Updating single instance

.ebextensions/04-environment.config

@@ -9,17 +9,17 @@ option_settings:
   #   value: AKIA23D4RF6OZWGDKV7W
   # - option_name: STRAPI_S3_SECRET_KEY
   #   value: "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"
-  # - option_name: STRAPI_S3_REGION
+  - option_name: STRAPI_S3_REGION
-  #   value: "eu-west-1"
+    value: "eu-west-1"
-  # - option_name: STRAPI_S3_BUCKET
+  - option_name: STRAPI_S3_BUCKET
-  #   value: "elb-example-bucket-cf"
+    value: "prod-strapi-eb-strapi-uploads"
-  # - option_name: RDS_HOSTNAME
+  - option_name: RDS_HOSTNAME
-  #   value: prod-strapi-elb.chgwfe43ss59.eu-west-1.rds.amazonaws.com
+    value: prod-strapi-eb.chgwfe43ss59.eu-west-1.rds.amazonaws.com
-  # - option_name: RDS_PORT
+  - option_name: RDS_PORT
-  #   value: 5432
+    value: 5432
-  # - option_name: RDS_NAME
+  - option_name: RDS_NAME
-  #   value: postgres
+    value: postgres
-  # - option_name: RDS_USERNAME
+  - option_name: RDS_USERNAME
-  #   value: mainuser
+    value: mainuser
-  # - option_name: RDS_PASSWORD
+  - option_name: RDS_PASSWORD
-  #   value: password
+    value: password

.ebextensions/07-custom-vpc.config

@@ -6,7 +6,7 @@ option_settings:
   #     DBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58"
   #     ELBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58"
   aws:autoscaling:launchconfiguration:
-    SecurityGroups: sg-07a97fc88ba143f26
+    SecurityGroups: sg-087f33381c535528b
   #   aws:elbv2:loadbalancer:
   #     ManagedSecurityGroup: sg-0e6f91df2ed07050a
   #     SecurityGroups: sg-0e6f91df2ed07050a

infrastructure/main.tf

@@ -8,7 +8,7 @@ provider "aws" {
 # tags
 locals {
   tags = {
-    "Project"     = "strapi-elb"
+    "Project"     = "strapi-eb"
     "Description" = "Terraform resources for strapi in Elastic Beanstalk"
   }
 }
@@ -19,6 +19,7 @@ module "vpc" {
   source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.14.0"
   stage  = var.stage
   name   = var.name
+  tags   = local.tags
 
   cidr_block                                      = "172.16.0.0/16"
   enable_default_security_group_with_custom_rules = false
@@ -28,6 +29,7 @@ module "subnets" {
   source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.23.0"
   stage  = var.stage
   name   = var.name
+  tags   = local.tags
 
   availability_zones   = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
   vpc_id               = module.vpc.vpc_id
@@ -41,6 +43,7 @@ resource "aws_security_group" "ec2_security_group" {
   name        = "${var.stage}-${var.name}-ec2_sg"
   description = "Security group assigned to the Elastic Scaling group that is applied to the EC2 instances."
   vpc_id      = module.vpc.vpc_id
+  tags        = local.tags
 
   ingress {
     description = "HTTP"
@@ -67,27 +70,44 @@ resource "aws_security_group" "ec2_security_group" {
   }
 }
 
+resource "aws_security_group" "rds_security_group_public" {
+  name        = "${var.stage}-${var.name}-rds_public_sg"
+  description = "Security group for the RDS instance that allows public access from the internet."
+  vpc_id      = module.vpc.vpc_id
+  tags        = local.tags
+
+  ingress {
+    description = "Incoming Postgres"
+    from_port   = 5432
+    to_port     = 5432
+    protocol    = "tcp"
+    cidr_blocks = ["82.6.205.148/32"]
+  }
+}
+
 # RDS instance
 
 module "rds_instance" {
   source = "git::https://github.com/cloudposse/terraform-aws-rds.git?ref=tags/0.20.0"
   stage  = var.stage
   name   = var.name
+  tags   = local.tags
 
-  allocated_storage   = 5
+  allocated_storage  = 5
-  database_name       = "postgres"
+  database_name      = "postgres"
-  database_user       = "mainuser"
+  database_user      = "mainuser"
-  database_password   = "password"
+  database_password  = "password"
-  database_port       = 5432
+  database_port      = 5432
-  db_parameter_group  = "postgres12"
+  db_parameter_group = "postgres12"
-  engine              = "postgres"
+  engine             = "postgres"
-  engine_version      = "12.3"
+  engine_version     = "12.3"
-  instance_class      = "db.t2.micro"
+  instance_class     = "db.t2.micro"
-  security_group_ids  = [aws_security_group.ec2_security_group.id]
+
-  subnet_ids          = module.subnets.public_subnet_ids
+  security_group_ids           = [aws_security_group.ec2_security_group.id]
-  vpc_id              = module.vpc.vpc_id
+  associate_security_group_ids = [aws_security_group.rds_security_group_public.id]
-  publicly_accessible = true
+  subnet_ids                   = module.subnets.public_subnet_ids
-  tags                = local.tags
+  vpc_id                       = module.vpc.vpc_id
+  publicly_accessible          = true
 }
 
 # S3 bucket

infrastructure/outputs.tf

@@ -1,17 +1,19 @@
 # S3
 output "s3_static_assets_id" {
-  value       = resource.aws_s3_bucket.static_assets.id
+  value       = aws_s3_bucket.static_assets.id
   description = "Name of the static assets S3 bucket."
 }
 
-output "s3_static_assets_arn" {
-  value       = resource.aws_s3_bucket.static_assets.arn
-  description = "ARN of the static assets S3 bucket."
-}
-
 # Security groups
 
 output "aws_security_group_ec2_security_group" {
   value       = aws_security_group.ec2_security_group.id
   description = "Security group for the EC2 instances applied by the Elastic Scaler."
 }
+
+# RDS
+
+output "rds_instance_endpoint" {
+  value = module.rds_instance.instance_endpoint
+  description = "Endpoint of the RDS instance."
+}