How do I set up a PostgreSQL database on AWS RDS using Terraform?
Overview
In this guide, we’ll walk you through setting up a PostgreSQL database on AWS RDS. We’ll create necessary resources like VPC, subnet groups, and security groups to ensure that your database instance is secure and isolated within a private network.
Key Concepts
- VPC: Virtual Private Cloud to create an isolated network.
- Subnets: Logical divisions within the VPC to distribute resources.
- Security Groups: Acts as virtual firewalls to control traffic.
- DB Subnet Group: Groups subnets for the RDS instance to operate in.
- RDS Instance: Managed PostgreSQL database instance.
Code Example
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// Create a VPC
const main = new aws.ec2.Vpc("main", {cidrBlock: "10.0.0.0/16"});
// Create subnets within the VPC
const subnet1 = new aws.ec2.Subnet("subnet1", {
vpcId: main.id,
cidrBlock: "10.0.1.0/24",
availabilityZone: "us-west-2a",
});
const subnet2 = new aws.ec2.Subnet("subnet2", {
vpcId: main.id,
cidrBlock: "10.0.2.0/24",
availabilityZone: "us-west-2b",
});
// Create a DB Subnet Group for RDS
const rdsSubnetGroup = new aws.rds.SubnetGroup("rds_subnet_group", {
name: "rds-subnet-group",
subnetIds: [
subnet1.id,
subnet2.id,
],
});
// Create a Security Group for the RDS instance
const rdsSg = new aws.ec2.SecurityGroup("rds_sg", {
vpcId: main.id,
ingress: [{
fromPort: 5432,
toPort: 5432,
protocol: "tcp",
cidrBlocks: ["0.0.0.0/0"],
}],
egress: [{
fromPort: 0,
toPort: 0,
protocol: "-1",
cidrBlocks: ["0.0.0.0/0"],
}],
});
// Create the RDS PostgreSQL instance
const postgres = new aws.rds.Instance("postgres", {
identifier: "my-postgres-db",
instanceClass: aws.rds.InstanceType.T2_Micro,
allocatedStorage: 20,
engine: "postgres",
engineVersion: "12",
name: "mydatabase",
username: "myuser",
password: "mypassword",
dbSubnetGroupName: rdsSubnetGroup.name,
vpcSecurityGroupIds: [rdsSg.id],
skipFinalSnapshot: true,
tags: {
Name: "MyPostgresDB",
},
});
export const dbInstanceEndpoint = postgres.endpoint;
export const dbInstanceId = postgres.id;
Key Points
- VPC Creation: This is the isolated network for your AWS resources.
- Subnet Creation: Created within the VPC for logically segmenting resources.
- Security Groups: This controls the access to your RDS instance.
- DB Subnet Group: Used by RDS to operate within specific subnets.
- RDS PostgreSQL Instance: Configured with basic properties such as allocated storage, engine version, instance class, and credentials.
Conclusion
You have successfully set up a PostgreSQL database on AWS RDS with the resources needed to support it, including VPC, subnets, security group, and subnet group. These resources ensure that your database is secure and properly segmented within your AWS infrastructure.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.