From cdc870e425fd34a93f3e38adccf8eb4c8fd1ef1a Mon Sep 17 00:00:00 2001 From: ottramst Date: Mon, 2 Dec 2024 16:55:45 +0200 Subject: [PATCH 01/22] fix: Change cloudwatch log group output to include all created log groups (#19) --- README.md | 1 + examples/memcached-cluster/README.md | 3 +-- examples/memcached-cluster/outputs.tf | 11 +++-------- examples/redis-cluster-mode/README.md | 3 +-- examples/redis-cluster-mode/outputs.tf | 11 +++-------- examples/redis-cluster/README.md | 3 +-- examples/redis-cluster/outputs.tf | 11 +++-------- examples/redis-global-replication-group/README.md | 3 +-- examples/redis-global-replication-group/outputs.tf | 11 +++-------- .../README.md | 3 +-- .../outputs.tf | 11 +++-------- examples/redis-replication-group/README.md | 3 +-- examples/redis-replication-group/outputs.tf | 11 +++-------- outputs.tf | 7 +++++++ 14 files changed, 32 insertions(+), 60 deletions(-) diff --git a/README.md b/README.md index e422a35..9cea7db 100644 --- a/README.md +++ b/README.md @@ -473,6 +473,7 @@ No modules. |------|-------------| | [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | | [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/memcached-cluster/README.md b/examples/memcached-cluster/README.md index 16ced47..7c93f16 100644 --- a/examples/memcached-cluster/README.md +++ b/examples/memcached-cluster/README.md @@ -50,8 +50,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/memcached-cluster/outputs.tf b/examples/memcached-cluster/outputs.tf index a3a563b..ccf51c7 100644 --- a/examples/memcached-cluster/outputs.tf +++ b/examples/memcached-cluster/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.elasticache.cloudwatch_log_groups } ################################################################################ diff --git a/examples/redis-cluster-mode/README.md b/examples/redis-cluster-mode/README.md index 9bc003f..8453466 100644 --- a/examples/redis-cluster-mode/README.md +++ b/examples/redis-cluster-mode/README.md @@ -52,8 +52,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/redis-cluster-mode/outputs.tf b/examples/redis-cluster-mode/outputs.tf index a3a563b..ccf51c7 100644 --- a/examples/redis-cluster-mode/outputs.tf +++ b/examples/redis-cluster-mode/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.elasticache.cloudwatch_log_groups } ################################################################################ diff --git a/examples/redis-cluster/README.md b/examples/redis-cluster/README.md index 19b1c33..7afc24d 100644 --- a/examples/redis-cluster/README.md +++ b/examples/redis-cluster/README.md @@ -50,8 +50,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/redis-cluster/outputs.tf b/examples/redis-cluster/outputs.tf index a3a563b..ccf51c7 100644 --- a/examples/redis-cluster/outputs.tf +++ b/examples/redis-cluster/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.elasticache.cloudwatch_log_groups } ################################################################################ diff --git a/examples/redis-global-replication-group/README.md b/examples/redis-global-replication-group/README.md index 369e352..f512f47 100644 --- a/examples/redis-global-replication-group/README.md +++ b/examples/redis-global-replication-group/README.md @@ -57,8 +57,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/redis-global-replication-group/outputs.tf b/examples/redis-global-replication-group/outputs.tf index 45505ae..85300ce 100644 --- a/examples/redis-global-replication-group/outputs.tf +++ b/examples/redis-global-replication-group/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.elasticache_primary.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.elasticache_primary.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.elasticache_primary.cloudwatch_log_groups } ################################################################################ diff --git a/examples/redis-replication-group-with-cluster-replica/README.md b/examples/redis-replication-group-with-cluster-replica/README.md index 7f62c8a..48f8674 100644 --- a/examples/redis-replication-group-with-cluster-replica/README.md +++ b/examples/redis-replication-group-with-cluster-replica/README.md @@ -51,8 +51,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/redis-replication-group-with-cluster-replica/outputs.tf b/examples/redis-replication-group-with-cluster-replica/outputs.tf index b1e108b..c649115 100644 --- a/examples/redis-replication-group-with-cluster-replica/outputs.tf +++ b/examples/redis-replication-group-with-cluster-replica/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.replication_group_with_cluster_replica.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.replication_group_with_cluster_replica.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.replication_group_with_cluster_replica.cloudwatch_log_groups } ################################################################################ diff --git a/examples/redis-replication-group/README.md b/examples/redis-replication-group/README.md index 237289b..e4e2312 100644 --- a/examples/redis-replication-group/README.md +++ b/examples/redis-replication-group/README.md @@ -49,8 +49,7 @@ No inputs. | Name | Description | |------|-------------| -| [cloudwatch\_log\_group\_arn](#output\_cloudwatch\_log\_group\_arn) | Arn of cloudwatch log group created | -| [cloudwatch\_log\_group\_name](#output\_cloudwatch\_log\_group\_name) | Name of cloudwatch log group created | +| [cloudwatch\_log\_groups](#output\_cloudwatch\_log\_groups) | Map of CloudWatch log groups created and their attributes | | [cluster\_address](#output\_cluster\_address) | (Memcached only) DNS name of the cache cluster without the port appended | | [cluster\_arn](#output\_cluster\_arn) | The ARN of the ElastiCache Cluster | | [cluster\_cache\_nodes](#output\_cluster\_cache\_nodes) | List of node objects including `id`, `address`, `port` and `availability_zone` | diff --git a/examples/redis-replication-group/outputs.tf b/examples/redis-replication-group/outputs.tf index a3a563b..ccf51c7 100644 --- a/examples/redis-replication-group/outputs.tf +++ b/examples/redis-replication-group/outputs.tf @@ -94,14 +94,9 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ -output "cloudwatch_log_group_name" { - description = "Name of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_name -} - -output "cloudwatch_log_group_arn" { - description = "Arn of cloudwatch log group created" - value = module.elasticache.cloudwatch_log_group_arn +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = module.elasticache.cloudwatch_log_groups } ################################################################################ diff --git a/outputs.tf b/outputs.tf index 2b4cf6f..e015a78 100644 --- a/outputs.tf +++ b/outputs.tf @@ -94,11 +94,18 @@ output "global_replication_group_node_groups" { # CloudWatch Log Group ################################################################################ +output "cloudwatch_log_groups" { + description = "Map of CloudWatch log groups created and their attributes" + value = aws_cloudwatch_log_group.this +} + +# TODO - remove at next breaking change output "cloudwatch_log_group_name" { description = "Name of cloudwatch log group created" value = try(aws_cloudwatch_log_group.this[0].name, null) } +# TODO - remove at next breaking change output "cloudwatch_log_group_arn" { description = "Arn of cloudwatch log group created" value = try(aws_cloudwatch_log_group.this[0].arn, null) From 7d8b70b6c1cf4f4e1bd635caf413ce8623c98706 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 2 Dec 2024 14:56:11 +0000 Subject: [PATCH 02/22] chore(release): version 1.4.1 [skip ci] ## [1.4.