From 3d244c67f329ba294d1f1affab385390edd41760 Mon Sep 17 00:00:00 2001 From: Jordan Fineberg Date: Wed, 8 Nov 2023 10:51:14 -0800 Subject: [PATCH] add transit encryption variable for elasticache cluster resource --- main.tf | 19 ++++++++++--------- variables.tf | 6 ++++++ 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/main.tf b/main.tf index b31d716..bc9efc1 100644 --- a/main.tf +++ b/main.tf @@ -99,15 +99,16 @@ resource "aws_elasticache_parameter_group" "default" { } resource "aws_elasticache_cluster" "default" { - count = local.enabled ? 1 : 0 - apply_immediately = var.apply_immediately - cluster_id = module.this.id - engine = "memcached" - engine_version = var.engine_version - node_type = var.instance_type - num_cache_nodes = var.cluster_size - parameter_group_name = join("", aws_elasticache_parameter_group.default[*].name) - subnet_group_name = local.elasticache_subnet_group_name + count = local.enabled ? 1 : 0 + apply_immediately = var.apply_immediately + cluster_id = module.this.id + engine = "memcached" + engine_version = var.engine_version + node_type = var.instance_type + num_cache_nodes = var.cluster_size + parameter_group_name = join("", aws_elasticache_parameter_group.default[*].name) + transit_encryption_enabled = var.transit_encryption_enabled + subnet_group_name = local.elasticache_subnet_group_name # It would be nice to remove null or duplicate security group IDs, if there are any, using `compact`, # but that causes problems, and having duplicates does not seem to cause problems. # See https://github.com/hashicorp/terraform/issues/29799 diff --git a/variables.tf b/variables.tf index dbab83c..105193d 100644 --- a/variables.tf +++ b/variables.tf @@ -123,3 +123,9 @@ variable "cloudwatch_metric_alarms_enabled" { description = "Boolean flag to enable/disable CloudWatch metrics alarms" default = false } + +variable "transit_encryption_enabled" { + type = bool + description = "Boolean flag to enable transit encryption (requires Memcached version 1.6.12+)" + default = false +}