Skip to content
/ terraform-aws-elasticache-redis Public
forked from squareops/terraform-aws-elasticache-redis

Terraform module for simplified provisioning and management of AWS ElastiCache Redis.

squareops.com

License

Apache-2.0 license
0 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

siddharthbarhate/terraform-aws-elasticache-redis

BranchesTags

Repository files navigation

Redis

squareops_avatar

SquareOps Technologies Your DevOps Partner for Accelerating cloud journey.


We publish several terraform modules.
Terraform Module to create Redis on AWS Cloud.

Uses Example

module "redis" {
  source = "gitlab.com/sq-ia/aws/redis.git"  
  environment = "production"
  name        = "SKAF"
  engine_version  = "6.x"
  port            = 6379
  node_type       = "cache.t3.small"
  num_cache_nodes = 2
  family          = "redis6.x"
  availability_zones         = [for n in range(0, 2) : data.aws_availability_zones.available.names[n]]
  automatic_failover_enabled = true
  snapshot_retention_limit   = 7
  multi_az_enabled           = false
  at_rest_encryption_enabled = true
  transit_encryption_enabled = false
  notification_topic_arn     = null
  vpc_id                     = "vpc-06e37f0786b7eskaf"
  subnets                    = ["subnet-0bfc23c64ea3eskaf","subnet-0140024df275bskaf"]
  allowed_cidr_blocks        = []
  allowed_security_groups    = [sg-0132a41b5cd18skaf]
  maintenance_window         = "sun:09:00-sun:10:00"
  snapshot_window            = "07:00-08:00"
  kms_key_arn = "arn:aws:kms:us-east-2:222222222222:key/kms_key_arn"
}

Important Note

  1. This module creates RDS security group.
  2. By default, the variable create_random_password is set to true. Therefore, even if the user provides a password, it will not be read. The create_random_password variable should be set to false and the password variable should have a non-null value to be read and used.

Security & Compliance

Security scanning is graciously provided by Prowler. Proowler is the leading fully hosted, cloud-native solution providing continuous cluster security and compliance.

Benchmark Description
Ensure that encryption is enabled for RDS instances Enabled for RDS created using this module.

Requirements

Name Version
terraform >= 1.0
aws >= 4.23
random >= 3.0.0

Providers

Name Version
aws >= 4.23
random >= 3.0.0

Modules

Name Source Version
security_group_redis terraform-aws-modules/security-group/aws 4.13.0

Resources

Name Type
aws_elasticache_parameter_group.default resource
aws_elasticache_replication_group.redis resource
aws_elasticache_subnet_group.elasticache resource
aws_secretsmanager_secret.secret_redis resource
aws_security_group_rule.cidr_ingress resource
aws_security_group_rule.default_ingress resource
random_password.password resource

Inputs

Name Description Type Default Required
allowed_cidr_blocks A list of CIDR blocks which are allowed to access the database list(any) [] no
allowed_security_groups A list of Security Group ID's to allow access to list(any) [] no
at_rest_encryption_enabled (Optional) Whether to enable encryption at rest bool true no
automatic_failover_enabled Enable automatic failover bool false no
availability_zones The list of AZs list(string) [] no
engine_log_destination The destination for engine logs(eg. Cloudwatch log-group name or kinesis firehose stream name) string null no
engine_log_destination_type The type of destination for engine logs(eg . cloudwatch-logs or kinesis-firehose) string "" no
engine_log_format the format for logs eg. json/text string "json" no
engine_version The redis engine version string "" no
environment The name of environment string "" no
family Redis family string "redis4.0" no
final_snapshot_identifier The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made. string null no
kms_key_id The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if at_rest_encryption_enabled = true string "" no
maintenance_window Specifies the weekly time range for when maintenance on the cache cluster is performed. The format is ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period string "fri:08:00-fri:09:00" no
multi_az_enabled Enable multi az bool false no
name The name of the redis cluster string "" no
node_type The instance size of the redis cluster string "cache.t3.micro" no
notification_topic_arn (Optional) ARN of an SNS topic to send ElastiCache notifications string null no
num_cache_nodes The number of cache nodes number 1 no
parameter_group_description Parameter group string null no
port The redis port number 6379 no
recovery_window_aws_secret Number of days that AWS Secrets Manager waits before it can delete the secret. This value can be 0 to force deletion without recovery or range from 7 to 30 days. number 0 no
slow_log_destination The destination for slow logs(eg. Cloudwatch log-group name or kinesis firehose stream name.) string null no
slow_log_destination_type The type of destination for slow logs(eg . cloudwatch-logs or kinesis-firehose) string "" no
slow_log_format the format for logs eg. json/text string "json" no
snapshot_arns (Optional) A single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3. Example: arn:aws:s3:::my_bucket/snapshot1.rdb . This will be used to add data to a fresh new instance. list(string) [] no
snapshot_retention_limit The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. For example, if you set SnapshotRetentionLimit to 5, then a snapshot that was taken today will be retained for 5 days before being deleted. If the value of SnapshotRetentionLimit is set to zero (0), backups are turned off. Please note that setting a snapshot_retention_limit is not supported on cache.t1.micro or cache.t2.* cache nodes number 0 no
snapshot_window The daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. The minimum maintenance window is a 60 minute period. Example: 05:00-09:00 string "03:00-05:00" no
subnets The subnets where the redis cluster is deployed list(string) [] no
transit_encryption_enabled (Optional) Whether to enable encryption in transit bool true no
vpc_id The vpc where we will put the redis cluster string "" no

