| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162 | #------------------------------------# RDS Cluster#------------------------------------resource "aws_kms_key" "customer_portal_kms" {  description = "RDS KMS Key"  enable_key_rotation = true}resource "aws_db_subnet_group" "customer_portal_rds_subnets" {  name        = "customer_portal_rds_subnets"  description = "Customer Portal RDS Private subnet"  subnet_ids  = var.private_subnets}# yeah, I alphabatized it. Don't you alphabatized your config files? resource "aws_db_instance" "postgres" {  allocated_storage           = 20  apply_immediately           = "true"  auto_minor_version_upgrade  = "true"  db_subnet_group_name        = aws_db_subnet_group.customer_portal_rds_subnets.name  backup_window               = "03:00-06:00"  backup_retention_period     = 7  ca_cert_identifier          = "rds-ca-2017"  deletion_protection         = var.environment == "test" ? "false" : "true"  delete_automated_backups    = "true"  engine                      = "postgres"  engine_version              = var.environment == "test" ? "12" : "10"  final_snapshot_identifier   = "customerportal"  instance_class              = "db.t2.small"  identifier                  = "customerportal"  kms_key_id                  = aws_kms_key.customer_portal_kms.arn  maintenance_window          = "Mon:00:00-Mon:03:00"  name                        = "customerportal"  password                    = var.environment == "test" ? "foobarbaz" : "050ff734-fb33-9248-13e4-7d8ad2e899a0"  port                        = 5432  skip_final_snapshot         = var.environment == "test" ? "true" : "false"  storage_type                = "gp2"  storage_encrypted           = "true"  tags                        = merge( var.standard_tags, var.tags )  username                    = "portal"  vpc_security_group_ids      = [ aws_security_group.postgres.id, ]}#------------------------------------# Security Groups#------------------------------------resource "aws_security_group" "postgres" {  name        = "customer_portal_postgres_inbound_sg"  description = "Allow Customer Portal HTTP Traffic Inbound"  vpc_id      = var.vpc_id}resource "aws_security_group_rule" "customer_portal_postgres_inbound" {  security_group_id = aws_security_group.postgres.id  type        = "ingress"  from_port   = 5432  to_port     = 5432  protocol    = "tcp"  cidr_blocks = ["10.0.0.0/8"]}
 |