Terraform module which creates Elasticache resources on AWS
Root module calls these modules which can also be used separately to create independent resources:
- cache_parameter_group - creates Elasticache parameter group
- cache_subnet_group - creates Elasticache subnet group
- cache_user - creates Elasticache user
- cache_user_group - creates Elasticache user group
module "elasticache" { source = "osgurisdosre/elasticache/aws" create_cache = true replication_group_id = "redis-app" description_redis = "Redis App" node_type = "cache.t2.micro" security_group_ids = ["sg-0000000000000", "sg-111111111111111"] num_cache_clusters = 3 # Cache subnet group create_elasticache_subnet_group = true subnet_group_name = "elasticache-subnets" subnet_ids = ["subnet-123456789", "subnet-987654321", "subnet-123321123"] # Cache parameter group create_elasticache_parameter_group = true parameters = [{ name = "activerehashing" value = "yes" }] # Cache user create_elasticache_user = true create_cache_password = true user_name = "userapp" user_id = "userapp" access_string = "on ~* +@all" authentication_mode = [{ type = "password" }] # Cache user group create_elasticache_user_group = true user_group_id = "app" } module "elastic_serverlesss" { source = "osgurisdosre/elasticache/aws" create_elasticache_serverless = true serverless_name = "redis-serverless" description_serverless = "serverless" enabled_limits = true cache_usage_limits = { data_storage = { maximum = 1000 unit = "GB" } ecpu_per_second = { maximum = 1000 } } daily_snapshot_time = "09:00" kms_key_id = aws_kms_key.test.arn major_engine_version = "7" snapshot_retention_limit = 1 security_group_ids = ["sg-0000000000000", "sg-111111111111111"] subnet_ids = ["subnet-123456789", "subnet-987654321", "subnet-123321123"] user_group_id = module.user_group.elasticache_user_group_id tags = { "Environment" = "prd" } } module "elasticache" { source = "osgurisdosre/documentdb/aws" # Disable creation of Elasticache create_cache = false # Enable creation of a random password create_cache_password = true # Enable creation of subnet group create_elasticache_subnet_group = true # Enable creation of parameter group create_elasticache_parameter_group = true # Enable creation of user create_elasticache_user = true # Enable creation of user group create_elasticache_user_group = true # Enable creation of serverless create_elasticache_serverless = true #Enable modification in cache_usage_limits enabled_limits = true } To-do:
- This module does not create Elasticache security group. Use terraform-aws-security-group module for this.
- By default, the variable
create_db_passwordis set to true. Therefore, even if the user provides a password, it will not be read. Thecreate_db_passwordvariable should be set to false and thepasswordsvariable should have a non-null value to be read and used. - By default, the
create_elasticache_serverlessvariable is set false
| Name | Version |
|---|---|
| terraform | >= 1.4 |
| aws | >= 5.40 |
| random | >= 3.1 |
| Name | Version |
|---|---|
| aws | >= 5.40 |
| random | >= 3.1 |
| Name | Source | Version |
|---|---|---|
| elasticache_parameter_group | ./modules/cache_parameter_group | n/a |
| elasticache_subnet_group | ./modules/cache_subnet_group | n/a |
| elasticache_user | ./modules/cache_user | n/a |
| elasticache_user_group | ./modules/cache_user_group | n/a |
| Name | Type |
|---|---|
| aws_elasticache_replication_group.this | resource |
| aws_elasticache_serverless_cache.this | resource |
| random_password.master_password | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_string | Access permissions string used for this user. | string | null | no |
| apply_immediately | Specifies whether any modifications are applied immediately, or during the next maintenance window. | bool | false | no |
| at_rest_encryption_enabled | Whether to enable encryption at rest. | bool | true | no |
| auth_token | Password used to access a password protected server | string | null | no |
| authentication_mode | Denotes the user's authentication properties. Possible of type options are: password, no-password-required or iam. | list(object({ | [ | no |
| auto_minor_version_upgrade | Specifies whether minor version engine upgrades will be applied automatically to the underlying | bool | false | no |
| automatic_failover_enabled | Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. | bool | true | no |
| cache_usage_limits | Sets the cache usage limits for storage and ElastiCache Processing Units for the cache.(data_storage,ecpu_per_second) | any | {} | no |
| create | Create the resource? | bool | true | no |
| create_cache | Create the elasticache Redis? | bool | false | no |
| create_cache_password | Create the password? | bool | false | no |
| create_elasticache_parameter_group | Create the parameter group? | bool | false | no |
| create_elasticache_replication_group | Create the replication group? | bool | false | no |
| create_elasticache_serverless | Create the elasticache Redis serverless? | bool | false | no |
| create_elasticache_subnet_group | Create the subnet group? | bool | false | no |
| create_elasticache_user | Create the user? | bool | false | no |
| create_elasticache_user_group | Create the user group? | bool | false | no |
