Merge pull request #1417 from MakendranG/makendrang-feature-rds-sns-e…

…vent-notification-terraform thanks for the contribution
aws-samples · Jul 10, 2023 · 5244e8a · 5244e8a
2 parents e4f16c2 + e030142
commit 5244e8a
Show file tree

Hide file tree

Showing 3 changed files with 215 additions and 0 deletions.
diff --git a/terraform-rds-sns-event-notification/README.md b/terraform-rds-sns-event-notification/README.md
@@ -0,0 +1,74 @@
+# Amazon RDS to Amazon SNS
+
+RDS Event Subscriptions allow users to configure notifications for RDS Events (provided through an SNS topic). This template configures an event subscription for failure, low storage, and availability event categories for RDS Instances.
+
+Learn more about this pattern at Serverless Land Patterns:https://serverlessland.com/patterns/terraform-rds-sns-event-notification
+
+Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
+
+## Requirements
+
+- [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
+- [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured
+- [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+- [Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli?in=terraform/aws-get-started) installed
+- [AWS Serverless Application Model](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) (AWS SAM) installed
+- [Create an RDS Instance and copy Name of RDS Instance somewhere in notes. You will need it during template deployment](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html#USER_CreateDBInstance.Creating)
+
+## Deployment Instructions
+
+1. Create a new directory, navigate to that directory in a terminal and clone the GitHub repository:
+   ```
+   git clone https://github.com/aws-samples/serverless-patterns
+   ```
+1. Change directory to the pattern directory:
+   ```
+   cd terraform-rds-sns-event-notification
+   ```
+1. From the command line, initialize terraform to  to downloads and installs the providers defined in the configuration:
+    ```
+    terraform init
+    ```
+1. From the command line, apply the configuration in the main.tf file:
+    ```
+    terraform apply
+    ```
+1. During the prompts:
+
+   - Enter the desired AWS Account
+   - Provide name of RDS Instance you created during Deployment instructions
+   - Provide your email address to receive notification from Amazon SNS
+   - Enter yes
+
+1. Note the outputs from the deployment process. These contain the resource names and/or ARNs which are used for testing.
+
+## How it works
+
+RDS Event Subscriptions allow users to configure notifications for RDS Events (provided through an SNS topic). This template configures an event subscription for failure, low storage, and availability event categories for RDS Instances.
+
+## Testing
+
+Once the terraform deployment is successful, first thing to do is to confirm the Email subscription. You will receive an email to confirm it. Then go to RDS console. Select the RDS Instance you have created. Stop the Instance and Restart it again. You will receive a notification related to it on your Email Address. Moving forward, you will receive failure, low storage, and availability events that happen on your RDS Instance.
+
+## Cleanup
+
+1. Change directory to the pattern directory:
+    ```
+    cd terraform-rds-sns-event-notification
+    ```
+1. Delete all created resources by terraform
+    ```bash
+    terraform destroy
+    ```
+1. During the prompts:
+    * Enter yes
+1. Confirm all created resources has been deleted
+    ```bash
+    terraform show
+    ```
+
+---
+
+Copyright 2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+SPDX-License-Identifier: MIT-0
diff --git a/terraform-rds-sns-event-notification/example-pattern.json b/terraform-rds-sns-event-notification/example-pattern.json
@@ -0,0 +1,57 @@
+{
+	"title": "RDS Instance Event Subscription for Failure, Low Storage and Availability Events",
+	"description": "RDS Event Subscriptions allow users to configure notifications for RDS Events (provided through an SNS topic). This template configures an event subscription for failure, low storage, and availability event categories for RDS Instances.",
