Skip to content

Commit

Permalink
feat: added kms module and update module
Browse files Browse the repository at this point in the history
  • Loading branch information
@theprashantyadav
theprashantyadav committed May 22, 2023
1 parent 58586c1 commit d447dd3
Show file tree
Hide file tree
Showing 3 changed files with 123 additions and 18 deletions.
58 changes: 46 additions & 12 deletions _example/memcached/example.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,25 +43,59 @@ module "memcached-sg" {
allowed_ports = [11211]
}

module "kms_key" {
source = "clouddrove/kms/aws"
version = "1.3.0"

name = "kms"
environment = "test"
label_order = ["name", "environment"]

enabled = true
description = "KMS key for aurora"
alias = "alias/aurora"
key_usage = "ENCRYPT_DECRYPT"
customer_master_key_spec = "SYMMETRIC_DEFAULT"
deletion_window_in_days = 7
is_enabled = true
policy = data.aws_iam_policy_document.default.json
}

data "aws_iam_policy_document" "default" {
version = "2012-10-17"

statement {
sid = "Enable IAM User Permissions"
effect = "Allow"
principals {
type = "AWS"
identifiers = ["*"]
}
actions = ["kms:*"]
resources = ["*"]
}
}

module "memcached" {
source = "./../../"

name = "memcached"
environment = "test"
label_order = ["name", "environment"]

cluster_enabled = true
engine = "memcached"
engine_version = "1.5.10"
family = "memcached1.5"
parameter_group_name = ""
az_mode = "cross-az"
port = 11211
node_type = "cache.t2.micro"
num_cache_nodes = 2
subnet_ids = module.subnets.public_subnet_id
security_group_ids = [module.memcached-sg.security_group_ids]
availability_zones = ["eu-west-1a", "eu-west-1b"]
cluster_enabled = true
engine = "memcached"
engine_version = "1.5.10"
family = "memcached1.5"
parameter_group_name = ""
az_mode = "cross-az"
port = 11211
node_type = "cache.t2.micro"
num_cache_nodes = 2
kms_key_id = module.kms_key.key_arn
subnet_ids = module.subnets.public_subnet_id
security_group_ids = [module.memcached-sg.security_group_ids]
availability_zones = ["eu-west-1a", "eu-west-1b"]
extra_tags = {
Application = "CloudDrove"
}
Expand Down
43 changes: 39 additions & 4 deletions _example/redis-cluster/example.tf
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
provider "aws" {
region = "eu-west-1"
region = "us-east-1"
}

module "vpc" {
Expand All @@ -20,7 +20,7 @@ module "subnets" {
name = "subnets"
environment = "test"
label_order = ["name", "environment"]
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
availability_zones = ["us-east-1a", "us-east-1b", "us-east-1c"]
vpc_id = module.vpc.vpc_id
type = "public"
igw_id = module.vpc.igw_id
Expand All @@ -41,6 +41,40 @@ module "redis-sg" {
allowed_ports = [6379]
}

module "kms_key" {
source = "clouddrove/kms/aws"
version = "1.3.0"

name = "kms"
environment = "test"
label_order = ["name", "environment"]

enabled = true

description = "KMS key for aurora"
alias = "alias/redis-cluster"
key_usage = "ENCRYPT_DECRYPT"
customer_master_key_spec = "SYMMETRIC_DEFAULT"
deletion_window_in_days = 7
is_enabled = true
policy = data.aws_iam_policy_document.default.json
}

data "aws_iam_policy_document" "default" {
version = "2012-10-17"

statement {
sid = "Enable IAM User Permissions"
effect = "Allow"
principals {
type = "AWS"
identifiers = ["*"]
}
actions = ["kms:*"]
resources = ["*"]
}
}

module "redis-cluster" {
source = "./../../"

Expand All @@ -54,13 +88,14 @@ module "redis-cluster" {
parameter_group_name = "default.redis6.x.cluster.on"
port = 6379
node_type = "cache.t2.micro"
kms_key_id = module.kms_key.key_arn
subnet_ids = module.subnets.public_subnet_id
security_group_ids = [module.redis-sg.security_group_ids]
availability_zones = ["eu-west-1a", "eu-west-1b"]
availability_zones = ["us-east-1a", "us-east-1b"]
auto_minor_version_upgrade = true
replicas_per_node_group = 2
num_node_groups = 1
snapshot_retention_limit = 7
snapshot_retention_limit = 7
automatic_failover_enabled = true
extra_tags = {
Application = "CloudDrove"
Expand Down
40 changes: 38 additions & 2 deletions _example/redis/example.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,39 @@ module "redis-sg" {
allowed_ports = [6379]
}

module "kms_key" {
source = "clouddrove/kms/aws"
version = "1.3.0"

name = "kms"
environment = "test"
label_order = ["name", "environment"]

enabled = true
description = "KMS key for aurora"
alias = "alias/redis"
key_usage = "ENCRYPT_DECRYPT"
customer_master_key_spec = "SYMMETRIC_DEFAULT"
deletion_window_in_days = 7
is_enabled = true
policy = data.aws_iam_policy_document.default.json
}

data "aws_iam_policy_document" "default" {
version = "2012-10-17"

statement {
sid = "Enable IAM User Permissions"
effect = "Allow"
principals {
type = "AWS"
identifiers = ["*"]
}
actions = ["kms:*"]
resources = ["*"]
}
}

module "redis" {
source = "./../../"
name = "redis"
Expand All @@ -49,14 +82,17 @@ module "redis" {

replication_enabled = true
engine = "redis"
engine_version = "6.2"
parameter_group_name = "default.redis6.x"
engine_version = "7.0"
parameter_group_name = "default.redis7"
port = 6379
node_type = "cache.t2.micro"
kms_key_id = module.kms_key.key_arn
subnet_ids = module.subnets.public_subnet_id
security_group_ids = [module.redis-sg.security_group_ids]
availability_zones = ["eu-west-1a", "eu-west-1b"]
automatic_failover_enabled = true
auto_minor_version_upgrade = true
multi_az_enabled = true #Specifies whether to enable Multi-AZ Support for the replication group. If true, automatic_failover_enabled must also be enabled
num_cache_clusters = 2
retention_in_days = 0
snapshot_retention_limit = 7
Expand Down

0 comments on commit d447dd3

Please sign in to comment.