{Terraform} moduleでマルチアカウントマルチリージョンproviderを使用する

参考文献: Terraform Up & Running (Yevgeniy Brikman著)

モジュール使用
マルチアカウント
マルチリージョン

インスタンス01 = アカウント1,ap-northeast-1
インスタンス02 = アカウント2,ap-southeast-1

mac(Monterey)ではTERRAFORM CRASH発生のため、ubuntu(22)で実施

-- 1. 作業ディレクトリ作成

cd ~
mkdir 20231120
cd 20231120

mkdir -p live/dev/db/mysql
mkdir -p modules/db/mysql

-- 2. モジュール作成

cat <<-'EOF' > ~/20231120/modules/db/mysql/variables.tf

variable "db_name" {
description = "db_name"
type = string
default = null
}

variable "db_username" {
description = "db_username"
type = string
sensitive = true
default = null
}

variable "db_password" {
description = "db_password"
type = string
sensitive = true
default = null
}

variable "backup_retention_period" {
description = "backup_retention_period"
type = number
default = null
}

EOF

cat <<-'EOF' > ~/20231120/modules/db/mysql/main.tf

terraform {
required_version = ">= 1.0.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
configuration_aliases = [aws.primary, aws.replica]
}
}
}

resource "aws_db_instance" "instance01" {
identifier = "instance01"
allocated_storage = 10
instance_class = "db.t2.micro"
skip_final_snapshot = true
backup_retention_period = 1
engine = "mysql"
db_name = var.db_name
username = var.db_username
password = var.db_password

provider = aws.primary

}

resource "aws_db_instance" "instance02" {
identifier = "instance02"
allocated_storage = 10
instance_class = "db.t2.micro"
skip_final_snapshot = true
backup_retention_period = 1
engine = "mysql"
db_name = var.db_name
username = var.db_username
password = var.db_password

provider = aws.replica

}

EOF

cat <<-'EOF' > ~/20231120/modules/db/mysql/outputs.tf

output "address01" {
value = aws_db_instance.instance01.address
description = "address01"
}

output "port01" {
value = aws_db_instance.instance01.port
description = "port01"
}

output "arn01" {
value = aws_db_instance.instance01.arn
description = "arn01"
}

output "address02" {
value = aws_db_instance.instance02.address
description = "address02"
}

output "port02" {
value = aws_db_instance.instance02.port
description = "port02"
}

output "arn02" {
value = aws_db_instance.instance02.arn
description = "arn02"
}

EOF

-- 3. メイン処理作成

cat <<-'EOF' > ~/20231120/live/dev/db/mysql/variables.tf

variable "db_username" {
description = "db_username"
type = string
sensitive = true
default = "root"
}

variable "db_password" {
description = "db_password"
type = string
sensitive = true
default = "password"
}

EOF

cat <<-'EOF' > ~/20231120/live/dev/db/mysql/main.tf

terraform {
required_version = ">= 1.0.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
}
}
}

provider "aws" {
region = "ap-northeast-1"
alias = "primary"
}

provider "aws" {
region = "ap-southeast-1"
alias = "replica"
assume_role {
role_arn = "arn:aws:iam::777400620064:role/OrganizationAccountAccessRole"
}
}

module "mysql" {

source = "../../../../modules/db/mysql"

providers = {
aws.primary = aws.primary
aws.replica = aws.replica
}

db_name = "db01"
db_username= var.db_username
db_password= var.db_password
backup_retention_period = 1

}

EOF

cat <<-'EOF' > ~/20231120/live/dev/db/mysql/outputs.tf

output "address01" {
value = module.mysql.address01
description = "address01"
}

output "por01" {
value = module.mysql.port01
description = "por01"
}

output "arn01" {
value = module.mysql.arn01
description = "arn01"
}

output "address02" {
value = module.mysql.address02
description = "address02"
}

output "port02" {
value = module.mysql.port02
description = "port02"
}

output "arn02" {
value = module.mysql.arn02
description = "arn02"
}

EOF

-- 4. 実行

cd ~/20231120/live/dev/db/mysql

terraform init
terraform fmt
terraform -version

terraform apply -auto-approve

terraform destroy -auto-approve