From 7f27cef8d1e2688e9bef44cc441478ba96ecd315 Mon Sep 17 00:00:00 2001 From: Lawrence McDaniel Date: Mon, 16 Jan 2023 08:13:40 -0600 Subject: [PATCH] Mcdaniel 202301 redis (#36) * add stack-level redis module * testing * testing * refactor redis to use stack-level redis cache * move kubernetes_secret service_redis to route53 * lint * add tags * documentation --- CHANGELOG.md | 7 + .../environments/modules/redis/kubernetes.tf | 4 +- .../environments/modules/redis/main.tf | 71 ------- .../environments/modules/redis/outputs.tf | 20 -- .../environments/modules/redis/route53.tf | 11 +- .../environments/modules/redis/variables.tf | 177 +--------------- .../redis/terragrunt.hcl | 54 ++--- .../stacks/modules/ec2_bastion/main.tf | 6 +- .../stacks/modules/ec2_bastion/outputs.tf | 8 +- .../stacks/modules/kubernetes/main.tf | 6 +- .../modules/kubernetes_karpenter/main.tf | 2 +- .../modules/kubernetes_karpenter/outputs.tf | 18 +- .../stacks/modules/mongodb/outputs.tf | 12 +- .../stacks/modules/redis/kubernetes.tf | 33 +++ .../terraform/stacks/modules/redis/main.tf | 59 ++++++ .../modules/redis/modules/elasticache/main.tf | 2 +- .../elasticache_parameter_group/main.tf | 7 + .../elasticache_parameter_group/outputs.tf | 0 .../elasticache_parameter_group/variables.tf | 0 .../elasticache_parameter_group/versions.tf | 0 .../modules/elasticache_subnet_group/main.tf | 0 .../elasticache_subnet_group/outputs.tf | 0 .../elasticache_subnet_group/variables.tf | 0 .../elasticache_subnet_group/versions.tf | 0 .../redis/modules/elasticache/outputs.tf | 0 .../redis/modules/elasticache/variables.tf | 0 .../redis/modules/elasticache/versions.tf | 0 .../terraform/stacks/modules/redis/outputs.tf | 28 +++ .../terraform/stacks/modules/redis/route53.tf | 12 ++ .../stacks/modules/redis/variables.tf | 189 ++++++++++++++++++ .../stacks/modules/redis/versions.tf | 18 ++ .../mysql/terragrunt.hcl | 6 +- .../redis/terragrunt.hcl | 113 +++++++++++ 33 files changed, 533 insertions(+), 330 deletions(-) create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/kubernetes.tf create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/main.tf rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/main.tf (99%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf (87%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_parameter_group/outputs.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_parameter_group/variables.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_parameter_group/versions.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_subnet_group/main.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_subnet_group/outputs.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_subnet_group/variables.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/modules/elasticache_subnet_group/versions.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/outputs.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/variables.tf (100%) rename {{cookiecutter.github_repo_name}}/terraform/{environments => stacks}/modules/redis/modules/elasticache/versions.tf (100%) create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/outputs.tf create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/route53.tf create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/variables.tf create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/versions.tf create mode 100644 {{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/redis/terragrunt.hcl diff --git a/CHANGELOG.md b/CHANGELOG.md index d4fbf5dd..3dead905 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [1.0.15] (2023-1-16) + +- move redis module from environment to stack +- add tags to all redis resources +- fix all redis module deprecation warnings +- refactor redis security group from module to direct terraform resource declaration + ## [1.0.14] (2023-1-15) - set stack mysql k8s secret HOST to route53 subdomain diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/kubernetes.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/kubernetes.tf index 115c7af9..729591f2 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/kubernetes.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/kubernetes.tf @@ -21,13 +21,13 @@ provider "kubernetes" { token = data.aws_eks_cluster_auth.eks.token } -resource "kubernetes_secret" "secret" { +resource "kubernetes_secret" "environment_redis" { metadata { name = "redis" namespace = var.environment_namespace } data = { - REDIS_HOST = module.redis.primary_endpoint_address + REDIS_HOST = "redis.primary.${var.environment_domain}" } } diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/main.