diff --git a/README.md b/README.md
index 90d2e94..c1a7c6c 100644
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ This module creates a Redis master and one or more Redis slaves, depending on th
| Redis Helm Chart Version | K8s supported version |
| :-----: | :--- |
-| **16.13.2** | **1.23,1.24,1.25** |
+| **16.13.2** | **1.23,1.24,1.25,1.26,1.27** |
## Usage Example
@@ -22,17 +22,22 @@ This module creates a Redis master and one or more Redis slaves, depending on th
module "redis" {
source = "squareops/redis/kubernetes"
redis_config = {
- name = "redis"
- values_yaml = ""
- environment = "prod"
- architecture = "replication"
- slave_volume_size = "10Gi"
- master_volume_size = "10Gi"
- storage_class_name = "gp3"
- slave_replica_count = 2
+ name = "redis"
+ values_yaml = ""
+ environment = "prod"
+ architecture = "replication"
+ slave_volume_size = "10Gi"
+ master_volume_size = "10Gi"
+ storage_class_name = "gp3"
+ slave_replica_count = 2
+ store_password_to_secret_manager = true
}
grafana_monitoring_enabled = true
recovery_window_aws_secret = 0
+ custom_credentials_enabled = true
+ custom_credentials_config = {
+ password = "aajdhgduy3873683dh"
+ }
}
```
@@ -85,18 +90,19 @@ No modules.
| [app\_version](#input\_app\_version) | Version of the Redis application that will be deployed. | `string` | `"6.2.7-debian-11-r11"` | no |
| [chart\_version](#input\_chart\_version) | Version of the chart for the Redis application that will be deployed. | `string` | `"16.13.2"` | no |
| [create\_namespace](#input\_create\_namespace) | Specify whether or not to create the namespace if it does not already exist. Set it to true to create the namespace. | `string` | `true` | no |
+| [custom\_credentials\_config](#input\_custom\_credentials\_config) | Specify the configuration settings for Redis to pass custom credentials during creation. | `any` | {
"password": ""
} | no |
+| [custom\_credentials\_enabled](#input\_custom\_credentials\_enabled) | Specifies whether to enable custom credentials for Redis. | `bool` | `false` | no |
| [grafana\_monitoring\_enabled](#input\_grafana\_monitoring\_enabled) | Specify whether or not to deploy Redis exporter to collect Redis metrics for monitoring in Grafana. | `bool` | `false` | no |
| [namespace](#input\_namespace) | Namespace where the Redis resources will be deployed. | `string` | `"redis"` | no |
| [recovery\_window\_aws\_secret](#input\_recovery\_window\_aws\_secret) | Number of days that AWS Secrets Manager will wait before it can delete the secret. The value can be 0 to force deletion without recovery, or a range from 7 to 30 days. | `number` | `0` | no |
-| [redis\_config](#input\_redis\_config) | Specify the configuration settings for Redis, including the name, environment, storage options, replication settings, and custom YAML values. | `any` | {
"architecture": "replication",
"environment": "",
"master_volume_size": "",
"name": "",
"slave_replica_count": 1,
"slave_volume_size": "",
"storage_class_name": "",
"values_yaml": ""
} | no |
+| [redis\_config](#input\_redis\_config) | Specify the configuration settings for Redis, including the name, environment, storage options, replication settings, store password to secret manager and custom YAML values. | `any` | {
"architecture": "replication",
"environment": "",
"master_volume_size": "",
"name": "",
"slave_replica_count": 1,
"slave_volume_size": "",
"storage_class_name": "",
"store_password_to_secret_manager": "",
"values_yaml": ""
} | no |
## Outputs
| Name | Description |
|------|-------------|
-| [redis\_master\_endpoint](#output\_redis\_master\_endpoint) | The endpoint for the Redis Master Service, which is the primary node in the Redis cluster responsible for handling read-write operations. |
-| [redis\_port](#output\_redis\_port) | The port number on which Redis is running. |
-| [redis\_slave\_endpoint](#output\_redis\_slave\_endpoint) | The endpoint for the Redis Slave Service, which is a secondary node in the Redis cluster responsible for handling read-only operations. |
+| [redis\_credential](#output\_redis\_credential) | Redis credentials used for accessing the database. |
+| [redis\_endpoints](#output\_redis\_endpoints) | Redis endpoints in the Kubernetes cluster. |
## Contribution & Issue Reporting
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 4857a71..47e04c2 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -21,7 +21,7 @@ No requirements.
