#!/bin/bash # Flag legend: # -e - exit on error # -u - error on undefined variables # -o pipefail - set the exit code of a pipeline to that of the rightmost command to exit with a non-zero status, # or to zero if all commands of the pipeline exit successfully set -euo pipefail # The script is designed to run by user who already completed authentication. # Environment variables below are mandatory. # Script fails with error if at least one of them is not present. # For local usage, please complete authentication through Okta and pass these values as environment variables # to the docker container: # docker run -it \ # -e AWS_SESSION_TOKEN=$AWS_SESSION_TOKEN \ # -e AWS_REGION=$AWS_REGION \ # -e AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY \ # -e AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID \ # pgtools export AWS_REGION export AWS_ACCESS_KEY_ID export AWS_SECRET_ACCESS_KEY export AWS_SESSION_TOKEN read -rp 'Please enter the cluster name: ' source_cluster # Restoring a cluster to point in time, use Z (UTC) timezone function restore_cluster(){ # Flag legend: # r - do not allow backslashes to escape any characters # p - output the string PROMPT without a trailing newline before attempting to read read -rp 'Please choose an option: PITR or SNAPSHOT: ' restore_mode case $restore_mode in PITR) instance_engine=`aws rds describe-db-instances --filters "Name=db-cluster-id,Values=${source_cluster}" --query "DBInstances[0].Engine" | tr -d '\n\r\t[]" '` instance_parameter_group_name=`aws rds describe-db-instances --filters "Name=db-cluster-id,Values=${source_cluster}" --query "DBInstances[0].DBParameterGroups[0].DBParameterGroupName" | tr -d '"\n\t\r '` instance_source_security_group_ids=`aws rds describe-db-instances --filters "Name=db-cluster-id,Values=${source_cluster}" --query "DBInstances[0].VpcSecurityGroups[*].VpcSecurityGroupId" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` instance_class=`aws rds describe-db-instances --filters "Name=db-cluster-id,Values=${source_cluster}" --query "DBInstances[0].DBInstanceClass" | tr -d '"\n\t\r '` cluster_engine_mode=`aws rds describe-db-clusters --db-cluster-identifier="${source_cluster}" --query "DBClusters[0].EngineMode" | tr -d '"\n\t\r '` cluster_source_db_subnet=$(aws rds describe-db-clusters --db-cluster-identifier="${source_cluster}" --query "DBClusters[0].DBSubnetGroup" | tr -d '"') cluster_parameter_group=`aws rds describe-db-clusters --db-cluster-identifier="${source_cluster}" --query "DBClusters[0].DBClusterParameterGroup" | tr -d '"'` cluster_iam_authentication_enable=`aws rds describe-db-clusters --db-cluster-identifier="${source_cluster}" --query "DBClusters[0].IAMDatabaseAuthenticationEnabled" | tr -d '"\n\t\r '` export cluster_engine_mode export cluster_source_db_subnet export instance_class export cluster_parameter_group export instance_source_security_group_ids export instance_parameter_group_name export cluster_iam_authentication_enable read -rp 'Please enter timestamp (e.g. 2023-10-11T18:00:00.000Z) : ' timestamp aws rds restore-db-cluster-to-point-in-time \ --db-subnet-group-name "${cluster_source_db_subnet}" \ --db-cluster-parameter-group-name "${cluster_parameter_group}" \ --source-db-cluster-identifier "${source_cluster}" \ --db-cluster-identifier "${source_cluster}-pitr" \ --engine-mode "${cluster_engine_mode}" \ --enable-iam-database-authentication \ --vpc-security-group-ids ${instance_source_security_group_ids} \ --restore-to-time "${timestamp}" sleep 5 aws rds create-db-instance \ --db-cluster-identifier "${source_cluster}-pitr" \ --db-instance-identifier "${source_cluster}-pitr-writer" \ --db-parameter-group-name "${instance_parameter_group_name}" \ --db-instance-class "${instance_class}" \ --engine "${instance_engine}" ;; SNAPSHOT) read -rp 'Please enter the snapshot