Link Search Menu Expand Document



This Provose configuration sets up AWS Aurora MySQL database clusters.


resource "random_password" "my1_password" {
  # AWS RDS passwords must be between 8 and 41 characters
  length = 41
  # This is a list of special characters that can be included in the
  # password. This lits omits characters that often need to be
  # escaped.
  override_special = "()-_=+[]{}<>?"

resource "random_password" "bigmy_password" {
  length           = 41
  override_special = "()-_=+[]{}<>?"

module "myproject" {
  source = ""
  provose_config = {
    authentication = {
      aws = {
        region = "us-east-1"
    name                 = "myproject"
    internal_root_domain = ""
    internal_subdomain   = "production"
  mysql_clusters = {
    # This creates an AWS Aurora MySQL cluster available
    # at the host
    # This host is only available within the VPC.
    my1 = {
      engine_version = "5.7.mysql_aurora.2.08.0"
      database_name  = "exampledb"
      password       = random_password.my1_password.result
      instances = {
        instance_type  = "db.r5.large"
        instance_count = 1
    # This creates a cluster at
    # This host is only available within the VPC.
    bigmy = {
      engine_version = "5.7.mysql_aurora.2.08.0"
      database_name  = "exampledb"
      password       = random_password.bigmy_password.result
      instances = {
        instance_type  = "db.t3.small"
        instance_count = 3


  • instancesRequired. Settings for the AWS RDS instances running the MySQL cluster.

    • instance_typeRequired. The database instance type, like "db.r5.large". The accepted database instance types for AWS Aurora MySQL can be found here on the AWS website.

    • instance_countRequired. The number of database instances in the cluster. Provose requires that all database instances be of the same instance_type.

  • engine_versionRequired. This is the version of the AWS Aurora MySQL cluster. See below to see the supported engine versions for AWS Aurora MySQL.

  • database_nameRequired. The name of the initial database created by AWS RDS. You can create additional databases by logging into the instance with "root" as the username and the password you set below.

  • passwordRequired. The password for the database root user.

  • snapshot_identifierOptional. If set, this is the ARN of the RDS snapshot to create this instance from. If not set, Provose provisions a blank database.

  • apply_immediatelyOptional Defaults to true, which means that changes to the database are applied immediately. If set to false, any changes to the database configuration made through Provose or Terraform will be applied during the database’s next maintenance window. Be careful that making configuration changes can result in a database outage.

  • deletion_protectionOptional. Defaults to true, which is the opposite of the typical Terraform configuration. When set to true, the database cannot be deleted. Set to false if you are okay with deleting this database when running terraform destroy or other commands.


  • mysql_clusters.aws_db_subnet_group.mysql – A mapping of aws_db_subnet_group resources that describe the subnets for every cluster specified. Provose defaults to setting all of the subnets available in the VPC.

  • mysql_clusters.aws_security_group.mysql – An aws_security_group resource that governs access to the MySQL clusters. By default, the database is open to connection from anywhere within the VPC. The database is not accessible to the public Internet.

  • mysql_clusters.aws_rds_cluster.mysql – A mapping of aws_rds_cluster resources for every cluster specified.

  • mysql_clusters.aws_rds_cluster_instance.mysql – A mapping of aws_rds_cluster_instance resources–of every instance in every Aurora MySQl cluster created by Provose.

  • mysql.aws_route53_record.mysql – A mapping of aws_route53_record resources that give a friendly DNS name for every Aurora MySQL cluster specified.

  • mysql.aws_route53_record.mysql__readonly – A mapping of aws_route53_record resources that give a friendly DNS name for the readonly endpoint for every Aurora MySQL cluster specified.

Supported engine versions

You can check which versions of AWS Aurora MySQL are available by running the following AWS CLI command and looking for the EngineVersion keys:

aws rds describe-db-engine-versions --engine aurora-mysql

Currently, the available versions are, in order from newest to oldest:

  • "5.7.mysql_aurora.2.08.0"
  • "5.7.mysql_aurora.2.07.2"
  • "5.7.mysql_aurora.2.07.1"
  • "5.7.mysql_aurora.2.07.0"
  • "5.7.mysql_aurora.2.06.0"
  • "5.7.mysql_aurora.2.05.0"
  • "5.7.mysql_aurora.2.04.8"
  • "5.7.mysql_aurora.2.04.7"
  • "5.7.mysql_aurora.2.04.6"
  • "5.7.mysql_aurora.2.04.5"
  • "5.7.mysql_aurora.2.04.4"
  • "5.7.mysql_aurora.2.04.3"
  • "5.7.mysql_aurora.2.04.2"
  • "5.7.mysql_aurora.2.04.1"
  • "5.7.mysql_aurora.2.04.0"
  • "5.7.mysql_aurora.2.03.4"
  • "5.7.mysql_aurora.2.03.3"
  • "5.7.mysql_aurora.2.03.2"
  • "5.7.12"

After version "5.7.12", AWS changed Aurora MySQL engine versioning to be in the format [compatible mysql version].mysql_aurora.[aurora version].