diff --git a/README.yaml b/README.yaml index 12299e8..8c4a37e 100644 --- a/README.yaml +++ b/README.yaml @@ -62,7 +62,6 @@ usage : |- automatic_failover_enabled = false multi_az_enabled = false num_cache_clusters = 1 - replicas_per_node_group = 1 retention_in_days = 0 snapshot_retention_limit = 7 @@ -112,7 +111,6 @@ usage : |- node_type = "cache.t2.micro" subnet_ids = module.subnets.public_subnet_id availability_zones = ["eu-west-1a", "eu-west-1b"] - replicas_per_node_group = 2 num_cache_nodes = 1 snapshot_retention_limit = 7 automatic_failover_enabled = true diff --git a/_example/memcached/main.tf b/_example/memcached/main.tf index eb9d138..7ae9ae3 100644 --- a/_example/memcached/main.tf +++ b/_example/memcached/main.tf @@ -59,7 +59,6 @@ module "memcached" { memcached_route53_record_enabled = true engine = "memcached" engine_version = "1.6.17" - family = "memcached1.5" parameter_group_name = "" az_mode = "cross-az" port = 11211 @@ -81,4 +80,4 @@ module "memcached" { route53_type = "CNAME" route53_zone_id = "SERFxxxx6XCsY9Lxxxxx" -} \ No newline at end of file +} diff --git a/_example/memcached/outputs.tf b/_example/memcached/outputs.tf index 9842a51..b0bfc3e 100644 --- a/_example/memcached/outputs.tf +++ b/_example/memcached/outputs.tf @@ -1,5 +1,5 @@ output "id" { - value = module.memcached.*.id + value = module.memcached[*].id description = "memcached id." } @@ -21,4 +21,4 @@ output "hostname" { output "redis_ssm_arn" { value = module.memcached.Memcached_ssm_name description = "A map of the names and ARNs created" -} \ No newline at end of file +} diff --git a/_example/redis-cluster/main.tf b/_example/redis-cluster/main.tf index 6b0d02c..c174e86 100644 --- a/_example/redis-cluster/main.tf +++ b/_example/redis-cluster/main.tf @@ -64,7 +64,6 @@ module "redis-cluster" { node_type = "cache.t2.micro" subnet_ids = module.subnets.public_subnet_id availability_zones = ["eu-west-1a", "eu-west-1b"] - replicas_per_node_group = 2 num_cache_nodes = 1 snapshot_retention_limit = 7 automatic_failover_enabled = true diff --git a/_example/redis-cluster/outputs.tf b/_example/redis-cluster/outputs.tf index 14a5e55..e50332d 100644 --- a/_example/redis-cluster/outputs.tf +++ b/_example/redis-cluster/outputs.tf @@ -9,7 +9,7 @@ output "tags" { } output "redis_endpoint" { - value = module.redis-cluster.*.redis_endpoint + value = module.redis-cluster[*].redis_endpoint description = "Redis endpoint address." } @@ -21,4 +21,4 @@ output "hostname" { output "redis_ssm_arn" { value = module.redis-cluster.redis_ssm_name description = "A map of the names and ARNs created" -} \ No newline at end of file +} diff --git a/_example/redis/main.tf b/_example/redis/main.tf index 3465bba..cbc57ce 100644 --- a/_example/redis/main.tf +++ b/_example/redis/main.tf @@ -68,7 +68,6 @@ module "redis" { automatic_failover_enabled = false multi_az_enabled = false num_cache_clusters = 1 - replicas_per_node_group = 1 retention_in_days = 0 snapshot_retention_limit = 7 diff --git a/_example/redis/outputs.tf b/_example/redis/outputs.tf index dd5dde8..83e5716 100644 --- a/_example/redis/outputs.tf +++ b/_example/redis/outputs.tf @@ -1,5 +1,5 @@ output "id" { - value = module.redis.*.id + value = module.redis[*].id description = "Redis cluster id." } @@ -14,12 +14,12 @@ output "redis_endpoint" { } output "sg_id" { - value = module.redis.*.sg_id + value = module.redis[*].sg_id description = "of the security group id." } output "hostname" { - value = module.redis.*.hostname + value = module.redis[*].hostname description = "DNS hostname" } @@ -27,4 +27,4 @@ output "hostname" { output "redis_ssm_arn" { value = module.redis.redis_ssm_name description = "A map of the names and ARNs created" -} \ No newline at end of file +} diff --git a/main.tf b/main.tf index 00f607b..fa04ec5 100644 --- a/main.tf +++ b/main.tf @@ -29,12 +29,6 @@ resource "aws_security_group" "default" { } } -data "aws_security_group" "existing" { - count = var.is_external ? 