How to setup PostgreSQL DB on AWS using terraform.md

How to setup PostgreSQL Database on AWS using terraform

---

Initialize Terraform

$ terraform init

$ terraform apply

---

IMPORTANT

Always use "_" sign in the resource name (user_name etc). Sign "-" is forbidden!

---

Create Local Variables

PostgreSQL Variables

POSTGRES_IDENTIFIER > Set itentifier - can be the same as database name

POSTGRES_DB_NAME > Set database name

YOUR_USERNAME > Set unique user name

YOUR_PASSWORD > Set unique user password

POSTGRES_DB_INSTANCE_NAME > Unique name cross all DB instances owned by current AWS account

POSTGRES_DB_PASSWORD > Set database password

POSTGRES_PORT > Default port for PostgreSQL: 5432

---

Some Arguments Explenation

storage_type > "gp2" (general purpose SSD)

instance_class > DB Instance Classes

engine_version > Supported PostgreSQL Database Versions

ingress > To check if rules were created go to AWS Console > Services > EC2 > Security Groups (left menu) > Select specific group > Check 'Inbound rules' and 'Outbound rules' tabs

---

Final Output File with .tf extension

locals {

  postgres_identifier    = POSTGRES_IDENTIFIER
  postgres_name          = POSTGRES_DB_NAME
  postgres_user_name     = YOUR_USERNAME
  postgres_user_password = YOUR_PASSWORD
  postgres_instance_name = POSTGRES_DB_INSTANCE_NAME
  postgres_db_password   = POSTGRES_DB_PASSWORD
  postgres_port          = POSTGRES_PORT

}

// PROVIDERS
provider "aws" {
  region                  = "eu-central-1"
  shared_credentials_file = "$HOME/.aws/credentials"
}

provider "postgresql" {
  host            = aws_db_instance.postgres.address
  port            = local.postgres_port
  database        = local.postgres_database_name
  username        = local.postgres_username
  password        = local.postgres_password
  sslmode         = "require"
  connect_timeout = 15
  superuser       = false
}

// POSTGRES
resource "aws_security_group" "security_group_name" {
  name = "security_group_name"

  ingress {
    from_port   = local.postgres_port
    to_port     = local.postgres_port
    protocol    = "tcp"
    description = "PostgreSQL"
    cidr_blocks = ["0.0.0.0/0"] // >
  }

  ingress {
    from_port        = local.postgres_port
    to_port          = local.postgres_port
    protocol         = "tcp"
    description      = "PostgreSQL"
    ipv6_cidr_blocks = ["::/0"] // >
  }
}

resource "aws_db_instance" "instance_name" {
  allocated_storage      = 20
  storage_type           = "gp2"
  engine                 = "postgres"
  engine_version         = "12.2"
  instance_class         = "db.t2.micro"
  identifier             = local.postgres_identifier
  name                   = local.postgres_instance_name
  username               = local.postgres_user_name
  password               = local.postgres_db_password
  publicly_accessible    = true
  parameter_group_name   = "default.postgres12"
  vpc_security_group_ids = [aws_security_group.<security_group_name>.id]
  skip_final_snapshot    = true
}

resource "postgresql_role" "user_name" {
  name                = local.postgres_user_name
  login               = true
  password            = local.postgres_user_password
  encrypted_password  = true
  create_database     = true
  create_role         = true
  skip_reassign_owned = true
}

---

Check if it works

$ terraform plan

Correct output: Plan: to add, 0 to change, 0 to destroy = SUCCESS

---

Apply instance into AWS

$ transform apply

---

To remove all infractucture

$ terraform destroy

Correct output: Plan: 0 to add, 0 to change, to destroy

---

Helpful Links

AWS Provider

PostgreSQL Provider

AWS DB Instance

AWS Security Group

Postgre Roles

That Provides an RDS instance resource. I was looking for deploying in-house ec2-db solution.