Adding ability to encrypt redis at rest and ability to enable TLS for… (#15)

* Adding ability to encrypt redis at rest and ability to enable TLS for redis * Including missing files, generate README correctly * Fix regression on availability_zone variable (wrong default) * Fixing spacing

Adding ability to encrypt redis at rest and ability to enable TLS for… (#15)
* Adding ability to encrypt redis at rest and ability to enable TLS for redis * Including missing files, generate README correctly * Fix regression on availability_zone variable (wrong default) * Fixing spacing
b5c789a6 · Jon Olson · Erik Osterman · 582f8739 · b5c789a6 · b5c789a6
Commit b5c789a6 authored Jul 18, 2018 by Jon Olson Committed by Erik Osterman Jul 18, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 31 additions and 3 deletions

README.md README.md +15 -1

terraform.md docs/terraform.md +3 -1

main.tf main.tf +2 -0

variables.tf variables.tf +11 -1

No files found.
--- a/README.md
+++ b/README.md
@@ -19,6 +19,11 @@ It's 100% Open Source and licensed under the [APACHE2](LICENSE).
 ## Usage
 Include this repository as a module in your existing terraform code:
@@ -70,9 +75,10 @@ Available targets:
 | alarm_cpu_threshold_percent | CPU threshold alarm level | string | `75` | no |
 | alarm_memory_threshold_bytes | Ram threshold alarm level | string | `10000000` | no |
 | apply_immediately | Apply changes immediately | string | `true` | no |
+| at_rest_encryption_enabled | Enable encryption at rest | string | `false` | no |
 | attributes | Additional attributes (_e.g._ "1") | list | `<list>` | no |
 | automatic_failover | Automatic failover (Not available for T1/T2 instances) | string | `false` | no |
-| availability_zones | Availability zone ids | list | `Availability zone ids` | no |
+| availability_zones | Availability zone ids | list | `<list>` | no |
 | cluster_size | Count of nodes in cluster | string | `1` | no |
 | delimiter | Delimiter between `name`, `namespace`, `stage` and `attributes` | string | `-` | no |
 | enabled | Set to false to prevent the module from creating any resources | string | `true` | no |
@@ -88,6 +94,7 @@ Available targets:
 | stage | Stage | string | `default` | no |
 | subnets | AWS subnet ids | list | `<list>` | no |
 | tags | Additional tags (_e.g._ map("BusinessUnit","ABC") | map | `<map>` | no |
+| transit_encryption_enabled | Enable TLS | string | `false` | no |
 | vpc_id | AWS VPC id | string | `REQUIRED` | no |
 | zone_id | Route53 DNS Zone id | string | `false` | no |
@@ -181,6 +188,13 @@ See [LICENSE](LICENSE) for full details.
    under the License.
 ## Trademarks
 All other trademarks referenced herein are the property of their respective owners.

--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -7,9 +7,10 @@
 | alarm_cpu_threshold_percent | CPU threshold alarm level | string | `75` | no |
 | alarm_memory_threshold_bytes | Ram threshold alarm level | string | `10000000` | no |
 | apply_immediately | Apply changes immediately | string | `true` | no |
+| at_rest_encryption_enabled | Enable encryption at rest | string | `false` | no |
 | attributes | Additional attributes (_e.g._ "1") | list | `<list>` | no |
 | automatic_failover | Automatic failover (Not available for T1/T2 instances) | string | `false` | no |
-| availability_zones | Availability zone ids | list | `Availability zone ids` | no |
+| availability_zones | Availability zone ids | list | `<list>` | no |
 | cluster_size | Count of nodes in cluster | string | `1` | no |
 | delimiter | Delimiter between `name`, `namespace`, `stage` and `attributes` | string | `-` | no |
 | enabled | Set to false to prevent the module from creating any resources | string | `true` | no |
@@ -25,6 +26,7 @@
 | stage | Stage | string | `default` | no |
 | subnets | AWS subnet ids | list | `<list>` | no |
 | tags | Additional tags (_e.g._ map("BusinessUnit","ABC") | map | `<map>` | no |
+| transit_encryption_enabled | Enable TLS | string | `false` | no |
 | vpc_id | AWS VPC id | string | `REQUIRED` | no |
 | zone_id | Route53 DNS Zone id | string | `false` | no |

--- a/main.tf
+++ b/main.tf
@@ -62,6 +62,8 @@ resource "aws_elasticache_replication_group" "default" {
  maintenance_window            = "${var.maintenance_window}"
  notification_topic_arn        = "${var.notification_topic_arn}"
  engine_version                = "${var.engine_version}"
+  at_rest_encryption_enabled    = "${var.at_rest_encryption_enabled}"
+  transit_encryption_enabled    = "${var.transit_encryption_enabled}"
  tags = "${module.label.tags}"
 }

--- a/variables.tf
+++ b/variables.tf
@@ -65,6 +65,16 @@ variable "engine_version" {
  description = "Redis engine version"
 }
+variable "at_rest_encryption_enabled" {
+  default     = "false"
+  description = "Enable encryption at rest"
+}
+variable "transit_encryption_enabled" {
+  default     = "false"
+  description = "Enable TLS"
+}
 variable "notification_topic_arn" {
  default     = "10000000"
  description = "Notification topic arn"
@@ -100,7 +110,7 @@ variable "automatic_failover" {
 variable "availability_zones" {
  type        = "list"
  description = "Availability zone ids"
-  default     = "Availability zone ids"
+  default     = []
 }
 variable "zone_id" {