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.0...v1.4.1) (2024-12-02) ### Bug Fixes * Change cloudwatch log group output to include all created log groups ([#19](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/19)) ([cdc870e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/cdc870e425fd34a93f3e38adccf8eb4c8fd1ef1a)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8f4710f..7e4b3bc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.4.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.0...v1.4.1) (2024-12-02) + + +### Bug Fixes + +* Change cloudwatch log group output to include all created log groups ([#19](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/19)) ([cdc870e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/cdc870e425fd34a93f3e38adccf8eb4c8fd1ef1a)) + ## [1.4.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.3.0...v1.4.0) (2024-11-29) From 41e5c75b2ea15a8631f8bb9f7f73ad5d868eeddf Mon Sep 17 00:00:00 2001 From: Melissa Greenbaum <69476188+magreenbaum@users.noreply.github.com> Date: Sat, 29 Mar 2025 09:49:21 -0400 Subject: [PATCH 03/22] feat: Add elasticache cluster timeouts (#33) --- README.md | 5 +++-- examples/redis-cluster/main.tf | 6 ++++++ main.tf | 6 ++++++ variables.tf | 6 ++++++ versions.tf | 2 +- 5 files changed, 22 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 9cea7db..e437ed6 100644 --- a/README.md +++ b/README.md @@ -366,14 +366,14 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 1.0 | -| [aws](#requirement\_aws) | >= 5.73 | +| [aws](#requirement\_aws) | >= 5.93 | | [random](#requirement\_random) | >= 3.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 5.73 | +| [aws](#provider\_aws) | >= 5.93 | | [random](#provider\_random) | >= 3.0 | ## Modules @@ -462,6 +462,7 @@ No modules. | [subnet\_group\_name](#input\_subnet\_group\_name) | The name of the subnet group. If `create_subnet_group` is `true`, this is the name assigned to the subnet group created. Otherwise, this is the name of an existing subnet group | `string` | `null` | no | | [subnet\_ids](#input\_subnet\_ids) | List of VPC Subnet IDs for the Elasticache subnet group | `list(string)` | `[]` | no | | [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no | +| [timeouts](#input\_timeouts) | Define maximum timeout for creating, updating, and deleting cluster resource | `map(string)` | `{}` | no | | [transit\_encryption\_enabled](#input\_transit\_encryption\_enabled) | Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC | `bool` | `true` | no | | [transit\_encryption\_mode](#input\_transit\_encryption\_mode) | A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are preferred and required | `string` | `null` | no | | [user\_group\_ids](#input\_user\_group\_ids) | User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid | `list(string)` | `null` | no | diff --git a/examples/redis-cluster/main.tf b/examples/redis-cluster/main.tf index d2fa6fc..9e1e504 100644 --- a/examples/redis-cluster/main.tf +++ b/examples/redis-cluster/main.tf @@ -64,6 +64,12 @@ module "elasticache" { ] tags = local.tags + + timeouts = { + create = "1h" + update = "2h" + delete = "1h" + } } module "elasticache_disabled" { diff --git a/main.tf b/main.tf index 69a3b9b..4097459 100644 --- a/main.tf +++ b/main.tf @@ -61,6 +61,12 @@ resource "aws_elasticache_cluster" "this" { transit_encryption_enabled = var.engine == "memcached" ? var.transit_encryption_enabled : null tags = local.tags + + timeouts { + create = try(var.timeouts.create, null) + update = try(var.timeouts.update, null) + delete = try(var.timeouts.delete, null) + } } ################################################################################ diff --git a/variables.tf b/variables.tf index 55b36ba..f4049d6 100644 --- a/variables.tf +++ b/variables.tf @@ -187,6 +187,12 @@ variable "transit_encryption_mode" { default = null } +variable "timeouts" { + description = "Define maximum timeout for creating, updating, and deleting cluster resource" + type = map(string) + default = {} +} + ################################################################################ # Replication Group ################################################################################ diff --git a/versions.tf b/versions.tf index 648b57a..6dda813 100644 --- a/versions.tf +++ b/versions.tf @@ -4,7 +4,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = ">= 5.73" + version = ">= 5.93" } random = { source = "hashicorp/random" From 5ebac98382eabce381e84cc478235f81005c11d7 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Sat, 29 Mar 2025 13:49:45 +0000 Subject: [PATCH 04/22] chore(release): version 1.5.0 [skip ci] ## [1.5.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.1...v1.5.0) (2025-03-29) ### Features * Add elasticache cluster timeouts ([#33](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/33)) ([41e5c75](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/41e5c75b2ea15a8631f8bb9f7f73ad5d868eeddf)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 7e4b3bc..1b71d98 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.5.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.1...v1.5.0) (2025-03-29) + + +### Features + +* Add elasticache cluster timeouts ([#33](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/33)) ([41e5c75](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/41e5c75b2ea15a8631f8bb9f7f73ad5d868eeddf)) + ## [1.4.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.0...v1.4.1) (2024-12-02) From 9133f1ec80c4cefef8dd5a763f6f6d9e4526276e Mon Sep 17 00:00:00 2001 From: Alisson Ramos de Oliveira <13340485+alisson276@users.noreply.github.com> Date: Sun, 30 Mar 2025 15:10:13 +0100 Subject: [PATCH 05/22] feat: Set `create_before_destroy` on subnet group (#29) Co-authored-by: Bryant Biggs --- main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/main.tf b/main.tf index 4097459..98cbbb0 100644 --- a/main.tf +++ b/main.tf @@ -292,6 +292,10 @@ resource "aws_elasticache_subnet_group" "this" { subnet_ids = var.subnet_ids tags = local.tags + + lifecycle { + create_before_destroy = true + } } ################################################################################ From d10bc362c93de62971a78d243aa4d00f66cf59c2 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Sun, 30 Mar 2025 14:10:34 +0000 Subject: [PATCH 06/22] chore(release): version 1.6.0 [skip ci] ## [1.6.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.5.0...v1.6.0) (2025-03-30) ### Features * Set `create_before_destroy` on subnet group ([#29](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/29)) ([9133f1e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/9133f1ec80c4cefef8dd5a763f6f6d9e4526276e)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1b71d98..afcc12d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.6.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.5.0...v1.6.0) (2025-03-30) + + +### Features + +* Set `create_before_destroy` on subnet group ([#29](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/29)) ([9133f1e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/9133f1ec80c4cefef8dd5a763f6f6d9e4526276e)) + ## [1.5.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.4.1...v1.5.0) (2025-03-29) From b3fe278d2f12a76a34d6b32b847a58c3b210f7f1 Mon Sep 17 00:00:00 2001 From: Nicolai Antiferov Date: Mon, 21 Jul 2025 17:34:50 +0300 Subject: [PATCH 07/22] fix: Remove restriction on engine to allow Valkey cluster creation (#44) --- main.tf | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/main.tf b/main.tf index 98cbbb0..cdeb42a 100644 --- a/main.tf +++ b/main.tf @@ -2,11 +2,6 @@ locals { # https://github.com/hashicorp/terraform-provider-aws/blob/3c4cb52c5dc2c09e10e5a717f73d1d8bc4186e87/internal/service/elasticache/cluster.go#L271 in_replication_group = var.replication_group_id != null - # elasticache clusters currently do not support engine type valkey - # TODO: remove this local `create_cluster` conditional once this bug is addressed: - # https://github.com/hashicorp/terraform-provider-aws/issues/39905 - create_cluster = var.create_cluster && var.engine != "valkey" ? true : false - security_group_ids = local.create_security_group ? concat(var.security_group_ids, [aws_security_group.this[0].id]) : var.security_group_ids port = var.engine == "memcached" ? 