Terraform module for AWS RDS Postgres.
Instances of the module are drafted in examples/.
The tests invoke those instances. The first instance for testing is simply named postgres, and it is referenced below.
terraformOpts := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../examples/postgres"
})
A random password is generated once, encrypted in the remote Terraform state file, added to the Postgres database, and written to the AWS Secrets Manager service. Soon afterward, a Lambda function changes the password in the Secrets Manager and database.
This technique avoids an interrupted, manual process. This creates all the resources in one apply-operation, instead of asking Terraform to target the Secrets Manager resources and create them first, then asking a person to type a password into the console, then asking Terraform to create the rest of the resources.
~/tf-aws-rds $ AWS_PROFILE=name terraform plan