update db serverless

terraform-in-action · Jul 8, 2021 · 9a72d78 · 9a72d78
1 parent 9cc57da
commit 9a72d78
Show file tree

Hide file tree

Showing 8 changed files with 37 additions and 23 deletions.
diff --git a/modules/apigw/main.tf b/modules/apigw/main.tf
@@ -11,7 +11,7 @@ resource "aws_api_gateway_rest_api" "api" {
 
 #apigw role
 resource "aws_api_gateway_account" "apigw_account" {
-  depends_on = [aws_iam_role_policy.cloudwatch]
+  depends_on          = [aws_iam_role_policy.cloudwatch]
   cloudwatch_role_arn = aws_iam_role.cloudwatch.arn
 }
 
@@ -80,20 +80,20 @@ resource "aws_api_gateway_method" "redirect_method" {
 resource "aws_api_gateway_integration" "redirect_integration" {
   rest_api_id = aws_api_gateway_rest_api.api.id
   resource_id = aws_api_gateway_rest_api.api.root_resource_id
-  http_method = aws_api_gateway_method.redirect_method.http_method 
-  type = "MOCK"
+  http_method = aws_api_gateway_method.redirect_method.http_method
+  type        = "MOCK"
   request_templates = { "application/json" = <<-EOF
   {
     "statusCode" : 302
   }
 EOF
-}
+  }
 }
 
 resource "aws_api_gateway_method_response" "redirect" {
   rest_api_id = aws_api_gateway_rest_api.api.id
   resource_id = aws_api_gateway_rest_api.api.root_resource_id
-  http_method = aws_api_gateway_method.redirect_method.http_method 
+  http_method = aws_api_gateway_method.redirect_method.http_method
 
   response_parameters = {
     "method.response.header.Location" = true
@@ -105,8 +105,8 @@ resource "aws_api_gateway_method_response" "redirect" {
 resource "aws_api_gateway_integration_response" "redirect_integration_response" {
   rest_api_id = aws_api_gateway_rest_api.api.id
   resource_id = aws_api_gateway_rest_api.api.root_resource_id
-  http_method = aws_api_gateway_method.redirect_method.http_method 
-  status_code = aws_api_gateway_method_response.redirect.status_code 
+  http_method = aws_api_gateway_method.redirect_method.http_method
+  status_code = aws_api_gateway_method_response.redirect.status_code
 
   response_parameters = {
     "method.response.header.Location" = "'/v1/ui'"

diff --git a/modules/apigw/outputs.tf b/modules/apigw/outputs.tf
@@ -1,3 +1,3 @@
 output "invoke_url" {
-    value = aws_api_gateway_deployment.api_deployment.invoke_url
+  value = aws_api_gateway_deployment.api_deployment.invoke_url
 }
diff --git a/modules/database/main.tf b/modules/database/main.tf
@@ -3,7 +3,7 @@ data "aws_region" "current" {}
 resource "aws_rds_cluster" "rds_cluster" {
   cluster_identifier      = "${var.namespace}-aurora-cluster"
   engine                  = "aurora-mysql"
-  availability_zones      = ["${data.aws_region.current.name}a","${data.aws_region.current.name}b","${data.aws_region.current.name}c"]
+  availability_zones      = ["${data.aws_region.current.name}a", "${data.aws_region.current.name}b", "${data.aws_region.current.name}c"]
   database_name           = "petstore"
   master_username         = var.rds_user
   master_password         = var.rds_password
@@ -12,7 +12,8 @@ resource "aws_rds_cluster" "rds_cluster" {
   preferred_backup_window = "04:00-07:00"
   engine_mode             = "serverless"
   scaling_configuration {
-    max_capacity             = 2
-    min_capacity             = 2
+    max_capacity = 2
+    min_capacity = 2
   }
+  vpc_security_group_ids = [var.sg.db]
 }
diff --git a/modules/lambda/main.tf b/modules/lambda/main.tf
@@ -58,13 +58,13 @@ resource "aws_default_subnet" "default_az3" {
 
 #lambda function
 resource "aws_lambda_function" "lambda_function" {
-  filename      = "${path.module}/../../dist/function.zip"
-  function_name = "${var.namespace}-lambda"
-  handler       = "deployment"
-  role          = aws_iam_role.lambda_role.arn
-  memory_size   = 256
-  runtime       = "go1.x"
-  timeout       = 60
+  filename                       = "${path.module}/../../dist/function.zip"
+  function_name                  = "${var.namespace}-lambda"
+  handler                        = "deployment"
+  role                           = aws_iam_role.lambda_role.arn
+  memory_size                    = 256
+  runtime                        = "go1.x"
+  timeout                        = 60
   reserved_concurrent_executions = 1
 
   environment {
@@ -78,7 +78,7 @@ resource "aws_lambda_function" "lambda_function" {
   }
 
   vpc_config {
-    subnet_ids = [aws_default_subnet.default_az1.id,aws_default_subnet.default_az2.id,aws_default_subnet.default_az3.id]
+    subnet_ids         = [aws_default_subnet.default_az1.id, aws_default_subnet.default_az2.id, aws_default_subnet.default_az3.id]
     security_group_ids = [var.sg.lambda]
   }
 }

diff --git a/modules/networking/main.tf b/modules/networking/main.tf
@@ -4,7 +4,19 @@ resource "aws_default_vpc" "default" {
 }
 
 module "lambda_sg" {
-  source = "scottwinkler/sg/aws"
-  vpc_id = aws_default_vpc.default.id
+  source        = "terraform-in-action/sg/aws"
+  vpc_id        = aws_default_vpc.default.id
   ingress_rules = []
 }
+
+module "db_sg" {
+  source = "terraform-in-action/sg/aws"
+  vpc_id = aws_default_vpc.default.id
+  ingress_rules = [
+    {
+      protocol        = "tcp"
+      port            = 3306
+      security_groups = [module.lambda_sg.security_group.id]
+    }
+  ]
+}
diff --git a/modules/networking/outputs.tf b/modules/networking/outputs.tf
@@ -1,5 +1,6 @@
 output "sg" {
   value = {
     lambda = module.lambda_sg.security_group.id
+    db     = module.db_sg.security_group.id
   }
 }
diff --git a/modules/networking/variables.tf b/modules/networking/variables.tf
@@ -1,3 +1,3 @@
 variable "namespace" {
-    type = string
+  type = string
 }
diff --git a/outputs.tf b/outputs.tf
@@ -1,3 +1,3 @@
 output "address" {
-    value = module.apigw.invoke_url
+  value = module.apigw.invoke_url
 }