Terraform module which creates Elasticache resources on AWS
Root module calls these modules which can also be used separately to create independent resources:
- cache_parameter_group - creates Elasticache parameter group
- cache_subnet_group - creates Elasticache subnet group
- cache_user - creates Elasticache user
- cache_user_group - creates Elasticache user group
module "elasticache" {
source = "osgurisdosre/elasticache/aws"
create_cache = true
replication_group_id = "redis-app"
description_redis = "Redis App"
node_type = "cache.t2.micro"
security_group_ids = ["sg-0000000000000", "sg-111111111111111"]
num_cache_clusters = 3
# Cache subnet group
create_elasticache_subnet_group = true
subnet_group_name = "elasticache-subnets"
subnet_ids = ["subnet-123456789", "subnet-987654321", "subnet-123321123"]
# Cache parameter group
create_elasticache_parameter_group = true
parameters = [{
name = "activerehashing"
value = "yes"
}]
# Cache user
create_elasticache_user = true
create_cache_password = true
user_name = "userapp"
user_id = "userapp"
access_string = "on ~* +@all"
authentication_mode = [{
type = "password"
}]
# Cache user group
create_elasticache_user_group = true
user_group_id = "app"
}
module "elastic_serverlesss" {
source = "osgurisdosre/elasticache/aws"
create_elasticache_serverless = true
serverless_name = "redis-serverless"
description_serverless = "serverless"
enabled_limits = true
cache_usage_limits = {
data_storage = {
maximum = 1000
unit = "GB"
}
ecpu_per_second = {
maximum = 1000
}
}
daily_snapshot_time = "09:00"
kms_key_id = aws_kms_key.test.arn
major_engine_version = "7"
snapshot_retention_limit = 1
security_group_ids = ["sg-0000000000000", "sg-111111111111111"]
subnet_ids = ["subnet-123456789", "subnet-987654321", "subnet-123321123"]
user_group_id = module.user_group.elasticache_user_group_id
tags = {
"Environment" = "prd"
}
}
module "elasticache" {
source = "osgurisdosre/documentdb/aws"
# Disable creation of Elasticache
create_cache = false
# Enable creation of a random password
create_cache_password = true
# Enable creation of subnet group
create_elasticache_subnet_group = true
# Enable creation of parameter group
create_elasticache_parameter_group = true
# Enable creation of user
create_elasticache_user = true
# Enable creation of user group
create_elasticache_user_group = true
# Enable creation of serverless
create_elasticache_serverless = true
#Enable modification in cache_usage_limits
enabled_limits = true
}
To-do:
- This module does not create Elasticache security group. Use terraform-aws-security-group module for this.
- By default, the variable
create_db_passwordis set to true. Therefore, even if the user provides a password, it will not be read. Thecreate_db_passwordvariable should be set to false and thepasswordsvariable should have a non-null value to be read and used. - By default, the
create_elasticache_serverlessvariable is set false
| Name | Version |
|---|---|
| terraform | >= 1.4 |
| aws | >= 5.40 |
| random | >= 3.1 |
| Name | Version |
|---|---|
| aws | >= 5.40 |
| random | >= 3.1 |
| Name | Source | Version |
|---|---|---|
| elasticache_parameter_group | ./modules/cache_parameter_group | n/a |
| elasticache_subnet_group | ./modules/cache_subnet_group | n/a |
| elasticache_user | ./modules/cache_user | n/a |
| elasticache_user_group | ./modules/cache_user_group | n/a |
| Name | Type |
|---|---|
| aws_elasticache_replication_group.this | resource |
| aws_elasticache_serverless_cache.this | resource |
| random_password.master_password | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_string | Access permissions string used for this user. | string |
null |
no |
| apply_immediately | Specifies whether any modifications are applied immediately, or during the next maintenance window. | bool |
false |
no |
| at_rest_encryption_enabled | Whether to enable encryption at rest. | bool |
true |
no |
| auth_token | Password used to access a password protected server | string |
null |
no |
| authentication_mode | Denotes the user's authentication properties. Possible of type options are: password, no-password-required or iam. | list(object({ |
[ |
no |
| auto_minor_version_upgrade | Specifies whether minor version engine upgrades will be applied automatically to the underlying | bool |
false |
no |
| automatic_failover_enabled | Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. | bool |
true |
no |
| cache_usage_limits | Sets the cache usage limits for storage and ElastiCache Processing Units for the cache.(data_storage,ecpu_per_second) | any |
{} |
no |
| create | Create the resource? | bool |
true |
no |
| create_cache | Create the elasticache Redis? | bool |
false |
no |
| create_cache_password | Create the password? | bool |
false |
no |
| create_elasticache_parameter_group | Create the parameter group? | bool |
false |
no |
| create_elasticache_replication_group | Create the replication group? | bool |
false |
no |
| create_elasticache_serverless | Create the elasticache Redis serverless? | bool |
false |
no |
| create_elasticache_subnet_group | Create the subnet group? | bool |
false |
no |
| create_elasticache_user | Create the user? | bool |
false |
no |
| create_elasticache_user_group | Create the user group? | bool |
