bryantbiggs
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/autoscaling/README.md
Lines changed: 2 additions & 2 deletions b/‎examples/autoscaling/README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/autoscaling/versions.tf
Lines changed: 1 addition & 1 deletion b/‎examples/autoscaling/versions.tf
Lines changed: 1 addition & 1 deletion
diff --git a/‎examples/custom_instance_settings/README.md
Lines changed: 2 additions & 2 deletions b/‎examples/custom_instance_settings/README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎examples/custom_instance_settings/versions.tf
Lines changed: 1 addition & 1 deletion b/‎examples/custom_instance_settings/versions.tf
Lines changed: 1 addition & 1 deletion
diff --git a/‎examples/global_cluster/README.md
Lines changed: 85 additions & 0 deletions b/‎examples/global_cluster/README.md
Lines changed: 85 additions & 0 deletions
diff --git a/‎examples/global_cluster/main.tf
Lines changed: 174 additions & 0 deletions b/‎examples/global_cluster/main.tf
Lines changed: 174 additions & 0 deletions
@@ -76,14 +76,14 @@ Terraform documentation is generated automatically using [pre-commit hooks](http
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.30 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.63 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.30 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.63 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2.2 |
 
 ## Modules
 
@@ -20,13 +20,13 @@ Note that this example may create resources which cost money. Run `terraform des
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.8 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.63 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.8 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.63 |
 
 ## Modules
 
 
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.8"
+      version = ">= 3.63"
     }
   }
 }
@@ -20,13 +20,13 @@ Note that this example may create resources which cost money. Run `terraform des
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.8 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.63 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.8 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.63 |
 
