fix: Update Certificate & Remove Storage type (#15)

* fix: use newer certifcate * fix: remove storage_type * terraform-docs: automated action --------- Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
geekcell · Aug 2, 2024 · 3c97405 · 3c97405
1 parent f2d24ff
commit 3c97405
Show file tree

Hide file tree

Showing 7 changed files with 4 additions and 36 deletions.
diff --git a/README.md b/README.md
@@ -86,7 +86,6 @@ such as extended backups, user management, and autoscaling.
 | <a name="input_port"></a> [port](#input\_port) | The port on which the DB accepts connections. | `number` | `3306` | no |
 | <a name="input_preferred_backup_window"></a> [preferred\_backup\_window](#input\_preferred\_backup\_window) | The daily time range (in UTC) during which automated backups are created if they are enabled. | `string` | `"00:00-02:30"` | no |
 | <a name="input_preferred_maintenance_window"></a> [preferred\_maintenance\_window](#input\_preferred\_maintenance\_window) | The weekly time range during which system maintenance can occur, in (UTC). | `string` | `"Mon:03:00-Mon:04:30"` | no |
-| <a name="input_storage_type"></a> [storage\_type](#input\_storage\_type) | Storage type. | `string` | `"aurora"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to the AWS RDS Cluster Instance. | `map(any)` | `{}` | no |
 | <a name="input_vpc_security_group_ids_rds_cluster"></a> [vpc\_security\_group\_ids\_rds\_cluster](#input\_vpc\_security\_group\_ids\_rds\_cluster) | List of VPC security groups to associate with the RDS Proxy. | `list(string)` | `null` | no |
 | <a name="input_vpc_security_group_ids_rds_proxy"></a> [vpc\_security\_group\_ids\_rds\_proxy](#input\_vpc\_security\_group\_ids\_rds\_proxy) | List of VPC security groups to associate with the RDS Proxy. | `list(string)` | `null` | no |

diff --git a/modules/rds_cluster/README.md b/modules/rds_cluster/README.md
@@ -34,7 +34,6 @@
 | <a name="input_skip_final_snapshot"></a> [skip\_final\_snapshot](#input\_skip\_final\_snapshot) | Determines whether a final DB snapshot is created before the DB cluster is deleted. | `bool` | `false` | no |
 | <a name="input_source_region"></a> [source\_region](#input\_source\_region) | The source region for an encrypted replica DB cluster. | `string` | `null` | no |
 | <a name="input_storage_encrypted"></a> [storage\_encrypted](#input\_storage\_encrypted) | Specifies whether the DB cluster is encrypted. | `bool` | `true` | no |
-| <a name="input_storage_type"></a> [storage\_type](#input\_storage\_type) | Specifies the storage type to be associated with the DB cluster. | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to the AWS RDS Cluster. | `map(any)` | `{}` | no |
 | <a name="input_vpc_security_group_ids"></a> [vpc\_security\_group\_ids](#input\_vpc\_security\_group\_ids) | List of VPC security groups to associate with the Cluster | `list(string)` | `null` | no |
 
@@ -56,7 +55,7 @@
 ## Resources
 
 - resource.aws_rds_cluster.main (modules/rds_cluster/main.tf#5)
-- resource.random_password.master_password (modules/rds_cluster/main.tf#113)
-- resource.random_string.master_username (modules/rds_cluster/main.tf#107)
+- resource.random_password.master_password (modules/rds_cluster/main.tf#112)
+- resource.random_string.master_username (modules/rds_cluster/main.tf#106)
 - data source.aws_availability_zones.available (modules/rds_cluster/main.tf#1)
 <!-- END_TF_DOCS -->
diff --git a/modules/rds_cluster/main.tf b/modules/rds_cluster/main.tf
@@ -18,7 +18,6 @@ resource "aws_rds_cluster" "main" {
   iops              = var.iops
   kms_key_id        = module.kms.key_arn
   storage_encrypted = var.storage_encrypted
-  storage_type      = var.storage_type
 
   # Database name
   database_name = var.database_name

diff --git a/modules/rds_cluster/variables.tf b/modules/rds_cluster/variables.tf
@@ -176,12 +176,6 @@ variable "storage_encrypted" {
   type        = bool
 }
 