11211 : 6379 @@ -18,7 +13,7 @@ locals { ################################################################################ resource "aws_elasticache_cluster" "this" { - count = var.create && local.create_cluster ? 1 : 0 + count = var.create && var.create_cluster ? 1 : 0 apply_immediately = var.apply_immediately auto_minor_version_upgrade = var.auto_minor_version_upgrade From 98fe3b4d8518b2f28fba759a9cece95bdef55afa Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 21 Jul 2025 14:35:17 +0000 Subject: [PATCH 08/22] chore(release): version 1.6.1 [skip ci] ## [1.6.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.0...v1.6.1) (2025-07-21) ### Bug Fixes * Remove restriction on engine to allow Valkey cluster creation ([#44](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/44)) ([b3fe278](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/b3fe278d2f12a76a34d6b32b847a58c3b210f7f1)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index afcc12d..aec085c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.6.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.0...v1.6.1) (2025-07-21) + + +### Bug Fixes + +* Remove restriction on engine to allow Valkey cluster creation ([#44](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/44)) ([b3fe278](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/b3fe278d2f12a76a34d6b32b847a58c3b210f7f1)) + ## [1.6.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.5.0...v1.6.0) (2025-03-30) From 0695d6a0512b144651cd11dea5929f48730fb916 Mon Sep 17 00:00:00 2001 From: armin-x86 <65223475+armin-x86@users.noreply.github.com> Date: Mon, 21 Jul 2025 17:51:05 +0300 Subject: [PATCH 09/22] fix: Use lowercase form of default engine `"redis"` (#41) Signed-off-by: armin-x86 Co-authored-by: Bryant Biggs --- .pre-commit-config.yaml | 2 +- modules/user-group/README.md | 2 +- modules/user-group/variables.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a6cd369..626bd79 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.96.1 + rev: v1.99.5 hooks: - id: terraform_fmt - id: terraform_docs diff --git a/modules/user-group/README.md b/modules/user-group/README.md index 6e4305e..4525ab1 100644 --- a/modules/user-group/README.md +++ b/modules/user-group/README.md @@ -96,7 +96,7 @@ No modules. | [create\_group](#input\_create\_group) | Determines whether a user group will be created | `bool` | `true` | no | | [default\_user](#input\_default\_user) | A map of default user attributes | `any` | `{}` | no | | [default\_user\_id](#input\_default\_user\_id) | The ID of the default user | `string` | `"default"` | no | -| [engine](#input\_engine) | The current supported value is `REDIS` | `string` | `"REDIS"` | no | +| [engine](#input\_engine) | The current supported value is `REDIS` | `string` | `"redis"` | no | | [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no | | [user\_group\_id](#input\_user\_group\_id) | The ID of the user group | `string` | `""` | no | | [users](#input\_users) | A map of users to create | `any` | `{}` | no | diff --git a/modules/user-group/variables.tf b/modules/user-group/variables.tf index d4d461e..252461b 100644 --- a/modules/user-group/variables.tf +++ b/modules/user-group/variables.tf @@ -23,7 +23,7 @@ variable "create_group" { variable "engine" { description = "The current supported value is `REDIS`" type = string - default = "REDIS" + default = "redis" } variable "user_group_id" { From c38b484da7ec953c60ac99e10aa39c8583d21989 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 21 Jul 2025 14:51:26 +0000 Subject: [PATCH 10/22] chore(release): version 1.6.2 [skip ci] ## [1.6.2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.1...v1.6.2) (2025-07-21) ### Bug Fixes * Use lowercase form of default engine `"redis"` ([#41](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/41)) ([0695d6a](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/0695d6a0512b144651cd11dea5929f48730fb916)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index aec085c..d52cb16 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.6.2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.1...v1.6.2) (2025-07-21) + + +### Bug Fixes + +* Use lowercase form of default engine `"redis"` ([#41](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/41)) ([0695d6a](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/0695d6a0512b144651cd11dea5929f48730fb916)) + ## [1.6.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.0...v1.6.1) (2025-07-21) From 2f30ea2b2fdd017c747262061095b66bc6bf09a7 Mon Sep 17 00:00:00 2001 From: Alexey Dubkov Date: Fri, 25 Jul 2025 07:10:38 -0700 Subject: [PATCH 11/22] feat: Add option to customize global_replication_group_id_suffix (#47) --- README.md | 1 + main.tf | 2 +- variables.tf | 6 ++++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e437ed6..64bec7f 100644 --- a/README.md +++ b/README.md @@ -425,6 +425,7 @@ No modules. | [engine\_version](#input\_engine\_version) | Version number of the cache engine to be used. If not set, defaults to the latest version | `string` | `null` | no | | [final\_snapshot\_identifier](#input\_final\_snapshot\_identifier) | (Redis only) Name of your final cluster snapshot. If omitted, no final snapshot will be made | `string` | `null` | no | | [global\_replication\_group\_id](#input\_global\_replication\_group\_id) | The ID of the global replication group to which this replication group should belong | `string` | `null` | no | +| [global\_replication\_group\_id\_suffix](#input\_global\_replication\_group\_id\_suffix) | The ID suffix of the global replication group | `string` | `null` | no | | [ip\_discovery](#input\_ip\_discovery) | The IP version to advertise in the discovery protocol. Valid values are `ipv4` or `ipv6` | `string` | `null` | no | | [kms\_key\_arn](#input\_kms\_key\_arn) | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true` | `string` | `null` | no | | [log\_delivery\_configuration](#input\_log\_delivery\_configuration) | (Redis OSS or Valkey) Specifies the destination and format of Redis OSS/Valkey SLOWLOG or Redis OSS/Valkey Engine Log | `any` | 
{
  "slow-log": {
    "destination_type": "cloudwatch-logs",
    "log_format": "json"
  }
}
| no | diff --git a/main.tf b/main.tf index cdeb42a..d02b7aa 100644 --- a/main.tf +++ b/main.tf @@ -144,7 +144,7 @@ resource "aws_elasticache_global_replication_group" "this" { cache_node_type = var.node_type engine_version = var.engine_version - global_replication_group_id_suffix = var.replication_group_id + global_replication_group_id_suffix = coalesce(var.global_replication_group_id_suffix, var.replication_group_id) global_replication_group_description = coalesce(var.description, "Global replication group") primary_replication_group_id = aws_elasticache_replication_group.global[0].id parameter_group_name = local.parameter_group_name_result diff --git a/variables.tf b/variables.tf index f4049d6..d157d04 100644 --- a/variables.tf +++ b/variables.tf @@ -239,6 +239,12 @@ variable "global_replication_group_id" { default = null } +variable "global_replication_group_id_suffix" { + description = "The ID suffix of the global replication group" + type = string + default = null +} + variable "kms_key_arn" { description = "The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true`" type = string From bc5b57a8670ce1c102dcb32a2e3ad3dae2eb8ec4 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Fri, 25 Jul 2025 14:11:03 +0000 Subject: [PATCH 12/22] chore(release): version 1.7.0 [skip ci] ## [1.7.