chore(deps): update terraform github.com/cloudposse/terraform-aws-elasticache-redis to v0.53.0

[red-hat-konflux]

This PR contains the following updates:

Package	Type	Update	Change
github.com/cloudposse/terraform-aws-elasticache-redis	module	minor	tags/0.25.0 -> 0.53.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

cloudposse/terraform-aws-elasticache-redis (github.com/cloudposse/terraform-aws-elasticache-redis)

v0.53.0

Compare Source

Allow Module to Disable or Enable Cluster Mode for Existing Deployment @​milldr (#​181)

what

• added compact for when resource dne

why

• Currently, if the module is deployed with cluster mode enabled, it cannot be disabled without first destroying and redeploying

references

• Closes #​180

v0.52.0

Compare Source

Support AWS Provider V5 @​max-lobur (#​203)

what

Support AWS Provider V5
Linter fixes

why

Maintenance

references

https://github.com/hashicorp/terraform-provider-aws/releases/tag/v5.0.0

v0.51.1

Compare Source

Sync github @​max-lobur (#​196)

Rebuild github dir from the template

🚀 Enhancements

feat: Add support for aws provider 5.0 @​MaxymVlasov (#​198)

why

That field was deprecated in 4.0 and was removed in 5.0

Note:

make init
make github/init
make readme

Already ran and committed

v0.51.0

Compare Source

• No changes

v0.50.0

Compare Source

Groundwork new workflows @​max-lobur (#​193)

Fix lint/format before workflows rollout

v0.49.0

Compare Source

Fix breaking change introduced in 0.46.0 - `user_group_ids` conflicts… @​MaxymVlasov (#​184)

… with auth_token

why

• If you specify only auth_token - Terraform plan will fail because it interprets user_group_ids = [] as specified value

Before 0.46.0 I can do next:

module "redis" {
  source  = "cloudposse/elasticache-redis/aws"
  version = "0.45.0"

  auth_token         = join("", random_password.auth_token[*].result)
}

After upgrade I need to do next, which I don't like:

module "redis" {
  source  = "cloudposse/elasticache-redis/aws"
  version = "0.48.0"

### Confilicting parameters. Could be set only one of them
  auth_token         = join("", random_password.auth_token[*].result)
  user_group_ids     = null
}

So I just return previous logic

module "redis" {
  source = "git::https://github.com/MaxymVlasov/terraform-aws-elasticache-redis?ref=83f0142d97123157482d05c62eaaeecbacfb71e1"

  auth_token         = join("", random_password.auth_token[*].result)
}

v0.48.0

Compare Source

feat: Add `data_tiering_enabled` @​Cheezmeister (#​175)

what

• Introduce var.data_tiering_enabled and plumb it through to the aws provider

why

• @​teikametrics needs to set data_tiering_enabled true to provision our desired node type

  Error: error creating ElastiCache Replication Group (bidder-redis-cluster-production): InvalidParameterCombination: When     using the cache.r6gd.xlarge node type, you must enable data tiering.
  status code: 400, request id: REDACTED
  

• This flag data_tiering_enabled doesn't currently exist in the terraform-aws-elasticache-redis module

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#data_tiering_enabled

v0.47.0

Compare Source

Add `auto_minor_version_upgrade` parameter @​LieneJansone (#​183)

what

• Add auto_minor_version_upgrade parameter

why

• To allow disabling the Auto upgrade minor versions option

references

• closes #​182

v0.46.0

Compare Source

Allow User groups ID to be passed to replication group @​nicholas-marchini (#​177)

what

• Provides the ability to add a user group to the replication group

why

• To enable RBAC to be used instead of AUTH Token

references

v0.45.0

Compare Source

description configurable @​pen-pal (#​170)

This PR is to make sure description of replication group is configurable.

what

• The deployment fails if module "this" as per example in README.md is not defined in local

why

• Should be able to configure description on my own without specifying any new modules.

references

• Resolves bug
• Use closes #​169 , if this PR closes a GitHub issue #169

v0.44.0

Compare Source

Add `log_delivery_configuration` @​nitrocode (#​168)

what

• Add log_delivery_configuration

why

• New functionality

references

• Closes https://github.com/cloudposse/terraform-aws-elasticache-redis/issues/162
• Closes https://github.com/cloudposse/terraform-aws-elasticache-redis/issues/167
• Upstream log_delivery_configuration argument for aws_elasticache_replication_group
• Double checked and inspired by umotif-public's module

