update the aws backup module and add email subscription variable

silinternational · Aug 28, 2024 · 593f971 · 593f971
1 parent bc5d77f
commit 593f971
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 11 deletions.
diff --git a/terraform/032-db-backup/README.md b/terraform/032-db-backup/README.md
@@ -30,6 +30,10 @@ This module is used to run mysqldump and backup files to S3
  - `db_names` - List of database names to backup. Default: `["emailservice", "idbroker", "pwmanager", "ssp"]`
  - `memory` - Memory (RAM) resources to allot to each task instance
  - `service_mode` - Either `backup` or `restore`. Default: `backup`
+ - `enable_aws_backup` - Enable AWS Backup in addition to the scripted backup
+ - `aws_backup_schedule` - Schedule for AWS Backup. Default: `"0 14 * * ? *"`
+ - `aws_backup_notification_events` - List of events names to send to SNS. Default: `["BACKUP_JOB_FAILED"]`
+ - `backup_sns_email` - Email address for backup event SNS subscription. Default: `""` (disabled)
 
 ## Outputs
 

diff --git a/terraform/032-db-backup/main.tf b/terraform/032-db-backup/main.tf
@@ -207,14 +207,15 @@ module "aws_backup" {
   count = var.enable_aws_backup ? 1 : 0
 
   source  = "silinternational/backup/aws"
-  version = "0.1.0"
-
-  app_name            = var.idp_name
-  app_env             = var.app_env
-  source_arns         = [data.aws_db_instance.this.db_instance_arn]
-  backup_schedule     = "cron(${var.aws_backup_cron_schedule})"
-  notification_events = var.aws_backup_notification_events
-  sns_topic_name      = "${var.idp_name}-backup-vault-events"
+  version = "0.2.0"
+
+  app_name               = var.idp_name
+  app_env                = var.app_env
+  source_arns            = [data.aws_db_instance.this.db_instance_arn]
+  backup_schedule        = var.aws_backup_schedule
+  notification_events    = var.aws_backup_notification_events
+  sns_topic_name         = "${var.idp_name}-backup-vault-events"
+  sns_email_subscription = var.backup_sns_email
 }
 
 data "aws_db_instance" "this" {

diff --git a/terraform/032-db-backup/vars.tf b/terraform/032-db-backup/vars.tf
@@ -98,14 +98,20 @@ variable "enable_aws_backup" {
   default     = false
 }
 
-variable "aws_backup_cron_schedule" {
-  description = "cron-type schedule for AWS Backup"
+variable "aws_backup_schedule" {
+  description = "schedule for AWS Backup, in AWS Event Bridge format"
   type        = string
-  default     = "0 14 * * ? *" # Every day at 14:00 UTC, 12-hour offset from backup script
+  default     = "cron(0 14 * * ? *)" # Every day at 14:00 UTC, 12-hour offset from backup script
 }
 
 variable "aws_backup_notification_events" {
   description = "The names of the backup events that should trigger an email notification"
   type        = list(string)
   default     = ["BACKUP_JOB_FAILED"]
 }
+
+variable "backup_sns_email" {
+  description = "Optional: email address to receive backup event notifications"
+  type        = string
+  default     = ""
+}