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/main.tf index eeed2f55..e69de29b 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/main.tf @@ -1,71 +0,0 @@ -#------------------------------------------------------------------------------ -# written by: Miguel Afonso -# https://www.linkedin.com/in/mmafonso/ -# -# date: Aug-2021 -# -# usage: create an ElastiCache Redis cache -# -# FIX NOTE: get rid of module dependency -#------------------------------------------------------------------------------ -locals { - name = var.replication_group_description -} - - -################################################################################ -# Supporting Resources -################################################################################ - -module "security_group" { - source = "terraform-aws-modules/security-group/aws" - version = "{{ cookiecutter.terraform_aws_modules_sg }}" - - name = local.name - description = "openedx_devops: Allow access to MySQL" - vpc_id = var.vpc_id - - # ingress - ingress_with_cidr_blocks = [ - { - description = "openedx_devops: Redis access from within VPC" - from_port = var.port - to_port = var.port - protocol = "tcp" - cidr_blocks = join(",", var.ingress_cidr_blocks) - }, - ] - - egress_with_cidr_blocks = [ - { - description = "openedx_devops: Node all egress" - protocol = "-1" - from_port = 0 - to_port = 0 - type = "egress" - cidr_blocks = "0.0.0.0/0" - ipv6_cidr_blocks = "::/0" - }, - ] - - tags = var.tags - -} - - -module "redis" { - source = "./modules/elasticache" - - description = local.name - create_random_auth_token = var.create_random_auth_token - subnet_ids = var.subnet_ids - engine = var.engine - engine_version = var.engine_version - num_cache_clusters = var.num_cache_clusters - port = var.port - vpc_security_group_ids = [module.security_group.security_group_id] - transit_encryption_enabled = var.transit_encryption_enabled - family = var.family - node_type = var.node_type - tags = var.tags -} diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/outputs.tf index 0310460b..f9977433 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/outputs.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/outputs.tf @@ -6,23 +6,3 @@ # # usage: create an ElastiCache Redis cache #------------------------------------------------------------------------------ -output "configuration_endpoint_address" { - description = "The configuration endpoint address to allow host discovery." - value = module.redis.configuration_endpoint_address -} - -output "primary_endpoint_address" { - description = "The address of the endpoint for the primary node in the replication group, if the cluster mode is disabled." - value = module.redis.primary_endpoint_address -} - -output "member_clusters" { - description = "The identifiers of all the nodes that are part of this replication group." - value = module.redis.member_clusters -} - -output "auth_token" { - description = "The password used to access the Redis protected server." - value = module.redis.auth_token - sensitive = true -} diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/route53.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/route53.tf index bdee4ca5..f0fd0e9e 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/route53.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/route53.tf @@ -6,12 +6,17 @@ data "aws_route53_zone" "environment_domain" { } } -resource "aws_route53_record" "primary" { +data "kubernetes_secret" "service_redis" { + metadata { + name = "redis" + namespace = var.shared_resource_namespace + } +} +resource "aws_route53_record" "redis_primary" { zone_id = data.aws_route53_zone.environment_domain.id name = "redis.primary" type = "CNAME" ttl = "300" - records = ["${module.redis.primary_endpoint_address}"] - + records = ["${data.kubernetes_secret.service_redis.data.REDIS_HOST}"] } diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/variables.tf b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/variables.tf index e172db8a..7e447433 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/variables.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/variables.tf @@ -9,187 +9,20 @@ variable "environment_domain" { type = string } - -variable "shared_resource_namespace" { +variable "services_subdomain" { type = string } -variable "create_elasticache_instance" { - description = "Whether to create a cache instance" - type = bool - default = true -} - -variable "replication_group_description" { - description = "A user-created description for the replication group." - type = string -} - -variable "node_type" { - description = "The instance type of the ElastiCache instance" - type = string -} - -variable "multi_az" { - description = "Specifies if the ElastiCache cluster is multi-AZ" - type = bool - default = false -} - -variable "num_cache_clusters" { - description = "The number of cache clusters (primary and replicas) this replication group will have. If Multi-AZ is enabled, the value of this parameter must be at least 2." - type = number - default = "2" -} - -variable "engine" { - description = "he name of the cache engine to be used for the clusters in this replication group. The only valid value is redis" - type = string - default = "redis" -} - -variable "engine_version" { - description = "The engine version that your ElastiCache Cluster will use. This will differ between the use of 'redis' or 'memcached'. The default is '5.0.6' with redis being the assumed engine." - type = string - default = "6.x" -} - -variable "port" { - description = "The port on which the ElastiCache accepts connections" - type = string -} - -variable "create_random_auth_token" { - description = "Whether to create random password for RDS primary cluster" - type = bool - default = false -} - -variable "auth_token" { - description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file" - type = string - default = null -} - -variable "transit_encryption_enabled" { - description = "Whether to enable encryption in transit." - type = bool - default = null -} - -# ElastiCache subnet group -variable "create_elasticache_subnet_group" { - description = "Whether to create a elasticache subnet group" - type = bool - default = true -} - -variable "elasticache_subnet_group_name" { - description = "Name of ElastiCache subnet group. ElastiCache instance will be created in the VPC associated with the ElastiCache subnet group. If unspecified, will be created in the default VPC" - type = string - default = null -} - -variable "elasticache_subnet_group_use_name_prefix" { - description = "Determines whether to use `subnet_group_name` as is or create a unique name beginning with the `subnet_group_name` as the prefix" - type = bool - default = true -} - -variable "elasticache_subnet_group_description" { - description = "Description of the ElastiCache subnet group to create" - type = string - default = "" -} - -variable "subnet_ids" { - description = "A list of VPC subnet IDs" - type = list(string) - default = [] -} - - - -variable "elasticache_instance_tags" { - description = "Additional tags for the ElastiCache instance" - type = map(string) - default = {} -} - -variable "elasticache_option_group_tags" { - description = "Additional tags for the ElastiCache option group" - type = map(string) - default = {} -} - -variable "elasticache_parameter_group_tags" { - description = "Additional tags for the ElastiCache parameter group" - type = map(string) - default = {} -} - -variable "elasticache_subnet_group_tags" { - description = "Additional tags for the ElastiCache subnet group" - type = map(string) - default = {} -} - - -# ElastiCache parameter group -variable "create_elasticache_parameter_group" { - description = "Whether to create a database parameter group" - type = bool - default = true -} - -variable "parameter_group_name" { - description = "Name of the parameter group to associate with this cache cluster. Again this will differ between the use of 'redis' or 'memcached' and your engine version. The default is 'default.redis6.x'." - type = string - default = null -} - -variable "parameter_group_description" { - description = "Description of the ElastiCache parameter group to create" - type = string - default = "" -} - -variable "family" { - description = "The family of the ElastiCache parameter group" - type = string - default = "" -} - -variable "parameters" { - description = "A list of ElastiCache parameters (map) to apply" - type = list(map(string)) - default = [] -} - -variable "vpc_id" { - description = "ID of the VPC where to create security groups" - type = string - default = null -} - -variable "ingress_cidr_blocks" { - description = "List of IPv4 CIDR ranges to use on all ingress rules" - type = list(string) - default = [] -} - variable "environment_namespace" { description = "kubernetes namespace where to place resources" type = string } -variable "resource_name" { - description = "the full environment-qualified name of this resource." - type = string -} - - variable "tags" { description = "collection of all tags to add to this resource. execting the combination of global + environment + resouce tags." type = map(string) default = {} } + +variable "shared_resource_namespace" { + type = string +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/{{cookiecutter.environment_name}}/redis/terragrunt.hcl b/{{cookiecutter.github_repo_name}}/terraform/environments/{{cookiecutter.environment_name}}/redis/terragrunt.hcl index bcb0685d..0a1f3d0f 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/{{cookiecutter.environment_name}}/redis/terragrunt.hcl +++ b/{{cookiecutter.github_repo_name}}/terraform/environments/{{cookiecutter.environment_name}}/redis/terragrunt.hcl @@ -11,10 +11,11 @@ locals { global_vars = read_terragrunt_config(find_in_parent_folders("global.hcl")) environment_vars = read_terragrunt_config(find_in_parent_folders("env.hcl")) - environment_namespace = local.environment_vars.locals.environment_namespace - resource_name = "${local.environment_vars.locals.environment_namespace}" - shared_resource_namespace = local.environment_vars.locals.shared_resource_namespace - redis_node_type = local.environment_vars.locals.redis_node_type + services_subdomain = local.global_vars.locals.services_subdomain + shared_resource_namespace = local.global_vars.locals.shared_resource_namespace + environment_domain = local.environment_vars.locals.environment_domain + environment_namespace = local.environment_vars.locals.environment_namespace + resource_name = local.environment_vars.locals.environment_namespace tags = merge( local.environment_vars.locals.tags, @@ -24,14 +25,14 @@ locals { dependencies { paths = [ - "../../../stacks/{{ cookiecutter.global_platform_shared_resource_identifier }}/vpc", - "../../../stacks/{{ cookiecutter.global_platform_shared_resource_identifier }}/kubernetes", - "../kubernetes_secrets" + "../../../stacks/service/vpc", + "../../../stacks/service/kubernetes", + "../../../stacks/service/redis", ] } dependency "vpc" { - config_path = "../../../stacks/{{ cookiecutter.global_platform_shared_resource_identifier }}/vpc" + config_path = "../../../stacks/service/vpc" # Configure mock outputs for the `validate` and `init` commands that are returned when there are no outputs available (e.g the # module hasn't been applied yet. @@ -45,7 +46,7 @@ dependency "vpc" { } dependency "kubernetes" { - config_path = "../../../stacks/{{ cookiecutter.global_platform_shared_resource_identifier }}/kubernetes" + config_path = "../../../stacks/service/kubernetes" # Configure mock outputs for the `validate` and `init` commands