My Saved Presets
You must be logged in to view saved presets

Loading Library ...

Complete AWS RDS Export Task Setup

This comprehensive template includes setup for S3 buckets, IAM roles, policies, KMS keys, RDS instances, snapshots, and an RDS export task with specific configurations.

example

aws_db_instance


blue_green_update







domain_dns_ips




enabled_cloudwatch_logs_exports

















restore_to_point_in_time




s3_import








vpc_security_group_ids

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_db_snapshot



shared_accounts

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_iam_policy






depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_iam_role



inline_policy



managed_policy_arns





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_iam_role_policy_attachment



depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_kms_key





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_rds_export_task






export_only


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_s3_bucket


grant

permissions


cors_rule

allowed_headers

allowed_methods

allowed_origins

expose_headers

lifecycle_rule


expiration

transition


noncurrent_version_expiration
noncurrent_version_transition

logging


object_lock_configuration

rule
apply_server_side_encryption_by_default


replication_configuration

rules
destination



access_control_translation


replication_time
metrics
filter



source_selection_criteria
sse_kms_encrypted_objects
server_side_encryption_configuration
rule
apply_server_side_encryption_by_default

versioning
website



routing_rules

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_s3_bucket_acl


access_control_policy
grant
grantee




owner





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_iam_policy_document

override_policy_documents


source_policy_documents

statement

actions

condition


values


not_actions

not_principals

identifiers

not_resources

principals

identifiers

resources


actions

condition


values


not_actions

not_principals

identifiers

not_resources

principals

identifiers

resources


actions

condition


values


not_actions

not_principals

identifiers

not_resources

principals

identifiers

resources


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

data "aws_iam_policy_document" "example" {

  statement {
    actions = ["s3:ListAllMyBuckets"]
    resources = [*]
  }

  statement {
    actions = ["s3:GetBucketLocation", "s3:ListBucket"]
    resources = [aws_s3_bucket.example.arn]
  }

  statement {
    actions = ["s3:GetObject", "s3:PutObject", "s3:DeleteObject"]
    resources = ["${aws_s3_bucket.example.arn}/*"]
  }
}

resource "aws_db_instance" "example" {
  allocated_storage = 10
  db_name = "test"
  engine = "mysql"
  engine_version = "5.7"
  identifier = "example"
  instance_class = "db.t3.micro"
  parameter_group_name = "default.mysql5.7"
  password = "foobarbaz"
  skip_final_snapshot = true
  username = "foo"
}

resource "aws_db_snapshot" "example" {
  db_instance_identifier = aws_db_instance.example.identifier
  db_snapshot_identifier = "example"
}

resource "aws_iam_policy" "example" {
  name = "example"
  policy = data.aws_iam_policy_document.example.json
}

resource "aws_iam_role" "example" {
  assume_role_policy = jsonencode({
 Version = "2012-10-17"
 Statement = [
 {
 Action = "sts:AssumeRole"
 Effect = "Allow"
 Sid = ""
 Principal = {
 Service = "export.rds.amazonaws.com"
 }
 },
 ]
 })
  name = "example"
}

resource "aws_iam_role_policy_attachment" "example" {
  policy_arn = aws_iam_policy.example.arn
  role = aws_iam_role.example.name
}

resource "aws_kms_key" "example" {
  deletion_window_in_days = 10
}

resource "aws_rds_export_task" "example" {
  export_only = ["database"]
  export_task_identifier = "example"
  iam_role_arn = aws_iam_role.example.arn
  kms_key_id = aws_kms_key.example.arn
  s3_bucket_name = aws_s3_bucket.example.id
  s3_prefix = "my_prefix/example"
  source_arn = aws_db_snapshot.example.db_snapshot_arn
}

resource "aws_s3_bucket" "example" {
  bucket = "example"
  force_destroy = true
}

resource "aws_s3_bucket_acl" "example" {
  acl = "private"
  bucket = aws_s3_bucket.example.id
}

© 2024 asecurecloud. All rights reserved.