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.2...v1.7.0) (2025-07-25) ### Features * Add option to customize global_replication_group_id_suffix ([#47](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/47)) ([2f30ea2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/2f30ea2b2fdd017c747262061095b66bc6bf09a7)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index d52cb16..49db9c3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.7.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.2...v1.7.0) (2025-07-25) + + +### Features + +* Add option to customize global_replication_group_id_suffix ([#47](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/47)) ([2f30ea2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/2f30ea2b2fdd017c747262061095b66bc6bf09a7)) + ## [1.6.2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.1...v1.6.2) (2025-07-21) From 0b06d8e4a74a602ad774f9d8f0422734e19ab680 Mon Sep 17 00:00:00 2001 From: detomarco Date: Tue, 16 Sep 2025 16:59:22 +0200 Subject: [PATCH 13/22] feat: Add replication group port to outputs (#50) Co-authored-by: Marco De Toma --- README.md | 1 + examples/redis-global-replication-group/README.md | 1 + examples/redis-global-replication-group/outputs.tf | 5 +++++ examples/redis-replication-group/README.md | 1 + examples/redis-replication-group/outputs.tf | 5 +++++ outputs.tf | 5 +++++ 6 files changed, 18 insertions(+) diff --git a/README.md b/README.md index 64bec7f..5dfb4c7 100644 --- a/README.md +++ b/README.md @@ -492,6 +492,7 @@ No modules. | [replication\_group\_engine\_version\_actual](#output\_replication\_group\_engine\_version\_actual) | Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine | | [replication\_group\_id](#output\_replication\_group\_id) | ID of the ElastiCache Replication Group | | [replication\_group\_member\_clusters](#output\_replication\_group\_member\_clusters) | Identifiers of all the nodes that are part of this replication group | +| [replication\_group\_port](#output\_replication\_group\_port) | Port of the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_primary\_endpoint\_address](#output\_replication\_group\_primary\_endpoint\_address) | Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_reader\_endpoint\_address](#output\_replication\_group\_reader\_endpoint\_address) | Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled | | [security\_group\_arn](#output\_security\_group\_arn) | Amazon Resource Name (ARN) of the security group | diff --git a/examples/redis-global-replication-group/README.md b/examples/redis-global-replication-group/README.md index f512f47..a3b3c7a 100644 --- a/examples/redis-global-replication-group/README.md +++ b/examples/redis-global-replication-group/README.md @@ -74,6 +74,7 @@ No inputs. | [replication\_group\_engine\_version\_actual](#output\_replication\_group\_engine\_version\_actual) | Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine | | [replication\_group\_id](#output\_replication\_group\_id) | ID of the ElastiCache Replication Group | | [replication\_group\_member\_clusters](#output\_replication\_group\_member\_clusters) | Identifiers of all the nodes that are part of this replication group | +| [replication\_group\_port](#output\_replication\_group\_port) | Port of the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_primary\_endpoint\_address](#output\_replication\_group\_primary\_endpoint\_address) | Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_reader\_endpoint\_address](#output\_replication\_group\_reader\_endpoint\_address) | Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled | | [security\_group\_arn](#output\_security\_group\_arn) | Amazon Resource Name (ARN) of the security group | diff --git a/examples/redis-global-replication-group/outputs.tf b/examples/redis-global-replication-group/outputs.tf index 85300ce..602424f 100644 --- a/examples/redis-global-replication-group/outputs.tf +++ b/examples/redis-global-replication-group/outputs.tf @@ -61,6 +61,11 @@ output "replication_group_primary_endpoint_address" { value = module.elasticache_primary.replication_group_primary_endpoint_address } +output "replication_group_port" { + description = "Port of the primary node in the replication group, if the cluster mode is disabled" + value = module.elasticache_primary.replication_group_port +} + output "replication_group_reader_endpoint_address" { description = "Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled" value = module.elasticache_primary.replication_group_reader_endpoint_address diff --git a/examples/redis-replication-group/README.md b/examples/redis-replication-group/README.md index e4e2312..b873d2c 100644 --- a/examples/redis-replication-group/README.md +++ b/examples/redis-replication-group/README.md @@ -66,6 +66,7 @@ No inputs. | [replication\_group\_engine\_version\_actual](#output\_replication\_group\_engine\_version\_actual) | Because ElastiCache pulls the latest minor or patch for a version, this attribute returns the running version of the cache engine | | [replication\_group\_id](#output\_replication\_group\_id) | ID of the ElastiCache Replication Group | | [replication\_group\_member\_clusters](#output\_replication\_group\_member\_clusters) | Identifiers of all the nodes that are part of this replication group | +| [replication\_group\_port](#output\_replication\_group\_port) | Port of the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_primary\_endpoint\_address](#output\_replication\_group\_primary\_endpoint\_address) | Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled | | [replication\_group\_reader\_endpoint\_address](#output\_replication\_group\_reader\_endpoint\_address) | Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled | | [security\_group\_arn](#output\_security\_group\_arn) | Amazon Resource Name (ARN) of the security group | diff --git a/examples/redis-replication-group/outputs.tf b/examples/redis-replication-group/outputs.tf index ccf51c7..3956261 100644 --- a/examples/redis-replication-group/outputs.tf +++ b/examples/redis-replication-group/outputs.tf @@ -61,6 +61,11 @@ output "replication_group_primary_endpoint_address" { value = module.elasticache.replication_group_primary_endpoint_address } +output "replication_group_port" { + description = "Port of the primary node in the replication group, if the cluster mode is disabled" + value = module.elasticache.replication_group_port +} + output "replication_group_reader_endpoint_address" { description = "Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled" value = module.elasticache.replication_group_reader_endpoint_address diff --git a/outputs.tf b/outputs.tf index e015a78..79fad03 100644 --- a/outputs.tf +++ b/outputs.tf @@ -61,6 +61,11 @@ output "replication_group_primary_endpoint_address" { value = try(aws_elasticache_replication_group.this[0].primary_endpoint_address, aws_elasticache_replication_group.global[0].primary_endpoint_address, null) } +output "replication_group_port" { + description = "Port of the primary node in the replication group, if the cluster mode is disabled" + value = try(aws_elasticache_replication_group.this[0].port, aws_elasticache_replication_group.global[0].port, null) +} + output "replication_group_reader_endpoint_address" { description = "Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled" value = try(aws_elasticache_replication_group.this[0].reader_endpoint_address, aws_elasticache_replication_group.global[0].reader_endpoint_address, null) From d7ed9d7bdc02a41983b8b6b190ce15d30473592f Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Tue, 16 Sep 2025 14:59:47 +0000 Subject: [PATCH 14/22] chore(release): version 1.8.0 [skip ci] ## [1.8.