chore: update example projects (#298)

Author: bryantbiggs

examples/complete-mssql/README.md

@@ -35,6 +35,8 @@ Note that this example may create resources which cost money. Run `terraform des
 | Name | Source | Version |
 |------|--------|---------|
 | db | ../../ |  |
+| security_group | terraform-aws-modules/security-group/aws | ~> 3 |
+| vpc | terraform-aws-modules/vpc/aws | ~> 2 |
 
 ## Resources
 
@@ -44,9 +46,6 @@ Note that this example may create resources which cost money. Run `terraform des
 | [aws_iam_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) |
 | [aws_iam_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) |
 | [aws_iam_role_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) |
-| [aws_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) |
-| [aws_subnet_ids](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) |
-| [aws_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) |
 
 ## Inputs
 

examples/complete-mssql/main.tf

@@ -1,33 +1,62 @@
 provider "aws" {
-  region = "us-east-1"
+  region = local.region
 }
 
 locals {
+  name   = "complete-mssql"
+  region = "eu-west-1"
   tags = {
     Owner       = "user"
     Environment = "dev"
   }
 }
 
-##############################################################
-# Data sources to get VPC, subnets and security group details
-##############################################################
-data "aws_vpc" "default" {
-  default = true
-}
+################################################################################
+# Supporting Resources
+################################################################################
+
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 2"
+
+  name = local.name
+  cidr = "10.99.0.0/18"
+
+  azs              = ["${local.region}a", "${local.region}b", "${local.region}c"]
+  public_subnets   = ["10.99.0.0/24", "10.99.1.0/24", "10.99.2.0/24"]
+  private_subnets  = ["10.99.3.0/24", "10.99.4.0/24", "10.99.5.0/24"]
+  database_subnets = ["10.99.7.0/24", "10.99.8.0/24", "10.99.9.0/24"]
 
-data "aws_subnet_ids" "all" {
-  vpc_id = data.aws_vpc.default.id
+  create_database_subnet_group = true
+
+  tags = local.tags
 }
 
-data "aws_security_group" "default" {
-  vpc_id = data.aws_vpc.default.id
-  name   = "default"
+module "security_group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "~> 3"
+
+  name        = local.name
+  description = "Complete SqlServer example security group"
+  vpc_id      = module.vpc.vpc_id
+
+  # ingress
+  ingress_with_cidr_blocks = [
+    {
+      from_port   = 1433
+      to_port     = 1433
+      protocol    = "tcp"
+      description = "SqlServer access from within VPC"
+      cidr_blocks = module.vpc.vpc_cidr_block
+    },
+  ]
+
+  tags = local.tags
 }
 
-#####################################
+################################################################################
 # IAM Role for Windows Authentication
-#####################################
+################################################################################
 
 data "aws_iam_policy_document" "rds_assume_role" {
   statement {
@@ -58,9 +87,9 @@ resource "aws_iam_role_policy_attachment" "rds_directory_services" {
   policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSDirectoryServiceAccess"
 }
 
-##########################################
+################################################################################
 # AWS Directory Service (Acitve Directory)
-##########################################
+################################################################################
 
 resource "aws_directory_service_directory" "demo" {
   name     = "corp.demo.com"
@@ -69,63 +98,61 @@ resource "aws_directory_service_directory" "demo" {
   type     = "MicrosoftAD"
 
   vpc_settings {
-    vpc_id = data.aws_vpc.default.id
+    vpc_id = module.vpc.vpc_id
     # Only 2 subnets, must be in different AZs
-    subnet_ids = slice(tolist(data.aws_subnet_ids.all.ids), 0, 2)
+    subnet_ids = slice(tolist(module.vpc.database_subnets), 0, 2)
   }
 
   tags = local.tags
 }
 
-#####
-# DB
-#####
+################################################################################
+# RDS Module
+################################################################################
 
 module "db" {
   source = "../../"
 
-  identifier = "demodb"
+  identifier = local.name
 
-  engine            = "sqlserver-ex"
-  engine_version    = "14.00.1000.169.v1"
-  instance_class    = "db.t2.medium"
-  allocated_storage = 20
-  storage_encrypted = false
+  engine               = "sqlserver-ex"
+  engine_version       = "15.00.4073.23.v1"
+  family               = "sqlserver-ex-15.0" # DB parameter group
+  major_engine_version = "15.00"             # DB option group
+  instance_class       = "db.t3.large"
 
-  name     = null # "demodb"
-  username = "demouser"
+  allocated_storage     = 20
+  max_allocated_storage = 100
+  storage_encrypted     = false
+
+  name     = null
+  username = "complete_mssql"
   password = "YourPwdShouldBeLongAndSecure!"
-  port     = "1433"
+  port     = 1433
 
   domain               = aws_directory_service_directory.demo.id
   domain_iam_role_name = aws_iam_role.rds_ad_auth.name
 
-  vpc_security_group_ids = [data.aws_security_group.default.id]
-
-  maintenance_window = "Mon:00:00-Mon:03:00"
-  backup_window      = "03:00-06:00"
+  multi_az               = false
+  subnet_ids             = module.vpc.database_subnets
+  vpc_security_group_ids = [module.security_group.this_security_group_id]
 
-  # disable backups to create DB faster
-  backup_retention_period = 0
-
-  tags = local.tags
+  maintenance_window              = "Mon:00:00-Mon:03:00"
+  backup_window                   = "03:00-06:00"
+  enabled_cloudwatch_logs_exports = ["error"]
 
-  # DB subnet group
-  subnet_ids = data.aws_subnet_ids.all.ids
+  backup_retention_period   = 0
+  final_snapshot_identifier = local.name
+  deletion_protection       = false
 