that are returned when there are no outputs available (e.g the # module hasn't been applied yet. @@ -70,6 +71,15 @@ dependency "kubernetes" { } } +dependency "redis" { + config_path = "../../../stacks/service/redis" + + # Configure mock outputs for the `validate` and `init` commands that are returned when there are no outputs available (e.g the + # module hasn't been applied yet. + mock_outputs_allowed_terraform_commands = ["init", "validate"] + mock_outputs = {} +} + # Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the # working directory, into a temporary folder, and execute your Terraform commands in that folder. terraform { @@ -83,29 +93,9 @@ include { # These are the variables we have to pass in to use the module specified in the terragrunt configuration above inputs = { - - # AWS Elasticache identifying information - environment_namespace = local.environment_namespace - resource_name = local.resource_name shared_resource_namespace = local.shared_resource_namespace + environment_namespace = local.environment_namespace + environment_domain = local.environment_domain + services_subdomain = local.services_subdomain tags = local.tags - - # cache instance identifying information - replication_group_description = "${local.environment_vars.locals.environment_namespace}" - create_random_auth_token = "false" - - # cache engine configuration - engine = "redis" - engine_version = "{{ cookiecutter.redis_engine_version }}" - num_cache_clusters = {{ cookiecutter.redis_num_cache_clusters }} - port = {{ cookiecutter.redis_port }} - family = "{{ cookiecutter.redis_family }}" - node_type = local.redis_node_type - transit_encryption_enabled = false - - # networking configuration - subnet_ids = dependency.vpc.outputs.elasticache_subnets - vpc_id = dependency.vpc.outputs.vpc_id - ingress_cidr_blocks = [dependency.vpc.outputs.vpc_cidr_block] - } diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/main.tf index 62879c2d..c834fd58 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/main.tf @@ -354,8 +354,8 @@ data "template_file" "welcome_banner" { data "template_file" "help_text" { template = file("${path.module}/etc/update-motd.d/10-help-text.tpl") vars = { - stack_namespace = var.stack_namespace - services_subdomain = var.services_subdomain - aws_region = var.aws_region + stack_namespace = var.stack_namespace + services_subdomain = var.services_subdomain + aws_region = var.aws_region } } diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/outputs.tf index f63434ee..9fbeadd8 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/outputs.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/ec2_bastion/outputs.tf @@ -15,20 +15,20 @@ output "bastion_internal_ip" { output "bastion_hostname" { description = "The bastion host subdomain" - value = local.hostname + value = local.hostname } output "bastion_subnet_id" { description = "the VPC subnet in which this instance was created" - value = aws_instance.bastion.subnet_id + value = aws_instance.bastion.subnet_id } output "bastion_ami" { description = "the Ubuntu Amazon Machine Image for this instance" - value = aws_instance.bastion.ami + value = aws_instance.bastion.ami } output "bastion_subnet_ssh_keyname" { description = "the name of the ssh keypair assigned to this instance" - value = aws_instance.bastion.key_name + value = aws_instance.bastion.key_name } diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes/main.tf index d6ec8ca7..4e9e315a 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes/main.tf @@ -81,11 +81,11 @@ module "eks" { ) cluster_addons = { - coredns = { - addon_version = "v1.8.7-eksbuild.3" + coredns = { + addon_version = "v1.8.7-eksbuild.3" } kube-proxy = { - addon_version = "v1.24.9-eksbuild.1" + addon_version = "v1.24.9-eksbuild.1" } aws-ebs-csi-driver = { service_account_role_arn = aws_iam_role.AmazonEKS_EBS_CSI_DriverRole.arn diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/main.tf index 6ef9d6f5..d69e1b64 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/main.tf @@ -60,7 +60,7 @@ resource "helm_release" "karpenter" { repository = "https://charts.karpenter.sh" chart = "karpenter" - version = "{{ cookiecutter.terraform_helm_karpenter }}" + version = "{{ cookiecutter.terraform_helm_karpenter }}" set { name = "serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn" diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/outputs.tf index 4f71d887..f0b8c55b 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/outputs.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/kubernetes_karpenter/outputs.tf @@ -34,45 +34,45 @@ output "helm_release_repository" { output "irsa_role_oidc_provider_arn" { description = "the OIDC provider ARN " - value = var.oidc_provider_arn + value = var.oidc_provider_arn } output "karpenter_iam_instance_profile_id" { description = "Karpetner IAM instance profile ID" - value = aws_iam_instance_profile.karpenter.id + value = aws_iam_instance_profile.karpenter.id } output "karpenter_iam_instance_profile_name" { description = "Karpetner IAM instance profile name" - value = aws_iam_instance_profile.karpenter.name + value = aws_iam_instance_profile.karpenter.name } output "karpenter_iam_instance_profile_role" { description = "Karpetner IAM instance profile role" - value = aws_iam_instance_profile.karpenter.role + value = aws_iam_instance_profile.karpenter.role } output "aws_iam_role_ec2_spot_fleet_tagging_role_id" { description = "IAM role for EC2 spot fleet tagging role id" - value = aws_iam_role.ec2_spot_fleet_tagging_role.id + value = aws_iam_role.ec2_spot_fleet_tagging_role.id } output "aws_iam_role_ec2_spot_fleet_tagging_role_name" { description = "IAM role for EC2 spot fleet tagging role name" - value = aws_iam_role.ec2_spot_fleet_tagging_role.name + value = aws_iam_role.ec2_spot_fleet_tagging_role.name } output "aws_iam_role_policy_attachment_ec2_spot_fleet_tagging_id" { description = "IAM role policy attachment for EC2 spot fleet tagging role id" - value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.id + value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.id } output "aws_iam_role_policy_attachment_ec2_spot_fleet_tagging_policy_arn" { description = "IAM role policy attachment for EC2 spot fleet tagging role ARN" - value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.policy_arn + value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.policy_arn } output "aws_iam_role_policy_attachment_ec2_spot_fleet_tagging_role" { description = "IAM role policy attachment for EC2 spot fleet tagging role" - value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.role + value = aws_iam_role_policy_attachment.ec2_spot_fleet_tagging.role } diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/mongodb/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/mongodb/outputs.tf index 922d7032..5aaca5c4 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/mongodb/outputs.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/mongodb/outputs.tf @@ -15,30 +15,30 @@ output "mongodb_internal_ip" { output "kubernetes_secret_mongodb_admin_name" { description = "The name of the k8s secret for the MongoDB admin user credentials" - value = kubernetes_secret.mongodb_admin.metadata[0].name + value = kubernetes_secret.mongodb_admin.metadata[0].name } output "kubernetes_secret_mongodb_admin_namespace" { description = "The namespace of the k8s secret for the MongoDB admin user credentials" - value = kubernetes_secret.mongodb_admin.metadata[0].namespace + value = kubernetes_secret.mongodb_admin.metadata[0].namespace } output "mongodb_hostname" { description = "The MongoDB host subdomain" - value = local.host_name + value = local.host_name } output "mongodb_subnet_id" { description = "the VPC subnet in which this instance was created" - value = aws_instance.mongodb.subnet_id + value = aws_instance.mongodb.subnet_id } output "mongodb_ami" { description = "the Ubuntu Amazon Machine Image for this instance" - value = aws_instance.mongodb.ami + value = aws_instance.mongodb.ami } output "mongodb_subnet_ssh_keyname" { description = "the name of the ssh keypair assigned to this instance" - value = aws_instance.mongodb.key_name + value = aws_instance.mongodb.key_name } diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/kubernetes.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/kubernetes.tf new file mode 100644 index 00000000..cf76bcbe --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/kubernetes.tf @@ -0,0 +1,33 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +# stored cache credentials in Kubernetes Secrets. +#------------------------------------------------------------------------------ +data "aws_eks_cluster" "eks" { + name = var.shared_resource_namespace +} + +data "aws_eks_cluster_auth" "eks" { + name = var.shared_resource_namespace +} + +provider "kubernetes" { + host = data.aws_eks_cluster.eks.endpoint + cluster_ca_certificate = base64decode(data.aws_eks_cluster.eks.certificate_authority[0].data) + token = data.aws_eks_cluster_auth.eks.token +} + +resource "kubernetes_secret" "redis" { + metadata { + name = "redis" + namespace = var.shared_resource_namespace + } + + data = { + REDIS_HOST = module.redis.primary_endpoint_address + } +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/main.tf new file mode 100644 index 00000000..9a2cae4e --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/main.tf @@ -0,0 +1,59 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +# +# FIX NOTE: get rid of module dependency +#------------------------------------------------------------------------------ +locals { + name = var.replication_group_description +} + + +################################################################################ +# Supporting Resources +################################################################################ +resource "aws_security_group" "redis" { + description = "openedx_devops: Redis" + name_prefix = local.name + vpc_id = var.vpc_id + + ingress { + description = "openedx_devops: Redis access from within VPC" + from_port = var.port + to_port = var.port + protocol = "tcp" + cidr_blocks = var.ingress_cidr_blocks + } + egress { + description = "openedx_devops: Redis out to anywhere" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + ipv6_cidr_blocks = ["::/0"] + } + + tags = var.tags +} + + +module "redis" { + source = "./modules/elasticache" + + description = local.name + create_random_auth_token = var.create_random_auth_token + subnet_ids = var.subnet_ids + engine = var.engine + engine_version = var.engine_version + num_cache_clusters = var.num_cache_clusters + port = var.port + vpc_security_group_ids = [aws_security_group.redis.id] + transit_encryption_enabled = var.transit_encryption_enabled + family = var.family + node_type = var.node_type + tags = var.tags +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/main.tf similarity index 99% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/main.