This repository has been archived by the owner on Jan 31, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathelasticache-redis.tf
130 lines (113 loc) · 4.73 KB
/
elasticache-redis.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
variable "redis_instance_type" {
type = "string"
default = "cache.t2.medium"
description = "EC2 instance type for Redis cluster"
}
variable "redis_cluster_size" {
type = "string"
default = "2"
description = "Redis cluster size"
}
variable "redis_cluster_enabled" {
type = "string"
default = "true"
description = "Set to false to prevent the module from creating any resources"
}
variable "redis_auth_token" {
type = "string"
default = ""
description = "Auth token for password protecting Redis. `transit_encryption_enabled` must be set to `true`! Password must be longer than 16 chars"
}
variable "redis_engine_version" {
type = "string"
default = "5.0.0"
description = "Version of Redis engine"
}
variable "redis_transit_encryption_enabled" {
type = "string"
default = "true"
description = "Enable TLS for Redis cluster"
}
variable "redis_at_rest_encryption_enabled" {
type = "string"
default = "true"
description = "Enable Redis encryption at rest"
}
variable "redis_params" {
type = "list"
default = []
description = "A list of Redis parameters to apply. Note that parameters may differ from a Redis family to another"
}
variable "redis_maintenance_window" {
type = "string"
default = "sun:03:00-sun:04:00"
description = "Weekly time range during which system maintenance can occur, in UTC"
}
variable "redis_automatic_failover" {
type = "string"
default = "true"
description = "Whether to enable automatic failover"
}
variable "redis_apply_immediately" {
type = "string"
default = "true"
description = "Whether to apply changes immediately or during the next maintenance window"
}
locals {
redis_cluster_enabled = "${var.enabled == "true" && var.redis_cluster_enabled == "true" ? "true" : "false"}"
redis_family = "${format("redis%s", join(".", slice(split(".", var.redis_engine_version),0,2)))}"
redis_auth_token = "${length(var.redis_auth_token) > 0 ? var.redis_auth_token : join("", random_string.redis_auth_token.*.result)}"
}
resource "random_string" "redis_auth_token" {
count = "${local.redis_cluster_enabled == "true" ? 1 : 0}"
length = 16
special = "false"
}
resource "aws_ssm_parameter" "redis_auth_token" {
count = "${local.redis_cluster_enabled == "true" ? 1 : 0}"
name = "${format(var.chamber_format, local.chamber_service, "redis_auth_token")}"
value = "${local.redis_auth_token}"
description = "Redis Elasticache auth token"
type = "SecureString"
key_id = "${data.aws_kms_key.chamber_kms_key.id}"
overwrite = "${var.overwrite_ssm_parameter}"
}
module "elasticache_redis" {
source = "git::https://github.com/cloudposse/terraform-aws-elasticache-redis.git?ref=tags/0.9.0"
namespace = "${var.namespace}"
stage = "${var.stage}"
name = "${var.name}"
attributes = ["red"]
zone_id = "${local.zone_id}"
security_groups = ["${var.security_groups}"]
vpc_id = "${var.vpc_id}"
subnets = ["${var.subnet_ids}"]
maintenance_window = "${var.redis_maintenance_window}"
cluster_size = "${var.redis_cluster_size}"
auth_token = "${local.redis_auth_token}"
instance_type = "${var.redis_instance_type}"
transit_encryption_enabled = "${var.redis_transit_encryption_enabled}"
engine_version = "${var.redis_engine_version}"
family = "${local.redis_family}"
port = "6379"
alarm_cpu_threshold_percent = "75"
alarm_memory_threshold_bytes = "10000000"
apply_immediately = "${var.redis_apply_immediately}"
at_rest_encryption_enabled = "${var.redis_at_rest_encryption_enabled}"
availability_zones = ["${data.aws_availability_zones.available.names}"]
automatic_failover = "${var.redis_automatic_failover}"
enabled = "${local.redis_cluster_enabled}"
parameter = "${var.redis_params}"
}
output "elasticache_redis_id" {
value = "${local.redis_cluster_enabled == "true" ? module.elasticache_redis.id : ""}"
description = "Elasticache Redis cluster ID"
}
output "elasticache_redis_security_group_id" {
value = "${local.redis_cluster_enabled == "true" ? module.elasticache_redis.security_group_id : ""}"
description = "Elasticache Redis security group ID"
}
output "elasticache_redis_host" {
value = "${local.redis_cluster_enabled == "true" ? module.elasticache_redis.host : ""}"
description = "Elasticache Redis host"
}