| daily_snapshot_time | The daily time that snapshots will be created from the new serverless cache.(Only for the serverless module) | string | "03:00" | no |
| data_tiering_enabled | Enables data tiering | bool | false | no |
| description_parameter | The description of the ElastiCache parameter group. | string | null | no |
| description_redis | User-created description for the replication group. Must not be empty | string | "" | no |
| description_serverless | User-created description for the serverless. Must not be empty | string | "" | no |
| description_subnet | The Description of the ElastiCache Subnet Group. | string | null | no |
| enabled_limits | Enable customization of cache_usage_limits(Only for the serverless module) | bool | false | no |
| engine | Name of the cache engine to be used for the clusters in this replication group. | string | "redis" | no |
| engine_version | Version number of the cache engine to be used for the cache clusters in this replication group. | string | "6.x" | no |
| family | The family of the ElastiCache parameter group. | string | "redis6.x" | no |
| final_snapshot_identifier | The name of your final node group (shard) snapshot. | string | null | no |
| global_replication_group_id | The ID of the global replication group to which this replication group should belong. | string | null | no |
| kms_key_id | The ARN of the key that you wish to use if encrypting at rest. | string | null | no |
| log_delivery_configuration | block allows the streaming of Redis SLOWLOG or Redis Engine Log to CloudWatch Log | list(map(string)) | [] | no |
| maintenance_window | Specifies the weekly time range for when maintenance on the cache cluster is performed. | string | "sat:03:00-sat:06:00" | no |
| major_engine_version | The version of the cache engine that will be used to create the serverless cache.(Only for the serverless module) | string | "7" | no |
| multi_az_enabled | Specifies whether to enable Multi-AZ Support for the replication group. | bool | false | no |
| node_type | Instance class to be used. | string | null | no |
| notification_topic_arn | ARN of an SNS topic to send ElastiCache notifications to | string | null | no |
| num_cache_clusters | Number of cache clusters (primary and replicas) this replication group will have. | number | 3 | no |
| num_node_groups | Number of node groups (shards) for this Redis replication group. | number | null | no |
| parameter_group_name | The name of the ElastiCache parameter group. | string | null | no |
| parameters | List of DB parameters to apply | list(map(string)) | [] | no |
| password | Password for the user. | list(string) | [] | no |
| password_create | Password Create | string | null | no |
| port | Port number on which each of the cache nodes will accept connections. | number | 6379 | no |
| preferred_cache_cluster_azs | List of EC2 availability zones in which the replication group's cache clusters will be created. | list(string) | null | no |
| random_password_length | The length of the string desired. | number | 16 | no |
| replicas_per_node_group | Number of replica nodes in each node group. | number | null | no |
| replication_group_id | Replication group identifier. This parameter is stored as a lowercase string. | string | null | no |
| security_group_ids | One or more Amazon VPC security groups associated with this replication group. | list(string) | [] | no |
| security_group_names | List of cache security group names to associate with this replication group. | list(string) | null | no |
| serverless_name | Name Redis Serverless. This parameter is stored as a lowercase string. | string | null | no |
| snapshot_arns_to_restore | The list of ARN(s) of the snapshot that the new serverless cache will be created from(Only for the serverless module) | list(string) | null | no |
| snapshot_name | Name of a snapshot from which to restore data into the new node group. | string | null | no |
| snapshot_retention_limit | Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | number | 7 | no |
| snapshot_window | Daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string | "00:00-02:00" | no |
| subnet_group_name | The Name of the ElastiCache Subnet Group. | string | null | no |
| subnet_ids | The Subnet IDs of the ElastiCache Subnet Group. | list(string) | [ | no |
| tags | A map of tags to add to all resources | map(string) | {} | no |
| transit_encryption_enabled | Whether to enable encryption in transit. | bool | true | no |
| user_group_id | The user group identifier. | string | null | no |
| user_group_ids | User Group ID to associate with the replication group. | list(string) | null | no |
| user_id | The ID of the user. | string | null | no |
| user_name | The username of the user. | string | null | no |
| Name | Description |
|---|---|
| cache_instance_endpoint | The DNS address of the Primary Cache |
| cache_instance_password | The cache password (this password may be old, because Terraform doesn't track it after initial creation) |
| db_instance_endpoint_reader | The DNS address of the Reader Cache |
Module is maintained by Emidio Neto, Leonardo Jardim and Yuri Azeredo
Apache 2 Licensed. See LICENSE for full details.