From 1fece0f6ddaf04ecb0de6f8c887339f1554b7a67 Mon Sep 17 00:00:00 2001 From: RoseSecurity Date: Wed, 29 Oct 2025 21:35:38 -0400 Subject: [PATCH 1/2] feat(terraform): add database_insights_mode variable Upgrade rds-cluster module to v2.3.0 and introduce the database_insights_mode variable to support configuring RDS cluster insights mode. Adds validation for allowed values ("standard", "advanced") and updates module usage accordingly. --- src/cluster-regional.tf | 3 ++- src/variables.tf | 11 +++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/src/cluster-regional.tf b/src/cluster-regional.tf index 40a7b18..1558080 100644 --- a/src/cluster-regional.tf +++ b/src/cluster-regional.tf @@ -5,7 +5,7 @@ # https://www.terraform.io/docs/providers/aws/r/rds_cluster.html module "aurora_postgres_cluster" { source = "cloudposse/rds-cluster/aws" - version = "2.2.0" + version = "2.3.0" cluster_type = "regional" engine = var.engine @@ -39,6 +39,7 @@ module "aurora_postgres_cluster" { enhanced_monitoring_role_enabled = var.enhanced_monitoring_role_enabled enhanced_monitoring_attributes = var.enhanced_monitoring_attributes performance_insights_enabled = var.performance_insights_enabled + database_insights_mode = var.database_insights_mode rds_monitoring_interval = var.rds_monitoring_interval autoscaling_enabled = var.autoscaling_enabled autoscaling_policy_type = var.autoscaling_policy_type diff --git a/src/variables.tf b/src/variables.tf index cb4d8cc..55f1615 100644 --- a/src/variables.tf +++ b/src/variables.tf @@ -194,6 +194,17 @@ variable "performance_insights_enabled" { description = "Whether to enable Performance Insights" } +variable "database_insights_mode" { + type = string + description = "The database insights mode for the RDS cluster. Valid values are `standard`, `advanced`. See https://registry.terraform.io/providers/hashicorp/aws/6.16.0/docs/resources/rds_cluster#database_insights_mode-1" + default = null + + validation { + condition = contains(["standard", "advanced"], var.database_insights_mode) + error_message = "Allowed values: `standard`, `advanced`." + } +} + variable "enhanced_monitoring_role_enabled" { type = bool description = "A boolean flag to enable/disable the creation of the enhanced monitoring IAM role. If set to `false`, the module will not create a new role and will use `rds_monitoring_role_arn` for enhanced monitoring" From 373e26015b537dfec59a456833fef86dfff6eaaa Mon Sep 17 00:00:00 2001 From: RoseSecurity Date: Wed, 29 Oct 2025 21:40:58 -0400 Subject: [PATCH 2/2] fix: remove validation --- src/variables.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/src/variables.tf b/src/variables.tf index 55f1615..05d4343 100644 --- a/src/variables.tf +++ b/src/variables.tf @@ -198,11 +198,6 @@ variable "database_insights_mode" { type = string description = "The database insights mode for the RDS cluster. Valid values are `standard`, `advanced`. See https://registry.terraform.io/providers/hashicorp/aws/6.16.0/docs/resources/rds_cluster#database_insights_mode-1" default = null - - validation { - condition = contains(["standard", "advanced"], var.database_insights_mode) - error_message = "Allowed values: `standard`, `advanced`." - } } variable "enhanced_monitoring_role_enabled" {