DevOps - Terraform auto-install pgcrypt ext in RDS
Reason: To complete automation RDS setup in future k8s clusters (NCRC etc)
Estimate time: ~ 2-3 hours (in background)
source: https://stackoverflow.com/questions/45394458/how-to-apply-sql-scripts-on-rds-with-terraform
resources:
resource "aws_db_instance" "db_instance" {
identifier = var.database_id
apply_immediately = true
engine = "postgres"
engine_version = "10.16"
instance_class = "db.t2.micro"
allocated_storage = 20
name = random_pet.db_name.id
username = random_pet.db_user.id
password = random_password.db_password.result
db_subnet_group_name = aws_db_subnet_group.db_instance.name
vpc_security_group_ids = [aws_security_group.db_instance.id]
skip_final_snapshot = true
backup_retention_period = 10
provisioner "remote-exec" {
inline = [
"PGPASSWORD=${POSTGRES_PASSWORD} psql -h ${POSTGRES_HOST} -U ${POSTGRES_USER} -d ${POSTGRES_DB} -w -c 'CREATE EXTENSION pgcrypto;'"
]
}
}
or
resource "aws_db_instance" "db_instance" {
identifier = var.database_id
apply_immediately = true
engine = "postgres"
engine_version = "10.16"
instance_class = "db.t2.micro"
allocated_storage = 20
name = random_pet.db_name.id
username = random_pet.db_user.id
password = random_password.db_password.result
db_subnet_group_name = aws_db_subnet_group.db_instance.name
vpc_security_group_ids = [aws_security_group.db_instance.id]
skip_final_snapshot = true
backup_retention_period = 10
}
resource "null_resource" "db_setup" {
provisioner "local-exec" {
command = "psql -h ${aws_db_instance.db_instance.address} -p 5432 -U ${random_pet.db_user.id} -d ${random_pet.db_name.id} -c 'CREATE EXTENSION pgcrypto;'"
environment = {
PGPASSWORD = "${random_password.db_password.result}"
}
}
}