From 8742d0ab0db727991c66b9fa8d7ebe36e6e1b346 Mon Sep 17 00:00:00 2001
From: Steven Whitaker <steven.whitaker@claranet.uk>
Date: Fri, 22 Mar 2019 10:08:21 +0000
Subject: [PATCH] Added the enabled variable which controls whether the db
 resources are created

---
 README.md    |  1 +
 alarms.tf    | 10 +++++-----
 main.tf      |  7 ++++++-
 outputs.tf   |  6 +++---
 variables.tf |  6 ++++++
 5 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 878d6ce..85bbbfa 100644
--- a/README.md
+++ b/README.md
@@ -182,6 +182,7 @@ resource "aws_rds_cluster_parameter_group" "aurora_cluster_postgres96_parameter_
 | cw_sns_topic | An SNS topic to publish CloudWatch alarms to | string | `false` | no |
 | db_cluster_parameter_group_name | The name of a DB Cluster parameter group to use | string | `default.aurora5.6` | no |
 | db_parameter_group_name | The name of a DB parameter group to use | string | `default.aurora5.6` | no |
+| enabled | Whether the database resources should be created | string | `true`| no |
 | engine | Aurora database engine type, currently aurora, aurora-mysql or aurora-postgresql | string | `aurora` | no |
 | engine-version | Aurora database engine version. | string | `5.6.10a` | no |
 | envname | Environment name (eg,test, stage or prod) | string | - | yes |
diff --git a/alarms.tf b/alarms.tf
index cfe354e..ad9c51b 100644
--- a/alarms.tf
+++ b/alarms.tf
@@ -1,5 +1,5 @@
 resource "aws_cloudwatch_metric_alarm" "alarm_rds_DatabaseConnections_writer" {
-  count               = "${var.cw_alarms ? 1 : 0}"
+  count               = "${var.enabled && var.cw_alarms ? 1 : 0}"
   alarm_name          = "${aws_rds_cluster.default.id}-alarm-rds-writer-DatabaseConnections"
   comparison_operator = "GreaterThanOrEqualToThreshold"
   evaluation_periods  = "${var.cw_eval_period_connections}"
@@ -19,7 +19,7 @@ resource "aws_cloudwatch_metric_alarm" "alarm_rds_DatabaseConnections_writer" {
 }
 
 resource "aws_cloudwatch_metric_alarm" "alarm_rds_DatabaseConnections_reader" {
-  count               = "${var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
+  count               = "${var.enabled && var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
   alarm_name          = "${aws_rds_cluster.default.id}-alarm-rds-reader-DatabaseConnections"
   comparison_operator = "GreaterThanOrEqualToThreshold"
   evaluation_periods  = "${var.cw_eval_period_connections}"
@@ -39,7 +39,7 @@ resource "aws_cloudwatch_metric_alarm" "alarm_rds_DatabaseConnections_reader" {
 }
 
 resource "aws_cloudwatch_metric_alarm" "alarm_rds_CPU_writer" {
-  count               = "${var.cw_alarms ? 1 : 0}"
+  count               = "${var.enabled && var.cw_alarms ? 1 : 0}"
   alarm_name          = "${aws_rds_cluster.default.id}-alarm-rds-writer-CPU"
   comparison_operator = "GreaterThanOrEqualToThreshold"
   evaluation_periods  = "${var.cw_eval_period_cpu}"
@@ -59,7 +59,7 @@ resource "aws_cloudwatch_metric_alarm" "alarm_rds_CPU_writer" {
 }
 
 resource "aws_cloudwatch_metric_alarm" "alarm_rds_CPU_reader" {
-  count               = "${var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
+  count               = "${var.enabled && var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
   alarm_name          = "${aws_rds_cluster.default.id}-alarm-rds-reader-CPU"
   comparison_operator = "GreaterThanOrEqualToThreshold"
   evaluation_periods  = "${var.cw_eval_period_cpu}"
@@ -79,7 +79,7 @@ resource "aws_cloudwatch_metric_alarm" "alarm_rds_CPU_reader" {
 }
 
 resource "aws_cloudwatch_metric_alarm" "alarm_rds_replica_lag" {
-  count               = "${var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
+  count               = "${var.enabled && var.cw_alarms && var.replica_count > 0 ? 1 : 0}"
   alarm_name          = "${aws_rds_cluster.default.id}-alarm-rds-reader-AuroraReplicaLag"
   comparison_operator = "GreaterThanOrEqualToThreshold"
   evaluation_periods  = "${var.cw_eval_period_replica_lag}"
diff --git a/main.tf b/main.tf
index 4935ead..06571a1 100644
--- a/main.tf
+++ b/main.tf
@@ -162,6 +162,7 @@
 
