From ccf013d9942295b96b661161c7a00c5cf4a91c25 Mon Sep 17 00:00:00 2001 From: Jazeel Date: Fri, 6 Oct 2023 13:42:03 +0800 Subject: [PATCH 01/10] set encryption to false for testing --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index ee0470f..cb1bdab 100644 --- a/main.tf +++ b/main.tf @@ -58,7 +58,7 @@ resource "aws_elasticache_replication_group" "this" { multi_az_enabled = var.replication_enabled ? true : false at_rest_encryption_enabled = true - transit_encryption_enabled = true + transit_encryption_enabled = false automatic_failover_enabled = var.replication_enabled ? true : false notification_topic_arn = var.notification_topic_arn From a3ecd80b99f8e1e704fff412bdab78b14b3cd19a Mon Sep 17 00:00:00 2001 From: Jazeel Date: Fri, 6 Oct 2023 13:44:04 +0800 Subject: [PATCH 02/10] variablize transit encryption --- main.tf | 2 +- variables.tf | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index cb1bdab..364e10d 100644 --- a/main.tf +++ b/main.tf @@ -58,7 +58,7 @@ resource "aws_elasticache_replication_group" "this" { multi_az_enabled = var.replication_enabled ? true : false at_rest_encryption_enabled = true - transit_encryption_enabled = false + transit_encryption_enabled = var.transit_encryption_enabled automatic_failover_enabled = var.replication_enabled ? true : false notification_topic_arn = var.notification_topic_arn diff --git a/variables.tf b/variables.tf index 5ed27f9..5a0ff21 100644 --- a/variables.tf +++ b/variables.tf @@ -189,3 +189,9 @@ variable "replicas_per_node_group" { type = number default = 1 } + +variable "transit_encryption_enabled" { + description = "Whether to enable in transit encryption" + type = bool + default = true +} From 3de8751796f609473975f396c1e7ff54ad545557 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 10:48:21 +0800 Subject: [PATCH 03/10] add engine support --- alarms.tf | 4 ++-- main.tf | 4 ++-- outputs.tf | 4 ++-- variables.tf | 9 ++++++++- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/alarms.tf b/alarms.tf index 208a589..6181132 100644 --- a/alarms.tf +++ b/alarms.tf @@ -2,7 +2,7 @@ resource "aws_cloudwatch_metric_alarm" "cache_cpu" { count = var.enabled ? local.num_nodes : 0 alarm_name = "${tolist(aws_elasticache_replication_group.this[0].member_clusters)[count.index]}-cpu-utilization" - alarm_description = "Redis cluster CPU utilization" + alarm_description = "${var.engine} cluster CPU utilization" comparison_operator = "GreaterThanThreshold" evaluation_periods = 1 @@ -33,7 +33,7 @@ resource "aws_cloudwatch_metric_alarm" "cache_memory" { count = var.enabled ? local.num_nodes : 0 alarm_name = "${tolist(aws_elasticache_replication_group.this[0].member_clusters)[count.index]}-freeable-memory" - alarm_description = "Redis cluster freeable memory" + alarm_description = "${var.engine} cluster freeable memory" comparison_operator = "LessThanThreshold" evaluation_periods = 1 diff --git a/main.tf b/main.tf index 364e10d..a17cd66 100644 --- a/main.tf +++ b/main.tf @@ -41,9 +41,9 @@ resource "aws_elasticache_replication_group" "this" { count = var.enabled ? 1 : 0 replication_group_id = var.replication_group_id == "" ? local.cluster_id : var.replication_group_id - description = "Redis Cluster Rep" + description ="${var.engine} Cluster Rep" - engine = "redis" + engine = var.engine engine_version = var.engine_version port = var.port diff --git a/outputs.tf b/outputs.tf index 616ea99..fba5636 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,5 +1,5 @@ output "endpoint" { - description = "Redis primary or configuration endpoint, whichever is appropriate for the given cluster mode" + description = "${var.engine} primary or configuration endpoint, whichever is appropriate for the given cluster mode" value = try(aws_elasticache_replication_group.this[0].primary_endpoint_address, null) } @@ -9,7 +9,7 @@ output "reader_endpoint_address" { } output "member_clusters" { - description = "Redis cluster members" + description = "${var.engine} cluster members" value = try(aws_elasticache_replication_group.this[0].member_clusters, null) } diff --git a/variables.tf b/variables.tf index 5a0ff21..0d3ece7 100644 --- a/variables.tf +++ b/variables.tf @@ -52,8 +52,15 @@ variable "instance_type" { default = "cache.t2.micro" } +variable "engine" { + description = "Engine of the elasticache (valkey or redis)" + type = string + default = "redis" +} + + variable "engine_version" { - description = "Redis engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html" + description = "Engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html" type = string default = "7.0" } From b743f5e7a0b666d41e8041387c9a5cdd064317f0 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 10:52:13 +0800 Subject: [PATCH 04/10] remove var in output --- outputs.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/outputs.tf b/outputs.tf index fba5636..8d5de23 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,5 +1,5 @@ output "endpoint" { - description = "${var.engine} primary or configuration endpoint, whichever is appropriate for the given cluster mode" + description = "primary or configuration endpoint, whichever is appropriate for the given cluster mode" value = try(aws_elasticache_replication_group.this[0].primary_endpoint_address, null) } @@ -9,7 +9,7 @@ output "reader_endpoint_address" { } output "member_clusters" { - description = "${var.engine} cluster members" + description = "cluster members" value = try(aws_elasticache_replication_group.this[0].member_clusters, null) } From 610f7a8d786ad1f834b1065dfe6ecddd2461b8a0 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 10:58:56 +0800 Subject: [PATCH 05/10] change aws privider version --- versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.tf b/versions.tf index b491252..a4e71f3 100644 --- a/versions.tf +++ b/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 4.0" + version = ">= 5.82.2" } } } From 6b39259ed35811ab896bc212b5d21f6ff95ebcba Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 11:25:35 +0800 Subject: [PATCH 06/10] change to 5.73.0 for exact version --- versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.tf b/versions.tf index a4e71f3..fcf71c0 100644 --- a/versions.tf +++ b/versions.tf @@ -3,7 +3,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.82.2" + version = ">= 5.73.0" } } } From 91a0d56fe80e9a5916cdff07560f870ab863670d Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 12:53:29 +0800 Subject: [PATCH 07/10] add condition for redis --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index a17cd66..9c40515 100644 --- a/main.tf +++ b/main.tf @@ -15,7 +15,7 @@ locals { } resource "aws_elasticache_parameter_group" "this" { - count = var.enabled && var.parameter_group_name == "" || var.parameter_group_name == null ? 1 : 0 + count = var.enabled && var.parameter_group_name == "" && var.engine == "redis" || var.parameter_group_name == null ? 1 : 0 name = var.name family = var.elasticache_parameter_group_family @@ -41,7 +41,7 @@ resource "aws_elasticache_replication_group" "this" { count = var.enabled ? 1 : 0 replication_group_id = var.replication_group_id == "" ? local.cluster_id : var.replication_group_id - description ="${var.engine} Cluster Rep" + description = "${var.engine} Cluster Rep" engine = var.engine engine_version = var.engine_version From 429abd8a6f060e1a7858baa6108bddbf4459ef64 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 12:57:47 +0800 Subject: [PATCH 08/10] revert change --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index 9c40515..a17cd66 100644 --- a/main.tf +++ b/main.tf @@ -15,7 +15,7 @@ locals { } resource "aws_elasticache_parameter_group" "this" { - count = var.enabled && var.parameter_group_name == "" && var.engine == "redis" || var.parameter_group_name == null ? 1 : 0 + count = var.enabled && var.parameter_group_name == "" || var.parameter_group_name == null ? 1 : 0 name = var.name family = var.elasticache_parameter_group_family @@ -41,7 +41,7 @@ resource "aws_elasticache_replication_group" "this" { count = var.enabled ? 