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/main.tf index 2cfdcc77..4364763f 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/main.tf @@ -16,7 +16,7 @@ resource "random_id" "auth_token" { resource "random_string" "id" { lower = true special = false - number = false + numeric = false length = 8 } diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf similarity index 87% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf index 33e820f4..b6a3e963 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/main.tf @@ -21,4 +21,11 @@ resource "aws_elasticache_parameter_group" "this" { lifecycle { create_before_destroy = true } + + tags = merge( + var.tags, + { + "Name" = var.name + }, + ) } diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/outputs.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/outputs.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/outputs.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/variables.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/variables.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/variables.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/variables.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/versions.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_parameter_group/versions.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_parameter_group/versions.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/main.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/main.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/main.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/main.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/outputs.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/outputs.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/outputs.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/variables.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/variables.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/variables.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/variables.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/versions.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/modules/elasticache_subnet_group/versions.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/modules/elasticache_subnet_group/versions.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/outputs.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/outputs.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/outputs.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/variables.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/variables.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/variables.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/variables.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/versions.tf similarity index 100% rename from {{cookiecutter.github_repo_name}}/terraform/environments/modules/redis/modules/elasticache/versions.tf rename to {{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/modules/elasticache/versions.tf diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/outputs.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/outputs.tf new file mode 100644 index 00000000..0310460b --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/outputs.tf @@ -0,0 +1,28 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +#------------------------------------------------------------------------------ +output "configuration_endpoint_address" { + description = "The configuration endpoint address to allow host discovery." + value = module.redis.configuration_endpoint_address +} + +output "primary_endpoint_address" { + description = "The address of the endpoint for the primary node in the replication group, if the cluster mode is disabled." + value = module.redis.primary_endpoint_address +} + +output "member_clusters" { + description = "The identifiers of all the nodes that are part of this replication group." + value = module.redis.member_clusters +} + +output "auth_token" { + description = "The password used to access the Redis protected server." + value = module.redis.auth_token + sensitive = true +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/route53.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/route53.tf new file mode 100644 index 00000000..32e29ad6 --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/route53.tf @@ -0,0 +1,12 @@ + +data "aws_route53_zone" "services_subdomain" { + name = var.services_subdomain +} + +resource "aws_route53_record" "primary" { + zone_id = data.aws_route53_zone.services_subdomain.id + name = "redis.primary" + type = "CNAME" + ttl = "300" + records = ["${module.redis.primary_endpoint_address}"] +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/variables.