Aurora Enhanced monitoring support

This commit is contained in:
Linda Xu 2016-08-07 23:43:47 -07:00
parent 3dcee8fb18
commit a5f3deb7ec
3 changed files with 124 additions and 0 deletions

View File

@ -97,6 +97,18 @@ func resourceAwsRDSClusterInstance() *schema.Resource {
ForceNew: true,
},
"monitoring_role_arn": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
},
"monitoring_interval": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
Default: 0,
},
"tags": tagsSchema(),
},
}
@ -128,6 +140,14 @@ func resourceAwsRDSClusterInstanceCreate(d *schema.ResourceData, meta interface{
createOpts.DBSubnetGroupName = aws.String(attr.(string))
}
if attr, ok := d.GetOk("monitoring_role_arn"); ok {
createOpts.MonitoringRoleArn = aws.String(attr.(string))
}
if attr, ok := d.GetOk("monitoring_interval"); ok {
createOpts.MonitoringInterval = aws.Int64(int64(attr.(int)))
}
log.Printf("[DEBUG] Creating RDS DB Instance opts: %s", createOpts)
resp, err := conn.CreateDBInstance(createOpts)
if err != nil {
@ -207,6 +227,14 @@ func resourceAwsRDSClusterInstanceRead(d *schema.ResourceData, meta interface{})
d.Set("identifier", db.DBInstanceIdentifier)
d.Set("storage_encrypted", db.StorageEncrypted)
if db.MonitoringInterval != nil {
d.Set("monitoring_interval", db.MonitoringInterval)
}
if db.MonitoringRoleArn != nil {
d.Set("monitoring_role_arn", db.MonitoringRoleArn)
}
if len(db.DBParameterGroups) > 0 {
d.Set("db_parameter_group_name", db.DBParameterGroups[0].DBParameterGroupName)
}
@ -245,6 +273,18 @@ func resourceAwsRDSClusterInstanceUpdate(d *schema.ResourceData, meta interface{
}
if d.HasChange("monitoring_role_arn") {
d.SetPartial("monitoring_role_arn")
req.MonitoringRoleArn = aws.String(d.Get("monitoring_role_arn").(string))
requestUpdate = true
}
if d.HasChange("monitoring_interval") {
d.SetPartial("monitoring_interval")
req.MonitoringInterval = aws.Int64(int64(d.Get("monitoring_interval").(int)))
requestUpdate = true
}
log.Printf("[DEBUG] Send DB Instance Modification request: %#v", requestUpdate)
if requestUpdate {
log.Printf("[DEBUG] DB Instance Modification request: %#v", req)

View File

@ -187,6 +187,25 @@ func testAccCheckAWSClusterInstanceExists(n string, v *rds.DBInstance) resource.
}
}
func testAccAWSCluster_with_InstanceEnhancedMonitor(t *testing.T) {
var v rds.DBInstance
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSClusterDestroy,
Steps: []resource.TestStep{
resource.TestStep{
Config: testAccAWSClusterInstanceEnhancedMonitor(acctest.RandInt()),
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSClusterInstanceExists("aws_rds_cluster_instance.cluster_instances", &v),
testAccCheckAWSDBClusterInstanceAttributes(&v),
),
},
},
})
}
// Add some random to the name, to avoid collision
func testAccAWSClusterInstanceConfig(n int) string {
return fmt.Sprintf(`
@ -281,3 +300,64 @@ resource "aws_db_parameter_group" "bar" {
}
`, n, n, n, n)
}
func testAccAWSClusterInstanceEnhancedMonitor(n int) string {
return fmt.Sprintf(`
resource "aws_rds_cluster" "default" {
cluster_identifier = "tf-aurora-cluster-test-%d"
availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"]
database_name = "mydb"
master_username = "foo"
master_password = "mustbeeightcharaters"
}
resource "aws_rds_cluster_instance" "cluster_instances" {
identifier = "tf-cluster-instance-%d"
cluster_identifier = "${aws_rds_cluster.default.id}"
instance_class = "db.r3.large"
db_parameter_group_name = "${aws_db_parameter_group.bar.name}"
monitoring_interval = "0"
monitoring_role_arn = "${aws_iam_role.tf_enhanced_monitor_role}"
}
resource "aws_iam_role" "tf_enhanced_monitor_role" {
name = "tf_enhanced_monitor_role-%d"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "monitoring.rds.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
}
resource "aws_iam_policy_attachment" "rds_m_attach" {
name = "AmazonRDSEnhancedMonitoringRole"
roles = ["tf_enhanced_monitor_role"]
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
}
resource "aws_db_parameter_group" "bar" {
name = "tfcluster-test-group-%d"
family = "aurora5.6"
parameter {
name = "back_log"
value = "32767"
apply_method = "pending-reboot"
}
tags {
foo = "bar"
}
}
`, n, n, n, n)
}

View File

@ -66,6 +66,10 @@ details on controlling this property.
* `apply_immediately` - (Optional) Specifies whether any database modifications
are applied immediately, or during the next maintenance window. Default is`false`.
* `storage_encrypted` - (Optional) Specifies whether the DB cluster instance is encrypted. The default is `false` if not specified.
* `monitoring_role_arn` - (Optional) The ARN for the IAM role that permits RDS to send
enhanced monitoring metrics to CloudWatch Logs. You can find more information on the [AWS Documentation](http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.html)
what IAM permissions are needed to allow Enhanced Monitoring for RDS Instances.
* `monitoring_interval` - (Optional) The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collecting Enhanced Monitoring metrics, specify 0. The default is 0. Valid Values: 0, 1, 5, 10, 15, 30, 60.
* `kms_key_id` - (Optional) The ARN for the KMS encryption key. When specifying `kms_key_id`, `storage_encrypted` needs to be set to true
* `tags` - (Optional) A mapping of tags to assign to the instance.