using ec2

Author: rabianadeem-121

terraform/ec2.tf

@@ -1,9 +1,3 @@
-// ...existing code...
-variable "key_name" {
-  description = "Name of the EC2 key pair to attach to the instance (must exist in the AWS region)"
-  type        = string
-}
-
 resource "aws_instance" "api_server" {
   ami           = data.aws_ami.amazon_linux.id
   instance_type = "t3.micro"
@@ -12,6 +6,7 @@ resource "aws_instance" "api_server" {
   iam_instance_profile  = aws_iam_instance_profile.ec2_profile.name
   key_name = var.key_name
 
+  # <-- THIS IS WHERE THE EC2 CONNECTS TO RDS VIA USER DATA
   user_data = <<-EOF
     #!/bin/bash
     yum update -y
@@ -20,14 +15,28 @@ resource "aws_instance" "api_server" {
     systemctl enable docker
     usermod -aG docker ec2-user
 
+    # Environment variables for RDS
+    export DB_HOST=${aws_db_instance.postgres.address}
+    export DB_PORT=5432
+    export DB_USER=${var.db_username}
+    export DB_PASS=${var.db_password}
+    export DB_NAME=mydb
+    export PORT=3000
+
+    # Login to ECR and run Docker container
     aws ecr get-login-password --region ap-south-1 \
       | docker login --username AWS --password-stdin ${aws_ecr_repository.node_api.repository_url}
 
     docker pull ${aws_ecr_repository.node_api.repository_url}:latest
-
     docker run -d \
       -p 3000:3000 \
       --name node-api \
+      -e DB_HOST=$DB_HOST \
+      -e DB_PORT=$DB_PORT \
+      -e DB_USER=$DB_USER \
+      -e DB_PASS=$DB_PASS \
+      -e DB_NAME=$DB_NAME \
+      -e PORT=$PORT \
       ${aws_ecr_repository.node_api.repository_url}:latest
   EOF
 

terraform/outputs.tf

@@ -0,0 +1,7 @@
+output "rds_endpoint" {
+  value = aws_db_instance.postgres.address
+}
+
+output "api_url" {
+  value = "http://${aws_instance.api_server.public_ip}:3000/users"
+}

terraform/rds.tf

@@ -0,0 +1,20 @@
+resource "aws_db_subnet_group" "rds_subnet_group" {
+  name       = "rds-subnet-group"
+  subnet_ids = [aws_subnet.public.id, aws_subnet.private.id] # or private only
+}
+
+resource "aws_db_instance" "postgres" {
+  identifier              = "node-api-db"
+  allocated_storage       = 20
+  engine                  = "postgres"
+  engine_version          = "15.3"
+  instance_class          = "db.t3.micro"
+  db_name                    = "mydb"
+  username                = var.db_username
+  password                = var.db_password
+  db_subnet_group_name    = aws_db_subnet_group.rds_subnet_group.name
+  vpc_security_group_ids  = [aws_security_group.rds_sg.id]
+  skip_final_snapshot     = true
+  publicly_accessible     = false
+  deletion_protection     = false
+}

terraform/security_groups.tf

@@ -24,3 +24,22 @@ resource "aws_security_group" "ec2_sg" {
     cidr_blocks = ["0.0.0.0/0"]
   }
 }
+
+resource "aws_security_group" "rds_sg" {
+  name        = "rds-sg"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port   = 5432
+    to_port     = 5432
+    protocol    = "tcp"
+    security_groups = [aws_security_group.ec2_sg.id] # allow EC2 access
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+}

terraform/variables.tf

@@ -0,0 +1,16 @@
+variable "key_name" {
+  description = "Name of the EC2 key pair to attach to the instance (must exist in the AWS region)"
+  type        = string
+}
+// ...existing code...
+variable "db_username" {
+  description = "Master username for the RDS instance"
+  type        = string
+  default = appuser
+}
+
+variable "db_password" {
+  description = "Master password for the RDS instance (sensitive)"
+  type        = string
+  sensitive   = true
+}