+	"language": "YAML",
+	"level": "200",
+	"framework": "Terraform",
+	"introBox": {
+		"headline": "How it works",
+		"text": [
+			"RDS Event Subscriptions allow users to configure notifications for RDS Events (provided through an SNS topic). This template configures an event subscription for failure, low storage, and availability event categories for RDS Instances."
+		]
+	},
+	"gitHub": {
+		"template": {
+			"repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/terraform-rds-sns-event-notification",
+			"templateURL": "serverless-patterns/terraform-rds-sns-event-notification",
+			"projectFolder": "terraform-rds-sns-event-notification",
+			"templateFile": "terraform-rds-sns-event-notification/main.tf"
+		}
+	},
+	"resources": {
+		"bullets": [
+			{
+				"text": "Working with Amazon RDS event notification",
+				"link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html"
+			},
+			{
+				"text": "Creating an Amazon RDS DB instance",
+				"link": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html#USER_CreateDBInstance.Creating"
+			}
+		]
+	},
+	"deploy": {
+		"text": [
+		          "terraform init",
+		          "terraform apply"
+		        ]
+	},
+	"testing": {
+		"text": ["See the Github repo for detailed testing instructions."]
+	},
+	"cleanup": {
+		"text": [
+		          "terraform destroy",
+		          "terraform show"
+		        ]
+	},
+	"authors": [
+		{
+			"name": "Makendran G",
+			"image": "https://drive.google.com/file/d/1mUObnbmn52UWL-Zn39EpgpneiBNv3LCN/view?usp=sharing",
+			"bio": "Cloud Support Engineer @ AWS",
+			"linkedin": "https://www.linkedin.com/in/makendran",
+			"twitter": "@MakendranG"
+		}
+	]
+}
diff --git a/terraform-rds-sns-event-notification/main.tf b/terraform-rds-sns-event-notification/main.tf
@@ -0,0 +1,84 @@
+provider "aws" {
+  region = "us-east-1"
+}
+
+variable "rds_instance_name" {
+  description = "Provide name of your existing RDS Instance for which you want to receive event notifications"
+}
+
+variable "sns_endpoint" {
+  description = "Provide your email address to receive notification from SNS"
+}
+
+variable "aws_account_id" {
+  description = "Your AWS Account ID"
+}
+
+resource "aws_sns_topic" "sns_for_rds_event_subscription" {
+  name = "rds-subscription-topic"
+}
+
+resource "aws_sns_topic_subscription" "sns_subscription" {
+  topic_arn = aws_sns_topic.sns_for_rds_event_subscription.arn
+  protocol  = "email"
+  endpoint  = var.sns_endpoint
+}
+
+resource "aws_sns_topic_policy" "sns_topic_policy" {
+  arn    = aws_sns_topic.sns_for_rds_event_subscription.arn
+  policy = jsonencode({
+    Version   = "2012-10-17"
+    Statement = [
+      {
+        Sid       = "__default_statement_ID"
+        Effect    = "Allow"
+        Principal = { AWS = var.aws_account_id }
+        Action    = [
+          "SNS:GetTopicAttributes",
+          "SNS:SetTopicAttributes",
+          "SNS:AddPermission",
+          "SNS:RemovePermission",
+          "SNS:DeleteTopic",
+          "SNS:Subscribe",
+          "SNS:ListSubscriptionsByTopic",
+          "SNS:Publish",
+          "SNS:Receive",
+        ]
+        Resource = aws_sns_topic.sns_for_rds_event_subscription.arn
+        Condition = {
+          StringEquals = {
+            "AWS:SourceOwner" = var.aws_account_id
+          }
+        }
+      },
+      {
+        Sid       = "TrustRDSToPublishEventsToMyTopic"
+        Effect    = "Allow"
+        Principal = { Service = "events.rds.amazonaws.com" }
+        Action    = "sns:Publish"
+        Resource  = aws_sns_topic.sns_for_rds_event_subscription.arn
+      },
+    ]
+  })
+}
+
+resource "aws_db_event_subscription" "rds_event_subscription" {
+  name           = "RDS-Event-Subscription"
+  sns_topic  = aws_sns_topic.sns_for_rds_event_subscription.arn
+  source_ids     = [var.rds_instance_name]
+  source_type    = "db-instance"
+  event_categories = [
+    "failure",
+    "low storage",
+    "availability",
+  ]
+}
+
+output "sns_topic_name" {
+  value       = aws_sns_topic.sns_for_rds_event_subscription.name
+  description = "SNS topic name"
+}
+
+output "rds_instance_name" {
+  value = var.rds_instance_name
+}