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.7.0...v1.8.0) (2025-09-16) ### Features * Add replication group port to outputs ([#50](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/50)) ([0b06d8e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/0b06d8e4a74a602ad774f9d8f0422734e19ab680)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49db9c3..e936030 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.8.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.7.0...v1.8.0) (2025-09-16) + + +### Features + +* Add replication group port to outputs ([#50](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/50)) ([0b06d8e](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/0b06d8e4a74a602ad774f9d8f0422734e19ab680)) + ## [1.7.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.6.2...v1.7.0) (2025-07-25) From 42ccd2429c927913a043ead7f14dc14277df5c7b Mon Sep 17 00:00:00 2001 From: Florin Andrei <901867+FlorinAndrei@users.noreply.github.com> Date: Thu, 25 Sep 2025 13:45:18 -0700 Subject: [PATCH 15/22] feat: Allow security group rules to reference the security group created by the module (#51) Co-authored-by: Bryant Biggs --- .pre-commit-config.yaml | 4 ++-- examples/redis-cluster/main.tf | 9 ++++----- main.tf | 4 ++-- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 626bd79..11084f7 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.99.5 + rev: v1.100.0 hooks: - id: terraform_fmt - id: terraform_docs @@ -23,7 +23,7 @@ repos: - '--args=--only=terraform_workspace_remote' - id: terraform_validate - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v5.0.0 + rev: v6.0.0 hooks: - id: check-merge-conflict - id: end-of-file-fixer diff --git a/examples/redis-cluster/main.tf b/examples/redis-cluster/main.tf index 9e1e504..b659d13 100644 --- a/examples/redis-cluster/main.tf +++ b/examples/redis-cluster/main.tf @@ -38,11 +38,10 @@ module "elasticache" { # Security Group vpc_id = module.vpc.vpc_id security_group_rules = { - ingress_vpc = { - # Default type is `ingress` - # Default port is based on the default engine port - description = "VPC traffic" - cidr_ipv4 = module.vpc.vpc_cidr_block + ingress-self-redis = { + type = "ingress" + referenced_security_group_id = "self" + description = "Allow traffic from this security group to itself." } } diff --git a/main.tf b/main.tf index d02b7aa..2020140 100644 --- a/main.tf +++ b/main.tf @@ -330,7 +330,7 @@ resource "aws_vpc_security_group_ingress_rule" "this" { description = try(each.value.description, null) from_port = try(each.value.from_port, local.port) prefix_list_id = lookup(each.value, "prefix_list_id", null) - referenced_security_group_id = lookup(each.value, "referenced_security_group_id", null) + referenced_security_group_id = lookup(each.value, "referenced_security_group_id", null) == "self" ? aws_security_group.this[0].id : lookup(each.value, "referenced_security_group_id", null) to_port = try(each.value.to_port, local.port) tags = merge(local.tags, var.security_group_tags, try(each.value.tags, {})) @@ -349,7 +349,7 @@ resource "aws_vpc_security_group_egress_rule" "this" { description = try(each.value.description, null) from_port = try(each.value.from_port, null) prefix_list_id = lookup(each.value, "prefix_list_id", null) - referenced_security_group_id = lookup(each.value, "referenced_security_group_id", null) + referenced_security_group_id = lookup(each.value, "referenced_security_group_id", null) == "self" ? aws_security_group.this[0].id : lookup(each.value, "referenced_security_group_id", null) to_port = try(each.value.to_port, null) tags = merge(local.tags, var.security_group_tags, try(each.value.tags, {})) From c420285a6633064e5fb6f27efd06aabaae08e849 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Thu, 25 Sep 2025 20:45:45 +0000 Subject: [PATCH 16/22] chore(release): version 1.9.0 [skip ci] ## [1.9.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.8.0...v1.9.0) (2025-09-25) ### Features * Allow security group rules to reference the security group created by the module ([#51](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/51)) ([42ccd24](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/42ccd2429c927913a043ead7f14dc14277df5c7b)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index e936030..b4c82b4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.9.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.8.0...v1.9.0) (2025-09-25) + + +### Features + +* Allow security group rules to reference the security group created by the module ([#51](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/51)) ([42ccd24](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/42ccd2429c927913a043ead7f14dc14277df5c7b)) + ## [1.8.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.7.0...v1.8.0) (2025-09-16) From 1e4241a561af6d23bdef50da995a77502b6a9fa7 Mon Sep 17 00:00:00 2001 From: flora-five <72858916+flora-five@users.noreply.github.com> Date: Wed, 1 Oct 2025 17:15:19 +0300 Subject: [PATCH 17/22] feat: Add Terragrunt wrappers (#52) --- .pre-commit-config.yaml | 3 +- wrappers/README.md | 100 +++++++++++++++++++++++++ wrappers/main.tf | 79 +++++++++++++++++++ wrappers/outputs.tf | 5 ++ wrappers/serverless-cache/README.md | 100 +++++++++++++++++++++++++ wrappers/serverless-cache/main.tf | 21 ++++++ wrappers/serverless-cache/outputs.tf | 5 ++ wrappers/serverless-cache/variables.tf | 11 +++ wrappers/serverless-cache/versions.tf | 10 +++ wrappers/user-group/README.md | 100 +++++++++++++++++++++++++ wrappers/user-group/main.tf | 15 ++++ wrappers/user-group/outputs.tf | 5 ++ wrappers/user-group/variables.tf | 11 +++ wrappers/user-group/versions.tf | 10 +++ wrappers/variables.tf | 11 +++ wrappers/versions.tf | 14 ++++ 16 files changed, 499 insertions(+), 1 deletion(-) create mode 100644 wrappers/README.md create mode 100644 wrappers/main.tf create mode 100644 wrappers/outputs.tf create mode 100644 wrappers/serverless-cache/README.md create mode 100644 wrappers/serverless-cache/main.tf create mode 100644 wrappers/serverless-cache/outputs.tf create mode 100644 wrappers/serverless-cache/variables.tf create mode 100644 wrappers/serverless-cache/versions.tf create mode 100644 wrappers/user-group/README.md create mode 100644 wrappers/user-group/main.tf create mode 100644 wrappers/user-group/outputs.tf create mode 100644 wrappers/user-group/variables.tf create mode 100644 wrappers/user-group/versions.tf create mode 100644 wrappers/variables.tf create mode 100644 wrappers/versions.tf diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 11084f7..52fd864 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,8 +1,9 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.100.0 + rev: v1.100.1 hooks: - id: terraform_fmt + - id: terraform_wrapper_module_for_each - id: terraform_docs args: - '--args=--lockfile=false' diff --git a/wrappers/README.md b/wrappers/README.md new file mode 100644 index 0000000..4f9fb89 --- /dev/null +++ b/wrappers/README.md @@ -0,0 +1,100 @@ +# Wrapper for the root module + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/elasticache/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-elasticache.git//wrappers?