Test

Test this out in your infrastructure

module "cloudwatch_logs" {
  source  = "cloudposse/cloudwatch-logs/aws"

### Cloud Posse recommends pinning every module to a specific version
### version = "x.x.x"

  context = module.this.context
}

module "redis" {

### source = "cloudposse/elasticache-redis/aws"
### Cloud Posse recommends pinning every module to a specific version

### version = "x.x.x"

  source = "git::https://github.com/cloudposse/terraform-aws-elasticache-redis.git?ref=log_delivery"

  log_delivery_configuration = [
    {
      destination      = module.cloudwatch_logs.log_group_name
      destination_type = "cloudwatch-logs"
      log_format       = "json"
      log_type         = "engine-log"
    }
  ]

  context = module.this.context
}

v0.43.0

Compare Source

Fix deprecation warnings @​purplepangolin (#​160)

what

• Replaces use of deprecated attributes (cluster_mode, replication_group_description, number_cache_clusters) in aws_elasticache_replication_group resurce when using provider registry.terraform.io/hashicorp/aws v4.12.0

why

Eliminate warnings when running terraform plan by moving to latest supported attributes instead.

references

Terraform aws provider docs

• cluster_mode block
• number_cache_clusters
• replication_group_description

• See my comment on #​155
  closes #​155

v0.42.1

Compare Source

git.io->cloudposse.tools update @​dylanbannon (#​161)

what and why

Change all references to git.io/build-harness into cloudposse.tools/build-harness, since git.io redirects will stop working on April 29th, 2022.

References

• DEV-143

🤖 Automatic Updates

chore(deps): update terraform cloudposse/security-group/aws to v1 @​renovate (#​163)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/security-group/aws (source)	module	major	0.4.3 -> 1.0.1

---

v0.42.0

Compare Source

Add tags to aws_elasticache_subnet_group @​jddcarreira (#​150)

what

• Adds tags to the AWS resource aws_elasticache_subnet_group

why

• good practices

v0.41.6

Compare Source

🚀 Enhancements

Re-adding tag propagation for cloudwatch alarms @​brucehajdu (#​147)

what

In #​7, the tag propagation was removed for CloudWatch metric alarms because the tags property did not exist at that time. This PR adds them back.

why

• Terraform has had the capability to manage tags for aws_cloudwatch_metric_alarm resources for a while now, so I think we should add it back, as I think it makes sense for tags to propagate to all possible resources managed by the module.
• This also helps me to comply with my organization's tagging policies without the hassle of manual intervention.

references

• PR where the tags were removed: #​7
• Terraform docs showing tags as a valid option for metric alarms: aws_cloudwatch_metric_alarm
• Closes https://github.com/cloudposse/terraform-aws-elasticache-redis/pull/148

v0.41.5

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/security-group/aws to v0.4.3 @​renovate (#​146)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/security-group/aws (source)	module	patch	0.4.2 -> 0.4.3

---

Release Notes

cloudposse/terraform-aws-security-group

v0.4.3

Compare Source

Update recommended inputs and outputs @​&#​8203;Nuru (#&#​8203;26)

what

• Update recommended inputs and outputs

why

• Changes based on experience implementing several modules

🚀 Enhancements

Rename the exported `security_group_inputs.tf` file to `security-group-inputs.tf` @​&#​8203;aknysh (#&#​8203;30)

what

• Rename the exported security_group_inputs.tf file to security-group-inputs.tf
• Update GitHub workflows and LICENSE

why

• Our naming convention is to use kebab-case for all files. Having a file in snake_case (after adding it to a repo) together with all the other files in kebab-case in the same repo does not look correct
• Keep up to date

---

v0.41.4

Compare Source

🚀 Enhancements

fix: make parameter group description configurable @​syphernl (#​143)

what

• This allows to set the description of a Parameter Group to prevent recreation.

why

• Before v0.41.3 no description was set, so this defaulted to Managed by Terraform.
  As the description cannot be changed without recreating the Parameter Group this caused issues with existing resources.