 ## Modules
 
 
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.8"
+      version = ">= 3.63"
     }
   }
 }
@@ -0,0 +1,85 @@
+# PostgreSQL Example
+
+Configuration in this directory creates a PostgreSQL Aurora cluster.
+
+## Usage
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.63 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.2 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.63 |
+| <a name="provider_aws.secondary"></a> [aws.secondary](#provider\_aws.secondary) | >= 3.63 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_primary_aurora"></a> [primary\_aurora](#module\_primary\_aurora) | ../../ | n/a |
+| <a name="module_primary_vpc"></a> [primary\_vpc](#module\_primary\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
+| <a name="module_secondary_aurora"></a> [secondary\_aurora](#module\_secondary\_aurora) | ../../ | n/a |
+| <a name="module_secondary_vpc"></a> [secondary\_vpc](#module\_secondary\_vpc) | terraform-aws-modules/vpc/aws | ~> 3.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_kms_key.primary](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
+| [aws_kms_key.secondary](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
+| [aws_rds_global_cluster.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_global_cluster) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_policy_document.rds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+
+## Inputs
+
+No inputs.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_global_cluster_members"></a> [global\_cluster\_members](#output\_global\_cluster\_members) | Set of objects containing Global Cluster members |
+| <a name="output_primary_cluster_database_name"></a> [primary\_cluster\_database\_name](#output\_primary\_cluster\_database\_name) | Name for an automatically created database on cluster creation |
+| <a name="output_primary_cluster_endpoint"></a> [primary\_cluster\_endpoint](#output\_primary\_cluster\_endpoint) | The cluster endpoint |
+| <a name="output_primary_cluster_id"></a> [primary\_cluster\_id](#output\_primary\_cluster\_id) | The ID of the cluster |
+| <a name="output_primary_cluster_instance_dbi_resource_ids"></a> [primary\_cluster\_instance\_dbi\_resource\_ids](#output\_primary\_cluster\_instance\_dbi\_resource\_ids) | A list of all the region-unique, immutable identifiers for the DB instances |
+| <a name="output_primary_cluster_instance_endpoints"></a> [primary\_cluster\_instance\_endpoints](#output\_primary\_cluster\_instance\_endpoints) | A list of all cluster instance endpoints |
+| <a name="output_primary_cluster_instance_ids"></a> [primary\_cluster\_instance\_ids](#output\_primary\_cluster\_instance\_ids) | A list of all cluster instance ids |
+| <a name="output_primary_cluster_master_password"></a> [primary\_cluster\_master\_password](#output\_primary\_cluster\_master\_password) | The master password |
+| <a name="output_primary_cluster_master_username"></a> [primary\_cluster\_master\_username](#output\_primary\_cluster\_master\_username) | The master username |
+| <a name="output_primary_cluster_port"></a> [primary\_cluster\_port](#output\_primary\_cluster\_port) | The port |
+| <a name="output_primary_cluster_reader_endpoint"></a> [primary\_cluster\_reader\_endpoint](#output\_primary\_cluster\_reader\_endpoint) | The cluster reader endpoint |
+| <a name="output_primary_cluster_resource_id"></a> [primary\_cluster\_resource\_id](#output\_primary\_cluster\_resource\_id) | The Resource ID of the cluster |
+| <a name="output_primary_security_group_id"></a> [primary\_security\_group\_id](#output\_primary\_security\_group\_id) | The security group ID of the cluster |
+| <a name="output_secondary_cluster_database_name"></a> [secondary\_cluster\_database\_name](#output\_secondary\_cluster\_database\_name) | Name for an automatically created database on cluster creation |
+| <a name="output_secondary_cluster_endpoint"></a> [secondary\_cluster\_endpoint](#output\_secondary\_cluster\_endpoint) | The cluster endpoint |
+| <a name="output_secondary_cluster_id"></a> [secondary\_cluster\_id](#output\_secondary\_cluster\_id) | The ID of the cluster |
+| <a name="output_secondary_cluster_instance_dbi_resource_ids"></a> [secondary\_cluster\_instance\_dbi\_resource\_ids](#output\_secondary\_cluster\_instance\_dbi\_resource\_ids) | A list of all the region-unique, immutable identifiers for the DB instances |
+| <a name="output_secondary_cluster_instance_endpoints"></a> [secondary\_cluster\_instance\_endpoints](#output\_secondary\_cluster\_instance\_endpoints) | A list of all cluster instance endpoints |
+| <a name="output_secondary_cluster_instance_ids"></a> [secondary\_cluster\_instance\_ids](#output\_secondary\_cluster\_instance\_ids) | A list of all cluster instance ids |
+| <a name="output_secondary_cluster_master_password"></a> [secondary\_cluster\_master\_password](#output\_secondary\_cluster\_master\_password) | The master password |
+| <a name="output_secondary_cluster_master_username"></a> [secondary\_cluster\_master\_username](#output\_secondary\_cluster\_master\_username) | The master username |
+| <a name="output_secondary_cluster_port"></a> [secondary\_cluster\_port](#output\_secondary\_cluster\_port) | The port |
+| <a name="output_secondary_cluster_reader_endpoint"></a> [secondary\_cluster\_reader\_endpoint](#output\_secondary\_cluster\_reader\_endpoint) | The cluster reader endpoint |
+| <a name="output_secondary_cluster_resource_id"></a> [secondary\_cluster\_resource\_id](#output\_secondary\_cluster\_resource\_id) | The Resource ID of the cluster |
