chore: Update RDS instance connection retrieval and output in example-rds-instance.tf

Author: ulises-jeremias

.github/workflows/tf-docs.yml

@@ -24,7 +24,7 @@ jobs:
       - name: Render terraform docs inside modules
         uses: terraform-docs/[email protected]
         with:
-          working-dir: modules/amplify-app,modules/bastion,modules/mongodb,modules/rds,modules/rds-aurora,modules/vpc,live/terraform-backend,live/common-infra
+          working-dir: modules/amplify-app,modules/bastion,modules/mongodb,modules/rds,modules/rds-aurora,modules/vpc,live/terraform-backend,live/core-networking,live/common-infra,live/terraform-backend
           output-file: docs/MODULE.md
           output-method: replace
           git-push: "true"

README.md

@@ -72,8 +72,9 @@ It is recommended to create a separate directory for each domain that you want t
 
 | Module                                                                | Description                                                                                                              |
 | :-------------------------------------------------------------------- | :----------------------------------------------------------------------------------------------------------------------- |
-| [Common Infrastructure](./live/common-infra/README.md)                | Terraform module for managing common infrastructure components such as VPC, subnets, security groups, and RDS instances. |
 | [Terraform Backend Configuration](./live/terraform-backend/README.md) | Terraform module for setting up the S3 backend.                                                                          |
+| [Core Networking](./live/core-networking/README.md)                   | Terraform module for managing core networking components such as VPC, subnets, and security groups.                     |
+| [Common Infrastructure](./live/common-infra/README.md)                | Terraform module for managing common infrastructure components such as RDS instances, S3 buckets, and IAM roles.        |
 
 ## Terraform Modules
 

live/common-infra/README.md

@@ -6,9 +6,6 @@
 
 - ✨ Comprehensive Root Terraform module for quick deployment.
 - 🗄️ Configured to use an external S3 bucket for Terraform state management with a DynamoDB table for state locking.
-- 🌐 Highly available VPC setup with public and private subnets across multiple availability zones.
-- 🔒 Configured security groups for bastion hosts and databases.
-- 🔑 Bastion host setup for secure access to internal services.
 - 🐘 RDS Postgres setup for reliable database services.
 - 🔒 Utilization of AWS Secrets Manager for secure storage of database credentials.
 - 🔧 Use of SSM Parameter Store for managing network and service parameters.
@@ -91,74 +88,7 @@
 
 After successfully deploying the infrastructure, follow these steps to test the deployment and ensure everything is working as expected:
 
-### Accessing the Parameter Store
-
-Retrieve stored values, such as the VPC ID, using the AWS Parameter Store:
-
-```bash
-# Retrieve the parameter value from the AWS Parameter Store
-vpc_id_parameter_name=$(terraform output -json | jq -r '.ssm_parameter_vpc_id.value')
-vpc_id=$(aws ssm get-parameter --name "$vpc_id_parameter_name" --query 'Parameter.Value' --output text)
-
-# Print the value
-echo "VPC ID: $vpc_id"
-```
-
-### Connecting to the Bastion Host
-
-To establish a secure connection with the bastion host, follow these steps:
-
-#### Obtain Required Information
-
-First, you need to gather some essential information:
-
-- Bastion SSH Parameter Name
-- Bastion Instance ID
-
-You can retrieve these values using Terraform:
-
-```bash
-bastion_ssh_parameter_name=$(terraform output -json | jq -r '.ssm_parameter_bastion_ssh_key.value')
-bastion_instance_id=$(terraform output -json | jq -r '.bastion_instance_id.value')
-```
-
-#### Generate .pem file with the ssh key
-
-```bash
-aws ssm get-parameter --name "$bastion_ssh_parameter_name" --with-decryption --query 'Parameter.Value' --output text > /tmp/ssh_key.pem
-chmod 400 /tmp/ssh_key.pem
-```
-
-#### Retrieve bastion's public IP
-
-```bash
-bastion_public_ip=$(aws ec2 describe-instances --instance-ids "$bastion_instance_id" --query 'Reservations[0].Instances[0].PublicIpAddress' --output text | tr '.' '-')
-
-# Print the value
-echo "Bastion IP: $bastion_public_ip"
-```
-
-#### Connect to Bastion Host
-
-```bash
-ssh -i "/tmp/ssh_key.pem" ubuntu@ec2-"$bastion_public_ip".compute.amazonaws.com
-```
-
-Ensure that you can access the database from the bastion host and verify that Docker is functioning correctly.
-
-#### Testing Docker and Internet Access
-
-To verify internet access and Docker functionality, execute the following commands:
-
-```bash
-# Test Internet Access
-ping -c 3 google.com
-
-# Test Docker
-docker run -it --rm hello-world
-```
-
-#### Connecting to the Database
+### Connecting to the Database
 