references

• Refs #​142, #​144

v0.41.3

Compare Source

🚀 Enhancements

Small fixes - convert param values to string, set auto failover to true if cluster enabled @​nitrocode (#​141)

what

• Small fixes
• Convert param values to string
• Set auto failover to true if cluster enabled
• Add descriptions to subnet and param groups

why

• Param values will fail if they are not strings

  InvalidParameterValue: invalid parameter value, allowed values are:yes,no
  

• Auto failover needs to be set to true if cluster mode is enabled or it will fail with an error

  InvalidParameterValue: Redis with cluster mode enabled cannot be created with auto failover turned off.
  

references

• Thanks to @​simoferr98 this closes https://github.com/cloudposse/terraform-aws-elasticache-redis/pull/140

v0.41.2

Compare Source

🐛 Bug Fixes

Fix #​137 bad output when cluster_mode_enabled=true @​Nuru (#​139)

what

• Fix #​137 bad output when cluster_mode_enabled=true
• Add migration documentation

why

• join("", [null]) results in a Terraform error
• Should have been included in v0.40.0

references

• Closes #​137
• Supersedes and closes #​138

v0.41.1

Compare Source

🐛 Bug Fixes

Bugfixes @​Nuru (#​136)

what

• Always pass string for zone_id for route53-cluster-hostname module
• Never pass null for security_group_id for aws_elasticache_replication_group

why

• Errors otherwise

references

• Closes #​134
• Supersedes and closes #​135

v0.41.0

Compare Source

Upgrade to new securty-group standards @​Nuru (#​133)

what

• Upgrade to new Cloud Posse security group standards
• Enable proper operation when DNS zone is created at the same time as the cluster
• Enable create_before_destroy on security groups by default
• Update AWS provider version constraint to properly require a version that has all the features the module uses
• Add additional outputs for the Redis Replication Group

why

• Further standardize all Cloud Posse modules
• Supply bug fixes and features requested via "issues".

references

• Closes #​82
• Closes #​86
• Closes #​104
• Closes #​113
• Closes #​121
• Closes #​127
• Supersedes and closes #​130
• Supersedes and closes #​132

v0.40.3

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.12.2 @​renovate (#​129)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-cluster-hostname/aws (source)	module	patch	0.12.1 -> 0.12.2

---

Release Notes

cloudposse/terraform-aws-route53-cluster-hostname

v0.12.2

Compare Source

🚀 Enhancements

Bump AWS provider 3.0 @​&#​8203;nitrocode (#&#​8203;36)

what

• Bump AWS provider 3.0

why

• Downstream modules can take advantage of the more recent aws provider

references

N/A

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

v0.40.2

Compare Source

🚀 Enhancements

Chore: bump Route53 cluster hostname module to `0.12.1` @​bradj (#​128)

what

• Bumps Route53 cluster hostname module

why

• New Route53 cluster module now supports tenants

references

v0.40.1

Compare Source

🤖 Automatic Updates

Update context.tf @​cloudpossebot (#​126)

what

This is an auto-generated PR that updates the context.tf file to the latest version from cloudposse/terraform-null-label

why

To support all the features of the context interface.

v0.40.0: Unstable Pre-Release

Compare Source

We are revising and standardizing our handling of security groups and security group rules across all our Terraform modules. This is an early attempt with significant breaking changes. We will make further breaking changes soon, so using this version is not recommended.

BREAKING CHANGES

Click for details and migration guidance

If there is something not documented here, please let us know by filing a ticket.

• var.allowed_security_groups is removed in favor of the security group module's var.security_group_rules which can contain a single source_security_group_id per rule

• var.allowed_cidr_blocks is removed in favor of the security group module's var.security_group_rules which can contain a cidr_blocks

• var.use_existing_security_groups is replaced with var.security_group_enabled (note that if the former was true, the latter should be false)

• var.existing_security_groups is replaced with var.security_groups

• security group has moved

  terraform state mv \
    "module.redis.aws_security_group.default[0]" \
    "module.redis.module.security_group.aws_security_group.default[0]"

• default security_group_rules does not allow ingress but this can be added manually.