| Name | Source | Version |
|------|--------|---------|
-| [redis](#module\_redis) | squareops/redis/kubernetes.git | n/a |
+| [redis](#module\_redis) | squareops/redis/kubernetes | n/a |
## Resources
@@ -38,7 +38,6 @@ No inputs.
| Name | Description |
|------|-------------|
-| [redis\_master\_endpoint](#output\_redis\_master\_endpoint) | The endpoint for the Redis Master Service, which is the primary node in the Redis cluster responsible for handling read-write operations. |
-| [redis\_port](#output\_redis\_port) | The port number on which Redis is running. |
-| [redis\_slave\_endpoint](#output\_redis\_slave\_endpoint) | The endpoint for the Redis Slave Service, which is a secondary node in the Redis cluster responsible for handling read-only operations. |
+| [redis\_credential](#output\_redis\_credential) | Redis credentials used for accessing the database. |
+| [redis\_endpoints](#output\_redis\_endpoints) | Redis endpoints in the Kubernetes cluster. |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 24ba9ae..5532c27 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -7,20 +7,26 @@ locals {
Expires = "Never"
Department = "Engineering"
}
+ store_password_to_secret_manager = true
}
module "redis" {
source = "squareops/redis/kubernetes"
redis_config = {
- name = local.name
- values_yaml = file("./helm/values.yaml")
- environment = local.environment
- architecture = "replication"
- slave_volume_size = "10Gi"
- master_volume_size = "10Gi"
- storage_class_name = "gp3"
- slave_replica_count = 2
+ name = local.name
+ values_yaml = file("./helm/values.yaml")
+ environment = local.environment
+ architecture = "replication"
+ slave_volume_size = "10Gi"
+ master_volume_size = "10Gi"
+ storage_class_name = "gp3"
+ slave_replica_count = 2
+ store_password_to_secret_manager = local.store_password_to_secret_manager
}
grafana_monitoring_enabled = true
recovery_window_aws_secret = 0
+ custom_credentials_enabled = true
+ custom_credentials_config = {
+ password = "aajdhgduy3873683dh"
+ }
}
diff --git a/examples/complete/output.tf b/examples/complete/output.tf
index 38add55..a7f5261 100644
--- a/examples/complete/output.tf
+++ b/examples/complete/output.tf
@@ -1,14 +1,9 @@
-output "redis_port" {
- value = "6379"
- description = "The port number on which Redis is running."
+output "redis_endpoints" {
+ description = "Redis endpoints in the Kubernetes cluster."
+ value = module.redis.redis_endpoints
}
-output "redis_master_endpoint" {
- value = module.redis.redis_master_endpoint
- description = "The endpoint for the Redis Master Service, which is the primary node in the Redis cluster responsible for handling read-write operations."
-}
-
-output "redis_slave_endpoint" {
- value = module.redis.redis_slave_endpoint
- description = "The endpoint for the Redis Slave Service, which is a secondary node in the Redis cluster responsible for handling read-only operations."
+output "redis_credential" {
+ description = "Redis credentials used for accessing the database."
+ value = local.store_password_to_secret_manager ? null : module.redis.redis_credential
}
diff --git a/examples/complete/provider.tf b/examples/complete/provider.tf
index 82ac4d9..10c5af8 100644
--- a/examples/complete/provider.tf
+++ b/examples/complete/provider.tf
@@ -18,7 +18,6 @@ provider "kubernetes" {
host = data.aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
token = data.aws_eks_cluster_auth.cluster.token
-
}
provider "helm" {
@@ -26,6 +25,5 @@ provider "helm" {
host = data.aws_eks_cluster.cluster.endpoint
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
token = data.aws_eks_cluster_auth.cluster.token
-
}
}
diff --git a/main.tf b/main.tf
index 4ca4932..7e7a17f 100644
--- a/main.tf
+++ b/main.tf
@@ -1,21 +1,28 @@
resource "random_password" "redis_password" {
+ count = var.custom_credentials_enabled ? 0 : 1
length = 20
special = false
}
resource "aws_secretsmanager_secret" "redis_password" {
+ count = var.redis_config.store_password_to_secret_manager ? 1 : 0
name = format("%s/%s/%s", var.redis_config.environment, var.redis_config.name, "redis")
recovery_window_in_days = var.recovery_window_aws_secret
}
resource "aws_secretsmanager_secret_version" "redis_password" {
- secret_id = aws_secretsmanager_secret.redis_password.id
- secret_string = <