1 : 0 - id = var.existing_sg_id - vpc_id = var.vpc_id -} - ##---------------------------------------------------------------------------------- ## Below resources will create SECURITY-GROUP-RULE and its components. ##---------------------------------------------------------------------------------- @@ -48,7 +42,7 @@ resource "aws_security_group_rule" "egress" { to_port = 65535 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } #tfsec:ignore:aws-ec2-no-public-egress-sgr resource "aws_security_group_rule" "egress_ipv6" { @@ -60,7 +54,7 @@ resource "aws_security_group_rule" "egress_ipv6" { to_port = 65535 protocol = "-1" ipv6_cidr_blocks = ["::/0"] - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } resource "aws_security_group_rule" "ingress" { count = length(var.allowed_ip) > 0 == true && length(var.sg_ids) < 1 ? length(compact(var.allowed_ports)) : 0 @@ -71,7 +65,7 @@ resource "aws_security_group_rule" "ingress" { to_port = element(var.allowed_ports, count.index) protocol = var.protocol cidr_blocks = var.allowed_ip - security_group_id = join("", aws_security_group.default.*.id) + security_group_id = join("", aws_security_group.default[*].id) } ##---------------------------------------------------------------------------------- @@ -95,7 +89,7 @@ resource "aws_kms_alias" "default" { count = var.kms_key_enabled && var.kms_key_id == "" ? 1 : 0 name = coalesce(var.alias, format("alias/%v", module.labels.id)) - target_key_id = var.kms_key_id == "" ? join("", aws_kms_key.default.*.id) : var.kms_key_id + target_key_id = var.kms_key_id == "" ? join("", aws_kms_key.default[*].id) : var.kms_key_id } ##---------------------------------------------------------------------------------- @@ -113,7 +107,7 @@ data "aws_iam_policy_document" "default" { identifiers = [ format( "arn:%s:iam::%s:root", - join("", data.aws_partition.current.*.partition), + join("", data.aws_partition.current[*].partition), data.aws_caller_identity.current.account_id ) ] @@ -157,8 +151,8 @@ resource "aws_elasticache_replication_group" "cluster" { parameter_group_name = var.parameter_group_name node_type = var.node_type automatic_failover_enabled = var.automatic_failover_enabled - subnet_group_name = join("", aws_elasticache_subnet_group.default.*.name) - security_group_ids = length(var.sg_ids) < 1 ? aws_security_group.default.*.id : var.sg_ids + subnet_group_name = join("", aws_elasticache_subnet_group.default[*].name) + security_group_ids = length(var.sg_ids) < 1 ? aws_security_group.default[*].id : var.sg_ids security_group_names = var.security_group_names snapshot_arns = var.snapshot_arns snapshot_name = var.snapshot_name @@ -172,7 +166,7 @@ resource "aws_elasticache_replication_group" "cluster" { transit_encryption_enabled = var.transit_encryption_enabled multi_az_enabled = var.multi_az_enabled auth_token = var.auth_token - kms_key_id = var.kms_key_id == "" ? join("", aws_kms_key.default.*.arn) : var.kms_key_id + kms_key_id = var.kms_key_id == "" ? join("", aws_kms_key.default[*].arn) : var.kms_key_id tags = module.labels.tags num_cache_clusters = var.num_cache_clusters @@ -180,7 +174,7 @@ resource "aws_elasticache_replication_group" "cluster" { for_each = var.log_delivery_configuration content { - destination = lookup(log_delivery_configuration.value, "destination", join("", aws_cloudwatch_log_group.default.*.name)) + destination = lookup(log_delivery_configuration.value, "destination", join("", aws_cloudwatch_log_group.default[*].name)) destination_type = lookup(log_delivery_configuration.value, "destination_type", null) log_format = lookup(log_delivery_configuration.value, "log_format", null) log_type = lookup(log_delivery_configuration.value, "log_type", null) @@ -201,8 +195,8 @@ resource "aws_elasticache_cluster" "default" { az_mode = var.az_mode parameter_group_name = var.parameter_group_name node_type = var.node_type - subnet_group_name = join("", aws_elasticache_subnet_group.default.