 // DB Subnet Group creation
 resource "aws_db_subnet_group" "main" {
+  count       = "${var.enabled ? 1 : 0}"
   name        = "${var.name}"
   description = "Group of DB subnets"
   subnet_ids  = ["${var.subnets}"]
@@ -174,6 +175,7 @@ resource "aws_db_subnet_group" "main" {
 
 // Create single DB instance
 resource "aws_rds_cluster_instance" "cluster_instance_0" {
+  count      = "${var.enabled ? 1 : 0}"
   depends_on = [
     "aws_iam_role_policy_attachment.rds-enhanced-monitoring-policy-attach",
   ]
@@ -203,7 +205,7 @@ resource "aws_rds_cluster_instance" "cluster_instance_0" {
 // Create 'n' number of additional DB instance(s) in same cluster
 resource "aws_rds_cluster_instance" "cluster_instance_n" {
   depends_on                   = ["aws_rds_cluster_instance.cluster_instance_0"]
-  count                        = "${var.replica_scale_enabled ? var.replica_scale_min : var.replica_count}"
+  count                        = "${var.enabled ? var.replica_scale_enabled ? var.replica_scale_min : var.replica_count : 0}"
   engine                       = "${var.engine}"
   engine_version               = "${var.engine-version}"
   identifier                   = "${var.identifier_prefix != "" ? format("%s-node-%d", var.identifier_prefix, count.index + 1) : format("%s-aurora-node-%d", var.envname, count.index + 1)}"
@@ -228,6 +230,7 @@ resource "aws_rds_cluster_instance" "cluster_instance_n" {
 
 // Create DB Cluster
 resource "aws_rds_cluster" "default" {
+  count              = "${var.enabled ? 1 : 0}"
   cluster_identifier = "${var.identifier_prefix != "" ? format("%s-cluster", var.identifier_prefix) : format("%s-aurora-cluster", var.envname)}"
   availability_zones = ["${var.azs}"]
   engine             = "${var.engine}"
@@ -252,6 +255,7 @@ resource "aws_rds_cluster" "default" {
 
 // Geneate an ID when an environment is initialised
 resource "random_id" "server" {
+  count   = "${var.enabled ? 1 : 0}"
   keepers = {
     id = "${aws_db_subnet_group.main.name}"
   }
@@ -261,6 +265,7 @@ resource "random_id" "server" {
 
 // IAM Role + Policy attach for Enhanced Monitoring
 data "aws_iam_policy_document" "monitoring-rds-assume-role-policy" {
+  count = "${var.enabled ? 1 : 0}"
   statement {
     actions = ["sts:AssumeRole"]
 
diff --git a/outputs.tf b/outputs.tf
index 7c191cc..1a128b7 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,6 +1,6 @@
 // The 'writer' endpoint for the cluster
 output "cluster_endpoint" {
-  value = "${aws_rds_cluster.default.endpoint}"
+  value = "${join("", aws_rds_cluster.default.*.endpoint)}"
 }
 
 // Comma separated list of all DB instance endpoints running in cluster
@@ -10,10 +10,10 @@ output "all_instance_endpoints_list" {
 
 // A read-only endpoint for the Aurora cluster, automatically load-balanced across replicas
 output "reader_endpoint" {
-  value = "${aws_rds_cluster.default.reader_endpoint}"
+  value = "${join("", aws_rds_cluster.default.*.reader_endpoint)}"
 }
 
 // The ID of the RDS Cluster
 output "cluster_identifier" {
-  value = "${aws_rds_cluster.default.id}"
+  value = "${join("", aws_rds_cluster.default.*.id)}"
 }
diff --git a/variables.tf b/variables.tf
index f181f4d..b3301d6 100644
--- a/variables.tf
+++ b/variables.tf
@@ -247,3 +247,9 @@ variable "iam_database_authentication_enabled" {
   default     = false
   description = "Whether to enable IAM database authentication for the RDS Cluster"
 }
+
+variable "enabled" {
+  type        = "string"
+  default     = true
+  description = "Whether the database resources should be created"
+}