add support for custom sg and notification_topic_arn

Author: marcincuber

README.md

@@ -51,16 +51,17 @@ Module managed by [Marcin Cuber](https://github.com/marcincuber) [linkedin](http
 | auto\_minor\_version\_upgrade |  | string | `"true"` | no |
 | automatic\_failover\_enabled | Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. | string | `"true"` | no |
 | description | The description of the all resources. | string | `"Managed by Terraform"` | no |
-| engine\_version | The version number of the cache engine to be used for the cache clusters in this replication group. | string | `"5.0.0"` | no |
+| engine\_version | The version number of the cache engine to be used for the cache clusters in this replication group. | string | `"5.0.6"` | no |
 | family | The family of the ElastiCache parameter group. | string | `"redis5.0"` | no |
 | ingress\_cidr\_blocks | List of Ingress CIDR blocks. | list(string) | `[]` | no |
 | kms\_key\_id | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true` | string | `""` | no |
 | maintenance\_window | Specifies the weekly time range for when maintenance on the cache cluster is performed. | string | `""` | no |
+| notification\_topic\_arn | An Amazon Resource Name (ARN) of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic` | string | `""` | no |
 | parameter | A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another | object | `[]` | no |
 | port | The port number on which each of the cache nodes will accept connections. | string | `"6379"` | no |
+| security\_group\_ids | List of Security Groups. | list(string) | `[]` | no |
 | snapshot\_retention\_limit | The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | string | `"30"` | no |
 | snapshot\_window | The daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string | `""` | no |
-| source\_security\_group\_ids | List of Security Groups. | list(string) | `[]` | no |
 | tags | A mapping of tags to assign to all resources. | map(string) | `{}` | no |
 | transit\_encryption\_enabled | Whether to enable encryption in transit. | string | `"true"` | no |
 

examples/core/README.md

@@ -23,16 +23,17 @@ terraform apply --auto-approve
 | auto\_minor\_version\_upgrade |  | string | `"true"` | no |
 | automatic\_failover\_enabled | Specifies whether a read-only replica will be automatically promoted to read/write primary if the existing primary fails. | string | `"true"` | no |
 | description | The description of the all resources. | string | `"Managed by Terraform"` | no |
-| engine\_version | The version number of the cache engine to be used for the cache clusters in this replication group. | string | `"5.0.0"` | no |
+| engine\_version | The version number of the cache engine to be used for the cache clusters in this replication group. | string | `"5.0.6"` | no |
 | family | The family of the ElastiCache parameter group. | string | `"redis5.0"` | no |
 | ingress\_cidr\_blocks | List of Ingress CIDR blocks. | list(string) | `[]` | no |
 | kms\_key\_id | The ARN of the key that you wish to use if encrypting at rest. If not supplied, uses service managed encryption. Can be specified only if `at_rest_encryption_enabled = true` | string | `""` | no |
 | maintenance\_window | Specifies the weekly time range for when maintenance on the cache cluster is performed. | string | `""` | no |
+| notification\_topic\_arn | An Amazon Resource Name (ARN) of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic` | string | `""` | no |
 | parameter | A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another | object | `[]` | no |
 | port | The port number on which each of the cache nodes will accept connections. | string | `"6379"` | no |
+| security\_group\_ids | List of Security Groups. | list(string) | `[]` | no |
 | snapshot\_retention\_limit | The number of days for which ElastiCache will retain automatic cache cluster snapshots before deleting them. | string | `"30"` | no |
 | snapshot\_window | The daily time range (in UTC) during which ElastiCache will begin taking a daily snapshot of your cache cluster. | string | `""` | no |
-| source\_security\_group\_ids | List of Security Groups. | list(string) | `[]` | no |
 | tags | A mapping of tags to assign to all resources. | map(string) | `{}` | no |
 | transit\_encryption\_enabled | Whether to enable encryption in transit. | string | `"true"` | no |
 

examples/core/main.tf

@@ -30,7 +30,7 @@ module "vpc" {
 module "redis" {
   source = "../../"
 
-  name_prefix           = "core-example-redis"
+  name_prefix           = "core-example"
   number_cache_clusters = 2
   node_type             = "cache.t3.small"
 

main.tf

@@ -3,9 +3,9 @@ resource "aws_elasticache_replication_group" "redis" {
 
   parameter_group_name = aws_elasticache_parameter_group.redis.name
   subnet_group_name    = aws_elasticache_subnet_group.redis.name
-  security_group_ids   = [aws_security_group.redis.id]
+  security_group_ids   = concat(var.security_group_ids, [aws_security_group.redis.id])
 
-  replication_group_id  = var.name_prefix
+  replication_group_id  = "${var.name_prefix}-redis"
   number_cache_clusters = var.number_cache_clusters
   node_type             = var.node_type
 
@@ -27,16 +27,18 @@ resource "aws_elasticache_replication_group" "redis" {
 
   replication_group_description = var.description
 
+  notification_topic_arn = var.notification_topic_arn
+
   tags = merge(
     {
-      "Name" = var.name_prefix
+      "Name" = "${var.name_prefix}-redis"
     },
     var.tags,
   )
 }
 
 resource "aws_elasticache_parameter_group" "redis" {
-  name        = var.name_prefix
+  name        = "${var.name_prefix}-redis-pg"
   family      = var.family
   description = var.description
 
@@ -50,7 +52,7 @@ resource "aws_elasticache_parameter_group" "redis" {
 }
 
 resource "aws_elasticache_subnet_group" "redis" {
-  name        = var.name_prefix
+  name        = "${var.name_prefix}-redis-sg"
   subnet_ids  = var.subnet_ids
   description = var.description
 }
@@ -61,10 +63,14 @@ resource "aws_security_group" "redis" {
 
   tags = merge(
     {
-      "Name" = "${var.name_prefix}"
+      "Name" = "${var.name_prefix}-redis"
     },
     var.tags
   )
+
+  lifecycle {
+    create_before_destroy = true
+  }
 }
 
 resource "aws_security_group_rule" "redis_ingress_cidr_blocks" {

variables.tf

@@ -29,14 +29,14 @@ variable "ingress_cidr_blocks" {
   default     = []
 }
 
-variable "source_security_group_ids" {
+variable "security_group_ids" {
   type        = list(string)
   description = "List of Security Groups."
   default     = []
 }
 
 variable "engine_version" {
-  default     = "5.0.0"
+  default     = "5.0.6"
   type        = string
   description = "The version number of the cache engine to be used for the cache clusters in this replication group."
 }
@@ -133,4 +133,8 @@ variable "parameter" {
   description = "A list of Redis parameters to apply. Note that parameters may differ from one Redis family to another"
 }
 
-
+variable "notification_topic_arn" {
+  type        = string
+  default     = ""
+  description = "An Amazon Resource Name (ARN) of an SNS topic to send ElastiCache notifications to. Example: `arn:aws:sns:us-east-1:012345678999:my_sns_topic`"
+}