*.name) - security_group_ids = length(var.sg_ids) < 1 ? aws_security_group.default.*.id : var.sg_ids + subnet_group_name = join("", aws_elasticache_subnet_group.default[*].name) + security_group_ids = length(var.sg_ids) < 1 ? aws_security_group.default[*].id : var.sg_ids snapshot_arns = var.snapshot_arns snapshot_name = var.snapshot_name notification_topic_arn = var.notification_topic_arn @@ -238,7 +232,7 @@ resource "aws_ssm_parameter" "secret" { description = var.ssm_parameter_description type = var.ssm_parameter_type value = var.auth_token - key_id = var.kms_key_id == "" ? join("", aws_kms_key.default.*.arn) : var.kms_key_id + key_id = var.kms_key_id == "" ? join("", aws_kms_key.default[*].arn) : var.kms_key_id } ##---------------------------------------------------------------------------------- @@ -251,7 +245,7 @@ resource "aws_ssm_parameter" "secret-endpoint" { description = var.ssm_parameter_description type = var.ssm_parameter_type value = var.automatic_failover_enabled ? [join("", aws_elasticache_replication_group.cluster[*].configuration_endpoint_address)][0] : [join("", aws_elasticache_replication_group.cluster[*].primary_endpoint_address)][0] - key_id = var.kms_key_id == "" ? join("", aws_kms_key.default.*.arn) : var.kms_key_id + key_id = var.kms_key_id == "" ? join("", aws_kms_key.default[*].arn) : var.kms_key_id } ##---------------------------------------------------------------------------------- @@ -264,7 +258,7 @@ resource "aws_route53_record" "memcached_route_53" { zone_id = var.route53_zone_id type = var.route53_type ttl = var.route53_ttl - records = aws_elasticache_cluster.default.*.configuration_endpoint + records = aws_elasticache_cluster.default[*].configuration_endpoint } ##---------------------------------------------------------------------------------- @@ -276,6 +270,6 @@ resource "aws_ssm_parameter" "memcached_secret-endpoint" { name = format("/%s/%s/memcached-endpoint", var.environment, var.name) description = var.ssm_parameter_description type = var.ssm_parameter_type - value = join("", aws_elasticache_cluster.default.*.configuration_endpoint) - key_id = var.kms_key_id == "" ? join("", aws_kms_key.default.*.arn) : var.kms_key_id -} \ No newline at end of file + value = join("", aws_elasticache_cluster.default[*].configuration_endpoint) + key_id = var.kms_key_id == "" ? join("", aws_kms_key.default[*].arn) : var.kms_key_id +} diff --git a/outputs.tf b/outputs.tf index bb91d15..a8b4a59 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,7 +1,7 @@ # Module : Redis # Description : Terraform module to create Elasticache Cluster and replica for Redis. output "id" { - value = var.cluster_enabled ? "" : (var.cluster_replication_enabled ? join("", aws_elasticache_replication_group.cluster.*.id) : join("", aws_elasticache_replication_group.cluster.*.id)) + value = var.cluster_enabled ? "" : (var.cluster_replication_enabled ? join("", aws_elasticache_replication_group.cluster[*].id) : join("", aws_elasticache_replication_group.cluster[*].id)) description = "Redis cluster id." } @@ -17,7 +17,7 @@ output "tags" { } output "redis_endpoint" { - value = var.cluster_replication_enabled ? "" : (var.cluster_replication_enabled ? join("", aws_elasticache_replication_group.cluster.*.primary_endpoint_address) : join("", aws_elasticache_cluster.default.*.configuration_endpoint)) + value = var.cluster_replication_enabled ? "" : (var.cluster_replication_enabled ? join("", aws_elasticache_replication_group.cluster[*].primary_endpoint_address) : join("", aws_elasticache_cluster.default[*].configuration_endpoint)) description = "Redis endpoint address." } @@ -27,7 +27,7 @@ output "redis_arn" { } output "memcached_endpoint" { - value = var.cluster_enabled ? join("", aws_elasticache_cluster.default.