+| <a name="output_secondary_security_group_id"></a> [secondary\_security\_group\_id](#output\_secondary\_security\_group\_id) | The security group ID of the cluster |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -0,0 +1,174 @@
+provider "aws" {
+  region = local.primary.region
+}
+
+provider "aws" {
+  alias  = "secondary"
+  region = local.secondary.region
+}
+
+locals {
+  name = "postgresql"
+  primary = {
+    region      = "eu-west-1"
+    cidr_prefix = "10.99"
+  }
+  secondary = {
+    region      = "us-east-1"
+    cidr_prefix = "10.98"
+  }
+  tags = {
+    Owner       = "user"
+    Environment = "dev"
+  }
+}
+
+data "aws_caller_identity" "current" {}
+
+################################################################################
+# Supporting Resources
+################################################################################
+
+module "primary_vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 3.0"
+
+  name = local.name
+  cidr = "${local.primary.cidr_prefix}.0.0/18"
+
+  azs              = ["${local.primary.region}a", "${local.primary.region}b", "${local.primary.region}c"]
+  public_subnets   = ["${local.primary.cidr_prefix}.0.0/24", "${local.primary.cidr_prefix}.1.0/24", "${local.primary.cidr_prefix}.2.0/24"]
+  private_subnets  = ["${local.primary.cidr_prefix}.3.0/24", "${local.primary.cidr_prefix}.4.0/24", "${local.primary.cidr_prefix}.5.0/24"]
+  database_subnets = ["${local.primary.cidr_prefix}.7.0/24", "${local.primary.cidr_prefix}.8.0/24", "${local.primary.cidr_prefix}.9.0/24"]
+
+  tags = local.tags
+}
+
+module "secondary_vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 3.0"
+
+  providers = { aws = aws.secondary }
+
+  name = local.name
+  cidr = "${local.secondary.cidr_prefix}.0.0/18"
+
+  azs              = ["${local.secondary.region}a", "${local.secondary.region}b", "${local.secondary.region}c"]
+  public_subnets   = ["${local.secondary.cidr_prefix}.0.0/24", "${local.secondary.cidr_prefix}.1.0/24", "${local.secondary.cidr_prefix}.2.0/24"]
+  private_subnets  = ["${local.secondary.cidr_prefix}.3.0/24", "${local.secondary.cidr_prefix}.4.0/24", "${local.secondary.cidr_prefix}.5.0/24"]
+  database_subnets = ["${local.secondary.cidr_prefix}.7.0/24", "${local.secondary.cidr_prefix}.8.0/24", "${local.secondary.cidr_prefix}.9.0/24"]
+
+  tags = local.tags
+}
+
+data "aws_iam_policy_document" "rds" {
+  statement {
+    sid       = "Enable IAM User Permissions"
+    actions   = ["kms:*"]
+    resources = ["*"]
+
+    principals {
+      type = "AWS"
+      identifiers = [
+        "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root",
+        data.aws_caller_identity.current.arn,
+      ]
+    }
+  }
+
+  statement {
+    sid = "Allow use of the key"
+    actions = [
+      "kms:Encrypt",
+      "kms:Decrypt",
+      "kms:ReEncrypt*",
+      "kms:GenerateDataKey*",
+      "kms:DescribeKey"
+    ]
+    resources = ["*"]
+
+    principals {
+      type = "Service"
+      identifiers = [
+        "monitoring.rds.amazonaws.com",
+        "rds.amazonaws.com",
+      ]
+    }
+  }
+}
+
+resource "aws_kms_key" "primary" {
+  policy = data.aws_iam_policy_document.rds.json
+  tags   = local.tags
+}
+
+resource "aws_kms_key" "secondary" {
+  provider = aws.secondary
+
+  policy = data.aws_iam_policy_document.rds.json
+  tags   = local.tags
+}
+
+################################################################################
+# RDS Aurora Module
+################################################################################
+
+resource "aws_rds_global_cluster" "this" {
+  global_cluster_identifier = local.name
+  engine                    = "aurora-postgresql"
+  engine_version            = "11.12"
+  database_name             = "example_db"
+  storage_encrypted         = true
+}
+
+module "primary_aurora" {
+  source = "../../"
+
+  name                      = local.name
+  database_name             = aws_rds_global_cluster.this.database_name
+  engine                    = aws_rds_global_cluster.this.engine
+  engine_version            = aws_rds_global_cluster.this.engine_version
+  global_cluster_identifier = aws_rds_global_cluster.this.id
+  instance_type             = "db.r6g.large"
+  kms_key_id                = aws_kms_key.primary.arn
+
+  vpc_id                = module.primary_vpc.vpc_id
+  db_subnet_group_name  = module.primary_vpc.database_subnet_group_name
+  create_security_group = true
+  allowed_cidr_blocks   = module.primary_vpc.private_subnets_cidr_blocks
+
+  replica_count       = 2
+  skip_final_snapshot = true
+
+  tags = local.tags
+}
+
+module "secondary_aurora" {
+  source = "../../"
+
+  providers = { aws = aws.secondary }
+
+  is_primary_cluster = false
+
+  name                      = local.name
+  engine                    = aws_rds_global_cluster.this.engine
+  engine_version            = aws_rds_global_cluster.this.engine_version
+  global_cluster_identifier = aws_rds_global_cluster.this.id
+  source_region             = local.primary.region
+  instance_type             = "db.r6g.large"
+  kms_key_id                = aws_kms_key.secondary.arn
+
+  vpc_id                = module.secondary_vpc.vpc_id
+  db_subnet_group_name  = module.secondary_vpc.database_subnet_group_name
+  create_security_group = true
+  allowed_cidr_blocks   = module.secondary_vpc.private_subnets_cidr_blocks
+
+  replica_count       = 2
+  skip_final_snapshot = true
+
+  depends_on = [
+    module.primary_aurora
+  ]
+
+  tags = local.tags
+}
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ terraform {`
`4`	`4`	`required_providers {`
`5`	`5`	`aws = {`
`6`	`6`	`source = "hashicorp/aws"`
`7`		`- version = ">= 3.8"`
	`7`	`+ version = ">= 3.63"`
`8`	`8`	`}`
`9`	`9`	`}`
`10`	`10`	`}`