Fixing/changing code based on comments

Author: pkuber-tamr

README.md

@@ -50,6 +50,7 @@ This terraform module will create:
 |------|-------------|------|---------|:--------:|
 | password | The password for the master DB user. | `string` | n/a | yes |
 | rds\_subnet\_ids | VPC subnet IDs in subnet group | `list(string)` | n/a | yes |
+| security\_group\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes |
 | subnet\_group\_name | The name of the subnet group to add the RDS instance to | `string` | n/a | yes |
 | vpc\_id | VPC ID for the rds security group | `string` | n/a | yes |
 | additional\_cidrs | Additional CIDR to connect to RDS Postgres instance | `list(string)` | `[]` | no |
@@ -62,7 +63,6 @@ This terraform module will create:
 | db\_port | The port on which the database accepts connections. | `number` | `5432` | no |
 | engine\_version | Version of RDS Postgres | `string` | `"12.3"` | no |
 | identifier\_prefix | Identifier prefix for the RDS instance | `string` | `"tamr-rds-"` | no |
-| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | `[]` | no |
 | instance\_class | Instance class | `string` | `"db.m4.large"` | no |
 | maintenance\_window | Maintenance window | `string` | `"sun:04:32-sun:05:02"` | no |
 | max\_allocated\_storage | Max allocate storage | `number` | `1000` | no |

examples/minimal/README.md

@@ -11,17 +11,18 @@ No provider.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| ingress\_sg\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes |
-| name-prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes |
+| ingress\_cidr\_blocks | CIDR blocks to attach to security groups for ingress | `list(string)` | n/a | yes |
+| name\_prefix | A string to prepend to names of resources created by this example | `any` | n/a | yes |
+| security\_group\_ids | List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID) | `list(string)` | n/a | yes |
 | subnet\_ids | List of at least 2 subnets in different AZs for DB subnet group | `list(string)` | n/a | yes |
 | vpc\_id | VPC ID of network. | `string` | n/a | yes |
-| additional\_ports | Additional ports to add to the output of this module | `list(number)` | `[]` | no |
-| ports | Ports used by the Elasticsearch | `list(number)` | <pre>[<br>  5432<br>]</pre> | no |
+| egress\_cidr\_blocks | CIDR blocks to attach to security groups for egress | `list(string)` | <pre>[<br>  "0.0.0.0/0"<br>]</pre> | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
 | ingress\_ports | List of ingress ports |
+| rds | n/a |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/minimal/local.tfvars

@@ -1,3 +1,5 @@
-vpc_id         = "vpc-example"
-subnet_ids     = ["subnet-az1", "subnet-az2"]
-ingress_sg_ids = ["example-spark-service-access-sg", "example-tamr-vm-sg"]
+vpc_id              = "vpc-example"
+subnet_ids          = ["subnet-az1", "subnet-az2"]
+security_group_ids  = ["example-spark-service-access-sg", "example-tamr-vm-sg"]
+name_prefix         = "test" # Replace me for a more specific prefix
+ingress_cidr_blocks = ["1.2.3.0/24"]

examples/minimal/main.tf

@@ -12,25 +12,21 @@ module "rds_postgres" {
   subnet_group_name = "example_subnet_group"
   # Network requirement: DB subnet group needs a subnet in at least two Availability Zones
   rds_subnet_ids = var.subnet_ids
-  ingress_sg_ids = var.ingress_sg_ids
+  security_group_ids = module.rds-postgres-sg.security_group_ids
 }
 
 module "sg-ports" {
-  # source               = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git?ref=2.0.0"
+  # source               = "git::https://github.com/Datatamer/terraform-aws-rds-postgres.git//modules/rds-postgres-ports?ref=2.0.0"
   source = "../../modules/rds-postgres-ports"
 }
 
 module "rds-postgres-sg" {
   source = "git::git@github.com:Datatamer/terraform-aws-security-groups.git?ref=1.0.0"
   vpc_id = var.vpc_id
-  ingress_cidr_blocks = [
-    "1.2.3.0/24"
-  ]
-  egress_cidr_blocks = [
-    "0.0.0.0/0"
-  ]
+  ingress_cidr_blocks = var.ingress_cidr_blocks
+  egress_cidr_blocks = var.egress_cidr_blocks
   ingress_ports  = module.sg-ports.ingress_ports
-  sg_name_prefix = var.name-prefix
+  sg_name_prefix = var.name_prefix
   egress_protocol = "all"
   ingress_protocol = "tcp"
 }

examples/minimal/outputs.tf

@@ -1,7 +1,8 @@
 output "ingress_ports" {
-  value = concat(
-  var.ports,
-  var.additional_ports,
-  )
+  value = module.sg-ports
   description = "List of ingress ports"
 }
+
+output "rds" {
+  value = module.rds_postgres
+}

examples/minimal/variables.tf

@@ -8,25 +8,22 @@ variable "subnet_ids" {
   description = "List of at least 2 subnets in different AZs for DB subnet group"
 }
 
-variable "ingress_sg_ids" {
+variable "security_group_ids" {
   description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)"
   type        = list(string)
 }
 
-variable "name-prefix" {
+variable "name_prefix" {
   description = "A string to prepend to names of resources created by this example"
 }
 
-variable "ports" {
-  type        = list(number)
-  description = "Ports used by RDS Postgres"
-  default = [
-    5432
-  ]
+variable "ingress_cidr_blocks" {
+  description = "CIDR blocks to attach to security groups for ingress"
+  type = list(string)
 }
 
-variable "additional_ports" {
-  type        = list(number)
-  description = "Additional ports to add to the output of this module"
-  default     = []
+variable "egress_cidr_blocks" {
+  description = "CIDR blocks to attach to security groups for egress"
+  type = list(string)
+  default = ["0.0.0.0/0"]
 }

main.tf

@@ -30,7 +30,7 @@ resource "aws_db_instance" "rds_postgres" {
   db_subnet_group_name   = aws_db_subnet_group.rds_postgres_subnet_group.name
   multi_az               = true
   publicly_accessible    = false
-  vpc_security_group_ids = var.ingress_sg_ids
+  vpc_security_group_ids = var.security_group_ids
   parameter_group_name   = aws_db_parameter_group.rds_postgres_pg.name
 
   maintenance_window      = var.maintenance_window

modules/rds-postgres-ports/README.md

@@ -6,7 +6,7 @@ This module returns a list of ports used by the RDS Postgres Service.
 Inline example implementation of the module.  This is the most basic example of what it would look like to use this module.
 ```
 module "rds_postgres" {
-  source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres//modules/es-ports?ref=2.0.0"
+  source = "git::https://github.com/Datatamer/terraform-aws-rds-postgres//modules/rds-postgres-ports?ref=2.0.0"
 }
 ```
 

outputs.tf

@@ -9,7 +9,7 @@ output "rds_postgres_id" {
 }
 
 output "rds_security_group_ids" {
-  value       = var.ingress_sg_ids
+  value       = var.security_group_ids
   description = "List of security group ids attached to the rds instance"
 }
 

variables.tf

@@ -115,7 +115,7 @@ variable "security_group_name" {
   default     = "tamr_rds_sg"
 }
 
-variable "ingress_sg_ids" {
+variable "security_group_ids" {
   description = "List of security group IDs to allow ingress from (i.e. Spark cluster SG IDs, Tamr VM SG ID)"
   type        = list(string)
 }