Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/senora-dev/terraform-aws-elasticache

This Terraform module provisions an AWS ElastiCache for Redis deployment, including subnet group, parameter group, and optional security group associations, suitable for production workloads.
https://github.com/senora-dev/terraform-aws-elasticache

Last synced: 4 months ago
JSON representation

This Terraform module provisions an AWS ElastiCache for Redis deployment, including subnet group, parameter group, and optional security group associations, suitable for production workloads.

Awesome Lists containing this project

README 

          
# AWS ElastiCache Terraform Module



This Terraform module provisions an AWS ElastiCache for Redis deployment, including subnet group, parameter group, and optional security group associations, suitable for production workloads.



## Features



- ElastiCache Redis replication group (cluster mode optional)

- Subnet group for private subnets

- Parameter group customization

- Encryption at rest and in transit

- Auth token support (optional)

- Automatic failover with Multi-AZ

- Maintenance window configuration

- CloudWatch metrics and tagging



## Usage



```hcl

module "elasticache" {

  source = "Senora-dev/elasticache/aws"



  environment           = "dev"

  engine                = "redis"

  engine_version        = "7.1"

  node_type             = "cache.t4g.small"



  # High availability

  multi_az_enabled      = true

  automatic_failover    = true



  # Sizing

  replicas_per_node_group = 1

  num_node_groups         = 1           # set >1 to enable cluster mode

  cluster_mode_enabled     = false      # true when using sharding (num_node_groups > 1)



  # Networking

  subnet_ids           = ["subnet-abc", "subnet-def"]

  security_group_ids   = ["sg-1234567890abcdef0"]



  # Security

  at_rest_encryption_enabled  = true

  transit_encryption_enabled  = true

  auth_token_enabled          = true

  auth_token_ssm_parameter_arn = "arn:aws:ssm:us-east-1:123456789012:parameter/elasticache/auth-token"



  # Maintenance

  maintenance_window     = "sun:03:00-sun:04:00"

  snapshot_window        = "05:00-06:00"

  snapshot_retention_days = 7



  tags = {

    Project     = "ExampleProject"

    Environment = "dev"

  }

}

```



## Requirements



| Name | Version |

|------|---------|

| terraform | >= 1.0 |

| aws | >= 4.0 |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

| environment | Environment name (e.g., dev, staging, prod) | `string` | n/a | yes |

| engine | Cache engine (redis) | `string` | `"redis"` | no |

| engine_version | Redis engine version | `string` | `"7.1"` | no |

| node_type | Instance type for cache nodes | `string` | n/a | yes |

| multi_az_enabled | Enable Multi-AZ | `bool` | `true` | no |

| automatic_failover | Enable automatic failover | `bool` | `true` | no |

| replicas_per_node_group | Number of replicas per node group | `number` | `1` | no |

| num_node_groups | Number of node groups (shards) | `number` | `1` | no |

| cluster_mode_enabled | Enable cluster mode (sharding) | `bool` | `false` | no |

| subnet_ids | Subnet IDs for the subnet group | `list(string)` | n/a | yes |

| security_group_ids | Security group IDs to attach to the cluster ENIs | `list(string)` | `[]` | no |

| at_rest_encryption_enabled | Enable encryption at rest | `bool` | `true` | no |

| transit_encryption_enabled | Enable in-transit encryption | `bool` | `true` | no |

| auth_token_enabled | Enable Redis AUTH token | `bool` | `false` | no |

| auth_token_ssm_parameter_arn | SSM Parameter ARN containing the auth token (if enabled) | `string` | `null` | no |

| maintenance_window | Weekly maintenance window (UTC) | `string` | `"sun:03:00-sun:04:00"` | no |

| snapshot_window | Daily snapshot window (UTC) | `string` | `"05:00-06:00"` | no |

| snapshot_retention_days | Number of days to retain snapshots | `number` | `7` | no |

| parameter_group_family | Parameter group family (e.g., redis7) | `string` | `"redis7"` | no |

| parameters | Custom parameter overrides | `map(string)` | `{}` | no |

| tags | Tags to apply to all resources | `map(string)` | `{}` | no |



## Outputs



| Name | Description |

|------|-------------|

| replication_group_id | ID of the ElastiCache replication group |

| primary_endpoint_address | Primary endpoint address |

| reader_endpoint_address | Reader endpoint address |

| port | Redis port |

| subnet_group_name | Name of the subnet group |

| parameter_group_name | Name of the parameter group |



## Notes



- Set `cluster_mode_enabled = true` when `num_node_groups > 1` to enable sharding

- When `transit_encryption_enabled = true`, Redis AUTH is required by AWS; set `auth_token_enabled = true`

- Store the auth token in AWS SSM Parameter Store and reference via `auth_token_ssm_parameter_arn`

- Ensure subnets are private with appropriate NAT/route configuration

- Security groups should allow inbound on the Redis port (default 6379) from allowed sources only



## License



MIT Licensed. See LICENSE for full details.



## Maintainers



This module is maintained by [Senora.dev](https://senora.dev).