| alarms |
n/a |
object({
enabled = optional(bool, true)
sns_topic = string
custom_values = optional(any, {})
}) |
n/a |
yes |
| allocated_storage |
The allocated storage in gigabytes |
number |
20 |
no |
| apply_immediately |
Specifies whether any database modifications are applied immediately, or during the next maintenance window |
bool |
false |
no |
| backup_retention_period |
The days to retain backups for |
number |
35 |
no |
| backup_window |
The daily time range (in UTC) during which automated backups are created if they are enabled. Example: '09:46-10:16'. Must not overlap with maintenance_window |
string |
"03:00-06:00" |
no |
| cloudwatch_log_group_retention_in_days |
The number of days to retain CloudWatch logs for the DB instance |
number |
30 |
no |
| create_cloudwatch_log_group |
Determines whether a CloudWatch log group is created for each enabled_cloudwatch_logs_exports |
bool |
true |
no |
| create_db_option_group |
Create a database option group |
bool |
false |
no |
| create_db_parameter_group |
Whether to create a database parameter group |
bool |
false |
no |
| create_db_subnet_group |
Whether to create a database subnet group |
bool |
true |
no |
| create_monitoring_role |
Create IAM role with a defined name that permits RDS to send enhanced monitoring metrics to CloudWatch Logs |
bool |
false |
no |
| create_security_group |
n/a |
bool |
false |
no |
| db_instance_tags |
Additional tags for the DB instance |
map(any) |
{} |
no |
| db_name |
The DB name to create. If omitted, no database is created initially |
string |
n/a |
yes |
| db_option_group_tags |
Additional tags for the DB option group |
map(any) |
{} |
no |
| db_parameter_group_tags |
n/a |
map(any) |
{} |
no |
| db_password |
Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file |
string |
n/a |
yes |
| db_subnet_group_name |
Name of DB subnet group. DB instance will be created in the VPC associated with the DB subnet group. If unspecified, will be created in the default VPC |
string |
null |
no |
| db_subnet_group_tags |
Additional tags for the DB parameter group |
map(any) |
{} |
no |
| db_subnet_group_use_name_prefix |
Determines whether to use subnet_group_name as is or create a unique name beginning with the subnet_group_name as the prefix |
bool |
false |
no |
| db_username |
Username for the master DB user |
string |
n/a |
yes |
| deletion_protection |
The database can't be deleted when this value is set to true |
bool |
false |
no |
| egress_with_cidr_blocks |
n/a |
list(map(string)) |
[] |
no |
| enabled_cloudwatch_logs_exports |
List of log types to enable for exporting to CloudWatch logs. If omitted, no logs will be exported. Valid values (depending on engine): alert, audit, error, general, listener, slowquery, trace, postgresql (PostgreSQL), upgrade (PostgreSQL) |
list(string) |
[] |
no |
| engine |
The database engine to use |
string |
"mysql" |
no |
| engine_version |
The engine version to use |
string |
"5.7.26" |
no |
| iam_database_authentication_enabled |
Specifies whether or not the mappings of AWS Identity and Access Management (IAM) accounts to database accounts are enabled |
bool |
true |
no |
| identifier |
Specifies the identifier of the CA certificate for the DB instance |
string |
n/a |
yes |
| ingress_with_cidr_blocks |
n/a |
list(map(string)) |
[] |
no |
| instance_class |
The instance type of the RDS instance |
string |
"db.t3.micro" |
no |
| maintenance_window |
The window to perform maintenance in. Syntax: 'ddd:hh24:mi-ddd:hh24:mi'. Eg: 'Mon:00:00-Mon:03:00' |
string |
"Mon:00:00-Mon:03:00" |
no |
| major_engine_version |
Specifies the major version of the engine that this option group should be associated with |
string |
"5.7" |
no |
| manage_master_user_password |
Set to true to allow RDS to manage the master user password in Secrets Manager |
bool |
false |
no |
| max_allocated_storage |
Specifies the value for Storage Autoscaling |
number |
100 |
no |
| monitoring_interval |
The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60 |
number |
0 |
no |
| monitoring_role_name |
Name of the IAM role which will be created when create_monitoring_role is enabled |
string |
null |
no |
| multi_az |
Specifies if the RDS instance is multi-AZ |
bool |
true |
no |
| options |
A list of Options to apply |
list(any) |
[
{
"option_name": "MARIADB_AUDIT_PLUGIN",
"option_settings": [
{
"name": "SERVER_AUDIT_EVENTS",
"value": "CONNECT"
},
{
"name": "SERVER_AUDIT_FILE_ROTATIONS",
"value": "37"
}
]
}
] |
no |
| parameter_group_name |
Name of the DB parameter group to associate or create |
string |
"default.mysql5.7" |
no |
| parameters |
A list of DB parameters (map) to apply |
list(map(any)) |
[] |
no |
| port |
The port on which the DB accepts connections |
number |
null |
no |
| security_group_description |
n/a |
string |
"MySQL security group" |
no |
| security_group_name |
n/a |
string |
"db_security_group" |
no |
| skip_final_snapshot |
Determines whether a final DB snapshot is created before the DB instance is deleted. If true is specified, no DBSnapshot is created. If false is specified, a DB snapshot is created before the DB instance is deleted |
bool |
false |
no |
| slow_queries |
n/a |
object({
enabled = optional(bool, true)
query_duration = optional(number, 3)
}) |
{
"enabled": true,
"query_duration": 3
} |
no |
| storage_encrypted |
Specifies whether the DB instance is encrypted |
bool |
false |
no |
| storage_type |
One of 'standard' (magnetic), 'gp2' (general purpose SSD), or 'io1' (provisioned IOPS SSD). The default is 'io1' if iops is specified, 'gp2' if not |
string |
"gp2" |
no |
| subnet_ids |
A list of VPC subnet IDs |
list(string) |
n/a |
yes |
| tags |
A mapping of tags to assign to all resources |
map(any) |
{} |
no |
| vpc_id |
n/a |
string |
"" |
no |
| vpc_security_group_ids |
List of VPC security groups to associate |
list(string) |
[] |
no |