Updated pssword conditions

techiescamp · Jul 13, 2023 · ff7f772 · ff7f772
1 parent 2f18564
commit ff7f772
Show file tree

Hide file tree

Showing 5 changed files with 30 additions and 16 deletions.
diff --git a/environments/dev/rds/main.tf b/environments/dev/rds/main.tf
@@ -9,7 +9,8 @@ module "rds" {
   cost_center       = var.cost_center
   environment       = var.environment
   db_username       = var.db_username
-  manage_master_user_password = var.manage_master_user_password
+  set_secret_manager_password = var.set_secret_manager_password
+  set_db_password = var.set_db_password
   db_password       = var.db_password
   db_name           = var.db_name
   db_instance_class = var.db_instance_class

diff --git a/environments/dev/rds/variables.tf b/environments/dev/rds/variables.tf
@@ -33,7 +33,7 @@ variable "db_username" {
   type    = string
 }
 
-variable "manage_master_user_password" {
+variable "set_secret_manager_password" {
   description = "To enable master user password or not"
   type    = bool
   default = false
@@ -57,4 +57,9 @@ variable "db_instance_class" {
 variable "parameter_name" {
   description = "The RDS instance class"
   type    = string
+}
+
+variable "set_db_password" {
+  description = "Condition to check for custom password"
+  type = string
 }
diff --git a/modules/rds/main.tf b/modules/rds/main.tf
@@ -35,8 +35,10 @@ resource "aws_db_instance" "rds_instance" {
   instance_class              = var.db_instance_class
   allocated_storage           = 10
   storage_type                = "gp2"
-  manage_master_user_password = var.manage_master_user_password ? true : false
+  # manage_master_user_password = var.set_secret_manager_password ? true : false
+  manage_master_user_password = var.set_secret_manager_password ? true : null
   username                    = var.db_username
+  password                    = var.set_db_password ? var.db_password : null
   db_subnet_group_name        = "default"
   vpc_security_group_ids      = [aws_security_group.rds_security_group.id]
   backup_retention_period     = 7
@@ -64,14 +66,14 @@ data "aws_db_instance" "rds_instance" {
 }
 
 
-resource "aws_ssm_parameter" "rds_endpoint" {
-  name  = var.parameter_name
-  type  = "String"
-  value = data.aws_db_instance.rds_instance.endpoint
-}
+# resource "aws_ssm_parameter" "rds_endpoint" {
+#   name  = var.parameter_name
+#   type  = "String"
+#   value = data.aws_db_instance.rds_instance.endpoint
+# }
 
-resource "local_file" "password_file" {
-  count      = var.manage_master_user_password ? 0 : 1
-  filename   = "password.txt"
-  content    = var.db_password
-}
+# resource "local_file" "password_file" {
+#   count      = var.manage_master_user_password ? 0 : 1
+#   filename   = "password.txt"
+#   content    = var.db_password
+# }
diff --git a/modules/rds/variables.tf b/modules/rds/variables.tf
@@ -33,7 +33,7 @@ variable "db_username" {
   type    = string
 }
 
-variable "manage_master_user_password" {
+variable "set_secret_manager_password" {
   description = "To enable master user password or not"
   type    = bool
   default = false
@@ -57,4 +57,9 @@ variable "db_instance_class" {
 variable "parameter_name" {
   description = "The RDS instance class"
   type    = string
+}
+
+variable "set_db_password" {
+  description = "Condition to check for custom password"
+  type = string
 }
diff --git a/vars/dev/rds.tfvars b/vars/dev/rds.tfvars
@@ -6,5 +6,6 @@ db_username                 = "petclinic"
 db_name                     = "petclinic-mysql-rds"
 db_instance_class           = "db.t2.micro"
 parameter_name              = "/dev/petclinic/rds_endpoint"
-manage_master_user_password = false
-db_password                 = "rdssecret"
+set_secret_manager_password = false
+set_db_password = true
+db_password                 = "rdssecret"