-  # Snapshot name upon DB deletion
-  final_snapshot_identifier = "demodb"
+  performance_insights_enabled          = true
+  performance_insights_retention_period = 7
+  create_monitoring_role                = true
 
+  options                   = []
   create_db_parameter_group = false
   license_model             = "license-included"
+  timezone                  = "GMT Standard Time"
 
-  timezone = "Central Standard Time"
-
-  # Database Deletion Protection
-  deletion_protection = false
-
-  # DB options
-  major_engine_version = "14.00"
-
-  options = []
+  tags = local.tags
 }

examples/complete-mysql/README.md

@@ -26,23 +26,19 @@ Note that this example may create resources which cost money. Run `terraform des
 
 ## Providers
 
-| Name | Version |
-|------|---------|
-| aws | >= 2.49 |
+No provider.
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
 | db | ../../ |  |
+| security_group | terraform-aws-modules/security-group/aws | ~> 3 |
+| vpc | terraform-aws-modules/vpc/aws | ~> 2 |
 
 ## Resources
 
-| Name |
-|------|
-| [aws_security_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/security_group) |
-| [aws_subnet_ids](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet_ids) |
-| [aws_vpc](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/vpc) |
+No resources.
 
 ## Inputs
 

examples/complete-mysql/main.tf

@@ -1,75 +1,99 @@
 provider "aws" {
-  region = "eu-west-1"
+  region = local.region
 }
 
-##############################################################
-# Data sources to get VPC, subnets and security group details
-##############################################################
-data "aws_vpc" "default" {
-  default = true
+locals {
+  name   = "complete-mysql"
+  region = "eu-west-1"
+  tags = {
+    Owner       = "user"
+    Environment = "dev"
+  }
 }
 
-data "aws_subnet_ids" "all" {
-  vpc_id = data.aws_vpc.default.id
-}
+################################################################################
+# Supporting Resources
+################################################################################
 
-data "aws_security_group" "default" {
-  vpc_id = data.aws_vpc.default.id
-  name   = "default"
-}
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 2"
 
-#####
-# DB
-#####
-module "db" {
-  source = "../../"
+  name = local.name
+  cidr = "10.99.0.0/18"
 
-  identifier = "demodb"
+  azs              = ["${local.region}a", "${local.region}b", "${local.region}c"]
+  public_subnets   = ["10.99.0.0/24", "10.99.1.0/24", "10.99.2.0/24"]
+  private_subnets  = ["10.99.3.0/24", "10.99.4.0/24", "10.99.5.0/24"]
+  database_subnets = ["10.99.7.0/24", "10.99.8.0/24", "10.99.9.0/24"]
 
-  # All available versions: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt
-  engine            = "mysql"
-  engine_version    = "5.7.19"
-  instance_class    = "db.t2.large"
-  allocated_storage = 5
-  storage_encrypted = false
-
-  # kms_key_id        = "arm:aws:kms:<region>:<account id>:key/<kms key id>"
-  name     = "demodb"
-  username = "user"
-  password = "YourPwdShouldBeLongAndSecure!"
-  port     = "3306"
+  create_database_subnet_group = true
+
+  tags = local.tags
+}
 
-  vpc_security_group_ids = [data.aws_security_group.default.id]
+module "security_group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "~> 3"
 
-  maintenance_window = "Mon:00:00-Mon:03:00"
-  backup_window      = "03:00-06:00"
+  name        = local.name
+  description = "Complete MySQL example security group"
+  vpc_id      = module.vpc.vpc_id
 
-  multi_az = true
+  # ingress
+  ingress_with_cidr_blocks = [
+    {
+      from_port   = 3306
+      to_port     = 3306
+      protocol    = "tcp"
+      description = "MySQL access from within VPC"
+      cidr_blocks = module.vpc.vpc_cidr_block
+    },
+  ]
 
-  # disable backups to create DB faster
-  backup_retention_period = 0
+  tags = local.tags
+}
 
-  tags = {
-    Owner       = "user"
-    Environment = "dev"
-  }
+################################################################################
+# RDS Module
+################################################################################
 
-  enabled_cloudwatch_logs_exports = ["audit", "general"]
+module "db" {
+  source = "../../"
 
-  # DB subnet group
-  subnet_ids = data.aws_subnet_ids.all.ids
+  identifier = local.name
 
-  # DB parameter group
-  family = "mysql5.7"
+  # All available versions: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt
+  engine               = "mysql"
+  engine_version       = "8.0.20"
+  family               = "mysql8.0" # DB parameter group
+  major_engine_version = "8.0"      # DB option group
+  instance_class       = "db.t3.large"
+
+  allocated_storage     = 20
+  max_allocated_storage = 100
+  storage_encrypted     = false
+
+  name     = "completeMysql"
+  username = "complete_mysql"
+  password = "YourPwdShouldBeLongAndSecure!"
+  port     = 3306
+
+  multi_az               = true
+  subnet_ids             = module.vpc.database_subnets
+  vpc_security_group_ids = [module.security_group.this_security_group_id]
 
-  # DB option group
-  major_engine_version = "5.7"
+  maintenance_window              = "Mon:00:00-Mon:03:00"
+  backup_window                   = "03:00-06:00"
+  enabled_cloudwatch_logs_exports = ["general"]
 
-  # Snapshot name upon DB deletion
-  final_snapshot_identifier = "demodb"
+  backup_retention_period   = 0
+  final_snapshot_identifier = local.name
+  deletion_protection       = false
 
-  # Database Deletion Protection
-  deletion_protection = false
+  performance_insights_enabled          = true
+  performance_insights_retention_period = 7
+  create_monitoring_role                = true
 
   parameters = [
     {
@@ -98,4 +122,6 @@ module "db" {
       ]
     },
   ]
+
+  tags = local.tags
 }