faudeltn/stopstartrdsinstance.tf

## stopstartrdsinstance.tf
###### IAM ROLE AND POLICIES ######

resource "aws_iam_role" "example" {
  name               = "mytest-schedule-role"
  assume_role_policy = data.aws_iam_policy_document.eventbridge_scheduler_assume.json
}

data "aws_iam_policy_document" "eventbridge_scheduler_assume" {
  statement {
    effect = "Allow"

    actions = [
      "sts:AssumeRole",
    ]

    principals {
      type = "Service"
      identifiers = [
        "scheduler.amazonaws.com",
      ]
    }
  }
}

resource "aws_iam_role_policy" "example_policy" {

  name  = "mytest-schedule-policy"
  role  = aws_iam_role.example.id

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = [
          "rds:Describe*",
          "rds:StartDBInstance",
          "rds:StopDBInstance",
          "ssm:StartAutomationExecution",
          "tag:GetResources",
          "resource-groups:ListGroupResources"
        ]
        Effect   = "Allow"
        Resource = "*"
      },
    ]
  })
}


##### EVENTBRDIGE SCHEDULER ########

resource "aws_scheduler_schedule_group" "example" {
  name = "mytest-schedule"
}

### https://registry.terraform.io/providers/hashicorp/aws/4.57.1/docs/resources/scheduler_schedule
resource "aws_scheduler_schedule" "stop" {
  name        = "mytest-schedule-stoprds"
  group_name  = aws_scheduler_schedule_group.example.name
  description = "just for testing ignore me please"

  flexible_time_window {
    mode = "OFF"
  }

  schedule_expression          = "cron(00 19 ? * MON-FRI *)"
  schedule_expression_timezone = "Europe/Rome"

  target {
    arn      = "arn:aws:scheduler:::aws-sdk:ssm:startAutomationExecution"
    role_arn = aws_iam_role.example.arn

    retry_policy {
      maximum_retry_attempts = 0
    }

    input = jsonencode(
      {
        DocumentName        = "AWS-StopRdsInstance"
        TargetParameterName = "InstanceId"
        MaxConcurrency      = "100%"
        Targets = [{
          Key    = "tag:AutoStopStart"
          Values = ["true"]
        }]
      }
    )
  }

}

resource "aws_scheduler_schedule" "start" {
  name        = "mytest-schedule-startrds"
  group_name  = aws_scheduler_schedule_group.example.name
  description = "just for testing ignore me please"

  flexible_time_window {
    mode = "OFF"
  }

  schedule_expression          = "cron(00 09 ? * MON-FRI *)"
  schedule_expression_timezone = "Europe/Rome"

  target {
    arn      = "arn:aws:scheduler:::aws-sdk:ssm:startAutomationExecution"
    role_arn = aws_iam_role.example.arn

    retry_policy {
      maximum_retry_attempts = 0
    }

    input = jsonencode(
      {
        DocumentName        = "AWS-StartRdsInstance"
        TargetParameterName = "InstanceId"
        MaxConcurrency      = "100%"
        Targets = [{
          Key    = "tag:AutoStopStart"
          Values = ["true"]
        }]
      }
    )
  }

}
	###### IAM ROLE AND POLICIES ######

	resource "aws_iam_role" "example" {
	name = "mytest-schedule-role"
	assume_role_policy = data.aws_iam_policy_document.eventbridge_scheduler_assume.json
	}

	data "aws_iam_policy_document" "eventbridge_scheduler_assume" {
	statement {
	effect = "Allow"

	actions = [
	"sts:AssumeRole",
	]

	principals {
	type = "Service"
	identifiers = [
	"scheduler.amazonaws.com",
	]
	}
	}
	}

	resource "aws_iam_role_policy" "example_policy" {

	name = "mytest-schedule-policy"
	role = aws_iam_role.example.id

	policy = jsonencode({
	Version = "2012-10-17"
	Statement = [
	{
	Action = [
	"rds:Describe*",
	"rds:StartDBInstance",
	"rds:StopDBInstance",
	"ssm:StartAutomationExecution",
	"tag:GetResources",
	"resource-groups:ListGroupResources"
	]
	Effect = "Allow"
	Resource = "*"
	},
	]
	})
	}


	##### EVENTBRDIGE SCHEDULER ########

	resource "aws_scheduler_schedule_group" "example" {
	name = "mytest-schedule"
	}

	### https://registry.terraform.io/providers/hashicorp/aws/4.57.1/docs/resources/scheduler_schedule
	resource "aws_scheduler_schedule" "stop" {
	name = "mytest-schedule-stoprds"
	group_name = aws_scheduler_schedule_group.example.name
	description = "just for testing ignore me please"

	flexible_time_window {
	mode = "OFF"
	}

	schedule_expression = "cron(00 19 ? * MON-FRI *)"
	schedule_expression_timezone = "Europe/Rome"

	target {
	arn = "arn:aws:scheduler:::aws-sdk:ssm:startAutomationExecution"
	role_arn = aws_iam_role.example.arn

	retry_policy {
	maximum_retry_attempts = 0
	}

	input = jsonencode(
	{
	DocumentName = "AWS-StopRdsInstance"
	TargetParameterName = "InstanceId"
	MaxConcurrency = "100%"
	Targets = [{
	Key = "tag:AutoStopStart"
	Values = ["true"]
	}]
	}
	)
	}

	}

	resource "aws_scheduler_schedule" "start" {
	name = "mytest-schedule-startrds"
	group_name = aws_scheduler_schedule_group.example.name
	description = "just for testing ignore me please"

	flexible_time_window {
	mode = "OFF"
	}

	schedule_expression = "cron(00 09 ? * MON-FRI *)"
	schedule_expression_timezone = "Europe/Rome"

	target {
	arn = "arn:aws:scheduler:::aws-sdk:ssm:startAutomationExecution"
	role_arn = aws_iam_role.example.arn

	retry_policy {
	maximum_retry_attempts = 0
	}

	input = jsonencode(
	{
	DocumentName = "AWS-StartRdsInstance"
	TargetParameterName = "InstanceId"
	MaxConcurrency = "100%"
	Targets = [{
	Key = "tag:AutoStopStart"
	Values = ["true"]
	}]
	}
	)
	}

	}