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/elasticache/aws//wrappers" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/main.tf b/wrappers/main.tf new file mode 100644 index 0000000..d53ac58 --- /dev/null +++ b/wrappers/main.tf @@ -0,0 +1,79 @@ +module "wrapper" { + source = "../" + + for_each = var.items + + apply_immediately = try(each.value.apply_immediately, var.defaults.apply_immediately, null) + at_rest_encryption_enabled = try(each.value.at_rest_encryption_enabled, var.defaults.at_rest_encryption_enabled, true) + auth_token = try(each.value.auth_token, var.defaults.auth_token, null) + auth_token_update_strategy = try(each.value.auth_token_update_strategy, var.defaults.auth_token_update_strategy, null) + auto_minor_version_upgrade = try(each.value.auto_minor_version_upgrade, var.defaults.auto_minor_version_upgrade, null) + automatic_failover_enabled = try(each.value.automatic_failover_enabled, var.defaults.automatic_failover_enabled, null) + availability_zone = try(each.value.availability_zone, var.defaults.availability_zone, null) + az_mode = try(each.value.az_mode, var.defaults.az_mode, null) + cluster_id = try(each.value.cluster_id, var.defaults.cluster_id, "") + cluster_mode = try(each.value.cluster_mode, var.defaults.cluster_mode, null) + cluster_mode_enabled = try(each.value.cluster_mode_enabled, var.defaults.cluster_mode_enabled, false) + create = try(each.value.create, var.defaults.create, true) + create_cluster = try(each.value.create_cluster, var.defaults.create_cluster, false) + create_parameter_group = try(each.value.create_parameter_group, var.defaults.create_parameter_group, false) + create_primary_global_replication_group = try(each.value.create_primary_global_replication_group, var.defaults.create_primary_global_replication_group, false) + create_replication_group = try(each.value.create_replication_group, var.defaults.create_replication_group, true) + create_secondary_global_replication_group = try(each.value.create_secondary_global_replication_group, var.defaults.create_secondary_global_replication_group, false) + create_security_group = try(each.value.create_security_group, var.defaults.create_security_group, true) + create_subnet_group = try(each.value.create_subnet_group, var.defaults.create_subnet_group, true) + data_tiering_enabled = try(each.value.data_tiering_enabled, var.defaults.data_tiering_enabled, null) + description = try(each.value.description, var.defaults.description, null) + engine = try(each.value.engine, var.defaults.engine, "redis") + engine_version = try(each.value.engine_version, var.defaults.engine_version, null) + final_snapshot_identifier = try(each.value.final_snapshot_identifier, var.defaults.final_snapshot_identifier, null) + global_replication_group_id = try(each.value.global_replication_group_id, var.defaults.global_replication_group_id, null) + global_replication_group_id_suffix = try(each.value.global_replication_group_id_suffix, var.defaults.global_replication_group_id_suffix, null) + ip_discovery = try(each.value.ip_discovery, var.defaults.ip_discovery, null) + kms_key_arn = try(each.value.kms_key_arn, var.defaults.kms_key_arn, null) + log_delivery_configuration = try(each.value.log_delivery_configuration, var.defaults.log_delivery_configuration, { + slow-log = { + destination_type = "cloudwatch-logs" + log_format = "json" + } + }) + maintenance_window = try(each.value.maintenance_window, var.defaults.maintenance_window, null) + multi_az_enabled = try(each.value.multi_az_enabled, var.defaults.multi_az_enabled, false) + network_type = try(each.value.network_type, var.defaults.network_type, null) + node_type = try(each.value.node_type, var.defaults.node_type, null) + notification_topic_arn = try(each.value.notification_topic_arn, var.defaults.notification_topic_arn, null) + num_cache_clusters = try(each.value.num_cache_clusters, var.defaults.num_cache_clusters, null) + num_cache_nodes = try(each.value.num_cache_nodes, var.defaults.num_cache_nodes, 1) + num_node_groups = try(each.value.num_node_groups, var.defaults.num_node_groups, null) + outpost_mode = try(each.value.outpost_mode, var.defaults.outpost_mode, null) + parameter_group_description = try(each.value.parameter_group_description, var.defaults.parameter_group_description, null) + parameter_group_family = try(each.value.parameter_group_family, var.defaults.parameter_group_family, "") + parameter_group_name = try(each.value.parameter_group_name, var.defaults.parameter_group_name, null) + parameters = try(each.value.parameters, var.defaults.parameters, []) + port = try(each.value.port, var.defaults.port, null) + preferred_availability_zones = try(each.value.preferred_availability_zones, var.defaults.preferred_availability_zones, []) + preferred_cache_cluster_azs = try(each.value.preferred_cache_cluster_azs, var.defaults.preferred_cache_cluster_azs, []) + preferred_outpost_arn = try(each.value.preferred_outpost_arn, var.defaults.preferred_outpost_arn, null) + replicas_per_node_group = try(each.value.replicas_per_node_group, var.defaults.replicas_per_node_group, null) + replication_group_id = try(each.value.replication_group_id, var.defaults.replication_group_id, null) + security_group_description = try(each.value.security_group_description, var.defaults.security_group_description, null) + security_group_ids = try(each.value.security_group_ids, var.defaults.security_group_ids, []) + security_group_name = try(each.value.security_group_name, var.defaults.security_group_name, null) + security_group_names = try(each.value.security_group_names, var.defaults.security_group_names, []) + security_group_rules = try(each.value.security_group_rules, var.defaults.security_group_rules, {}) + security_group_tags = try(each.value.security_group_tags, var.defaults.security_group_tags, {}) + security_group_use_name_prefix = try(each.value.security_group_use_name_prefix, var.defaults.security_group_use_name_prefix, true) + snapshot_arns = try(each.value.snapshot_arns, var.defaults.snapshot_arns, []) + snapshot_name = try(each.value.snapshot_name, var.defaults.snapshot_name, null) + snapshot_retention_limit = try(each.value.snapshot_retention_limit, var.defaults.snapshot_retention_limit, null) + snapshot_window = try(each.value.snapshot_window, var.defaults.snapshot_window, null) + subnet_group_description = try(each.value.subnet_group_description, var.defaults.subnet_group_description, null) + subnet_group_name = try(each.value.subnet_group_name, var.defaults.subnet_group_name, null) + subnet_ids = try(each.value.subnet_ids, var.defaults.subnet_ids, []) + tags = try(each.value.tags, var.defaults.tags, {}) + timeouts = try(each.value.timeouts, var.defaults.timeouts, {}) + transit_encryption_enabled = try(each.value.transit_encryption_enabled, var.defaults.transit_encryption_enabled, true) + transit_encryption_mode = try(each.value.transit_encryption_mode, var.defaults.transit_encryption_mode, null) + user_group_ids = try(each.value.user_group_ids, var.defaults.user_group_ids, null) + vpc_id = try(each.value.vpc_id, var.defaults.vpc_id, null) +} diff --git a/wrappers/outputs.tf b/wrappers/outputs.tf new file mode 100644 index 0000000..ec6da5f --- /dev/null +++ b/wrappers/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/serverless-cache/README.md b/wrappers/serverless-cache/README.md new file mode 100644 index 0000000..03338a3 --- /dev/null +++ b/wrappers/serverless-cache/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/serverless-cache` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/elasticache/aws//wrappers/serverless-cache" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-elasticache.git//wrappers/serverless-cache?