*.configuration_endpoint) : "" + value = var.cluster_enabled ? join("", aws_elasticache_cluster.default[*].configuration_endpoint) : "" description = "Memcached endpoint address." } @@ -37,25 +37,25 @@ output "memcached_arn" { } output "sg_id" { - value = join("", aws_security_group.default.*.id) + value = join("", aws_security_group.default[*].id) } output "hostname" { - value = join("", aws_route53_record.elasticache.*.fqdn) + value = join("", aws_route53_record.elasticache[*].fqdn) description = "DNS hostname" } output "memcached_hostname" { - value = join("", aws_route53_record.memcached_route_53.*.fqdn) + value = join("", aws_route53_record.memcached_route_53[*].fqdn) description = "DNS hostname" } output "redis_ssm_name" { - value = join("", aws_ssm_parameter.secret-endpoint.*.name) + value = join("", aws_ssm_parameter.secret-endpoint[*].name) description = "A list of all of the parameter values" } output "Memcached_ssm_name" { - value = join("", aws_ssm_parameter.memcached_secret-endpoint.*.name) + value = join("", aws_ssm_parameter.memcached_secret-endpoint[*].name) description = "A list of all of the parameter values" } diff --git a/variables.tf b/variables.tf index 185950e..591ec78 100644 --- a/variables.tf +++ b/variables.tf @@ -29,12 +29,6 @@ variable "label_order" { description = "Label order, e.g. `name`,`application`." } -variable "attributes" { - type = list(any) - default = [] - description = "Additional attributes (e.g. `1`)." -} - variable "extra_tags" { type = map(string) default = {} @@ -59,13 +53,6 @@ variable "engine" { description = "The name of the cache engine to be used for the clusters in this replication group. e.g. redis." } -variable "replication_group_id" { - type = string - default = "" - description = "The replication group identifier This parameter is stored as a lowercase string." - sensitive = true -} - variable "automatic_failover_enabled" { type = bool default = true @@ -92,11 +79,13 @@ variable "node_type" { } variable "security_group_names" { + type = list(string) default = null description = "A list of cache security group names to associate with this replication group." } variable "snapshot_arns" { + type = list(string) default = null description = "A single-element string list containing an Amazon Resource Name (ARN) of a Redis RDB snapshot file stored in Amazon S3." } @@ -192,12 +181,6 @@ variable "auth_token" { description = "The password used to access a password protected server. Can be specified only if transit_encryption_enabled = true." } -variable "family" { - type = string - default = "" - description = "(Required) The family of the ElastiCache parameter group." -} - variable "cluster_replication_enabled" { type = bool default = false @@ -224,12 +207,6 @@ variable "az_mode" { description = "(Memcached only) Specifies whether the nodes in this Memcached node group are created in a single Availability Zone or created across multiple Availability Zones in the cluster's region. Valid values for this parameter are single-az or cross-az, default is single-az. If you want to choose cross-az, num_cache_nodes must be greater than 1." } -variable "replicas_per_node_group" { - type = number - default = 2 - description = "Replicas per Shard." -} - variable "parameter_group_name" { type = string default = "default.redis5.0" @@ -432,11 +409,6 @@ variable "route53_zone_id" { ###------------------------------- ssm_parameter---------------------------- -variable "ssm_parameter_enabled" { - type = bool - default = true - description = "Name of the parameter." -} variable "ssm_parameter_endpoint_enabled" { type = bool default = false @@ -460,9 +432,3 @@ variable "ssm_parameter_type" { default = "SecureString" description = "Type of the parameter." } - -variable "ssm_paramete_kms_key_id" { - type = string - default = "" - description = "KMS key ID or ARN for encrypting a SecureString." -} \ No newline at end of file