  Note: The list must have the same json keys per index

  security_group_rules = [
    {
      type                     = "egress"
      from_port                = 0
      to_port                  = 65535
      protocol                 = "-1"
      cidr_blocks              = ["0.0.0.0/0"]
      source_security_group_id = null
      description              = "Allow all outbound traffic"
    },
    {
      type                     = "ingress"
      from_port                = 6379
      to_port                  = 6379
      protocol                 = "tcp"
      cidr_blocks              = []
      source_security_group_id = local.security_group_id # provide existing security group or comment out this rule
      description              = "Allow inbound traffic from existing Security Groups"
    },
    {
      type                     = "ingress"
      from_port                = 6379
      to_port                  = 6379
      protocol                 = "tcp"
      cidr_blocks              = [] # provide cidr blocks or comment out this rule
      source_security_group_id = null
      description              = "Allow inbound traffic from CIDR blocks"
    }
  ]

• security group rules have been moved

  Note: since the new security group rule names are generated upon a plan, the plan will need to be run first to generate the new names in order to move the rules. Replace someguid with the appropriate value.

  terraform state mv \
    'module.redis.aws_security_group_rule.egress[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["egress--1-0-65535-someguid"]'
  terraform state mv \
    'module.redis.aws_security_group_rule.ingress_security_groups[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["ingress-tcp-6379-6379-someguid"]'
  terraform state mv \
    'module.redis.aws_security_group_rule.ingress_cidr_blocks[0]' \
    'module.redis.module.security_group.aws_security_group_rule.default["ingress-tcp-6379-6379-someguid"]'

---

feat: use security-group module instead of resource @​SweetOps (#​119)

what

• use security-group module instead of resource
• update tests

why

• more flexible than current implementation
• bring configuration of security group/rules to one standard

references

• CPCO-409

v0.39.0

Compare Source

feat: allow final snapshot creation @​jlsan92 (#​120)

what

• Allows the creation of a final snapshot if the instance is deleted or recreated.

why

• It is important to keep a final snapshot in case of a mistake or malfunctioning recreation of your redis
• automatic snapshots get wiped once the elasticache instance is removed

references

• n/a

v0.38.0

Compare Source

Add TF attribute member-clusters to available outputs @​patrick-armitage (#​118)

what

• Add member-clusters Terraform-exposed attribute to list of available outputs
• Tested and working against tag 0.37.0

why

• This output can be useful for automation (I have a use case in flight for work which depends on its availability)

references

• Terraform attribute API doc: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group#member_clusters

v0.37.0

Compare Source

Allow empty "egress_cidr_blocks" @​marcuz (#​93)

what

• Allow empty egress_cidr_blocks (no egress rules in default security group)

why

• Not mandatory to have an egress rule

references

• #​90

v0.36.0

Compare Source

fix: make the security group description configurable @​syphernl (#​115)

what

• Made the security group description configurable

why

• Since v0.35.0 a description will be set which replaces the default "Managed by Terraform". Unfortunately, a change in security group description requires it to be deleted and re-created. This is however not possible when the security group is in active use and result in a state apply failure. This variable can be used to retain the existing "Managed by Terraform" description which doesn't trigger a re-create of the security group.

references

• #​114

v0.35.0

Compare Source

Add rds security group description @​nitrocode (#​114)

what

• Add rds security group description

why

• tfsec complains

  [AWS018][ERROR] Resource 'module.redis:aws_security_group.default' should include a description for auditing purposes.
  

references

• N/A

v0.34.0

Compare Source

Transit encryption enabled default to true with docs @​nitrocode (#​111)

what

• Transit encryption enabled default to true with docs

why

• Due to Bridgecrew and other compliance reasons, it needs to default to true.

references

N/A

v0.33.0

Compare Source

Transit encryption enabled default to null @​nitrocode (#​110)

what

• default transit_encryption_enabled to null which is the default on elasticache_replication_group resource

why

• Using the default parameters I was surprised that I could not instantly connect to redis via redis-cli -h hostname -p 6379 ping
• After some investigation, I found that the culprit was the transit_encryption_enabled parameter
• I came across this doc which involves using stunnel to appropriately connect

references

N/A

v0.32.1

Compare Source

🚀 Enhancements

support more nodes than there are AZs defined @​gusse (#​108)

what

• Allows not defining availability_zones
• Can create more nodes than you have defined AZs (once AWS provider is fixed https://github.com/hashicorp/terraform-provider-aws/issues/14070#issuecomment-771079450)

why

• availability_zones parameter shouldn't be required.
• You might want to define the AZs you use and have more nodes than AZs, e.g. use two AZs and 4 nodes