Outputs

Name Description
auth_token_password Elasticache-redis auth token password(this password may be old, because Terraform doesn't track it after initial creation)
elastic_cache_redis_cluster_id ID of the elasticache-redis cluster
elastic_cache_redis_endpoint Elasticache-redis cluster primary endpoint address
elastic_cache_redis_port Port number of Redis
elastic_cache_redis_primary_endpoint_address Primary endpoint address of redis
elastic_cache_redis_security_group The security group ID of the cluster
elastic_cache_redis_subnet_group_name Subnet group name of the elasticache_redis cluster

Contribution & Issue Reporting

To contribute to a project, you can typically:

  1. Find the repository on a platform like GitHub
  2. Fork the repository to your own account
  3. Make changes to the code
  4. Submit a pull request to the original repository

To report an issue with a project:

  1. Check the repository's issue tracker on GitHub
  2. Search to see if the issue has already been reported
  3. If you can't find an answer to your question in the documentation or issue tracker, you can ask a question by creating a new issue. Be sure to provide enough context and details so others can understand your problem.
  4. Contributing to the project can be a great way to get involved and get help. The maintainers and other contributors may be more likely to help you if you're already making contributions to the project.

Our Other Projects

We have a number of other projects that you might be interested in:

  1. terraform-aws-vpc: Terraform module to create Networking resources for workload deployment on AWS Cloud.

  2. terraform-aws-keypair: Terraform module which creates EC2 key pair on AWS. The private key will be stored on SSM.

    Follow Us:

    To stay updated on our projects and future release, follow us on GitHub, LinkedIn

    By joining our both the email and Slack community, you can benefit from the different ways in which we provide support. You can receive timely notifications and updates through email and engage in real-time conversations and discussions with other members through Slack. This combination of resources can help you stay informed, get help when you need it, and contribute to the project in a meaningful way.

Security, Validation and pull-requests

we have offered here high standard, quality code. Hence we are using several pre-commit hooks and GitHub Actions as a workflow. So here we will create pull-requests to any branch and validate the request automatically using pre-commit tool.

License

Apache License, Version 2.0, January 2004 (http://www.apache.org/licenses/).

Support Us

To support a GitHub project by liking it, you can follow these steps:

  1. Visit the repository: Navigate to the GitHub repository.

  2. Click the "Star" button: On the repository page, you'll see a "Star" button in the upper right corner. Clicking on it will star the repository, indicating your support for the project.

  3. Optionally, you can also leave a comment on the repository or open an issue to give feedback or suggest changes.

Starring a repository on GitHub is a simple way to show your support and appreciation for the project. It also helps to increase the visibility of the project and make it more discoverable to others.

Who we are

We believe that the key to success in the digital age is the ability to deliver value quickly and reliably. That’s why we offer a comprehensive range of DevOps & Cloud services designed to help your organization optimize its systems & Processes for speed and agility.

  1. We are an AWS Advanced consulting partner which reflects our deep expertise in AWS Cloud and helping 100+ clients over the last 4 years.
  2. Expertise in Kubernetes and overall container solution helps companies expedite their journey by 10X.
  3. Infrastructure Automation is a key component to the success of our Clients and our Expertise helps deliver the same in the shortest time.
  4. DevSecOps as a service to implement security within the overall DevOps process and helping companies deploy securely and at speed.
  5. Platform engineering which supports scalable,Cost efficient infrastructure that supports rapid development, testing, and deployment.
  6. 24*7 SRE service to help you Monitor the state of your infrastructure and eradicate any issue within the SLA.

We provide support on all of our projects, no matter how small or large they may be.

You can find more information about our company on this squareops.com, follow us on linkdin, or fill out a job application. If you have any questions or would like assistance with your cloud strategy and implementation, please don't hesitate to contact us.

About

Terraform module for simplified provisioning and management of AWS ElastiCache Redis.

squareops.com

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • HCL 100.0%