From 6ad6de024f49d24655299d567163b8109ec4d526 Mon Sep 17 00:00:00 2001
From: Melissa Greenbaum <69476188+magreenbaum@users.noreply.github.com>
Date: Mon, 6 May 2024 20:07:08 -0400
Subject: [PATCH] feat: Support IAM Auth mode for memorydb cluster (#8)
---
README.md | 6 +++---
examples/complete/README.md | 6 +++---
examples/complete/main.tf | 12 +++++-------
examples/complete/versions.tf | 2 +-
main.tf | 4 ++--
variables.tf | 2 +-
versions.tf | 2 +-
7 files changed, 16 insertions(+), 18 deletions(-)
diff --git a/README.md b/README.md
index ca128a7..29791db 100644
--- a/README.md
+++ b/README.md
@@ -118,13 +118,13 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.0 |
+| [aws](#requirement\_aws) | >= 5.47 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.0 |
+| [aws](#provider\_aws) | >= 5.47 |
## Modules
@@ -185,7 +185,7 @@ No modules.
| [tags](#input\_tags) | A map of tags to use on all resources | `map(string)` | `{}` | no |
| [tls\_enabled](#input\_tls\_enabled) | A flag to enable in-transit encryption on the cluster. When set to `false`, the `acl_name` must be `open-access`. Defaults to `true` | `bool` | `null` | no |
| [use\_name\_prefix](#input\_use\_name\_prefix) | Determines whether `name` is used as a prefix for the cluster | `bool` | `false` | no |
-| [users](#input\_users) | A map of user definitions (maps) to be created | `map(any)` | `{}` | no |
+| [users](#input\_users) | A map of user definitions (maps) to be created | `any` | `{}` | no |
## Outputs
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 0a7e475..31d07d1 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -26,14 +26,14 @@ Note that this example may create resources which will incur monetary charges on
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.0 |
-| [aws](#requirement\_aws) | >= 5.0 |
+| [aws](#requirement\_aws) | >= 5.47 |
| [random](#requirement\_random) | >= 3.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.0 |
+| [aws](#provider\_aws) | >= 5.47 |
| [random](#provider\_random) | >= 3.0 |
## Modules
@@ -43,7 +43,7 @@ Note that this example may create resources which will incur monetary charges on
| [memory\_db](#module\_memory\_db) | ../.. | n/a |
| [memory\_db\_disabled](#module\_memory\_db\_disabled) | ../.. | n/a |
| [security\_group](#module\_security\_group) | terraform-aws-modules/security-group/aws | ~> 4.0 |
-| [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 4.0 |
+| [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | ~> 5.0 |
## Resources
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 987ef5f..f5250aa 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -30,7 +30,7 @@ module "memory_db" {
name = local.name
description = "Example MemoryDB cluster"
- engine_version = "6.2"
+ engine_version = "7.0"
auto_minor_version_upgrade = true
node_type = "db.r6gd.xlarge"
num_shards = 2
@@ -49,13 +49,13 @@ module "memory_db" {
admin = {
user_name = "admin-user"
access_string = "on ~* &* +@all"
- passwords = [random_password.password["admin"].result]
+ type = "iam"
tags = { user = "admin" }
}
readonly = {
user_name = "readonly-user"
access_string = "on ~* &* -@all +@read"
- passwords = [random_password.password["readonly"].result]
+ passwords = [random_password.password.result]
tags = { user = "readonly" }
}
}
@@ -67,7 +67,7 @@ module "memory_db" {
# Parameter group
parameter_group_name = "${local.name}-param-group"
parameter_group_description = "Example MemoryDB parameter group"
- parameter_group_family = "memorydb_redis6"
+ parameter_group_family = "memorydb_redis7"
parameter_group_parameters = [
{
name = "activedefrag"
@@ -95,7 +95,7 @@ module "memory_db" {
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
- version = "~> 4.0"
+ version = "~> 5.0"
name = local.name
cidr = "10.99.0.0/18"
@@ -139,8 +139,6 @@ resource "aws_sns_topic" "example" {
}
resource "random_password" "password" {
- for_each = toset(["admin", "readonly"])
-
length = 16
special = true
override_special = "_%@"
diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf
index 5d81057..5e9aae4 100644
--- a/examples/complete/versions.tf
+++ b/examples/complete/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.0"
+ version = ">= 5.47"
}
random = {
source = "hashicorp/random"
diff --git a/main.tf b/main.tf
index ea9dcea..e0f935e 100644
--- a/main.tf
+++ b/main.tf
@@ -58,8 +58,8 @@ resource "aws_memorydb_user" "this" {
access_string = each.value.access_string
authentication_mode {
- type = "password"
- passwords = each.value.passwords
+ type = try(each.value.type, "password")
+ passwords = try(each.value.passwords, null)
}
tags = merge(var.tags, lookup(each.value, "tags", {}))
diff --git a/variables.tf b/variables.tf
index 6f59ad2..aec277f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -146,7 +146,7 @@ variable "create_users" {
variable "users" {
description = "A map of user definitions (maps) to be created"
- type = map(any)
+ type = any
default = {}
}
diff --git a/versions.tf b/versions.tf
index ddfcb0e..407a955 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.0"
+ version = ">= 5.47"
}
}
}