diff --git a/README.md b/README.md index 1cde835..f7e9484 100644 --- a/README.md +++ b/README.md @@ -1,14 +1,20 @@ # [Google Cloud Memorystore Terraform Module](https://registry.terraform.io/modules/terraform-google-modules/memorystore/google/) -A Terraform module for creating a fully functional Google Memorystore (redis) instance. +A Terraform module for creating a fully functional Google Memorystore Redis instance. For Memcache and Redis Cluster see [sub-modules](./modules/) ## Compatibility -This module is meant for use with Terraform 0.13+ and tested using Terraform 1.0+. If you find incompatibilities using Terraform >=0.13, please open an issue. +This module is meant for use with Terraform 1.3+ and tested using Terraform 1.3+. If you find incompatibilities using Terraform >=1.3, please open an issue. If you haven't [upgraded](https://www.terraform.io/upgrade-guides/0-13.html) and need a Terraform 0.12.x-compatible version of this module, the last released version intended for Terraform 0.12.x is [v2.0.0](https://registry.terraform.io/modules/terraform-google-modules/-memorystore/google/v2.0.0). +## Version + +Current version is 8.0. Upgrade guides: + +- [7.X -> 8.0](/docs/upgrading_to_v8.0.md) + ## Usage Check the [examples/](./examples/) directory for more. @@ -16,10 +22,12 @@ Check the [examples/](./examples/) directory for more. ```hcl module "memorystore" { source = "terraform-google-modules/memorystore/google" - version = "4.0.0" + version = "~> 8.0" - name = "my-memorystore" - project = "my-gcp-project" + name = "memorystore" + project = "memorystore" + memory_size_gb = "1" + enable_apis = "true" } ``` @@ -68,16 +76,28 @@ module "memorystore" { -## File structure +## Requirements + +These sections describe requirements for using this module. + +### Software + +The following dependencies must be available: + +- [Terraform][terraform] v1.3+ +- [Terraform Provider for GCP][terraform-provider-gcp] plugin v4.74+ + +### Service Account + +Following roles contain permissions to deploy resource. + +- Cloud Memorystore Redis Admin: `roles/redis.admin` + +### Enable API's +In order to operate with the Service Account you must activate the following API on the project where the Service Account was created: + +- Compute Engine API - `redis.googleapis.com` -The project has the following folders and files: +## Contributing -- /: root folder -- /examples: examples for using this module -- /scripts: Scripts for specific tasks on module (see Infrastructure section on this file) -- /test: Folders with files for testing the module (see Testing section on this file) -- /helpers: Optional helper scripts for ease of use -- /main.tf: main file for this module, contains all the resources to create -- /variables.tf: all the variables for the module -- /output.tf: the outputs of the module -- /readme.md: this file +Refer to the [contribution guidelines](./CONTRIBUTING.md) for information on contributing to this module. diff --git a/build/int.cloudbuild.yaml b/build/int.cloudbuild.yaml index 10ce80d..81a6331 100644 --- a/build/int.cloudbuild.yaml +++ b/build/int.cloudbuild.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -timeout: 3600s +timeout: 4200s steps: - id: swap-module-refs name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS' diff --git a/docs/upgrading_to_v8.0.md b/docs/upgrading_to_v8.0.md new file mode 100644 index 0000000..668deb0 --- /dev/null +++ b/docs/upgrading_to_v8.0.md @@ -0,0 +1,5 @@ +# Upgrading to v8.0.0 + +The v8.0 release contains backwards-incompatible changes. + +This update requires upgrading the minimum provider version to `4.74`. diff --git a/examples/basic/memorystore.tf b/examples/basic/memorystore.tf index feded4c..5dcf742 100644 --- a/examples/basic/memorystore.tf +++ b/examples/basic/memorystore.tf @@ -16,7 +16,7 @@ module "memorystore" { source = "terraform-google-modules/memorystore/google" - version = "~> 7.0" + version = "~> 8.0" name = "memorystore" project = "memorystore" diff --git a/examples/basic/versions.tf b/examples/basic/versions.tf deleted file mode 100644 index 42dbd4f..0000000 --- a/examples/basic/versions.tf +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - required_version = ">= 0.13" - required_providers { - google = { - source = "hashicorp/google" - } - } -} diff --git a/examples/memcache/main.tf b/examples/memcache/main.tf index c1ff6ad..f74da8b 100644 --- a/examples/memcache/main.tf +++ b/examples/memcache/main.tf @@ -26,7 +26,7 @@ module "private-service-access" { module "memcache" { source = "terraform-google-modules/memorystore/google//modules/memcache" - version = "~> 7.0" + version = "~> 8.0" name = "example-memcache" project = var.project_id diff --git a/examples/minimal/main.tf b/examples/minimal/main.tf index 0e53fa5..f2e9dfb 100644 --- a/examples/minimal/main.tf +++ b/examples/minimal/main.tf @@ -16,7 +16,7 @@ module "memstore" { source = "terraform-google-modules/memorystore/google" - version = "~> 7.0" + version = "~> 8.0" name = "test-minimal" project = var.project_id diff --git a/examples/redis-cluster/README.md b/examples/redis-cluster/README.md new file mode 100644 index 0000000..1ed8efc --- /dev/null +++ b/examples/redis-cluster/README.md @@ -0,0 +1,26 @@ +# Redis Test + +This test will create a new redis cluster. + + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| project\_id | Google cloud project id to create redis cluster. | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| authorization\_mode | The redis cluster authorization mode | +| cluster\_id | The redis cluster instance ID | +| cluster\_name | The redis cluster name | +| cluster\_region | The redis cluster region | +| project\_id | The redis cluster Project ID | +| replica\_count | The redis cluster replica count | +| shard\_count | The redis cluster shard count | +| size\_gb | The redis cluster size | +| transit\_encryption\_mode | The redis cluster transit encryption mode | + + diff --git a/examples/redis-cluster/iam.tf b/examples/redis-cluster/iam.tf new file mode 100644 index 0000000..91e1dfb --- /dev/null +++ b/examples/redis-cluster/iam.tf @@ -0,0 +1,31 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +## Enable Service Identity and assign Network Connectivity Service Agent role +## https://cloud.google.com/vpc/docs/configure-service-connection-policies#configure-service-project + +resource "google_project_service_identity" "network_connectivity_sa" { + provider = google-beta + + project = var.project_id + service = "networkconnectivity.googleapis.com" +} + +resource "google_project_iam_member" "network_connectivity_sa" { + project = var.project_id + role = "roles/networkconnectivity.serviceAgent" + member = "serviceAccount:${google_project_service_identity.network_connectivity_sa.email}" +} diff --git a/examples/redis-cluster/main.tf b/examples/redis-cluster/main.tf new file mode 100644 index 0000000..03c93a3 --- /dev/null +++ b/examples/redis-cluster/main.tf @@ -0,0 +1,37 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +module "redis_cluster" { + source = "terraform-google-modules/memorystore/google//modules/redis-cluster" + version = "~> 8.0" + + name = "test-redis-cluster" + project = var.project_id + region = "us-central1" + network = ["projects/${var.project_id}/global/networks/${local.network_name}"] + + service_connection_policies = { + test-net-redis-cluster-scp = { + network_name = local.network_name + network_project = var.project_id + subnet_names = [ + "subnet-100", + "subnet-101", + ] + } + } + depends_on = [module.test_vpc] +} diff --git a/examples/redis-cluster/network.tf b/examples/redis-cluster/network.tf new file mode 100644 index 0000000..53078b9 --- /dev/null +++ b/examples/redis-cluster/network.tf @@ -0,0 +1,45 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +locals { + network_name = "test-net-redis-cluster" +} + +module "test_vpc" { + source = "terraform-google-modules/network/google" + version = "~> 8.0" + project_id = var.project_id + network_name = local.network_name + mtu = 1460 + + subnets = [ + { + subnet_name = "subnet-100" + subnet_ip = "10.10.100.0/24" + subnet_region = "us-central1" + }, + { + subnet_name = "subnet-101" + subnet_ip = "10.10.101.0/24" + subnet_region = "us-central1" + }, + { + subnet_name = "subnet-102" + subnet_ip = "10.10.102.0/24" + subnet_region = "us-east1" + }, + ] +} diff --git a/examples/redis-cluster/outputs.tf b/examples/redis-cluster/outputs.tf new file mode 100644 index 0000000..b58e632 --- /dev/null +++ b/examples/redis-cluster/outputs.tf @@ -0,0 +1,60 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "project_id" { + description = "The redis cluster Project ID" + value = var.project_id +} + +output "cluster_id" { + description = "The redis cluster instance ID" + value = module.redis_cluster.id +} + +output "size_gb" { + description = "The redis cluster size" + value = module.redis_cluster.redis_cluster.size_gb +} + +output "cluster_region" { + description = "The redis cluster region" + value = module.redis_cluster.redis_cluster.region +} + +output "replica_count" { + description = "The redis cluster replica count" + value = module.redis_cluster.redis_cluster.replica_count +} + +output "transit_encryption_mode" { + description = "The redis cluster transit encryption mode" + value = module.redis_cluster.redis_cluster.transit_encryption_mode +} + +output "cluster_name" { + description = "The redis cluster name" + value = module.redis_cluster.redis_cluster.name +} + +output "shard_count" { + description = "The redis cluster shard count" + value = module.redis_cluster.redis_cluster.shard_count +} + +output "authorization_mode" { + description = "The redis cluster authorization mode" + value = module.redis_cluster.redis_cluster.authorization_mode +} diff --git a/examples/minimal/versions.tf b/examples/redis-cluster/variables.tf similarity index 79% rename from examples/minimal/versions.tf rename to examples/redis-cluster/variables.tf index 2970427..c08e2e5 100644 --- a/examples/minimal/versions.tf +++ b/examples/redis-cluster/variables.tf @@ -1,5 +1,5 @@ /** - * Copyright 2019 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,6 +14,7 @@ * limitations under the License. */ -terraform { - required_version = ">= 0.12" +variable "project_id" { + description = "Google cloud project id to create redis cluster." + type = string } diff --git a/examples/redis/main.tf b/examples/redis/main.tf index a2b86ff..dcb250c 100644 --- a/examples/redis/main.tf +++ b/examples/redis/main.tf @@ -16,7 +16,7 @@ module "memstore" { source = "terraform-google-modules/memorystore/google" - version = "~> 7.0" + version = "~> 8.0" name = "test-redis" diff --git a/examples/redis/versions.tf b/examples/redis/versions.tf deleted file mode 100644 index 2970427..0000000 --- a/examples/redis/versions.tf +++ /dev/null @@ -1,19 +0,0 @@ -/** - * Copyright 2019 Google LLC - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -terraform { - required_version = ">= 0.12" -} diff --git a/main.tf b/main.tf index 647b95c..dcb98aa 100644 --- a/main.tf +++ b/main.tf @@ -66,10 +66,6 @@ resource "google_redis_instance" "default" { rdb_snapshot_period = persistence_config.value["rdb_snapshot_period"] } } - - lifecycle { - ignore_changes = [maintenance_schedule] - } } module "enable_apis" { @@ -79,6 +75,7 @@ module "enable_apis" { project_id = var.project enable_apis = var.enable_apis disable_services_on_destroy = false + disable_dependent_services = false activate_apis = [ "redis.googleapis.com", diff --git a/modules/memcache/main.tf b/modules/memcache/main.tf index ceb5ddc..a20079a 100644 --- a/modules/memcache/main.tf +++ b/modules/memcache/main.tf @@ -65,6 +65,9 @@ module "enable_apis" { project_id = var.project enable_apis = var.enable_apis + disable_services_on_destroy = false + disable_dependent_services = false + activate_apis = [ "memcache.googleapis.com", ] diff --git a/modules/redis-cluster/README.md b/modules/redis-cluster/README.md new file mode 100644 index 0000000..4228ca0 --- /dev/null +++ b/modules/redis-cluster/README.md @@ -0,0 +1,85 @@ +# Memorystore Redis Cluster Terraform Module + +A Terraform module for creating Google [Memorystore Redis Cluster](https://cloud.google.com/memorystore/docs/cluster/memorystore-for-redis-cluster-overview). It can also create [service connection policies](https://cloud.google.com/vpc/docs/about-service-connection-policies). You can also create service connection policy outside of this module. If you are not creating service connection policy as part of this module then make sure they exist before creating redis cluster. You can find more details [here](https://cloud.google.com/memorystore/docs/cluster/networking) + +## Compatibility +This module is meant for use with Terraform 