1 : 0 replication_group_id = var.replication_group_id == "" ? local.cluster_id : var.replication_group_id - description = "${var.engine} Cluster Rep" + description ="${var.engine} Cluster Rep" engine = var.engine engine_version = var.engine_version From afd396ff1aca337af9c44196fc5c155740a2a748 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Wed, 8 Jan 2025 15:05:13 +0800 Subject: [PATCH 09/10] fix spacing --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index a17cd66..737963a 100644 --- a/main.tf +++ b/main.tf @@ -41,7 +41,7 @@ resource "aws_elasticache_replication_group" "this" { count = var.enabled ? 1 : 0 replication_group_id = var.replication_group_id == "" ? local.cluster_id : var.replication_group_id - description ="${var.engine} Cluster Rep" + description = "${var.engine} Cluster Rep" engine = var.engine engine_version = var.engine_version From aed478fd6c60a6f8b3ff0c743952f42f711ea8a9 Mon Sep 17 00:00:00 2001 From: Jeffrey Monte Date: Fri, 10 Jan 2025 10:51:24 +0800 Subject: [PATCH 10/10] Update README.md --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 7d8da2e..fd2ddb5 100644 --- a/README.md +++ b/README.md @@ -4,13 +4,13 @@ | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 4.0 | +| [aws](#requirement\_aws) | >= 5.73.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | 5.5.0 | +| [aws](#provider\_aws) | 5.82.2 | ## Modules @@ -41,7 +41,8 @@ No modules. | [create\_elasticache\_subnet\_group](#input\_create\_elasticache\_subnet\_group) | Create Elasticache Subnet Group | `bool` | `true` | no | | [elasticache\_parameter\_group\_family](#input\_elasticache\_parameter\_group\_family) | ElastiCache parameter group family | `string` | `"redis7"` | no | | [enabled](#input\_enabled) | Set to false to prevent the module from creating any resources | `bool` | `true` | no | -| [engine\_version](#input\_engine\_version) | Redis engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html | `string` | `"redis7.0"` | no | +| [engine](#input\_engine) | Engine of the elasticache (valkey or redis) | `string` | `"redis"` | no | +| [engine\_version](#input\_engine\_version) | Engine version. https://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/supported-engine-versions.html | `string` | `"7.0"` | no | | [instance\_type](#input\_instance\_type) | Elastic cache instance type | `string` | `"cache.t2.micro"` | no | | [kms\_key\_id](#input\_kms\_key\_id) | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true` | `string` | `null` | no | | [maintenance\_window](#input\_maintenance\_window) | Maintenance window | `string` | `"wed:03:00-wed:04:00"` | no | @@ -69,10 +70,10 @@ No modules. | [arn](#output\_arn) | Elasticache Replication Group ARN | | [cluster\_enabled](#output\_cluster\_enabled) | Indicates if cluster mode is enabled. | | [configuration\_endpoint\_address](#output\_configuration\_endpoint\_address) | Address of the replication group configuration endpoint when cluster mode is enabled. | -| [endpoint](#output\_endpoint) | Redis primary or configuration endpoint, whichever is appropriate for the given cluster mode | +| [endpoint](#output\_endpoint) | primary or configuration endpoint, whichever is appropriate for the given cluster mode | | [engine\_version\_actual](#output\_engine\_version\_actual) | Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine. | | [id](#output\_id) | ID of the ElastiCache Replication Group. | -| [member\_clusters](#output\_member\_clusters) | Redis cluster members | +| [member\_clusters](#output\_member\_clusters) | cluster members | | [parameter\_group\_arn](#output\_parameter\_group\_arn) | The AWS ARN associated with the parameter group. | | [parameter\_group\_id](#output\_parameter\_group\_id) | The ElastiCache parameter group name. | | [reader\_endpoint\_address](#output\_reader\_endpoint\_address) | The address of the endpoint for the reader node in the replication group, if the cluster mode is disabled |