variable "subnet_ids" { type = list(string) }
variable "security_group_id" {}
variable "db_name" {}
variable "db_username" {}
variable "db_password" { sensitive = true }
variable "instance_class" { default = "db.t3.micro" }
variable "allocated_storage" { default = 20 }
variable "environment" {}

resource "aws_db_subnet_group" "main" {
  name       = "sacc4-rds-subnet-${var.environment}"
  subnet_ids = var.subnet_ids
  tags       = { Name = "sacc4-rds-subnet-${var.environment}" }
}

resource "aws_db_instance" "main" {
  identifier           = "sacc4-${var.environment}"
  engine               = "mariadb"
  engine_version       = "10.11.16"
  instance_class       = var.instance_class
  allocated_storage    = var.allocated_storage
  storage_type         = "gp2"
  storage_encrypted    = true
  
  db_name  = var.db_name
  username = var.db_username
  password = var.db_password
  
  db_subnet_group_name   = aws_db_subnet_group.main.name
  vpc_security_group_ids = [var.security_group_id]
  
  publicly_accessible    = false
  skip_final_snapshot    = true
  backup_retention_period = 7
  backup_window          = "00:01-00:31"
  
  tags = {
    Name        = "sacc4-rds-${var.environment}"
    Environment = var.environment
  }
}

output "endpoint" {
  value     = aws_db_instance.main.endpoint
  sensitive = true
}

output "db_name" { value = aws_db_instance.main.db_name }