Database Access

Security groups for database servers allowing access only from application tier security groups.

PostgreSQL Database

module "postgres_sg" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/security-group/aws"
  version = "1.2.0"

  name   = "postgres-database"
  vpc_id = module.vpc.vpc_id

  ingress_rules = [
    {
      from_port       = 5432
      to_port         = 5432
      protocol        = "tcp"
      security_groups = [module.app_sg.security_group_id]
      description     = "PostgreSQL from application tier"
    }
  ]

  egress_rules = []
}

MySQL Database

module "mysql_sg" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/security-group/aws"
  version = "1.2.0"

  name   = "mysql-database"
  vpc_id = module.vpc.vpc_id

  ingress_rules = [
    {
      from_port       = 3306
      to_port         = 3306
      protocol        = "tcp"
      security_groups = [module.app_sg.security_group_id]
      description     = "MySQL from application tier"
    }
  ]

  egress_rules = []
}

Multi-Database Access

Allow both MySQL and PostgreSQL from the same application tier:

module "multi_db_sg" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/security-group/aws"
  version = "1.2.0"

  name   = "multi-database"
  vpc_id = module.vpc.vpc_id

  ingress_rules = [
    {
      from_port       = 3306
      to_port         = 3306
      protocol        = "tcp"
      security_groups = [module.app_sg.security_group_id]
      description     = "MySQL access"
    },
    {
      from_port       = 5432
      to_port         = 5432
      protocol        = "tcp"
      security_groups = [module.app_sg.security_group_id]
      description     = "PostgreSQL access"
    }
  ]

  egress_rules = []
}