terraform-aws-arc-cache

Overview

SourceFuse AWS Reference Architecture (ARC) Terraform module for managing Elasticache replication clusters.

Features

• Manages ElastiCache Redis clusters.
• Supports VPC configurations.
• Flexible configuration options for clusters.
• Cloudwatch Alarms support for cache cpu and cache freeable-memory

Introduction

SourceFuse's AWS Reference Architecture (ARC) Terraform module for managing ElastiCache Redis clusters centralizes and automates the deployment and management of Redis clusters. This module helps you create and manage Redis clusters with options for high availability, encryption, and log delivery. It integrates with other AWS services, ensuring secure, scalable, and efficient Redis deployments. The module supports both single-node and multi-node configurations, providing a robust solution for your caching needs across various environments.

Usage

To see a full example, check out the main.tf file in the example folder.

module "elasticacheredis" {
  source                        = "sourcefuse/arc-cache/aws"
  version                       = "0.0.1"
  subnet_ids                    = data.aws_subnets.private.ids
  vpc_id                        = data.aws_vpc.vpc.id
  tags                          = module.tags.tags
  security_group_rules          = var.security_group_rules
  name                          = var.name

  log_delivery_configuration = [
    {
      destination      = aws_cloudwatch_log_group.default.name
      destination_type = "cloudwatch-logs"
      log_format       = "json"
      log_type         = "engine-log"
    }
  ]

}

Requirements

Name	Version
terraform	~> 1.6
aws	>= 4.0, < 6.0
random	3.6.2

Providers

Name	Version
aws	4.67.0
random	3.6.2

Modules

No modules.

Resources

Name	Type
aws_cloudwatch_metric_alarm.cache_cpu	resource
aws_cloudwatch_metric_alarm.cache_memory	resource
aws_elasticache_parameter_group.this	resource
aws_elasticache_replication_group.this	resource
aws_elasticache_subnet_group.this	resource
aws_security_group.sg	resource
aws_ssm_parameter.uuid_parameter	resource
random_string.auth_token	resource
aws_ssm_parameter.retrieved_redis_password	data source

