OT-terraform-azure-modules · 401-akash · May 6, 2022 · May 6, 2022 · May 6, 2022
diff --git a/README.md b/README.md
@@ -1 +1,122 @@
-# terraform-azure-redis-cache
+Terraform module which creates Redis Cache on Azure.
+
+These types of resources are supported:
+
+* [Azure Cache for Redis](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache)
+
+Terraform versions
+------------------
+Terraform 1.1.7
+
+Usage
+------
+
+```hcl
+module "res_group" {
+  source                  = "OT-terraform-azure-modules/resource-group/azure"
+  resource_group_name     = "_"
+  resource_group_location = "_"
+  lock_level_value        = "_"
+  tag_map = {
+    Name = "AzureResourceGroup"
+  }
+}
+
+module "redis" {
+  source                        = "git::https://github.com/OT-terraform-azure-modules/terraform-azure-redis-cache.git"
+  rg_name                       = module.res_group.resource_group_name
+  location                      = module.res_group.resource_group_location
+  redis_name                    = "_"
+  capacity                      = "_"
+  family                        = "_"
+  sku_name                      = "_"
+  enable_non_ssl_port           = "_"
+  minimum_tls_version           = "_"
+  private_static_ip_address     = "_"
+  public_network_access_enabled = "_"
+  replicas_per_master           = "_"
+  shard_count                   = "_"
+  subnet_id                     = "_"
+  zones                         = ["_","_"]
+  replicas_per_primary          = "_"
+  redis_version                 = "_"
+  enable_authentication           = "_"
+  maxfragmentationmemory_reserved = "_"
+  maxmemory_delta                 = "_"
+  maxmemory_policy                = "_"
+  maxmemory_reserved              = "_"
+  notify_keyspace_events          = "_"
+  day_of_week                     = "_"
+  start_hour_utc                  = "_"
+}
+
+```
+
+Tags
+----
+* Tags are assigned to resources with name variable as prefix.
+* Additial tags can be assigned by tags variables as defined above.
+
+Resources
+------
+| Name | Type |
+|------|------|
+| [azurerm_redis_cache.redis](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/redis_cache) | resource |
+
+Inputs
+------
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| vnet_name | The name of the virtual network. Changing this forces a new resource to be created. | `string` |  | Yes |
+| resource_group_name | The name of the resource group in which to create the virtual network. | `string` |  | Yes |
+| resource_group_location | The location/region where the virtual network is created. Changing this forces a new resource to be created. | `string` |  | yes |
+| redis_name | The name of the Redis instance. Changing this forces a new resource to be created. | `string` |  | yes |
+| capacity | The size of the Redis cache to deploy. | `number` |  | yes |
+| family | The SKU family/pricing group to use. | `string` |  | yes |
+| sku_name | The SKU of Redis to use. | `string` |  | yes |
+| enable_non_ssl_port | Enable the non-SSL port (6379). | `bool` | false | no |
+| minimum_tls_version | The minimum TLS version. | `string` | 1.0 | no |
+| private_static_ip_address | The Static IP Address to assign to the Redis Cache when hosted inside the Virtual Network. | `string` |  | no |
+| public_network_access_enabled | Whether or not public network access is allowed for this Redis Cache. | `bool` | true | no |
+| replicas_per_master | Amount of replicas to create per master for this Redis Cache. | `number` |  | no |
+| shard_count | The number of Shards to create on the Redis Cluster. | `number` |  | no |
+| subnet_id | The ID of the Subnet within which the Redis Cache should be deployed. | `list(string)` |   | no |
+| zones | A list of a one or more Availability Zones, where the Redis Cache should be allocated.  | `list(string)` |  | no |
+| replicas_per_primary | Amount of replicas to create per primary for this Redis Cache. | `number` |  | no |
+| redis_version | Redis version. Only major version needed. | `number` |  | no |
+| enable_authentication | If set to false, the Redis instance will be accessible without authentication. | `bool` | true | no |
+| maxfragmentationmemory_reserved | Value in megabytes reserved to accommodate for memory fragmentation. | `number` |  | no |
+| maxmemory_delta | The max-memory delta for this Redis instance. | `number` |  | no |
+| maxmemory_reserved | Value in megabytes reserved for non-cache usage e.g. failover. | `number` |  | no |
+| maxmemory_policy | How Redis will select what to remove when maxmemory is reached. | `string` |   | no |
+| notify_keyspace_events | Keyspace notifications allows clients to subscribe to Pub/Sub channels in order to receive events | `string` |   | no |
+| day_of_week | the Weekday name - possible values include Monday, Tuesday, Wednesday etc. | `string` |   | no |
+| start_hour_utc | the Start Hour for maintenance in UTC - possible values range from 0 - 23. | `number` |  | no |
+| tag_map | Tag to associate with the Resource Group | `map(string)` | | no |
+
+Output
+------
+| Name | Description |
+|------|-------------|
+| redis_id | The Route ID of Redis Cache Instance |
+| hostname | The Hostname of the Redis Instance |
+| ssl_port | The SSL Port of the Redis Instance |
+| port | The non-SSL Port of the Redis Instance |
+| primary_access_key | The Primary Access Key for the Redis Instance |
+| secondary_access_key | The Secondary Access Key for the Redis Instance |
+| primary_connection_string | The primary connection string of the Redis Instance |
+| secondary_connection_string | The secondary connection string of the Redis Instance |
+
+## Related Projects
+
+Check out these related projects.