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/elasticache/aws//wrappers/serverless-cache" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/serverless-cache/main.tf b/wrappers/serverless-cache/main.tf new file mode 100644 index 0000000..e46f1a1 --- /dev/null +++ b/wrappers/serverless-cache/main.tf @@ -0,0 +1,21 @@ +module "wrapper" { + source = "../../modules/serverless-cache" + + for_each = var.items + + cache_name = try(each.value.cache_name, var.defaults.cache_name, null) + cache_usage_limits = try(each.value.cache_usage_limits, var.defaults.cache_usage_limits, {}) + create = try(each.value.create, var.defaults.create, true) + daily_snapshot_time = try(each.value.daily_snapshot_time, var.defaults.daily_snapshot_time, null) + description = try(each.value.description, var.defaults.description, null) + engine = try(each.value.engine, var.defaults.engine, "redis") + kms_key_id = try(each.value.kms_key_id, var.defaults.kms_key_id, null) + major_engine_version = try(each.value.major_engine_version, var.defaults.major_engine_version, null) + security_group_ids = try(each.value.security_group_ids, var.defaults.security_group_ids, []) + snapshot_arns_to_restore = try(each.value.snapshot_arns_to_restore, var.defaults.snapshot_arns_to_restore, null) + snapshot_retention_limit = try(each.value.snapshot_retention_limit, var.defaults.snapshot_retention_limit, null) + subnet_ids = try(each.value.subnet_ids, var.defaults.subnet_ids, []) + tags = try(each.value.tags, var.defaults.tags, {}) + timeouts = try(each.value.timeouts, var.defaults.timeouts, {}) + user_group_id = try(each.value.user_group_id, var.defaults.user_group_id, null) +} diff --git a/wrappers/serverless-cache/outputs.tf b/wrappers/serverless-cache/outputs.tf new file mode 100644 index 0000000..ec6da5f --- /dev/null +++ b/wrappers/serverless-cache/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/serverless-cache/variables.tf b/wrappers/serverless-cache/variables.tf new file mode 100644 index 0000000..a6ea096 --- /dev/null +++ b/wrappers/serverless-cache/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/serverless-cache/versions.tf b/wrappers/serverless-cache/versions.tf new file mode 100644 index 0000000..0f48a6c --- /dev/null +++ b/wrappers/serverless-cache/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.73" + } + } +} diff --git a/wrappers/user-group/README.md b/wrappers/user-group/README.md new file mode 100644 index 0000000..bd17f5f --- /dev/null +++ b/wrappers/user-group/README.md @@ -0,0 +1,100 @@ +# Wrapper for module: `modules/user-group` + +The configuration in this directory contains an implementation of a single module wrapper pattern, which allows managing several copies of a module in places where using the native Terraform 0.13+ `for_each` feature is not feasible (e.g., with Terragrunt). + +You may want to use a single Terragrunt configuration file to manage multiple resources without duplicating `terragrunt.hcl` files for each copy of the same module. + +This wrapper does not implement any extra functionality. + +## Usage with Terragrunt + +`terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/elasticache/aws//wrappers/user-group" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-elasticache.git//wrappers/user-group?ref=master" +} + +inputs = { + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Usage with Terraform + +```hcl +module "wrapper" { + source = "terraform-aws-modules/elasticache/aws//wrappers/user-group" + + defaults = { # Default values + create = true + tags = { + Terraform = "true" + Environment = "dev" + } + } + + items = { + my-item = { + # omitted... can be any argument supported by the module + } + my-second-item = { + # omitted... can be any argument supported by the module + } + # omitted... + } +} +``` + +## Example: Manage multiple S3 buckets in one Terragrunt layer + +`eu-west-1/s3-buckets/terragrunt.hcl`: + +```hcl +terraform { + source = "tfr:///terraform-aws-modules/s3-bucket/aws//wrappers" + # Alternative source: + # source = "git::git@github.com:terraform-aws-modules/terraform-aws-s3-bucket.git//wrappers?ref=master" +} + +inputs = { + defaults = { + force_destroy = true + + attach_elb_log_delivery_policy = true + attach_lb_log_delivery_policy = true + attach_deny_insecure_transport_policy = true + attach_require_latest_tls_policy = true + } + + items = { + bucket1 = { + bucket = "my-random-bucket-1" + } + bucket2 = { + bucket = "my-random-bucket-2" + tags = { + Secure = "probably" + } + } + } +} +``` diff --git a/wrappers/user-group/main.tf b/wrappers/user-group/main.tf new file mode 100644 index 0000000..0af01d9 --- /dev/null +++ b/wrappers/user-group/main.tf @@ -0,0 +1,15 @@ +module "wrapper" { + source = "../../modules/user-group" + + for_each = var.items + + create = try(each.value.create, var.defaults.create, true) + create_default_user = try(each.value.create_default_user, var.defaults.create_default_user, true) + create_group = try(each.value.create_group, var.defaults.create_group, true) + default_user = try(each.value.default_user, var.defaults.default_user, {}) + default_user_id = try(each.value.default_user_id, var.defaults.default_user_id, "default") + engine = try(each.value.engine, var.defaults.engine, "redis") + tags = try(each.value.tags, var.defaults.tags, {}) + user_group_id = try(each.value.user_group_id, var.defaults.user_group_id, "") + users = try(each.value.users, var.defaults.users, {}) +} diff --git a/wrappers/user-group/outputs.tf b/wrappers/user-group/outputs.tf new file mode 100644 index 0000000..ec6da5f --- /dev/null +++ b/wrappers/user-group/outputs.tf @@ -0,0 +1,5 @@ +output "wrapper" { + description = "Map of outputs of a wrapper." + value = module.wrapper + # sensitive = false # No sensitive module output found +} diff --git a/wrappers/user-group/variables.tf b/wrappers/user-group/variables.tf new file mode 100644 index 0000000..a6ea096 --- /dev/null +++ b/wrappers/user-group/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/user-group/versions.tf b/wrappers/user-group/versions.tf new file mode 100644 index 0000000..0f48a6c --- /dev/null +++ b/wrappers/user-group/versions.tf @@ -0,0 +1,10 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.73" + } + } +} diff --git a/wrappers/variables.tf b/wrappers/variables.tf new file mode 100644 index 0000000..a6ea096 --- /dev/null +++ b/wrappers/variables.tf @@ -0,0 +1,11 @@ +variable "defaults" { + description = "Map of default values which will be used for each item." + type = any + default = {} +} + +variable "items" { + description = "Maps of items to create a wrapper from. Values are passed through to the module." + type = any + default = {} +} diff --git a/wrappers/versions.tf b/wrappers/versions.tf new file mode 100644 index 0000000..6dda813 --- /dev/null +++ b/wrappers/versions.tf @@ -0,0 +1,14 @@ +terraform { + required_version = ">= 1.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = ">= 5.93" + } + random = { + source = "hashicorp/random" + version = ">= 3.0" + } + } +} From b20a4be35e4ded7718b1043a3e3437f7868141ee Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Wed, 1 Oct 2025 14:15:52 +0000 Subject: [PATCH 18/22] chore(release): version 1.10.0 [skip ci] ## [1.10.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.9.0...v1.10.0) (2025-10-01) ### Features * Add Terragrunt wrappers ([#52](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/52)) ([1e4241a](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/1e4241a561af6d23bdef50da995a77502b6a9fa7)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b4c82b4..3b129bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.10.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.9.0...v1.10.0) (2025-10-01) + + +### Features + +* Add Terragrunt wrappers ([#52](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/52)) ([1e4241a](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/1e4241a561af6d23bdef50da995a77502b6a9fa7)) + ## [1.9.