-variable "storage_type" {
-  default     = null
-  description = "Specifies the storage type to be associated with the DB cluster."
-  type        = string
-}
-
 variable "vpc_security_group_ids" {
   default     = null
   description = "List of VPC security groups to associate with the Cluster"

diff --git a/modules/rds_cluster_instance/README.md b/modules/rds_cluster_instance/README.md
@@ -7,7 +7,7 @@
 |------|-------------|------|---------|:--------:|
 | <a name="input_apply_immediately"></a> [apply\_immediately](#input\_apply\_immediately) | Specifies whether any database modifications are applied immediately, or during the next maintenance window. | `bool` | `true` | no |
 | <a name="input_auto_minor_version_upgrade"></a> [auto\_minor\_version\_upgrade](#input\_auto\_minor\_version\_upgrade) | Indicates that minor engine upgrades will be applied automatically to the DB instance during the maintenance window. | `bool` | `false` | no |
-| <a name="input_ca_cert_identifier"></a> [ca\_cert\_identifier](#input\_ca\_cert\_identifier) | The identifier of the CA certificate for the DB instance. | `string` | `"rds-ca-2019"` | no |
+| <a name="input_ca_cert_identifier"></a> [ca\_cert\_identifier](#input\_ca\_cert\_identifier) | The identifier of the CA certificate for the DB instance. | `string` | `"rds-ca-rsa2048-g1"` | no |
 | <a name="input_cluster_identifier"></a> [cluster\_identifier](#input\_cluster\_identifier) | The cluster identifier. | `string` | n/a | yes |
 | <a name="input_copy_tags_to_snapshot"></a> [copy\_tags\_to\_snapshot](#input\_copy\_tags\_to\_snapshot) | Copy all Cluster tags to snapshots. | `bool` | `true` | no |
 | <a name="input_db_subnet_group_name"></a> [db\_subnet\_group\_name](#input\_db\_subnet\_group\_name) | A DB subnet group to associate with this DB instance. | `string` | n/a | yes |
@@ -19,7 +19,6 @@
 | <a name="input_performance_insights_enabled"></a> [performance\_insights\_enabled](#input\_performance\_insights\_enabled) | Specifies whether Performance Insights is enabled or not. | `bool` | `true` | no |
 | <a name="input_performance_insights_retention_period"></a> [performance\_insights\_retention\_period](#input\_performance\_insights\_retention\_period) | Amount of time in days to retain Performance Insights data. | `number` | `7` | no |
 | <a name="input_publicly_accessible"></a> [publicly\_accessible](#input\_publicly\_accessible) | Bool to control if instance is publicly accessible. | `bool` | `false` | no |
-| <a name="input_storage_type"></a> [storage\_type](#input\_storage\_type) | Storage type. | `string` | `"aurora"` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Tags to add to the AWS Customer Managed Key. | `map(any)` | `{}` | no |
 
 ## Outputs

diff --git a/modules/rds_cluster_instance/variables.tf b/modules/rds_cluster_instance/variables.tf
@@ -19,7 +19,7 @@ variable "apply_immediately" {
 }
 
 variable "ca_cert_identifier" {
-  default     = "rds-ca-2019"
+  default     = "rds-ca-rsa2048-g1"
   description = "The identifier of the CA certificate for the DB instance."
   type        = string
 }
@@ -85,14 +85,3 @@ variable "publicly_accessible" {
   description = "Bool to control if instance is publicly accessible."
   type        = bool
 }
-
-variable "storage_type" {
-  default     = "aurora"
-  description = "Storage type."
-  type        = string
-
-  validation {
-    condition     = contains(["aurora"], var.storage_type)
-    error_message = "Value must be `aurora`."
-  }
-}
diff --git a/variables.tf b/variables.tf
@@ -193,17 +193,6 @@ variable "port" {
   type        = number
 }
 
-variable "storage_type" {
-  default     = "aurora"
-  description = "Storage type."
-  type        = string
-
-  validation {
-    condition     = contains(["aurora"], var.storage_type)
-    error_message = "Value must be `aurora`."
-  }
-}
-
 variable "vpc_security_group_ids_rds_cluster" {
   default     = null
   description = "List of VPC security groups to associate with the RDS Proxy."