 To connect to the database from the bastion host, retrieve the connection information from AWS Secrets Manager. Follow these steps:
 

live/common-infra/configs/prod.tfvars

@@ -9,10 +9,9 @@ tags = {
   "Environment" = "prod"
 }
 
-# AWS settings
+# Core Networking settings
 
-vpc_cidr_block = "10.0.0.0/16"
-enable_bastion = false
+core_networking_ssm_parameter_prefix = "/nan-core-networking-prod"
 
 # RDS Database settings
 

live/common-infra/configs/staging.tfvars

@@ -9,10 +9,9 @@ tags = {
   "Environment" = "prod"
 }
 
-# AWS settings
+# Core Networking settings
 
-vpc_cidr_block = "10.0.0.0/16"
-enable_bastion = false
+core_networking_ssm_parameter_prefix = "/nan-core-networking-staging"
 
 # RDS Database settings
 

live/common-infra/vpc.tf

@@ -1,44 +1,16 @@
-variable "vpc_cidr_block" {
-  description = "CIDR block for the VPC"
+variable "core_networking_ssm_parameter_prefix" {
+  description = "The SSM parameter prefix for core networking parameters"
   type        = string
-  default     = "10.0.0.0/16"
 }
 
-module "vpc" {
-  source             = "../../modules/vpc"
-  name               = module.label.id
-  vpc_cidr_block     = var.vpc_cidr_block
-  tags               = module.label.tags
-  enable_nat_gateway = true
-  single_nat_gateway = true
+data "aws_ssm_parameter" "vpc_id" {
+  name = "${var.core_networking_ssm_parameter_prefix}/vpc_id"
 }
 
-output "ssm_parameter_vpc_id" {
-  description = "name of the ssm parameter for the vpc id"
-  value       = module.vpc.ssm_parameter_vpc_id
+data "aws_ssm_parameter" "app_subnets" {
+  name = "${var.core_networking_ssm_parameter_prefix}/app_subnets"
 }
 
-output "ssm_parameter_public_subnets" {
-  description = "name of the ssm parameter for the public subnets"
-  value       = module.vpc.ssm_parameter_public_subnets
-}
-
-output "ssm_parameter_private_subnets" {
-  description = "name of the ssm parameter for the private subnets"
-  value       = module.vpc.ssm_parameter_private_subnets
-}
-
-output "ssm_parameter_database_subnets" {
-  description = "name of the ssm parameter for the database subnets"
-  value       = module.vpc.ssm_parameter_database_subnets
-}
-
-output "ssm_parameter_app_subnets" {
-  description = "name of the ssm parameter for the app subnets"
-  value       = module.vpc.ssm_parameter_app_subnets
-}
-
-output "ssm_parameter_app_security_group" {
-  description = "name of the ssm parameter for the app security group"
-  value       = module.vpc.ssm_parameter_app_security_group
+data "aws_ssm_parameter" "database_subnets" {
+  name = "${var.core_networking_ssm_parameter_prefix}/database_subnets"
 }