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/variables.tf new file mode 100644 index 00000000..3ef70a52 --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/variables.tf @@ -0,0 +1,189 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +#------------------------------------------------------------------------------ +variable "services_subdomain" { + type = string +} +variable "shared_resource_namespace" { + type = string +} +variable "create_elasticache_instance" { + description = "Whether to create a cache instance" + type = bool + default = true +} + +variable "replication_group_description" { + description = "A user-created description for the replication group." + type = string +} + +variable "node_type" { + description = "The instance type of the ElastiCache instance" + type = string +} + +variable "multi_az" { + description = "Specifies if the ElastiCache cluster is multi-AZ" + type = bool + default = false +} + +variable "num_cache_clusters" { + description = "The number of cache clusters (primary and replicas) this replication group will have. If Multi-AZ is enabled, the value of this parameter must be at least 2." + type = number + default = "2" +} + +variable "engine" { + description = "he name of the cache engine to be used for the clusters in this replication group. The only valid value is redis" + type = string + default = "redis" +} + +variable "engine_version" { + description = "The engine version that your ElastiCache Cluster will use. This will differ between the use of 'redis' or 'memcached'. The default is '5.0.6' with redis being the assumed engine." + type = string + default = "6.x" +} + +variable "port" { + description = "The port on which the ElastiCache accepts connections" + type = string +} + +variable "create_random_auth_token" { + description = "Whether to create random password for RDS primary cluster" + type = bool + default = false +} + +variable "auth_token" { + description = "Password for the master DB user. Note that this may show up in logs, and it will be stored in the state file" + type = string + default = null +} + +variable "transit_encryption_enabled" { + description = "Whether to enable encryption in transit." + type = bool + default = null +} + +# ElastiCache subnet group +variable "create_elasticache_subnet_group" { + description = "Whether to create a elasticache subnet group" + type = bool + default = true +} + +variable "elasticache_subnet_group_name" { + description = "Name of ElastiCache subnet group. ElastiCache instance will be created in the VPC associated with the ElastiCache subnet group. If unspecified, will be created in the default VPC" + type = string + default = null +} + +variable "elasticache_subnet_group_use_name_prefix" { + description = "Determines whether to use `subnet_group_name` as is or create a unique name beginning with the `subnet_group_name` as the prefix" + type = bool + default = true +} + +variable "elasticache_subnet_group_description" { + description = "Description of the ElastiCache subnet group to create" + type = string + default = "" +} + +variable "subnet_ids" { + description = "A list of VPC subnet IDs" + type = list(string) + default = [] +} + + + +variable "elasticache_instance_tags" { + description = "Additional tags for the ElastiCache instance" + type = map(string) + default = {} +} + +variable "elasticache_option_group_tags" { + description = "Additional tags for the ElastiCache option group" + type = map(string) + default = {} +} + +variable "elasticache_parameter_group_tags" { + description = "Additional tags for the ElastiCache parameter group" + type = map(string) + default = {} +} + +variable "elasticache_subnet_group_tags" { + description = "Additional tags for the ElastiCache subnet group" + type = map(string) + default = {} +} + + +# ElastiCache parameter group +variable "create_elasticache_parameter_group" { + description = "Whether to create a database parameter group" + type = bool + default = true +} + +variable "parameter_group_name" { + description = "Name of the parameter group to associate with this cache cluster. Again this will differ between the use of 'redis' or 'memcached' and your engine version. The default is 'default.redis6.x'." + type = string + default = null +} + +variable "parameter_group_description" { + description = "Description of the ElastiCache parameter group to create" + type = string + default = "" +} + +variable "family" { + description = "The family of the ElastiCache parameter group" + type = string + default = "" +} + +variable "parameters" { + description = "A list of ElastiCache parameters (map) to apply" + type = list(map(string)) + default = [] +} + +variable "vpc_id" { + description = "ID of the VPC where to create security groups" + type = string + default = null +} + +variable "ingress_cidr_blocks" { + description = "List of IPv4 CIDR ranges to use on all ingress rules" + type = list(string) + default = [] +} + +variable "resource_name" { + description = "the full environment-qualified name of this resource." + type = string +} + + +variable "tags" { + description = "collection of all tags to add to this resource. execting the combination of global + environment + resouce tags." + type = map(string) + default = {} +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/versions.tf b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/versions.tf new file mode 100644 index 00000000..dd41b8e9 --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/modules/redis/versions.tf @@ -0,0 +1,18 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +#------------------------------------------------------------------------------ +terraform { + required_version = "{{ cookiecutter.terraform_required_version }}" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "{{ cookiecutter.terraform_provider_hashicorp_aws_version }}" + } + } +} diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/mysql/terragrunt.hcl