fix: add enable variable

clouddrove · Jan 23, 2024 · 7432695 · 7432695
1 parent 796253f
commit 7432695
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 29 deletions.
diff --git a/example/basic/main.tf b/example/basic/main.tf
@@ -33,9 +33,9 @@ module "subnets" {
 
 module "documentdb" {
   source              = "../../"
+  enable              = true
   environment         = "test"
   label_order         = ["environment", "name"]
-  vpc_id              = module.vpc.vpc_id
   subnet_list         = module.subnets.private_subnet_id
   database_name       = "test-db"
   master_username     = "test"

diff --git a/example/secured/main.tf b/example/secured/main.tf
@@ -104,10 +104,10 @@ module "security_group-documentdb" {
 
 module "documentdb" {
   source                  = "../../"
+  enable                  = true
   name                    = "documentdb"
   environment             = "test"
   label_order             = ["environment", "name"]
-  vpc_id                  = module.vpc.vpc_id
   subnet_list             = module.subnets.private_subnet_id
   vpc_security_group_ids  = [module.security_group-documentdb.security_group_ids]
   database_name           = "test"

diff --git a/main.tf b/main.tf
@@ -4,6 +4,7 @@
 module "labels" {
   source      = "clouddrove/labels/aws"
   version     = "1.3.0"
+  enabled     = var.enable
   name        = var.name
   repository  = var.repository
   environment = var.environment
@@ -16,7 +17,7 @@ module "labels" {
 ##-----------------------------------------------------------------------------
 
 resource "random_password" "master" {
-  count   = length(var.master_password) == 0 ? 1 : 0
+  count   = var.enable && length(var.master_password) == 0 ? 1 : 0
   length  = 15
   special = false
 }
@@ -26,6 +27,7 @@ resource "random_password" "master" {
 ##-----------------------------------------------------------------------------
 
 resource "aws_docdb_cluster" "this" {
+  count                           = var.enable ? 1 : 0
   cluster_identifier              = var.database_name
   master_username                 = var.master_username
   master_password                 = length(var.master_password) == 0 ? random_password.master[0].result : var.master_password
@@ -39,8 +41,8 @@ resource "aws_docdb_cluster" "this" {
   kms_key_id                      = var.kms_key_id #tfsec:ignore:aws-documentdb-encryption-customer-key
   snapshot_identifier             = var.snapshot_identifier
   vpc_security_group_ids          = var.vpc_security_group_ids
-  db_subnet_group_name            = aws_docdb_subnet_group.this.name
-  db_cluster_parameter_group_name = aws_docdb_cluster_parameter_group.this.name
+  db_subnet_group_name            = aws_docdb_subnet_group.this[0].name
+  db_cluster_parameter_group_name = aws_docdb_cluster_parameter_group.this[0].name
   engine                          = var.engine
   engine_version                  = var.engine_version
   enabled_cloudwatch_logs_exports = var.enabled_cloudwatch_logs_exports
@@ -52,9 +54,9 @@ resource "aws_docdb_cluster" "this" {
 ##-----------------------------------------------------------------------------
 
 resource "aws_docdb_cluster_instance" "this" {
-  count              = var.cluster_size
+  count              = var.enable ? var.cluster_size : 0
   identifier         = "${var.database_name}-${count.index + 1}"
-  cluster_identifier = join("", aws_docdb_cluster.this.*.id)
+  cluster_identifier = aws_docdb_cluster.this[0].id
   apply_immediately  = var.apply_immediately
   instance_class     = var.instance_class
   tags               = module.labels.tags
@@ -67,6 +69,7 @@ resource "aws_docdb_cluster_instance" "this" {
 ##-----------------------------------------------------------------------------
 
 resource "aws_docdb_subnet_group" "this" {
+  count       = var.enable ? 1 : 0
   name        = "subnet-group-${var.database_name}"
   description = "Allowed subnets for DB cluster instances."
   subnet_ids  = var.subnet_list
@@ -78,6 +81,7 @@ resource "aws_docdb_subnet_group" "this" {
 ##-----------------------------------------------------------------------------
 
 resource "aws_docdb_cluster_parameter_group" "this" {
+  count       = var.enable ? 1 : 0
   name        = "parameter-group-${var.database_name}"
   description = "DB cluster parameter group."
   family      = var.cluster_family

diff --git a/outputs.tf b/outputs.tf
@@ -1,5 +1,5 @@
 output "master_username" {
-  value       = aws_docdb_cluster.this.*.master_username
+  value       = try(aws_docdb_cluster.this[0].master_username, null)
   description = "Username for the master DB user."
   sensitive   = true
 }
@@ -11,21 +11,21 @@ output "master_password" {
 }
 
 output "cluster_name" {
-  value       = aws_docdb_cluster.this.*.cluster_identifier
+  value       = try(aws_docdb_cluster.this[0].cluster_identifier, null)
   description = "Cluster Identifier."
 }
 
 output "arn" {
-  value       = aws_docdb_cluster.this.*.arn
+  value       = try(aws_docdb_cluster.this[0].arn, null)
   description = "Amazon Resource Name (ARN) of the cluster."
 }
 
 output "writer_endpoint" {
-  value       = aws_docdb_cluster.this.*.endpoint
+  value       = try(aws_docdb_cluster.this[0].endpoint, null)
   description = "Endpoint of the DocumentDB cluster."
 }
 
 output "reader_endpoint" {
-  value       = aws_docdb_cluster.this.*.reader_endpoint
+  value       = try(aws_docdb_cluster.this[0].reader_endpoint, null)
   description = "A read-only endpoint of the DocumentDB cluster, automatically load-balanced across replicas."
 }
diff --git a/variables.tf b/variables.tf
@@ -2,12 +2,6 @@
 ## AWS Document DB Variables.
 ##-----------------------------------------------------------------------------
 
-variable "port" {
-  description = "Open port in sg for db communication."
-  type        = number
-  default     = 27017
-}
-
 variable "master_password" {
   description = "(Required unless a snapshot_identifier is provided) Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file."
   type        = string
@@ -67,11 +61,6 @@ variable "snapshot_identifier" {
   description = "Specifies whether or not to create this cluster from a snapshot. You can use either the name or ARN when specifying a DB cluster snapshot, or the ARN when specifying a DB snapshot."
 }
 
-variable "vpc_id" {
-  description = "ID of the VPC to deploy database into."
-  type        = string
-}
-
 variable "subnet_list" {
   description = "List of subnet IDs database instances should deploy into."
   type        = list(string)
@@ -136,6 +125,12 @@ variable "ca_cert_identifier" {
 ## Labels variables
 ##-----------------------------------------------------------------------------
 
+variable "enable" {
+  type        = bool
+  default     = true
+  description = "Flag to control the documentDB creation."
+}
+
 variable "name" {
   type        = string
   default     = ""
@@ -166,12 +161,6 @@ variable "managedby" {
   description = "ManagedBy, eg 'CloudDrove'"
 }
 
-variable "attributes" {
-  type        = list(any)
-  default     = []
-  description = "Additional attributes (e.g. `1`)."
-}
-
 variable "deletion_protection" {
   type        = bool
   default     = null