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.8.0...v1.9.0) (2025-09-25) From 2ee85eebdf450f3125ca6542b7f6a4f2f13fbecc Mon Sep 17 00:00:00 2001 From: Carim Date: Tue, 7 Oct 2025 16:39:45 +0200 Subject: [PATCH 19/22] fix: Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this (#56) --- README.md | 2 +- main.tf | 2 +- variables.tf | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5dfb4c7..aa79fd4 100644 --- a/README.md +++ b/README.md @@ -464,7 +464,7 @@ No modules. | [subnet\_ids](#input\_subnet\_ids) | List of VPC Subnet IDs for the Elasticache subnet group | `list(string)` | `[]` | no | | [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no | | [timeouts](#input\_timeouts) | Define maximum timeout for creating, updating, and deleting cluster resource | `map(string)` | `{}` | no | -| [transit\_encryption\_enabled](#input\_transit\_encryption\_enabled) | Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC | `bool` | `true` | no | +| [transit\_encryption\_enabled](#input\_transit\_encryption\_enabled) | Enable encryption in-transit. Supported on replication groups running Valkey 7.2 and later, and Redis OSS versions 3.2.6, 4.0.10 and later, running in a VPC | `bool` | `true` | no | | [transit\_encryption\_mode](#input\_transit\_encryption\_mode) | A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are preferred and required | `string` | `null` | no | | [user\_group\_ids](#input\_user\_group\_ids) | User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid | `list(string)` | `null` | no | | [vpc\_id](#input\_vpc\_id) | Identifier of the VPC where the security group will be created | `string` | `null` | no | diff --git a/main.tf b/main.tf index 2020140..4ee7685 100644 --- a/main.tf +++ b/main.tf @@ -53,7 +53,7 @@ resource "aws_elasticache_cluster" "this" { snapshot_retention_limit = local.in_replication_group ? null : var.snapshot_retention_limit snapshot_window = local.in_replication_group ? null : var.snapshot_window subnet_group_name = local.in_replication_group ? null : local.subnet_group_name - transit_encryption_enabled = var.engine == "memcached" ? var.transit_encryption_enabled : null + transit_encryption_enabled = var.transit_encryption_enabled tags = local.tags diff --git a/variables.tf b/variables.tf index d157d04..5ec6634 100644 --- a/variables.tf +++ b/variables.tf @@ -176,7 +176,7 @@ variable "snapshot_window" { } variable "transit_encryption_enabled" { - description = "Enable encryption in-transit. Supported only with Memcached versions `1.6.12` and later, running in a VPC" + description = "Enable encryption in-transit. Supported on replication groups running Valkey 7.2 and later, and Redis OSS versions 3.2.6, 4.0.10 and later, running in a VPC" type = bool default = true } From 9e7317eb95b15ed54baa2c348b9494a80f38c0de Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Tue, 7 Oct 2025 14:40:15 +0000 Subject: [PATCH 20/22] chore(release): version 1.10.1 [skip ci] ## [1.10.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.10.0...v1.10.1) (2025-10-07) ### Bug Fixes * Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this ([#56](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/56)) ([2ee85ee](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/2ee85eebdf450f3125ca6542b7f6a4f2f13fbecc)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b129bd..8046b10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.10.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.10.0...v1.10.1) (2025-10-07) + + +### Bug Fixes + +* Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this ([#56](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/56)) ([2ee85ee](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/2ee85eebdf450f3125ca6542b7f6a4f2f13fbecc)) + ## [1.10.0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.9.0...v1.10.0) (2025-10-01) From b241dc02309f03fe2475025aba9128caf565104f Mon Sep 17 00:00:00 2001 From: Bryant Biggs Date: Wed, 8 Oct 2025 07:31:15 -0500 Subject: [PATCH 21/22] fix: Revert - Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this #56 (#57) --- .pre-commit-config.yaml | 2 +- README.md | 4 ++-- main.tf | 3 ++- variables.tf | 4 ++-- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 52fd864..786a616 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.100.1 + rev: v1.101.0 hooks: - id: terraform_fmt - id: terraform_wrapper_module_for_each diff --git a/README.md b/README.md index aa79fd4..cd6a393 100644 --- a/README.md +++ b/README.md @@ -464,8 +464,8 @@ No modules. | [subnet\_ids](#input\_subnet\_ids) | List of VPC Subnet IDs for the Elasticache subnet group | `list(string)` | `[]` | no | | [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no | | [timeouts](#input\_timeouts) | Define maximum timeout for creating, updating, and deleting cluster resource | `map(string)` | `{}` | no | -| [transit\_encryption\_enabled](#input\_transit\_encryption\_enabled) | Enable encryption in-transit. Supported on replication groups running Valkey 7.2 and later, and Redis OSS versions 3.2.6, 4.0.10 and later, running in a VPC | `bool` | `true` | no | -| [transit\_encryption\_mode](#input\_transit\_encryption\_mode) | A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are preferred and required | `string` | `null` | no | +| [transit\_encryption\_enabled](#input\_transit\_encryption\_enabled) | Enable encryption in-transit | `bool` | `true` | no | +| [transit\_encryption\_mode](#input\_transit\_encryption\_mode) | A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are `preferred` and `required` | `string` | `null` | no | | [user\_group\_ids](#input\_user\_group\_ids) | User Group ID to associate with the replication group. Only a maximum of one (1) user group ID is valid | `list(string)` | `null` | no | | [vpc\_id](#input\_vpc\_id) | Identifier of the VPC where the security group will be created | `string` | `null` | no | diff --git a/main.tf b/main.tf index 4ee7685..e4ec87c 100644 --- a/main.tf +++ b/main.tf @@ -53,7 +53,8 @@ resource "aws_elasticache_cluster" "this" { snapshot_retention_limit = local.in_replication_group ? null : var.snapshot_retention_limit snapshot_window = local.in_replication_group ? null : var.snapshot_window subnet_group_name = local.in_replication_group ? null : local.subnet_group_name - transit_encryption_enabled = var.transit_encryption_enabled + # ToDo - remove restriction at next breaking change https://github.com/terraform-aws-modules/terraform-aws-elasticache/pull/56 + transit_encryption_enabled = var.engine == "memcached" ? var.transit_encryption_enabled : null tags = local.tags diff --git a/variables.tf b/variables.tf index 5ec6634..6d8d543 100644 --- a/variables.tf +++ b/variables.tf @@ -176,13 +176,13 @@ variable "snapshot_window" { } variable "transit_encryption_enabled" { - description = "Enable encryption in-transit. Supported on replication groups running Valkey 7.2 and later, and Redis OSS versions 3.2.6, 4.0.10 and later, running in a VPC" + description = "Enable encryption in-transit" type = bool default = true } variable "transit_encryption_mode" { - description = "A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are preferred and required" + description = "A setting that enables clients to migrate to in-transit encryption with no downtime. Valid values are `preferred` and `required`" type = string default = null } From f2097c9712338141363b87d30433df254f1df42a Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Wed, 8 Oct 2025 12:31:41 +0000 Subject: [PATCH 22/22] chore(release): version 1.10.2 [skip ci] ## [1.10.2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.10.1...v1.10.2) (2025-10-08) ### Bug Fixes * Revert - Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this [#56](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/56) ([#57](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/57)) ([b241dc0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/b241dc02309f03fe2475025aba9128caf565104f)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8046b10..e820d62 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [1.10.2](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.10.1...v1.10.2) (2025-10-08) + + +### Bug Fixes + +* Revert - Enable `transit_encryption_enabled` for all avialble engines now that Elasticache supports this [#56](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/56) ([#57](https://github.com/terraform-aws-modules/terraform-aws-elasticache/issues/57)) ([b241dc0](https://github.com/terraform-aws-modules/terraform-aws-elasticache/commit/b241dc02309f03fe2475025aba9128caf565104f)) + ## [1.10.1](https://github.com/terraform-aws-modules/terraform-aws-elasticache/compare/v1.10.0...v1.10.1) (2025-10-07)