Best Practices
- Name scheming
Nom des resources = --
- Tagging
Providers
| Name | Version |
|---|---|
| provider-aws-rds | 1.2.1 |
| provider-aws-iam | 1.2.1 |
| provider-aws-ec2 | 1.2.1 |
CompositeResources
Claim example
apiVersion: crossplane.evina/v1alpha1
kind: RDS
metadata:
namespace: crossplane-system
name: claimed-
spec:
compositionRef:
name: rds-composition
parameters:
region:
app:
environment:
engine:
Inputs
| Name | Description | Value | Required |
|---|---|---|---|
| region | AWS Region where the provider will operate | eu-west-1 | Required |
| app | Name of the app (Used for Tagging/Naming) | dcbprotect / karpenter / brandprotect / grafana | Required |
| environment | Environment where the claim will operate (Used for Tag/Naming) | dev / staging / production | Required |
| account | Environment where the claim will operate (Used for Tagging) | 169590266381 | Recommended |
| engineVersion | The engine version to use | 5.7.mysql_aurora.2.11.2 | Required |
| providerConfigRef | Target a specific account | provider-aws-config.yaml | Required |
| instanceClass | Instance used to host the database | db.t3.medium | Required |
Outputs
TODO
- Import and observe all resources from terraform
- Create a managed resources with crossplane
- IAM
- Role
- RDS
- Cluster
- SubnetGroup
- ClusterInstance
- Instance
- ClusterParameterGroup
- ParameterGroup
- EC2
- SecurityGroup
- SecurityGroupRule (Générer une managedResources pour faire le lien entre une compo RDS et APP)
- SecurityGroupIngressRule (Générer une managedResources pour faire le lien entre une compo RDS et APP)
- SecurityGroupEgressRule
- IAM
- Check Tags
- Check when to use Refs
- How to create more instances from claim
- Create a certIdentifier ?
- Ajouter une resource roleAssociation for RDS and IAM role created
- Ajoute automatiquement la description "Managed by terraform" SubnetGroup ??
- Create composition and definition