identifier : ' snapshot_identifier snapshot_engine=`aws rds describe-db-cluster-snapshots --db-cluster-snapshot-identifier="banking-int" --query "DBClusterSnapshots[0].Engine" | tr -d '"\n\t\r '` snapshot_engine_mode=`aws rds describe-db-cluster-snapshots --db-cluster-snapshot-identifier="banking-int" --query "DBClusterSnapshots[0].EngineMode" | tr -d '"\n\t\r '` snapshot_engine_version=`aws rds describe-db-cluster-snapshots --db-cluster-snapshot-identifier="banking-int" --query "DBClusterSnapshots[0].EngineVersion" | tr -d '"\n\t\r '` cluster_parameter_groups=`aws rds describe-db-cluster-parameter-groups --query "DBClusterParameterGroups[*].DBClusterParameterGroupName" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` database_parameter_groups=`aws rds describe-db-parameter-groups --query "DBParameterGroups[?DBParameterGroupFamily=='aurora-postgresql14'].DBParameterGroupName" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` cluster_engine_version=`aws rds describe-db-cluster-snapshots --db-cluster-snapshot-identifier "${snapshot_identifier}" --query "DBClusterSnapshots[0].EngineVersion" | tr -d '"'` cluster_vpcs=`aws ec2 describe-security-groups --query "SecurityGroups[*].VpcId" | tr -d '[]" ' | sed 's/,/ /g' | uniq -u | tr -d '\n\r\t'` cluster_instance_shapes=`aws ec2 describe-instance-types --query InstanceTypes[].InstanceType | sort | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` export cluster_enine_version export cluster_vpcs echo "Please select cluster parameter group: " select cluster_parameter_group_choice in ${cluster_parameter_groups} do cluster_parameter_group=${cluster_parameter_group_choice} export cluster_parameter_group break done echo "Please select database parameter group: " select database_parameter_group_choice in ${database_parameter_groups} do database_parameter_group=${database_parameter_group_choice} export database_parameter_group break done echo "Please select VPC id: " select cluster_vpc_id_choice in ${cluster_vpcs} do cluster_vpc_id=${cluster_vpc_id_choice} export cluster_vpc_id break done cluster_vpc_security_group_ids=`aws ec2 describe-security-groups --query "SecurityGroups[?VpcId=='${cluster_vpc_id}'].GroupId" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` cluster_source_db_subnets=`aws rds describe-db-subnet-groups --query "DBSubnetGroups[?VpcId=='${cluster_vpc_id}'].DBSubnetGroupName" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` export cluster_source_db_subnets export cluster_vpc_security_group_ids instance_db_shapes=`aws rds describe-orderable-db-instance-options --engine ${snapshot_engine} --engine-version ${snapshot_engine_version} --query "OrderableDBInstanceOptions[].DBInstanceClass" | tr -d '\n\r\t[]" ' | sed 's/,/ /g'` echo "Please select the clusters' instance shape: " select instance_db_shape_choice in ${instance_db_shapes} do instance_db_shape=${instance_db_shape_choice} export instance_db_shape break done aws rds restore-db-cluster-from-snapshot \ --engine "${snapshot_engine}" \ --enable-iam-database-authentication \ --engine-mode "${snapshot_engine_mode}" \ --engine-version "${snapshot_engine_version}" \ --snapshot-identifier "${snapshot_identifier}" \ --db-cluster-identifier "${source_cluster}-snapshot" \ --db-subnet-group-name "${cluster_source_db_subnets}" \ --vpc-security-group-ids ${cluster_vpc_security_group_ids} \ --db-cluster-parameter-group-name "${cluster_parameter_group}" sleep 5 aws rds create-db-instance \ --db-cluster-identifier "${source_cluster}-snapshot" \ --db-instance-identifier "${source_cluster}-snapshot-writer" \ --db-parameter-group-name "${database_parameter_group}" \ --db-instance-class "${instance_db_shape}" \ --engine "${snapshot_engine}" \ --engine-version "${snapshot_engine_version}" ;; *) echo "You didn't enter any option" ;; esac } restore_cluster