 3.0 |
## Modules
@@ -24,7 +24,7 @@ Provision a Postgres database using AWS RDS.
|------|--------|---------|
| [alarms](#module\_alarms) | ../cloudwatch-alarms | n/a |
| [client\_security\_group](#module\_client\_security\_group) | ../../security-group | n/a |
-| [customer\_kms](#module\_customer\_kms) | github.com/thoughtbot/terraform-aws-secrets//customer-managed-kms | 3e5155d |
+| [customer\_kms](#module\_customer\_kms) | github.com/thoughtbot/terraform-aws-secrets//customer-managed-kms | v0.7.0 |
| [parameter\_group](#module\_parameter\_group) | ../parameter-group | n/a |
| [server\_security\_group](#module\_server\_security\_group) | ../../security-group | n/a |
@@ -50,6 +50,7 @@ Provision a Postgres database using AWS RDS.
| [auto\_minor\_version\_upgrade](#input\_auto\_minor\_version\_upgrade) | Set to false to disable automatic minor version ugprades | `bool` | `true` | no |
| [backup\_retention\_period](#input\_backup\_retention\_period) | Number of days to retain backups | `number` | `30` | no |
| [backup\_window](#input\_backup\_window) | UTC time range in which backups can be captured, such as 18:00-22:00 | `string` | `null` | no |
+| [ca\_cert\_id](#input\_ca\_cert\_id) | Certificate authority for RDS database | `string` | `"rds-ca-rsa2048-g1"` | no |
| [client\_security\_group\_name](#input\_client\_security\_group\_name) | Override the name for the security group; defaults to identifer | `string` | `""` | no |
| [create\_client\_security\_group](#input\_create\_client\_security\_group) | Set to false to only use existing security groups | `bool` | `true` | no |
| [create\_cloudwatch\_alarms](#input\_create\_cloudwatch\_alarms) | Set to false to disable creation of CloudWatch alarms | `bool` | `true` | no |
diff --git a/rds-postgres/primary-instance/main.tf b/rds-postgres/primary-instance/main.tf
index 2bd0ee2..9201787 100644
--- a/rds-postgres/primary-instance/main.tf
+++ b/rds-postgres/primary-instance/main.tf
@@ -88,7 +88,7 @@ module "server_security_group" {
allowed_security_group_ids = concat(
var.allowed_security_group_ids,
- module.client_security_group.*.id
+ module.client_security_group[*].id
)
name = coalesce(
@@ -138,7 +138,7 @@ resource "aws_db_subnet_group" "this" {
}
locals {
- owned_vpc_security_group_ids = module.server_security_group.*.id
+ owned_vpc_security_group_ids = module.server_security_group[*].id
shared_vpc_security_group_ids = var.server_security_group_ids
parameter_group_name = coalesce(
diff --git a/rds-postgres/primary-instance/outputs.tf b/rds-postgres/primary-instance/outputs.tf
index 53fcd85..84fccc2 100644
--- a/rds-postgres/primary-instance/outputs.tf
+++ b/rds-postgres/primary-instance/outputs.tf
@@ -10,7 +10,7 @@ output "admin_username" {
output "client_security_group_id" {
description = "Name of the security group created for clients"
- value = join("", module.client_security_group.*.id)
+ value = join("", module.client_security_group[*].id)
}
output "default_database" {
@@ -45,5 +45,5 @@ output "primary_kms_key" {
output "server_security_group_id" {
description = "Name of the security group created for the server"
- value = join("", module.server_security_group.*.id)
+ value = join("", module.server_security_group[*].id)
}
diff --git a/rds-postgres/primary-instance/versions.tf b/rds-postgres/primary-instance/versions.tf
index b26e354..cc98794 100644
--- a/rds-postgres/primary-instance/versions.tf
+++ b/rds-postgres/primary-instance/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
random = {
source = "hashicorp/random"
diff --git a/rds-postgres/rds-postgres-login/README.md b/rds-postgres/rds-postgres-login/README.md
index 49fc0d6..9e99e31 100644
--- a/rds-postgres/rds-postgres-login/README.md
+++ b/rds-postgres/rds-postgres-login/README.md
@@ -46,21 +46,21 @@ module "rds_admin_password" {
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | ~> 4.0 |
+| [aws](#provider\_aws) | ~> 5.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
-| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function?ref=v0.4.0 | |
-| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret?ref=v0.4.0 | |
+| [rotation](#module\_rotation) | github.com/thoughtbot/terraform-aws-secrets//secret-rotation-function | v0.4.0 |
+| [secret](#module\_secret) | github.com/thoughtbot/terraform-aws-secrets//secret | v0.4.0 |
## Resources
diff --git a/rds-postgres/rds-postgres-login/versions.tf b/rds-postgres/rds-postgres-login/versions.tf
index 540414a..bc31fc9 100644
--- a/rds-postgres/rds-postgres-login/versions.tf
+++ b/rds-postgres/rds-postgres-login/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/rds-postgres/replica/README.md b/rds-postgres/replica/README.md
index 0fa5868..9a6e3da 100644
--- a/rds-postgres/replica/README.md
+++ b/rds-postgres/replica/README.md
@@ -7,14 +7,14 @@ Provision a Postgres database configured as a replica using AWS RDS.
| Name | Version |
|------|---------|
-| [terraform](#requirement\_terraform) | >= 0.14.0 |
-| [aws](#requirement\_aws) | ~> 4.0 |
+| [terraform](#requirement\_terraform) | >= 1.6.2 |
+| [aws](#requirement\_aws) | ~> 5.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | 4.23.0 |
+| [aws](#provider\_aws) | ~> 5.0 |
## Modules
@@ -36,6 +36,7 @@ Provision a Postgres database configured as a replica using AWS RDS.
| [alarm\_actions](#input\_alarm\_actions) | SNS topic ARNs or other actions to invoke for alarms | `list(string)` | `[]` | no |
| [allocated\_storage](#input\_allocated\_storage) | Size in GB for the database instance | `number` | n/a | yes |
| [apply\_immediately](#input\_apply\_immediately) | Set to true to immediately apply changes and cause downtime | `bool` | `false` | no |
+| [ca\_cert\_id](#input\_ca\_cert\_id) | Certificate authority for RDS database | `string` | `"rds-ca-rsa2048-g1"` | no |
| [create\_cloudwatch\_alarms](#input\_create\_cloudwatch\_alarms) | Set to false to disable creation of CloudWatch alarms | `bool` | `true` | no |
| [create\_parameter\_group](#input\_create\_parameter\_group) | Set to false to use existing parameter group | `bool` | `true` | no |
| [engine\_version](#input\_engine\_version) | Version for RDS database engine | `string` | n/a | yes |
diff --git a/rds-postgres/replica/versions.tf b/rds-postgres/replica/versions.tf
index 540414a..bc31fc9 100644
--- a/rds-postgres/replica/versions.tf
+++ b/rds-postgres/replica/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/security-group-ingress/versions.tf b/security-group-ingress/versions.tf
index 540414a..bc31fc9 100644
--- a/security-group-ingress/versions.tf
+++ b/security-group-ingress/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
}
}
diff --git a/security-group/versions.tf b/security-group/versions.tf
index 10d1156..d393b90 100644
--- a/security-group/versions.tf
+++ b/security-group/versions.tf
@@ -1,10 +1,10 @@
terraform {
- required_version = ">= 0.14.0"
+ required_version = ">= 1.6.2"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
}
random = {
source = "hashicorp/random"