false |
no |
| daily_snapshot_time | The daily time that snapshots will be created from the new serverless cache.(Only for the serverless module) | string |
"03:00" |
no |
| data_tiering_enabled | Enables data tiering | bool |
false |
no |
| description_parameter | The description of the ElastiCache parameter group. | string |
null |
no |
| description_redis | User-created description for the replication group. Must not be empty | string |
"" |
no |
| description_serverless | User-created description for the serverless. Must not be empty | string |
"" |
no |
| description_subnet | The Description of the ElastiCache Subnet Group. | string |
null |
no |
| enabled_limits | Enable customization of cache_usage_limits(Only for the serverless module) | bool |
false |
no |
| engine | Name of the cache engine to be used for the clusters in this replication group. | string |
"redis" |
no |
| engine_version | Version number of the cache engine to be used for the cache clusters in this replication group. | string |
"6.x" |
no |
| family | The family of the ElastiCache parameter group. | string |
"redis6.x" |
no |
| final_snapshot_identifier | The name of your final node group (shard) snapshot. | string |
null |
no |
| global_replication_group_id | The ID of the global replication group to which this replication group should belong. | string |
null |
no |
| kms_key_id | The ARN of the key that you wish to use if encrypting at rest. | string |
null |
no |
| log_delivery_configuration | block allows the streaming of Redis SLOWLOG or Redis Engine Log to CloudWatch Log | list(map(string)) |
[] |
no |
| maintenance_window | Specifies the weekly time range for when maintenance on the cache cluster is performed. | string |
"sat:03:00-sat:06:00" |
no |
| major_engine_version | The version of the cache engine that will be used to create the serverless cache.(Only for the serverless module) | string |
"7" |
no |
| multi_az_enabled | Specifies whether to enable Multi-AZ Support for the replication group. | bool |
false |
no |
| node_type | Instance class to be used. | string |
null |
no |
| notification_topic_arn | ARN of an SNS topic to send ElastiCache notifications to | string |
null |
no |
| num_cache_clusters | Number of cache clusters (primary and replicas) this replication group will have. | number |
3 |
no |
| num_node_groups | Number of node groups (shards) for this Redis replication group. | number |
null |
no |
| parameter_group_name | The name of the ElastiCache parameter group. | string |
null |
no |
| parameters | List of DB parameters to apply | list(map(string)) |
[] |
no |
| password | Password for the user. | list(string) |
[] |
no |
| password_create | Password Create | string |
null |
no |
| port | Port number on which each of the cache nodes will accept connections. | number |
6379 |
no |
| preferred_cache_cluster_azs | List of EC2 availability zones in which the replication group's cache clusters will be created. | list(string) |
null |
no |
| random_password_length | The length of the string desired. | number |
16 |
no |
| replicas_per_node_group | Number of replica nodes in each node group. | number |
null |
no |
| replication_group_id | Replication group identifier. This parameter is stored as a lowercase string. | string |
null |
no |
| security_group_ids | One or more Amazon VPC security groups associated with this replication group. | list(string) |
[] |
no |
| security_group_names | List of cache security group names to associate with this replication group. | list(string) |
null |
no |
| serverless_name | Name Redis Serverless. This parameter is stored as a lowercase string. | string |
null |
no |
| snapshot_arns_to_restore | The list of ARN(s) of the snapshot that the new serverless cache will be created from(Only for the serverless module) | list(string) |
null |
no |
| snapshot_name | Name of a snapshot from which to restore data into the new node group. | string |
null |
no |
| snapshot_retention_limit | Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | number |
7 |
no |
| snapshot_window | Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string |
"00:00-02:00" |
no |
| subnet_group_name | The Name of the ElastiCache Subnet Group. | string |
null |
no |
| subnet_ids | The Subnet IDs of the ElastiCache Subnet Group. | list(string) |
[ |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| transit_encryption_enabled | Whether to enable encryption in transit. | bool |
true |
no |
| user_group_id | The user group identifier. | string |
null |
no |
| user_group_ids | User Group ID to associate with the replication group. | list(string) |
null |
no |
| user_id | The ID of the user. | string |
null |
no |
| user_name | The username of the user. | string |
null |
no |
| Name | Description |
|---|---|
| cache_instance_endpoint | The DNS address of the Primary Cache |
| cache_instance_password | The cache password (this password may be old, because Terraform doesn't track it after initial creation) |
| db_instance_endpoint_reader | The DNS address of the Reader Cache |
Module is maintained by Emidio Neto, Leonardo Jardim and Yuri Azeredo
Apache 2 Licensed. See LICENSE for full details.