1.3+ and tested using Terraform 1.3+. If you find incompatibilities using Terraform >=1.3, please open an issue. + +## Usage + +``` +module "redis_cluster" { + source = "terraform-google-modules/memorystore/google//modules/redis-cluster" + version = "~> 8.0" + + name = "test-redis-cluster" + project = var.project_id + region = "us-central1" + network = ["projects/${var.project_id}/global/networks/${local.network_name}"] + + service_connection_policies = { + test-net-redis-cluster-scp = { + network_name = local.network_name + network_project = var.project_id + subnet_names = [ + "subnet-100", + "subnet-101", + ] + } + } +} +``` + + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| authorization\_mode | The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. Default value is AUTH\_MODE\_DISABLED. Possible values are: AUTH\_MODE\_UNSPECIFIED, AUTH\_MODE\_IAM\_AUTH, AUTH\_MODE\_DISABLED | `string` | `"AUTH_MODE_DISABLED"` | no | +| enable\_apis | Flag for enabling memcache.googleapis.com in your project | `bool` | `true` | no | +| name | The ID of the instance or a fully qualified identifier for the instance. must be 1 to 63 characters and use only lowercase letters, numbers, or hyphens. It must start with a lowercase letter and end with a lowercase letter or number | `string` | n/a | yes | +| network | List of consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network\_project\_id\_or\_number}/global/networks/{network\_id}. Currently, only one item is supported | `list(string)` | n/a | yes | +| project | The ID of the project in which the resource belongs to. | `string` | n/a | yes | +| region | The name of the region of the Redis cluster | `string` | n/a | yes | +| replica\_count | The number of replica nodes per shard. Each shard can have 0, 1, or 2 replica nodes. Replicas provide high availability and additional read throughput, and are evenly distributed across zones | `number` | `0` | no | +| service\_connection\_policies | The Service Connection Policies to create | 
map(object({
    description     = optional(string)
    network_name    = string
    network_project = string
    subnet_names    = list(string)
    limit           = optional(number)
    labels          = optional(map(string), {})
  }))
| `{}` | no | +| shard\_count | Required. Number of shards for the Redis cluster. The minimum number of shards in a Memorystore cluster is 3 shards | `number` | `3` | no | +| transit\_encryption\_mode | The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. Default value is TRANSIT\_ENCRYPTION\_MODE\_DISABLED. Possible values are: TRANSIT\_ENCRYPTION\_MODE\_UNSPECIFIED, TRANSIT\_ENCRYPTION\_MODE\_DISABLED, TRANSIT\_ENCRYPTION\_MODE\_SERVER\_AUTHENTICATION | `string` | `"TRANSIT_ENCRYPTION_MODE_DISABLED"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| discovery\_endpoints | Endpoints created on each given network, for Redis clients to connect to the cluster. Currently only one endpoint is supported | +| id | The redis cluster instance ID | +| psc\_connections | PSC connections for discovery of the cluster topology and accessing the cluster | +| redis\_cluster | The redis cluster created | + + + +## Requirements + +These sections describe requirements for using this module. + +### Software + +The following dependencies must be available: + +- [Terraform][terraform] v1.3+ +- [Terraform Provider for GCP][terraform-provider-gcp] plugin v4.74+ + +### Service Account + +Following roles contain permissions to deploy resource. + +- Cloud Memorystore Redis Admin: `roles/redis.admin` +- Compute Network Admin: `roles/compute.networkAdmin` + +### Enable API's +In order to operate with the Service Account you must activate the following API on the project where the Service Account was created: + +- Memorystore for Redis API - `redis.googleapis.com` +- Service Consumer Management API - `serviceconsumermanagement.googleapis.com` +- Network Connectivity API - `networkconnectivity.googleapis.com` +- Compute Engine API - `compute.googleapis.com` + diff --git a/modules/redis-cluster/main.tf b/modules/redis-cluster/main.tf new file mode 100644 index 0000000..e68743f --- /dev/null +++ b/modules/redis-cluster/main.tf @@ -0,0 +1,74 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +resource "google_redis_cluster" "redis_cluster" { + project = var.project + name = var.name + shard_count = var.shard_count + region = var.region + replica_count = var.replica_count + transit_encryption_mode = var.transit_encryption_mode + authorization_mode = var.authorization_mode + + dynamic "psc_configs" { + for_each = var.network + content { + network = psc_configs.value + } + } + + depends_on = [ + google_network_connectivity_service_connection_policy.service_connection_policies, + module.enable_apis, + ] + +} + +resource "google_network_connectivity_service_connection_policy" "service_connection_policies" { + for_each = var.service_connection_policies + project = each.value.network_project + name = each.key + location = var.region + service_class = "gcp-memorystore-redis" + description = lookup(each.value, "description", null) + network = "projects/${each.value.network_project}/global/networks/${each.value.network_name}" + labels = each.value.labels + + psc_config { + subnetworks = [for x in each.value.subnet_names : "projects/${each.value.network_project}/regions/${var.region}/subnetworks/${x}"] + limit = lookup(each.value, "limit", null) + } + +} + + +module "enable_apis" { + source = "terraform-google-modules/project-factory/google//modules/project_services" + version = "~> 14.0" + + project_id = var.project + enable_apis = var.enable_apis + + disable_services_on_destroy = false + disable_dependent_services = false + + activate_apis = [ + "redis.googleapis.com", + "serviceconsumermanagement.googleapis.com", + "networkconnectivity.googleapis.com", + "compute.googleapis.com", + ] +} diff --git a/modules/redis-cluster/outputs.tf b/modules/redis-cluster/outputs.tf new file mode 100644 index 0000000..226a349 --- /dev/null +++ b/modules/redis-cluster/outputs.tf @@ -0,0 +1,35 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +output "id" { + description = "The redis cluster instance ID" + value = google_redis_cluster.redis_cluster.id +} + +output "discovery_endpoints" { + description = "Endpoints created on each given network, for Redis clients to connect to the cluster. Currently only one endpoint is supported" + value = google_redis_cluster.redis_cluster.discovery_endpoints +} + +output "psc_connections" { + description = "PSC connections for discovery of the cluster topology and accessing the cluster" + value = google_redis_cluster.redis_cluster.psc_connections +} + +output "redis_cluster" { + description = "The redis cluster created" + value = google_redis_cluster.redis_cluster +} diff --git a/modules/redis-cluster/variables.tf b/modules/redis-cluster/variables.tf new file mode 100644 index 0000000..ad62ff2 --- /dev/null +++ b/modules/redis-cluster/variables.tf @@ -0,0 +1,79 @@ +/** + * Copyright 2024 Google LLC + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +variable "name" { + description = "The ID of the instance or a fully qualified identifier for the instance. must be 1 to 63 characters and use only lowercase letters, numbers, or hyphens. It must start with a lowercase letter and end with a lowercase letter or number" + type = string +} + +variable "project" { + description = "The ID of the project in which the resource belongs to." + type = string +} + +variable "region" { + description = "The name of the region of the Redis cluster" + type = string +} + +variable "enable_apis" { + description = "Flag for enabling memcache.googleapis.com in your project" + type = bool + default = true +} + +variable "shard_count" { + description = "Required. Number of shards for the Redis cluster. The minimum number of shards in a Memorystore cluster is 3 shards" + type = number + default = 3 +} + + +variable "replica_count" { + description = "The number of replica nodes per shard. Each shard can have 0, 1, or 2 replica nodes. Replicas provide high availability and additional read throughput, and are evenly distributed across zones" + type = number + default = 0 +} + +variable "transit_encryption_mode" { + description = "The in-transit encryption for the Redis cluster. If not provided, encryption is disabled for the cluster. Default value is TRANSIT_ENCRYPTION_MODE_DISABLED. Possible values are: TRANSIT_ENCRYPTION_MODE_UNSPECIFIED, TRANSIT_ENCRYPTION_MODE_DISABLED, TRANSIT_ENCRYPTION_MODE_SERVER_AUTHENTICATION" + type = string + default = "TRANSIT_ENCRYPTION_MODE_DISABLED" +} + +variable "authorization_mode" { + description = "The authorization mode of the Redis cluster. If not provided, auth feature is disabled for the cluster. Default value is AUTH_MODE_DISABLED. Possible values are: AUTH_MODE_UNSPECIFIED, AUTH_MODE_IAM_AUTH, AUTH_MODE_DISABLED" + type = string + default = "AUTH_MODE_DISABLED" +} + +variable "network" { + description = "List of consumer network where the network address of the discovery endpoint will be reserved, in the form of projects/{network_project_id_or_number}/global/networks/{network_id}. Currently, only one item is supported" + type = list(string) +} + +variable "service_connection_policies" { + description = "The Service Connection Policies to create" + type = map(object({ + description = optional(string) + network_name = string + network_project = string + subnet_names = list(string) + limit = optional(number) + labels = optional(map(string), {}) + })) + default = {} +} diff --git a/examples/memcache/versions.tf b/modules/redis-cluster/versions.tf similarity index 59% rename from examples/memcache/versions.tf rename to modules/redis-cluster/versions.tf index 1ce0200..cceee8b 100644 --- a/examples/memcache/versions.tf +++ b/modules/redis-cluster/versions.tf @@ -1,5 +1,5 @@ /** - * Copyright 2019 Google LLC + * Copyright 2024 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,13 +15,25 @@ */ terraform { - required_version = ">= 0.13" + required_version = ">= 1.3" required_providers { + google = { - source = "hashicorp/google" + source = "hashicorp/google" + version = ">= 5.4, < 6" } google-beta = { - source = "hashicorp/google-beta" + source = "hashicorp/google-beta" + version = ">= 5.4, < 6" } } + + provider_meta "google" { + module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v7.1.3" + } + + provider_meta "google-beta" { + module_name = "blueprints/terraform/terraform-google-memorystore:redis-cluster/v7.1.3" + } + } diff --git a/test/integration/redis-cluster/redis_cluster_test.go b/test/integration/redis-cluster/redis_cluster_test.go new file mode 100755 index 0000000..48cbcf5 --- /dev/null +++ b/test/integration/redis-cluster/redis_cluster_test.go @@ -0,0 +1,50 @@ +// Copyright 2022 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package redis_cluster + +import ( + "testing" + + "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/gcloud" + "github.com/GoogleCloudPlatform/cloud-foundation-toolkit/infra/blueprint-test/pkg/tft" + "github.com/stretchr/testify/assert" +) + +func TestRedisCluster(t *testing.T) { + rc := tft.NewTFBlueprintTest(t) + + rc.DefineVerify(func(assert *assert.Assertions) { + rc.DefaultVerify(assert) + + projectId := rc.GetStringOutput("project_id") + clusterName := rc.GetStringOutput("cluster_name") + clusterRegion := rc.GetStringOutput("cluster_region") + clusterId := rc.GetStringOutput("cluster_id") + shardCount := rc.GetStringOutput("shard_count") + transitEncryptionMode := rc.GetStringOutput("transit_encryption_mode") + replicaCount := rc.GetStringOutput("replica_count") + authorizationMode := rc.GetStringOutput("authorization_mode") + + + op := gcloud.Runf(t, "redis clusters describe %s --project %s --region %s",clusterName, projectId, clusterRegion) + assert.Equal(op.Get("name").String(), clusterId) + assert.Equal(op.Get("shardCount").String(), shardCount) + assert.Equal(op.Get("transitEncryptionMode").String(), transitEncryptionMode) + assert.Equal(op.Get("replicaCount").String(), replicaCount) + assert.Equal(op.Get("authorizationMode").String(), authorizationMode) + }) + + rc.Test() +} diff --git a/test/setup/main.tf b/test/setup/main.tf index 106a870..800ba0f 100644 --- a/test/setup/main.tf +++ b/test/setup/main.tf @@ -31,6 +31,9 @@ module "project" { "serviceusage.googleapis.com", "redis.googleapis.com", "memcache.googleapis.com", + "serviceconsumermanagement.googleapis.com", + "networkconnectivity.googleapis.com", + "compute.googleapis.com", ] } diff --git a/versions.tf b/versions.tf index 375dc34..3fea31a 100644 --- a/versions.tf +++ b/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 4.38.0, < 6" + version = ">= 4.74.0, < 6" } }