b/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/mysql/terragrunt.hcl index 53e12380..d77e82d7 100644 --- a/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/mysql/terragrunt.hcl +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/mysql/terragrunt.hcl @@ -8,10 +8,10 @@ #------------------------------------------------------------------------------ locals { # Automatically load stack-level variables - global_vars = read_terragrunt_config(find_in_parent_folders("global.hcl")) - stack_vars = read_terragrunt_config(find_in_parent_folders("stack.hcl")) + global_vars = read_terragrunt_config(find_in_parent_folders("global.hcl")) + stack_vars = read_terragrunt_config(find_in_parent_folders("stack.hcl")) - services_subdomain = local.global_vars.locals.services_subdomain + services_subdomain = local.global_vars.locals.services_subdomain resource_name = local.stack_vars.locals.stack_namespace mysql_instance_class = local.stack_vars.locals.mysql_instance_class mysql_allocated_storage = local.stack_vars.locals.mysql_allocated_storage diff --git a/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/redis/terragrunt.hcl b/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/redis/terragrunt.hcl new file mode 100644 index 00000000..2b4cb19c --- /dev/null +++ b/{{cookiecutter.github_repo_name}}/terraform/stacks/{{cookiecutter.global_platform_shared_resource_identifier}}/redis/terragrunt.hcl @@ -0,0 +1,113 @@ +#------------------------------------------------------------------------------ +# written by: Miguel Afonso +# https://www.linkedin.com/in/mmafonso/ +# +# date: Aug-2021 +# +# usage: create an ElastiCache Redis cache +#------------------------------------------------------------------------------ +locals { + # Automatically load environment-level variables + global_vars = read_terragrunt_config(find_in_parent_folders("global.hcl")) + stack_vars = read_terragrunt_config(find_in_parent_folders("stack.hcl")) + + services_subdomain = local.global_vars.locals.services_subdomain + resource_name = local.stack_vars.locals.stack_namespace + shared_resource_namespace = local.stack_vars.locals.stack_namespace + redis_node_type = local.stack_vars.locals.redis_node_type + + tags = merge( + local.stack_vars.locals.tags, + { + "cookiecutter/name" = "${local.resource_name}" + Name = "${local.resource_name}" + } + ) +} + +dependencies { + paths = [ + "../vpc", + "../kubernetes", + ] +} + +dependency "vpc" { + config_path = "../vpc" + + # Configure mock outputs for the `validate` and `init` commands that are returned when there are no outputs available (e.g the + # module hasn't been applied yet. + mock_outputs_allowed_terraform_commands = ["init", "validate", "plan", "destroy"] + mock_outputs = { + vpc_id = "fake-vpc-id" + database_subnets = ["fake-subnetid-01", "fake-subnetid-02"] + elasticache_subnets = ["fake-elasticache-subnet-01", "fake-elasticache-subnet-02"] + vpc_cidr_block = "fake-cidr-block" + } +} + +dependency "kubernetes" { + config_path = "../kubernetes" + + # Configure mock outputs for the `validate` and `init` commands that are returned when there are no outputs available (e.g the + # module hasn't been applied yet. + mock_outputs_allowed_terraform_commands = ["init", "validate", "plan", "destroy"] + mock_outputs = { + cluster_arn = "fake-cluster-arn" + cluster_certificate_authority_data = "fake-cert" + cluster_endpoint = "fake-cluster-endpoint" + cluster_id = "fake-cluster-id" + cluster_oidc_issuer_url = "fake-oidc-issuer-url" + cluster_platform_version = "fake-cluster-version" + cluster_security_group_arn = "fake-security-group-arn" + cluster_security_group_id = "fake-security-group-id" + cluster_status = "fake-cluster-status" + cluster_version = "fake-cluster-version" + eks_managed_node_groups = "fake-managed-node-group" + fargate_profiles = "fake-fargate-profile" + node_security_group_arn = "fake-security-group-arn" + node_security_group_id = "fake-security-group-id" + oidc_provider = "fake-oidc-provider" + oidc_provider_arn = "fake-provider-arn" + } +} + +# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the +# working directory, into a temporary folder, and execute your Terraform commands in that folder. +terraform { + source = "../../modules//redis" +} + +# Include all settings from the root terragrunt.hcl file +include { + path = find_in_parent_folders() +} + +# These are the variables we have to pass in to use the module specified in the terragrunt configuration above +inputs = { + + # AWS Elasticache identifying information + services_subdomain = local.services_subdomain + resource_name = local.resource_name + shared_resource_namespace = local.shared_resource_namespace + tags = local.tags + + # cache instance identifying information + replication_group_description = local.shared_resource_namespace + create_random_auth_token = "false" + + # cache engine configuration + engine = "redis" + engine_version = "{{ cookiecutter.redis_engine_version }}" + num_cache_clusters = {{ cookiecutter.redis_num_cache_clusters }} + port = {{ cookiecutter.redis_port }} + family = "{{ cookiecutter.redis_family }}" + node_type = local.redis_node_type + transit_encryption_enabled = false + + # networking configuration + subnet_ids = dependency.vpc.outputs.elasticache_subnets + vpc_id = dependency.vpc.outputs.vpc_id + ingress_cidr_blocks = [dependency.vpc.outputs.vpc_cidr_block] + +}