+--------------------------------
+[Azure reource group](https://github.com/OT-terraform-azure-modules/terraform-azure-resource-group)
+
+
+### Contributors
+|  [![Akash Banerjee][Akash_avatar]][Akash.s_homepage]<br/>[Akash Banerjee][Akash.s_homepage] |
+|---|
+
+  [Akash.s_homepage]:https://github.com/401-akash
+  [Akash_avatar]: https://gitlab.com/uploads/-/system/user/avatar/10949531/avatar.png?width=400
diff --git a/example/Premium_with_Private_endpoint/main.tf b/example/Premium_with_Private_endpoint/main.tf
@@ -0,0 +1,58 @@
+# This creates a Azure cache for redis in Premium sku in 2 zones with public access disabled and rdb Data Persistence enabled
+
+provider "azurerm" {
+  features {}
+}
+
+module "redis_cache" {
+  source = "../../"
+
+  #resource group variables
+  resource_group_name     = "akash_rg"
+  resource_group_location = "eastus"
+
+  # #vnet variables
+  vnet_name = "test_vnet"
+
+  # #subnet variables
+  subnet_name = ["subnet1"]
+
+  #Redis cache variables
+  redis_name                    = "redis-example130"
+  subnet_id                     = null # if used, private endpoint cannot be configured
+  public_network_access_enabled = false # if true private endpoint will not be used
+  capacity                      = 1
+  sku_name                      = "Premium"
+  enable_non_ssl_port           = false
+  minimum_tls_version           = null
+  private_static_ip_address     = null
+  replicas_per_master           = null
+  shard_count                   = 0 
+  zones                         = [1, 2]
+
+  #choose Data Persistence type any one of below
+  rdb_backup_enabled = true
+  aof_backup_enabled = false # Append Only File (RDB file is generated once and all the data is appended to it as it comes)
+
+  #Redis Data Persistence variables 
+  aof_storage_connection_string_0 = ""
+  enable_authentication           = true # enable_authentication can only be set to false if a subnet_id is specified; and only works if there aren't existing instances within the subnet with enable_authentication set to true.
+  maxmemory_reserved              = 2
+  maxmemory_delta                 = 2
+  maxmemory_policy                = "allkeys-lru"
+  maxfragmentationmemory_reserved = 2
+  notify_keyspace_events          = null
+  rdb_storage_connection_string   = ""
+
+  #Storage account variables
+  storage_account_name     = "exampleakash1302"
+  account_tier             = "Standard"
+  account_type             = "StorageV2"
+  account_replication_type = "LRS"
+
+
+  tag_maps = {
+    name = "test"
+  }
+
+}
diff --git a/example/basic/main.tf b/example/basic/main.tf
@@ -0,0 +1,34 @@
+# This creates a Azure cache for redis in Basic sku with public access enabled and Data Persistence disabled
+
+provider "azurerm" {
+  features {}
+}
+
+module "redis_cache" {
+  source = "../../"
+
+  #resource group variables
+  resource_group_name     = "akash_rg"
+  resource_group_location = "eastus"
+
+  #Redis cache variables
+  redis_name                    = "redis-example130"
+  subnet_id                     = null # if used, private endpoint cannot be configured
+  public_network_access_enabled = true # if true private endpoint will not be used
+  capacity                      = 0
+  sku_name                      = "Basic"
+  enable_non_ssl_port           = false
+  minimum_tls_version           = null
+  private_static_ip_address     = null
+  replicas_per_master           = null
+  shard_count                   = 0
+  zones                         = []
+
+  #choose Data Persistence type any one of below
+  rdb_backup_enabled = false
+  aof_backup_enabled = false
+
+  tag_maps = {
+    name = "test"
+  }
+}
diff --git a/main.tf b/main.tf
@@ -0,0 +1,119 @@
+resource "azurerm_redis_cache" "redis_cache" {
+  name                          = var.redis_name
+  resource_group_name           = var.resource_group_name
+  location                      = var.resource_group_location
+  capacity                      = var.capacity
+  family                        = lookup(var.redis_family, var.sku_name)
+  sku_name                      = var.sku_name
+  enable_non_ssl_port           = var.enable_non_ssl_port
+  minimum_tls_version           = var.minimum_tls_version
+  private_static_ip_address     = var.private_static_ip_address
+  public_network_access_enabled = var.sku_name == "Premium" ? var.public_network_access_enabled : false
+  shard_count                   = var.sku_name == "Premium" ? var.shard_count : 0
+  subnet_id                     = var.subnet_id
+  zones                         = var.zones
+  replicas_per_primary          = var.replicas_per_primary
+  redis_version                 = var.redis_version
+  tags                          = var.tag_maps
+
+  dynamic "redis_configuration" {
+    for_each = var.patch_schedule != null ? [var.patch_schedule] : []
+    content {
