Merge remote-tracking branch 'origin/set-in-transit-encryption-false'…

… into main-sync-to-valkey
SPHTech-Platform · Jan 21, 2025 · 3482cf5 · 3482cf5
2 parents 4786690 + 2e041f7
commit 3482cf5
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -4,9 +4,11 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0 |
+
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.73.0 |
 | <a name="requirement_awscc"></a> [awscc](#requirement\_awscc) | >= 0.67.0 |
 
+
 ## Providers
 
 | Name | Version |
@@ -51,7 +53,8 @@ No modules.
 | <a name="input_daily_snapshot_time"></a> [daily\_snapshot\_time](#input\_daily\_snapshot\_time) | The daily time range (in UTC) during which the service takes automatic snapshot of the Serverless Cache | `string` | `"18:00"` | no |
 | <a name="input_elasticache_parameter_group_family"></a> [elasticache\_parameter\_group\_family](#input\_elasticache\_parameter\_group\_family) | ElastiCache parameter group family | `string` | `"redis7"` | no |
 | <a name="input_enabled"></a> [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `true` | no |
-| <a name="input_engine_version"></a> [engine\_version](#input\_engine\_version) | Redis engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html | `string` | `"7.0"` | no |
+| <a name="input_engine"></a> [engine](#input\_engine) | Engine of the elasticache (valkey or redis) | `string` | `"redis"` | no |
+| <a name="input_engine_version"></a> [engine\_version](#input\_engine\_version) | Engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html | `string` | `"7.0"` | no |
 | <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | Elastic cache instance type | `string` | `"cache.t2.micro"` | no |
 | <a name="input_kms_key_id"></a> [kms\_key\_id](#input\_kms\_key\_id) | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true` | `string` | `null` | no |
 | <a name="input_maintenance_window"></a> [maintenance\_window](#input\_maintenance\_window) | Maintenance window | `string` | `"wed:03:00-wed:04:00"` | no |
@@ -88,10 +91,10 @@ No modules.
 | <a name="output_arn"></a> [arn](#output\_arn) | Elasticache Replication Group ARN |
 | <a name="output_cluster_enabled"></a> [cluster\_enabled](#output\_cluster\_enabled) | Indicates if cluster mode is enabled. |
 | <a name="output_configuration_endpoint_address"></a> [configuration\_endpoint\_address](#output\_configuration\_endpoint\_address) | Address of the replication group configuration endpoint when cluster mode is enabled. |
-| <a name="output_endpoint"></a> [endpoint](#output\_endpoint) | Redis primary or configuration endpoint, whichever is appropriate for the given cluster mode |
+| <a name="output_endpoint"></a> [endpoint](#output\_endpoint) | primary or configuration endpoint, whichever is appropriate for the given cluster mode |
 | <a name="output_engine_version_actual"></a> [engine\_version\_actual](#output\_engine\_version\_actual) | Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine. |
 | <a name="output_id"></a> [id](#output\_id) | ID of the ElastiCache Replication Group. |
-| <a name="output_member_clusters"></a> [member\_clusters](#output\_member\_clusters) | Redis cluster members |
+| <a name="output_member_clusters"></a> [member\_clusters](#output\_member\_clusters) | cluster members |
 | <a name="output_parameter_group_arn"></a> [parameter\_group\_arn](#output\_parameter\_group\_arn) | The AWS ARN associated with the parameter group. |
 | <a name="output_parameter_group_id"></a> [parameter\_group\_id](#output\_parameter\_group\_id) | The ElastiCache parameter group name. |
 | <a name="output_reader_endpoint_address"></a> [reader\_endpoint\_address](#output\_reader\_endpoint\_address) | The address of the endpoint for the reader node in the replication group, if the cluster mode is disabled |

diff --git a/alarms.tf b/alarms.tf
@@ -2,7 +2,7 @@ resource "aws_cloudwatch_metric_alarm" "cache_cpu" {
   count = var.enabled && !var.use_serverless ? local.num_nodes : 0
 
   alarm_name        = "${tolist(aws_elasticache_replication_group.this[0].member_clusters)[count.index]}-cpu-utilization"
-  alarm_description = "Redis cluster CPU utilization"
+  alarm_description = "${var.engine} cluster CPU utilization"
 
   comparison_operator = "GreaterThanThreshold"
   evaluation_periods  = 1
@@ -33,7 +33,7 @@ resource "aws_cloudwatch_metric_alarm" "cache_memory" {
   count = var.enabled && !var.use_serverless ? local.num_nodes : 0
 
   alarm_name        = "${tolist(aws_elasticache_replication_group.this[0].member_clusters)[count.index]}-freeable-memory"
-  alarm_description = "Redis cluster freeable memory"
+  alarm_description = "${var.engine} cluster freeable memory"
 
   comparison_operator = "LessThanThreshold"
   evaluation_periods  = 1

diff --git a/main.tf b/main.tf
@@ -41,9 +41,9 @@ resource "aws_elasticache_replication_group" "this" {
   count = var.enabled && !var.use_serverless ? 1 : 0
 
   replication_group_id = var.replication_group_id == "" ? local.cluster_id : var.replication_group_id
-  description          = "Redis Cluster Rep"
+  description          = "${var.engine} Cluster Rep"
 
-  engine         = "redis"
+  engine         = var.engine
   engine_version = var.engine_version
   port           = var.port
 
@@ -56,7 +56,8 @@ resource "aws_elasticache_replication_group" "this" {
   subnet_group_name    = try(aws_elasticache_subnet_group.this[0].name, var.subnet_group_name)
   security_group_ids   = var.security_groups
 
-  multi_az_enabled           = var.replication_enabled ? true : false
+  multi_az_enabled = var.replication_enabled ? true : false
+
   at_rest_encryption_enabled = var.at_rest_encryption_enabled
   transit_encryption_enabled = var.transit_encryption_enabled
   automatic_failover_enabled = var.replication_enabled ? true : false

diff --git a/outputs.tf b/outputs.tf
@@ -9,7 +9,7 @@ output "reader_endpoint_address" {
 }
 
 output "member_clusters" {
-  description = "Redis cluster members"
+  description = "cluster members"
   value       = try(aws_elasticache_replication_group.this[0].member_clusters, null)
 }
 

diff --git a/variables.tf b/variables.tf
@@ -52,8 +52,15 @@ variable "instance_type" {
   default     = "cache.t2.micro"
 }
 
+variable "engine" {
+  description = "Engine of the elasticache (valkey or redis)"
+  type        = string
+  default     = "redis"
+}
+
+
 variable "engine_version" {
-  description = "Redis engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html"
+  description = "Engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html"
   type        = string
   default     = "7.0"
 }
@@ -214,6 +221,12 @@ variable "replicas_per_node_group" {
   default     = 1
 }
 
+variable "transit_encryption_enabled" {
+  description = "Whether to enable in transit encryption"
+  type        = bool
+  default     = true
+}
+
 # ElastiCache Serverless
 variable "use_serverless" {
   description = "Use serverless ElastiCache service"

diff --git a/versions.tf b/versions.tf
@@ -3,7 +3,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 4.0"
+      version = ">= 5.73.0"
     }
     awscc = {
       source  = "hashicorp/awscc"