Merge pull request #5 from particuleio/feat/add-rdb-acl-support

tbobm · web-flow · commit ab1de2f0961d · 2021-10-22T17:56:29.000+02:00
feat: add RDB ACL support
diff --git a/README.md b/README.md
@@ -39,6 +39,7 @@ No modules.
 | Name | Type |
 |------|------|
 | [random_password.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [scaleway_rdb_acl.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/rdb_acl) | resource |
 | [scaleway_rdb_database.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/rdb_database) | resource |
 | [scaleway_rdb_instance.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/rdb_instance) | resource |
 | [scaleway_rdb_user.this](https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/rdb_user) | resource |
diff --git a/acls.tf b/acls.tf
@@ -0,0 +1,14 @@
+resource "scaleway_rdb_acl" "this" {
+  for_each = local.databases
+
+  instance_id = scaleway_rdb_instance.this[each.key].id
+
+  dynamic "acl_rules" {
+    for_each = each.value.acls
+
+    content {
+      ip          = acl_rules.value["ip"]
+      description = acl_rules.value["description"]
+    }
+  }
+}
diff --git a/examples/acls/main.tf b/examples/acls/main.tf
@@ -0,0 +1,26 @@
+module "rdb" {
+  source = "../../"
+
+  databases = {
+    main = {
+      name      = "test-simple-db"
+      node_type = "DB-DEV-S"
+      engine    = "PostgreSQL-11"
+      acls = [
+        {
+          ip          = "1.2.3.4/32"
+          description = "Specific ACL 1"
+        },
+        {
+          ip          = "192.168.1.20/28"
+          description = "Specific ACL 2"
+        }
+      ]
+    }
+  }
+}
+
+output "rdb" {
+  value     = module.rdb.this
+  sensitive = true
+}
diff --git a/locals.tf b/locals.tf
@@ -7,14 +7,22 @@ locals {
       }
     ]
   ])
+  acl_configs = flatten([
+    for database, config in local.databases : [
+      for acl in config.acls : {
+        database = database
+        rule     = acl
+      }
+    ]
+  ])
+  acls_by_database = {
+    for index, config in local.acl_configs :
+    "${config.database}_${index}" => config
+  }
   user_by_database = {
     for config in local.user_configs :
     "${config.database}_${config.user.username}" => config
   }
-  user_computed = {
-    for identifier, config in local.user_by_database :
-    config.database => config...
-  }
   default_database = {
     name      = "default"
     node_type = "DB-DEV-S"
diff --git a/outputs.tf b/outputs.tf
@@ -3,6 +3,7 @@ output "this" {
     for name in keys(var.databases) : name => {
       "instance" = scaleway_rdb_instance.this[name],
       "database" = scaleway_rdb_database.this[name],
+      "acls"     = scaleway_rdb_acl.this[name],
       "users" = [
         for identifier, config in local.user_by_database : {
           "username" : config.user.username,
