<- All Blueprints
Customizable templates for deploying cloud infrastructure

AWS RDS Cluster

This blueprint creates an AWS RDS Cluster following best practices such as enabling encryption at rest for data security, setting deletion protection by default to prevent accidental deletion, and configuring sensible defaults for backup retention and preferred backup windows. It encourages the use of tags for resource identification and management. The blueprint is organized into intuitive groups to assist users—including those not well-versed in cloud infrastructure—in configuring essential and advanced settings easily.

Define and customize Blueprints to set what infrastructure configuration options are available to developers.

---
constants:
  __name: "{{ name }}_{{ __guid }}"
variables:
  name:
    desc: "Name of the RDS cluster."
    required: true
    group: Cluster Details
  engine:
    desc: "The database engine to use."
    required: true
    group: Cluster Details
    default: "aurora-mysql"
  engine_version:
    desc: "The version number of the database engine."
    required: false
    group: Cluster Details
    default: "5.7.mysql_aurora.2.08.1"
  database_name:
    desc: "Name of the initial database to create."
    required: false
    group: Cluster Details
  master_username:
    desc: "Master username for the database."
    required: true
    group: Credentials
  master_password:
    desc: "Master password for the database."
    required: true
    group: Credentials
  backup_retention_period:
    desc: "Number of days to retain backups."
    required: false
    group: Backup
    default: 7
  preferred_backup_window:
    desc: "Preferred backup window (e.g., '07:00-09:00')."
    required: false
    group: Backup
    default: "07:00-09:00"
  storage_encrypted:
    desc: "Enable storage encryption."
    required: false
    group: Security
    default: true
  kms_key_id:
    desc: "KMS key ARN for encryption."
    required: false
    group: Security
    links_to: resource.aws_kms_key.arn
  deletion_protection:
    desc: "If the RDS cluster should have deletion protection enabled."
    required: false
    group: Security
    default: true
  db_subnet_group_name:
    desc: "DB subnet group name."
    required: true
    group: Network
    links_to: resource.aws_db_subnet_group.name
  vpc_security_group_ids:
    group: VPC Security Groups
    required: false
    links_to: resource.aws_security_group.id
  tags:
    group: Tags
    required: false
groups:
  Cluster Details:
    order: 1
    desc: "Basic settings for the RDS cluster."
  Credentials:
    order: 2
    desc: "Master credentials."
  Backup:
    order: 3
    desc: "Backup configuration."
  Security:
    order: 4
    desc: "Security settings."
  Network:
    order: 5
    desc: "Network settings."
  VPC Security Groups:
    order: 6
    desc: "Security groups for the RDS cluster."
  Tags:
    order: 7
    desc: "Tags to assign to the RDS cluster."
---

resource "aws_rds_cluster" "__name" {
  cluster_identifier       = {{ name }}
  engine                   = {{ engine }}
  engine_version           = {{ engine_version }}
  database_name            = {{ database_name | required: false }}
  master_username          = {{ master_username }}
  master_password          = {{ master_password }}
  backup_retention_period  = {{ backup_retention_period }}
  preferred_backup_window  = {{ preferred_backup_window }}
  storage_encrypted        = {{ storage_encrypted }}
  kms_key_id               = {{ kms_key_id | required: false }}
  deletion_protection      = {{ deletion_protection }}
  db_subnet_group_name     = {{ db_subnet_group_name }}

  vpc_security_group_ids = [
    {{# vpc_security_group_ids }}
      {{ vpc_security_group_ids }},
    {{/ vpc_security_group_ids }}
  ]

  tags = {
    Name = {{ name }}
    {{# tags }}
      {{ tags.key | required: false }} = {{ tags.value | required: false }}
    {{/ tags }}
  }
}

// Enforces encryption at rest for data security.
// Deletion protection is enabled by default to prevent accidental deletion.
// Backup retention and windows are set with sensible defaults.
// Encourages the use of tags for resource identification and management.
//
A form is created automatically that accepts inputs that you defined in the Blueprint.
After filling out the Blueprint form, Terraform is generated and a PR is automatically submitted.
What am I looking at?

Talk to a Human

See Resourcely in action and learn how it can help you secure and manage your cloud infrastructure today!