RDS

resource "aws_security_group" "allow_tls" { name = "hrdkorea-db-sg" description = "Allow TLS inbound traffic and all outbound traffic" vpc_id = aws_vpc.main.id tags = { Name = "hrdkorea-db-sg" } } resource "aws_vpc_security_group_ingress_rule" "allow_tls_ipv4" { security_group_id = aws_security_group.allow_tls.id cidr_ipv4 = aws_vpc.main.cidr_block from_port = 3409 ip_protocol = "tcp" to_port = 3409 } resource "aws_vpc_security_group_egress_rule" "allow_all_traffic_ipv4" { security_group_id = aws_security_group.allow_tls.id cidr_ipv4 = "0.0.0.0/0" ip_protocol = "-1" } resource "aws_db_subnet_group" "db" { name = "hrdkorea-rds-sg" subnet_ids = [ aws_subnet.protect_a.id, aws_subnet.protect_b.id ] tags = { Name = "hrdkorea-sg" } } resource "aws_rds_cluster_parameter_group" "db" { name = "hrdkorea-rds-cpg" description = "hrdkorea-rds-cpg" family = "aurora-mysql8.0" parameter { name = "time_zone" value = "Asia/Seoul" } tags = { Name = "hrdkorea-rds-cpg" } } resource "aws_db_parameter_group" "db" { name = "hrdkorea-rds-pg" description = "hrdkorea-rds-pg" family = "aurora-mysql8.0" tags = { Name = "hrdkorea-rds-pg" } } output "subnet_group" { value = aws_db_subnet_group.db.id } output "security_group"{ value = aws_security_group.allow_tls.id } output "cluster_parameter_group"{ value = aws_rds_cluster_parameter_group.db.name } output "paramter_group"{ value = aws_db_parameter_group.db.name }

resource "aws_rds_global_cluster" "example" { global_cluster_identifier = "hrdkorea-rds" engine = "aurora-mysql" engine_version = "8.0.mysql_aurora.3.05.2" database_name = "hrdkorea-global" lifecycle { ignore_changes = [ "global_cluster_identifier", "engine", "engine_version" ] } } resource "aws_rds_cluster" "primary" { provider = aws.seoul engine = aws_rds_global_cluster.example.engine engine_version = aws_rds_global_cluster.example.engine_version cluster_identifier = "hrdkorea-rds-instance" master_username = "hrdkorea_user" master_password = "Skill53##" db_cluster_parameter_group_name = module.seoul.cluster_parameter_group port = 3409 database_name = "hrdkorea" global_cluster_identifier = aws_rds_global_cluster.example.id db_subnet_group_name = module.seoul.subnet_group vpc_security_group_ids = [module.seoul.security_group] skip_final_snapshot = true lifecycle { ignore_changes = [ "db_subnet_group_name", "cluster_identifier", "db_cluster_parameter_group_name" ] } } resource "aws_rds_cluster_instance" "primary" { provider = aws.seoul engine = aws_rds_global_cluster.example.engine engine_version = aws_rds_global_cluster.example.engine_version db_parameter_group_name = module.seoul.paramter_group identifier = "hrdkorea-rds-instance" cluster_identifier = aws_rds_cluster.primary.id instance_class = "db.r5.large" db_subnet_group_name = module.seoul.subnet_group lifecycle { ignore_changes = [ "db_parameter_group_name", "cluster_identifier", "db_subnet_group_name" ] } } resource "aws_rds_cluster" "secondary" { provider = aws.usa engine = aws_rds_global_cluster.example.engine engine_version = aws_rds_global_cluster.example.engine_version cluster_identifier = "hrdkorea-rds-instance-us" global_cluster_identifier = aws_rds_global_cluster.example.id db_cluster_parameter_group_name = module.seoul.cluster_parameter_group port = 3409 db_subnet_group_name = module.usa.subnet_group vpc_security_group_ids = [module.usa.security_group] skip_final_snapshot = true enable_global_write_forwarding = true depends_on = [ aws_rds_cluster_instance.primary ] lifecycle { ignore_changes = [ "global_cluster_identifier", "db_cluster_parameter_group_name", "db_cluster_parameter_group_name" ] } } resource "aws_rds_cluster_instance" "secondary" { provider = aws.usa engine = aws_rds_global_cluster.example.engine engine_version = aws_rds_global_cluster.example.engine_version db_parameter_group_name = module.usa.paramter_group identifier = "hrdkorea-rds-instance-us" cluster_identifier = aws_rds_cluster.secondary.id instance_class = "db.r5.large" db_subnet_group_name = module.usa.subnet_group lifecycle { ignore_changes = [ "db_parameter_group_name", "cluster_identifier", "db_subnet_group_name" ] } } resource "aws_secretsmanager_secret" "seoul" { provider = aws.seoul name = "mysql/secret" recovery_window_in_days = 0 } resource "aws_secretsmanager_secret" "usa" { provider = aws.usa name = "mysql/secret" recovery_window_in_days = 0 } resource "aws_secretsmanager_secret_version" "seoul" { provider = aws.seoul secret_id = aws_secretsmanager_secret.seoul.id secret_string = jsonencode({ "username" = aws_rds_cluster.primary.master_username "password" = aws_rds_cluster.primary.master_password "engine" = aws_rds_cluster.primary.engine "host" = aws_rds_cluster.primary.endpoint "port" = aws_rds_cluster.primary.port "dbClusterIdentifier" = aws_rds_cluster.primary.cluster_identifier "dbname" = aws_rds_cluster.primary.database_name "aws_region" = "ap-northeast-2" }) } resource "aws_secretsmanager_secret_version" "usa" { provider = aws.usa secret_id = aws_secretsmanager_secret.usa.id secret_string = jsonencode({ "username" = aws_rds_cluster.secondary.master_username "password" = aws_rds_cluster.primary.master_password "engine" = aws_rds_cluster.secondary.engine "host" = aws_rds_cluster.secondary.endpoint "port" = aws_rds_cluster.secondary.port "dbClusterIdentifier" = aws_rds_cluster.secondary.cluster_identifier "dbname" = aws_rds_cluster.secondary.database_name "aws_region" = "us-east-1" }) }

aws rds modify-db-parameter-group \ --region us-east-1 \ --db-parameter-group-name hrdkorea-rds-pg \ --parameters "ParameterName=aurora_replica_read_consistency,ParameterValue=SESSION,ApplyMethod=immediate" > /dev/null

aws rds reboot-db-instance --region us-east-1 --db-instance-identifier hrdkorea-rds-instance-us > /dev/null

mysql -h $RDS_EP -u hrdkorea_user -P 3409 -pSkill53##

create table hrdkorea.customer ( id varchar(255) not null, name varchar(255) not null, gender varchar(255) not null );

create table hrdkorea.product ( id varchar(255) not null, name varchar(255) not null, category varchar(255) not null );