references

• https://github.com/hashicorp/terraform-provider-aws/issues/14070#issuecomment-771079450
• Similar fix was done to memcached module https://github.com/cloudposse/terraform-aws-elasticache-memcached/pull/28

v0.32.0

Compare Source

Add Multi-AZ option @​patrick-armitage (#​109)

what

• Add option to enable Multi-AZ

why

• Available in Terraform resource's parameters
• Useful, the main draw for creating read replicas as an automated failover to new AZ

references

• Terraform reference
• AWS Docs on Elasticache Multi-AZ

v0.31.0

Compare Source

context.tf updated to v0.24.1, minimum required Terraform version bumped to 0.13.0 when needed, readme updated @​maximmi (#​107)

what

• update context.tf to v0.24.1
• minimum required Terraform version bumped to 0.13.0
• readme updated, Bridgecrew compliance badges added

why

• It allows for setting the letter case of tag names and labels, back compatibility with context v0.22.0 and below
• we have dropped support for Terraform 0.12
• To be able see and fix the recommendations from Bridgecrew so we can position our modules as standards compliant

v0.30.0

Compare Source

Terraform 0.14 upgrade @​maximmi (#​100)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.29.1

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.10.1 @​renovate (#​105)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-cluster-hostname/aws (source)	terraform	patch	0.10.0 -> 0.10.1

---

Release Notes

cloudposse/terraform-aws-route53-cluster-hostname

v0.10.1

Compare Source

🤖 Automatic Updates

Update README.md and docs @​&#​8203;cloudpossebot (#&#​8203;33)

what

This is an auto-generated PR that updates the README.md and docs

why

To have most recent changes of README.md and doc from origin templates

v0.29.0

Compare Source

add ability to restore cluster from snapshots #​96 @​skang0601 (#​97)

what

Allows the ability to create redis cluster from snapshots

references

• closes #​96

v0.28.0

Compare Source

Add snapshot name argument @​kurtmc (#​102)

what

This adds the ability to restore redis to snapshots created using the AWS implementation of backups for this service.

why

Need a way to restore redis to from snapshots.

references

Relates to #​96

v0.27.3

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.10.0 @​renovate (#​101)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-cluster-hostname/aws (source)	terraform	minor	0.9.0 -> 0.10.0

---

Release Notes

cloudposse/terraform-aws-route53-cluster-hostname

v0.10.0

Compare Source

Terraform 0.14 upgrade @​&#​8203;maximmi (#&#​8203;32)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.27.2

Compare Source

🤖 Automatic Updates

chore(deps): update terraform cloudposse/route53-cluster-hostname/aws to v0.9.0 @​renovate (#​99)

This PR contains the following updates:

Package	Type	Update	Change
cloudposse/route53-cluster-hostname/aws (source)	terraform	minor	0.8.0 -> 0.9.0

---

Release Notes

cloudposse/terraform-aws-route53-cluster-hostname

v0.9.0

Compare Source

Update `context.tf` and github actions @​&#​8203;htplbc (#&#​8203;31)

what

• Update to context.tf

why

• Keep the module up to date

v0.27.1

Compare Source

🚀 Enhancements

Terraform 0.14 upgrade @​Nuru (#​98)

what

• Upgrade to support Terraform 0.14 and bring up to current Cloud Posse standard

why

• Support Terraform 0.14

v0.27.0

Compare Source

update context and tf .14 support @​woz5999 (#​95)

what

fixes and updates for tf 0.14 compatibility

v0.26.1

Compare Source

Fix release badge URL @​joe-niland (#​91)

what

• Badge URL referenced another repo

why

• Avoid confusion!

references

• None

v0.26.0

Compare Source

Added Egress Outbound Variable & Updated Redis Family in Example @​barissekerciler (#​90)

what

• Added cidr block option to egress traffic (default is 0.0.0.0/0)
• Updated example with Redis 6.x

why

• Business case (PCI-DSS). If you want to put Redis cluster to the private subnet, it shouldn't outbounds traffic to the all. At least, for a module, it must be opitonal.

---

Configuration

📅 Schedule: Branch creation - "after 5am on friday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

This PR has been generated by MintMaker (powered by Renovate Bot).

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign tmihalac for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @red-hat-konflux[bot]. Thanks for your PR.

I'm waiting for a opendatahub-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.