module "aurora" { source = "../aurora" name = "${var.prefix}-${var.cluster_name}" engine = "aurora-mysql" engine_version = var.engine_version instances = { for i in range(var.num_of_instances) : tostring(i) => { instance_class = var.instance_type } } monitoring_interval = 60 iam_role_use_name_prefix = false iam_role_name = "${var.prefix}-rds-monitoring-role" kms_key_id = module.kms.key_arn vpc_id = module.vpc.vpc_id subnets = module.vpc.database_subnets database_name = var.database_name create_db_cluster_parameter_group = var.create_db_cluster_parameter_group db_cluster_parameter_group_family = var.parameter_group_family db_cluster_parameter_group_name = var.cluster_name availability_zones = var.azs enabled_cloudwatch_logs_exports = var.cloud_watch_exports master_password = random_password.password.result master_username = var.db_master_username create_random_password = false allowed_security_groups = [module.eks_cluster.security_group_id] } ############### SECRET MANAGER ###################### data "aws_secretsmanager_secret" "secretmasterdb" { arn = aws_secretsmanager_secret.secretmasterdb.arn } data "aws_secretsmanager_secret_version" "creds" { secret_id = data.aws_secretsmanager_secret.secretmasterdb.arn depends_on = [aws_secretsmanager_secret_version.sversion] } locals { db_creds = jsondecode(data.aws_secretsmanager_secret_version.creds.secret_string) } resource "random_password" "password" { length = 24 override_special = "!#$%&*()-_=+[]{}<>:?" } resource "random_integer" "random" { min = 100 max = 999 } resource "aws_secretsmanager_secret" "secretmasterdb" { name = "${var.prefix}-${var.db_master_username}-${random_integer.random.result}" kms_key_id = module.kms.key_arn } resource "aws_secretsmanager_secret_version" "sversion" { secret_id = aws_secretsmanager_secret.secretmasterdb.id secret_string = <