+      aof_backup_enabled              = var.aof_backup_enabled
+      aof_storage_connection_string_0 = var.aof_backup_enabled == true ? module.storage_account.primary_blob_endpoint : null
+      enable_authentication           = var.enable_authentication
+      maxfragmentationmemory_reserved = var.sku_name == "Premium" || var.sku_name == "Standard" ? var.maxfragmentationmemory_reserved : null
+      maxmemory_delta                 = var.sku_name == "Premium" || var.sku_name == "Standard" ? var.maxmemory_delta : null
+      maxmemory_policy                = var.maxmemory_policy
+      maxmemory_reserved              = var.sku_name == "Premium" || var.sku_name == "Standard" ? var.maxmemory_reserved : null
+      notify_keyspace_events          = var.notify_keyspace_events
+      rdb_backup_enabled              = var.sku_name == "Premium" && var.rdb_backup_enabled == true ? true : false
+      rdb_backup_frequency            = var.sku_name == "Premium" && var.rdb_backup_enabled == true ? var.rdb_backup_frequency : null
+      rdb_backup_max_snapshot_count   = var.sku_name == "Premium" && var.rdb_backup_enabled == true ? var.rdb_backup_max_snapshot_count : null
+      rdb_storage_connection_string   = var.sku_name == "Premium" && var.rdb_backup_enabled == true ? module.storage_account.secondary_blob_endpoint : null
+    }
+  }
+  dynamic "patch_schedule" {
+    for_each = var.patch_schedule != null ? [var.patch_schedule] : []
+    content {
+      day_of_week    = var.patch_schedule.day_of_week
+      start_hour_utc = var.patch_schedule.start_hour_utc
+    }
+  }
+}
+
+
+data "azurerm_resource_group" "existing-resource-group" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name = var.resource_group_name
+}
+
+data "azurerm_virtual_network" "existing-virtual-network" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                = var.vnet_name
+  resource_group_name = var.resource_group_name
+}
+
+data "azurerm_subnet" "existing-subnet" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                 = var.subnet_name[0]
+  resource_group_name  = var.resource_group_name
+  virtual_network_name = var.vnet_name
+}
+
+resource "azurerm_private_endpoint" "private_endpoint" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                = format("%s-private-endpoint", azurerm_redis_cache.redis_cache.name)
+  location            = var.resource_group_location
+  resource_group_name = var.resource_group_name
+  subnet_id           = data.azurerm_subnet.existing-subnet[0].id
+
+  private_service_connection {
+    name                           = var.private_service_connection_name
+    private_connection_resource_id = azurerm_redis_cache.redis_cache.id
+    is_manual_connection           = false
+    subresource_names              = ["redisCache"]
+  }
+}
+
+data "azurerm_private_endpoint_connection" "private_endpoint_connection" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                = azurerm_private_endpoint.private_endpoint.0.name
+  resource_group_name = var.resource_group_name
+  depends_on          = [azurerm_redis_cache.redis_cache]
+}
+
+resource "azurerm_private_dns_zone" "private_dns_zone" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                = var.private_dns_zone_name
+  resource_group_name = var.resource_group_name
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "private_dns_zone_virtual_network_link" {
+  count                 = var.public_network_access_enabled == false ? 1 : 0
+  name                  = var.private_dns_zone_virtual_network_link_name
+  resource_group_name   = var.resource_group_name
+  private_dns_zone_name = azurerm_private_dns_zone.private_dns_zone.0.name
+  virtual_network_id    = data.azurerm_virtual_network.existing-virtual-network[0].id
+}
+
+resource "azurerm_private_dns_a_record" "arecord1" {
+  count               = var.public_network_access_enabled == false ? 1 : 0
+  name                = azurerm_redis_cache.redis_cache.name
+  zone_name           = azurerm_private_dns_zone.private_dns_zone.0.name
+  resource_group_name = var.resource_group_name
+  ttl                 = 300
+  records             = [data.azurerm_private_endpoint_connection.private_endpoint_connection.0.private_service_connection.0.private_ip_address]
+}
+
+module "storage_account" {
+  count                    = var.aof_backup_enabled == true || var.rdb_backup_enabled == true ? 1 : 0
+  source                   = "git::https://github.com/OT-terraform-azure-modules/terraform-azure-storage-account.git?ref=V-1.0.0"
+  storage_account_name     = var.storage_account_name
+  resource_group_name      = var.resource_group_name
+  location                 = var.resource_group_location
+  account_tier             = var.account_tier
+  account_type             = var.account_type
+  account_replication_type = var.account_replication_type
+  tags                     = var.tag_maps
+}