Refactored redis module

README.md

@@ -18,6 +18,7 @@ AWS services that you can create:
 - **SecretsManager**
 - **RDS**
 - **Elasticsearch** (Opensearch)
+- **Redis** (Elasticache)
 
 ## Steps to init a new project 
 

clients/sample/sample.tfvars

@@ -21,7 +21,7 @@ projects        = [
             //    apply_immediately   = true
             //}
         ]
-        elasticsearch       = []
+        redis               = []
     },
     {
         project_name        = "frontend"
@@ -41,6 +41,18 @@ projects        = [
                     ebs_enabled = true
                     volume_size = 40
                 }
+        redis               = [
+            {
+                identifier          = "frontend-cluster"
+                engine              = "redis"
+                engine_version      = "7.0"
+                node_type           = "cache.t4g.micro"
+                num_cache_nodes     = 1
+                parameter_group     = "default.redis7"
+                apply_immediately   = true
+                prevent_destroy     = true
             }
         ]
-    }]
+        }]
+    }
+]

main.tf

@@ -37,6 +37,7 @@ module "projects" {
   repository_branch   = each.value.repository_branch
   databases           = each.value.databases
   elasticsearch       = each.value.elasticsearch
+  redis               = each.value.redis
 
   # Common
   owner               = var.owner

modules/projects/main.tf

@@ -247,4 +247,22 @@ module "elasticsearch" {
   environment               = var.environment
   project                   = var.project_name
   owner                     = var.owner
+}
+module "redis" {
+  source                    = "../../modules/redis"
+  for_each = {for cluster in var.redis: cluster.identifier => cluster}
+
+  identifier            = each.value.identifier
+  engine                = each.value.engine
+  engine_version        = each.value.engine_version
+  project               = var.project_name
+  owner                 = var.owner
+  aws_vpc_id            = var.aws_vpc_id
+  environment           = var.environment
+  node_type             = each.value.node_type
+  num_cache_nodes       = each.value.num_cache_nodes
+  parameter_group       = each.value.parameter_group
+  subnet_ids            = var.aws_private_subnets
+  sg_ids                = [aws_security_group.app.id, aws_security_group.codebuild.id]
+  apply_immediately     = each.value.apply_immediately
 }

modules/projects/variables.tf

@@ -5,6 +5,7 @@ variable repository_url {}
 variable repository_branch {}
 variable databases {}
 variable elasticsearch {}
+variable redis {}
 
 # Common
 variable owner {}

modules/rds/main.tf

@@ -23,7 +23,7 @@ resource "aws_db_subnet_group" "sg" {
 
 resource "aws_rds_cluster_instance" "instances" {
   count              = 1
-  identifier         = format("%s-%s-%s-instance%s", "${var.owner}", "${var.project}", "${var.environment}", "${count.index}")
+  identifier         = format("%s-%s", "${var.identifier}", "${count.index}")
   cluster_identifier = aws_rds_cluster.cluster.id
   instance_class     = var.instance_class
   engine             = aws_rds_cluster.cluster.engine
@@ -32,7 +32,7 @@ resource "aws_rds_cluster_instance" "instances" {
 }
 
 resource "aws_rds_cluster" "cluster" {
-  cluster_identifier        = format("%s-%s-%s-cluster", "${var.owner}", "${var.project}", "${var.environment}")
+  cluster_identifier        = var.identifier
   engine                    = var.engine
   engine_version            = var.engine_version
   database_name             = var.project

modules/rds/variables.tf

@@ -11,4 +11,4 @@ variable "master_password" {}
 variable "master_username" {}
 variable "skip_final_snapshot" {}
 variable "instance_class" {}
-variable "apply_immediately" {}
+variable "apply_immediately" {}

modules/redis/main.tf

@@ -0,0 +1,46 @@
+resource "aws_security_group" "redis" {
+  name   = format("%s-%s-%s-redis", "${var.owner}", "${var.project}", "${var.environment}")
+  vpc_id = var.aws_vpc_id
+}
+
+resource "aws_security_group_rule" "app_inbound" {
+  type                     = "ingress"
+  from_port                = 6379
+  to_port                  = 6379
+  protocol                 = "tcp"
+  security_group_id        = aws_security_group.redis.id
+  source_security_group_id = var.sg_ids[0]
+  description              = "APP to Redis"
+}
+
+resource "aws_security_group_rule" "codebuild_inbound" {
+  type                     = "ingress"
+  from_port                = 6379
+  to_port                  = 6379
+  protocol                 = "tcp"
+  security_group_id        = aws_security_group.redis.id
+  source_security_group_id = var.sg_ids[1]
+  description              = "Codebuild to Redis"
+}
+
+resource "aws_elasticache_subnet_group" "redis" {
+  name       = format("%s-%s-redis-subnets", "${var.project}", "${var.environment}")
+  subnet_ids = [var.subnet_ids[0], var.subnet_ids[1], var.subnet_ids[2]]
+}
+
+resource "aws_elasticache_cluster" "redis" {
+  cluster_id           = var.identifier
+  engine               = var.engine
+  node_type            = var.node_type
+  num_cache_nodes      = var.num_cache_nodes
+  parameter_group_name = var.parameter_group
+  engine_version       = var.engine_version
+  port                 = 6379
+  security_group_ids   = [ aws_security_group.redis.id ]
+  subnet_group_name    = aws_elasticache_subnet_group.redis.name
+  apply_immediately    = var.apply_immediately
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}

modules/redis/variables.tf

@@ -0,0 +1,13 @@
+variable "identifier" {}
+variable "owner" {}
+variable "project" {}
+variable "environment" {}
+variable "engine" {}
+variable "engine_version" {}
+variable "node_type" {}
+variable "num_cache_nodes" {}
+variable "parameter_group" {}
+variable "subnet_ids" {}
+variable "sg_ids" {}
+variable "aws_vpc_id" {}
+variable "apply_immediately" {}

vars.tf

@@ -25,8 +25,18 @@ variable projects {
         ebs_enabled = bool 
         volume_size = number 
       })
+    redis = list(object({
+      identifier = string
+      engine = string
+      engine_version = string
+      node_type = string
+      num_cache_nodes = number
+      parameter_group = string 
+      apply_immediately = bool
+      prevent_destroy = bool
     }))
   }))
+  }))
 }
 
 variable "owner" {