Inputs

Name	Description	Type	Default	Required
alarm_actions	Alarm action list	list(string)	[]	no
alarm_cpu_threshold_percent	CPU threshold alarm level	number	75	no
alarm_memory_threshold_bytes	Ram threshold alarm level	number	10000000	no
apply_immediately	Apply changes immediately	bool	true	no
at_rest_encryption_enabled	Specifies whether at-rest encryption is enabled.	bool	true	no
auto_minor_version_upgrade	Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. Only supported if the engine version is 6 or higher.	bool	null	no
automatic_failover_enabled	Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails	bool	false	no
cluster_mode_enabled	Flag to enable/disable creation of a native redis cluster. automatic_failover_enabled must be set to true. Only 1 cluster_mode block is allowed	bool	false	no
cpu_alarm_description	Description for the CPU utilization CloudWatch alarm	string	"Triggers when the CPU utilization of the Redis cluster exceeds the defined threshold, indicating high CPU usage."	no
create_cache_subnet_group	A boolean indicates whether to create aws elasticache subnet group or not	bool	true	no
create_parameter_group	Whether new parameter group should be created. Set to false if you want to use existing parameter group	bool	true	no
create_security_group	Determines whether to create a new security group.	bool	true	no
elasticache_subnet_group_name	Name for the cache subnet group	string	null	no
enable_cloudwatch_alarms	Boolean flag to enable/disable CloudWatch metrics alarms	bool	false	no
engine_version	Version number of the cache engine to be used for the cache clusters in this replication group	string	"7.0"	no
evaluation_periods	Number of periods over which data is compared to the specified threshold	number	1	no
family	Redis family	string	"redis7"	no
kms_key_id	The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. at_rest_encryption_enabled must be set to true	string	null	no
log_delivery_configuration	The log_delivery_configuration block allows the streaming of Redis SLOWLOG or Redis Engine Log to CloudWatch Logs or Kinesis Data Firehose. Max of 2 blocks.	list(map(any))	[]	no
memory_alarm_description	Description for the freeable memory CloudWatch alarm	string	"Triggers when the available freeable memory of the Redis cluster falls below the defined threshold, indicating potential memory pressure or resource issues."	no
multi_az_enabled	Specifies whether to enable Multi-AZ Support for the replication group	bool	false	no
name	Name of elasticache redis	string	n/a	yes
namespace	The namespace of the CloudWatch metric	string	"AWS/ElastiCache"	no
node_type	Instance class to be used	string	"cache.t2.micro"	no
notification_topic_arn	(Optional) ARN of an SNS topic to send ElastiCache notifications to.	string	""	no
num_cache_clusters	Number of cache clusters this replication group will have	number	1	no
num_node_groups	Number of node groups (shards) for this Redis replication group	number	null	no
ok_actions	The list of actions to execute when this alarm transitions into an OK state from any other state. Each action is specified as an Amazon Resource Number (ARN)	list(string)	[]	no
parameter	A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another	list(object({ name = string value = string }))	[]	no
parameter_group_description	elasticache paramter group	string	null	no
parameter_group_name	Override the default parameter group name	string	null	no
port	Port number on which each of the cache nodes will accept connection	number	6379	no
replicas_per_node_group	Number of replica nodes in each node group. Changing this number will trigger a resizing operation before other settings modifications. Valid values are 0 to 5	number	null	no
replication_group_description	User-created description for the replication group. Must not be empty	string	null	no
security_group_description	Description of the security groups	string	null	no
security_group_ids	List of cache security group names to associate with this replication group	list(string)	[ "" ]	no
security_group_name	Prefix for the name of the security groups.	string	null	no
security_group_rules	Ingress and egress rules for the security groups.	object({ ingress = map(object({ description = optional(string) from_port = number to_port = number protocol = string cidr_blocks = optional(list(string)) security_group_id = optional(list(string)) ipv6_cidr_blocks = optional(list(string)) self = optional(bool) })) egress = map(object({ description = optional(string) from_port = number to_port = number protocol = string cidr_blocks = optional(list(string)) security_group_id = optional(list(string)) ipv6_cidr_blocks = optional(list(string)) })) })	{ "egress": {}, "ingress": {} }	no
snapshot_retention_limit	Number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them	number	1	no
snapshot_window	Daily time range during which ElastiCache will begin taking a daily snapshot of your cache cluster	string	"01:30-02:30"	no
statistic	The statistic to apply to the alarm's associated metric	string	"Average"	no
subnet_group_description	Description for the cache subnet group	string	null	no
subnet_group_name	Required when create_aws_elasticache_subnet_group is false. Name of the cache subnet group to be used for the replication group.	string	null	no
subnet_ids	private subnet ids	list(string)	n/a	yes
tags	Tags for AWS elasticache redis	map(string)	n/a	yes
user_group_ids	User Group ID to associate with the replication group	list(string)	null	no
vpc_id	VPC ID Where resources will live	string	n/a	yes

Outputs

Name	Description
_replication_group_tags_all	A map of tags assigned to the resource, including those inherited from the provider
arn	ARN of the created ElastiCache Replication Group
cluster_enabled	Indicates if cluster mode is enabled
configuration_endpoint_address	Address of the replication group configuration endpoint when cluster mode is enabled
description	The Description of the ElastiCache Subnet Group
engine_version_actual	The Name of the ElastiCache Subnet Group
id	ID of the ElastiCache Replication Group
member_clusters	Identifiers of all the nodes that are part of this replication group
name	The Name of the ElastiCache Subnet Group
primary_endpoint_address	Address of the endpoint for the primary node in the replication group, if the cluster mode is disabled
reader_endpoint_address	Address of the endpoint for the reader node in the replication group, if the cluster mode is disabled
security_group_id	The ID of the security group
subnet_group_tags_all	A map of tags assigned to the resource, including those inherited from the provider
subnet_ids	The Subnet IDs of the ElastiCache Subnet Group

Development

Prerequisites

• terraform
• terraform-docs
• pre-commit
• golang
• golint

Configurations

• Configure pre-commit hooks

  pre-commit install
  

Versioning

while Contributing or doing git commit please specify the breaking change in your commit message whether its major,minor or patch

For Example

git commit -m "your commit message #major"

By specifying this , it will bump the version and if you don't specify this in your commit message then by default it will consider patch and will bump that accordingly

Tests

• Tests are available in test directory
• Configure the dependencies

  cd test/
  go mod init github.com/sourcefuse/terraform-aws-refarch-<module_name>
  go get github.com/gruntwork-io/terratest/modules/terraform
  

• Now execute the test
  

  go test -timeout  30m
  

Authors

This project is authored by: - SourceFuse ARC Team

Contributors ✨

Thanks goes to these wonderful people (emoji key):

Mayank Sharma 💻 🧑‍🏫 🚧

This project follows the all-contributors specification. Contributions of any kind welcome!