Skip to content
This repository has been archived by the owner on Sep 27, 2024. It is now read-only.

Latest commit

 

History

History
104 lines (86 loc) · 8.21 KB

README.md

File metadata and controls

104 lines (86 loc) · 8.21 KB

batcave-tf-mssql

This is a Terraform module for a Microsoft SQL Server (Standard Edition) for AWS RDS

  • Note that credentials are stored in AWS Secrets Manger

Debugging Tips

Once the mssql RDS is up and running, you may want to test connectivity from the cluster. To do this:

  1. Start an interactive diagnostic pod with mssql tooling (note your shell will hang, so you'll likely need multiple terminals open):
  kubectl run mssql-diag --image=mcr.microsoft.com/mssql-tools --restart=Never -n default --overrides='{"spec":{"tolerations":[{"effect": "NoSchedule","key": "CriticalAddonsOnly","operator": "Exists" }]}}' -i --tty
  1. In a separate terminal, shell into the mssql-diag pod and run the following command to test connectivity:
sqlcmd -U regscale -P <password> -S <server-url> -Q "SELECT * FROM SYSOBJECTS WHERE xtype='U';"

You should see output showing the tables in the mssql database.

  1. Delete the mssql-diag pod when finished

Requirements

Name Version
terraform >= 1.2
aws >= 4.61.0

Providers

Name Version
aws >= 4.61.0

Modules

Name Source Version
mssql-db terraform-aws-modules/rds/aws 5.2.3

Resources

Name Type
aws_db_instance_role_association.s3_integration resource
aws_db_subnet_group.db_subnet_group resource
aws_route53_record.www resource
aws_security_group.mssql resource
aws_security_group_rule.db_egress resource
aws_security_group_rule.db_ingress_cidr_blocks resource
aws_security_group_rule.db_ingress_prefix_lists resource
aws_security_group_rule.db_ingress_security_groups resource
aws_route53_zone.cms_zone data source

Inputs

Name Description Type Default Required
additional_attached_security_group_ids n/a list(string) [] no
allocated_storage n/a number 20 no
allowed_cidr_blocks n/a list(string) [] no
allowed_prefix_lists n/a list(string) [] no
allowed_security_group_ids n/a list(string) [] no
apply_immediately n/a bool false no
auto_minor_version_upgrade n/a bool true no
backup_retention_period The days to retain backups for. Default 7 number 7 no
backup_window n/a string "03:00-06:00" no
ca_cert_identifier Specifies the identifier of the CA certificate for the DB instance string "rds-ca-rsa2048-g1" no
create_random_password Determines whether to create random password for RDS primary cluster bool true no
deletion_protection n/a bool false no
instance_class Instance classes for instances created under the cluster string "db.r5.xlarge" no
maintenance_window n/a string "Mon:00:00-Mon:03:00" no
master_username n/a string "admin" no
max_allocated_storage n/a number 100 no
name n/a string n/a yes
options A list of Options to apply any [] no
port n/a number 1433 no
route53_record_name n/a string n/a yes
route53_zone_base_domain If route53_zone_id is an empty string, this variable is used to lookup the r53 zone dynamicaly string "" no
route53_zone_id n/a string "" no
s3_integration_role_arn n/a string "" no
skip_final_snapshot n/a bool false no
subnet_group_name_override Override the subnet group name. If not set, the name will be the same as the name of the RDS instance string "" no
subnet_ids n/a list(string) n/a yes
tags n/a map(string)
{
"Owner": "Batcave"
}
no
vpc_id n/a string n/a yes

Outputs

Name Description
db_database_name Name for an automatically created database on creation
db_endpoint Endpoint for the db
db_engine_version_actual The running version of the RDS database
db_hosted_zone_id The Route53 Hosted Zone ID of the endpoint
db_id The RDS Identifier
db_instance_arn Amazon Resource Name (ARN) of RDS instance
db_master_password The database master password
db_master_username The database master username
db_port The database port
db_resource_id The RDS Resource ID