[terraform] create automated MariaDB backups

Summary: This one line change enables backups on our aws rds mariadb database. Test Plan: Will not land until I've confirmed that after wiping database, I'm able to restore our database point in time to a reasonable prior state (AWS says this is typically 5 minutes). Deleted the database. The time frame given wasn't 5 minutes, it was actually an hour after but I believe this time varies. Was able to initialize a new db instance prior to deleting the database and confirm data was there Reviewers: varun, bartek Reviewed By: bartek Subscribers: ashoat, tomek Differential Revision: https://phab.comm.dev/D13170
CommE2E · Sep 11, 2024 · fc609bd · fc609bd
1 parent 516f451
commit fc609bd
Showing 1 changed file with 19 additions and 17 deletions.
diff --git a/services/terraform/self-host/aws_db.tf b/services/terraform/self-host/aws_db.tf
@@ -37,23 +37,25 @@ resource "aws_security_group" "keyserver_mariadb_security_group" {
 
 # MariaDB RDS Instance
 resource "aws_db_instance" "mariadb" {
-  allocated_storage      = 100
-  max_allocated_storage  = 3000
-  storage_type           = "gp3"
-  db_name                = "mariadb"
-  identifier             = "mariadb-instance"
-  engine                 = "mariadb"
-  engine_version         = "10.11"
-  instance_class         = var.db_instance_class
-  db_subnet_group_name   = aws_db_subnet_group.public_db_subnet_group.name
-  vpc_security_group_ids = [aws_security_group.keyserver_mariadb_security_group.id]
-  username               = local.mariadb_username
-  password               = local.mariadb_password
-  parameter_group_name   = aws_db_parameter_group.mariadb_parameter_group.name
-  storage_encrypted      = true
-  publicly_accessible    = true
-  port                   = local.mariadb_port
-  skip_final_snapshot    = true
+  allocated_storage       = 100
+  max_allocated_storage   = 3000
+  storage_type            = "gp3"
+  db_name                 = "mariadb"
+  identifier              = "mariadb-instance"
+  engine                  = "mariadb"
+  engine_version          = "10.11"
+  backup_retention_period = 7
+  backup_window           = "06:00-07:00"
+  instance_class          = var.db_instance_class
+  db_subnet_group_name    = aws_db_subnet_group.public_db_subnet_group.name
+  vpc_security_group_ids  = [aws_security_group.keyserver_mariadb_security_group.id]
+  username                = local.mariadb_username
+  password                = local.mariadb_password
+  parameter_group_name    = aws_db_parameter_group.mariadb_parameter_group.name
+  storage_encrypted       = true
+  publicly_accessible     = true
+  port                    = local.mariadb_port
+  skip_final_snapshot     = true
 }
 
 # MariaDB Parameter Group