AWS Postgres

Databases/Cache

Setting up a database is a crucial step in deploying your application. In this section, we'll guide you through creating a PostgreSQL database using AWS's Relational Database Service (RDS) and Terraform.

Understanding RDS

Amazon RDS (Relational Database Service) is a managed service that makes it easy to set up, operate, and scale a relational database in the cloud. RDS handles common database management tasks such as backups, patching, scaling, and high availability, so you can focus on your application's development.

Why Use RDS?

RDS is a great choice if you want to save time on database management. It provides automatic backups, easy scaling, and robust security features, all while freeing you from the overhead of managing the underlying infrastructure.

Step-by-Step: Setting Up a PostgreSQL Database

Let's walk through the process of setting up a PostgreSQL database using Terraform.

Step 1: Set Up the Database Module

The Terraform module for setting up an RDS database handles all the necessary configuration for deploying your database in a secure and scalable way.

module "db" {
  source = "../modules/postgres"
  
  context = {
    namespace = "test"
    stage     = "staging"
    name      = "api"
  }

  vpc = {
    id           = module.vpc.id
    cidr         = module.vpc.cidr
    subnet_group = module.database_subnet.database_subnet_group_id
  }

  identifier = "test"
  db_name    = "database"
  db_user    = "postgres"
  
  parameter_group_family = "postgres16"
  engine_version         = "16.3"
  
  deletion_protection = true
  apply_immediately   = false
}

What This Does:

Context: Organizes your infrastructure resources by namespace, stage, and name, helping you keep track of different environments (e.g., development, staging, production).
VPC Configuration: Specifies where your database will be placed within your VPC (Virtual Private Cloud). This includes the VPC ID, the network range (CIDR), and the specific subnet group where the database will reside.
Identifier and Credentials: Sets a unique identifier for your database instance and defines the database name and user.
Engine and Version: Chooses the database engine (PostgreSQL in this case) and its version.
Protection and Changes: Enables deletion protection to prevent accidental removal and applies configuration changes immediately.

Connection Summary

VPC Module: Provides the VPC ID and network range (CIDR block) to securely contain your database.
Database Subnet Module: Supplies the ID of the subnet group where the database will be hosted.
DB Module: Uses the VPC and subnet details to create a PostgreSQL database with the specified settings, ensuring it's secure and properly configured.

Extra Tips

Security First

Your database is only as secure as its network configuration. By placing the database within a VPC and using specific subnets, you ensure that it is only accessible from trusted parts of your infrastructure.

Apply Immediately

If you're in a development or staging environment, applying changes immediately (apply_immediately = true) is useful for quick iterations. In production, however, you might want to schedule changes during maintenance windows.

Force SSL

If your app does not support ssl rds connection you might need to set

 parameters = {
 "rds.force_ssl" = "0"
 }

Understanding the Components

VPC: A Virtual Private Cloud (VPC) isolates your database from the internet, providing a secure environment.
Subnet Group: A collection of subnets (within your VPC) where the RDS instance is deployed, ensuring high availability across different availability zones.
RDS Instance: The actual database server running PostgreSQL, managed by AWS.

This setup ensures that your PostgreSQL database is securely placed within a VPC, configured according to best practices, and protected against accidental deletion. With these modules and configurations, you can focus on your application while AWS handles the heavy lifting of database management.