multi region cluster

Author: magreenbaum

README.md

@@ -119,13 +119,13 @@ Examples codified under the [`examples`](https://github.com/terraform-aws-module
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.78 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.82 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.78 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.82 |
 
 ## Modules
 
@@ -162,6 +162,7 @@ No modules.
 | <a name="input_final_snapshot_name"></a> [final\_snapshot\_name](#input\_final\_snapshot\_name) | Name of the final cluster snapshot to be created when this resource is deleted. If omitted, no final snapshot will be made | `string` | `null` | no |
 | <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | ARN of the KMS key used to encrypt the cluster at rest | `string` | `null` | no |
 | <a name="input_maintenance_window"></a> [maintenance\_window](#input\_maintenance\_window) | Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format `ddd:hh24:mi-ddd:hh24:mi` | `string` | `null` | no |
+| <a name="input_multi_region_cluster_name"></a> [multi\_region\_cluster\_name](#input\_multi\_region\_cluster\_name) | The multi region cluster identifier if part of a multi region cluster | `string` | `null` | no |
 | <a name="input_name"></a> [name](#input\_name) | Cluster name - also default name used on all resources if more specific resource names are not provided | `string` | `""` | no |
 | <a name="input_node_type"></a> [node\_type](#input\_node\_type) | The compute and memory capacity of the nodes in the cluster. See AWS documentation on [supported node types](https://docs.aws.amazon.com/memorydb/latest/devguide/nodes.supportedtypes.html) as well as [vertical scaling](https://docs.aws.amazon.com/memorydb/latest/devguide/cluster-vertical-scaling.html) | `string` | `null` | no |
 | <a name="input_num_replicas_per_shard"></a> [num\_replicas\_per\_shard](#input\_num\_replicas\_per\_shard) | The number of replicas to apply to each shard, up to a maximum of 5. Defaults to `1` (i.e. 2 nodes per shard) | `number` | `null` | no |

examples/complete/README.md

@@ -26,14 +26,14 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.78 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.82 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.78 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.82 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 3.0 |
 
 ## Modules

examples/complete/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.78"
+      version = ">= 5.82"
     }
     random = {
       source  = "hashicorp/random"

examples/multi-region/main.tf

@@ -0,0 +1,240 @@
+provider "aws" {
+  region = local.region
+}
+
+provider "aws" {
+  region = "us-west-2"
+  alias  = "us-west-2"
+}
+
+locals {
+  region = "us-east-1"
+  name   = "memorydb-ex-${replace(basename(path.cwd), "_", "-")}"
+
+  tags = {
+    Example     = local.name
+    Environment = "dev"
+  }
+}
+
+################################################################################
+# MemoryDB Module
+################################################################################
+
+module "memory_db_disabled" {
+  source = "../.."
+
+  name   = "${local.name}-disabled"
+  create = false
+}
+
+module "multi_region_cluster" {
+  source = "../../modules/multi-region-cluster"
+
+  create                           = true
+  multi_region_cluster_name_suffix = local.name
+  tls_enabled                      = true
+  engine                           = "valkey"
+  engine_version                   = "7.3"
+  node_type                        = "db.r7g.xlarge"
+  num_shards                       = 2
+}
+
+
+module "memory_db" {
+  source = "../.."
+
+  # Cluster
+  name        = local.name
+  description = "Example MemoryDB cluster"
+
+  # This makes it part of the multi region cluster
+  multi_region_cluster_name = module.multi_region_cluster.multi_region_cluster_name
+
+  #  engine                     = "valkey"
+  #  engine_version             = "7.3"
+  auto_minor_version_upgrade = true
+  node_type                  = "db.r7g.xlarge"
+  num_shards                 = 2
+  num_replicas_per_shard     = 2
+
+  # tls_enabled              = true
+  security_group_ids       = [module.security_group.security_group_id]
+  maintenance_window       = "sun:23:00-mon:01:30"
+  snapshot_retention_limit = 7
+  snapshot_window          = "05:00-09:00"
+
+  # Users
+  users = {
+    admin = {
+      user_name     = "admin-user"
+      access_string = "on ~* &* +@all"
+      type          = "iam"
+      tags          = { user = "admin" }
+    }
+    readonly = {
+      user_name     = "readonly-user"
+      access_string = "on ~* &* -@all +@read"
+      passwords     = [random_password.password.result]
+      tags          = { user = "readonly" }
+    }
+  }
+
+  # ACL
+  create_acl = false
+  acl_name   = "${local.name}-acl"
+  acl_tags   = { acl = "custom" }
+
+  # Parameter group
+  create_parameter_group = false
+
+  # Subnet group
+  subnet_group_name        = "${local.name}-subnet-group"
+  subnet_group_description = "Example MemoryDB subnet group"
+  subnet_ids               = module.vpc.database_subnets
+  subnet_group_tags = {
+    subnet_group = "custom"
+  }
+
+  tags = local.tags
+}
+
+module "secondary_memory_db" {
+  source = "../.."
+
+  # Cluster
+  name        = "${local.name}-secondary"
+  description = "Example MemoryDB cluster"
+
+  # This makes it part of the multi region cluster
+  multi_region_cluster_name = module.multi_region_cluster.multi_region_cluster_name
+
+  #  engine                     = "valkey"
+  #  engine_version             = "7.3"
+  auto_minor_version_upgrade = true
+  node_type                  = "db.r7g.xlarge"
+  num_shards                 = 2
+  num_replicas_per_shard     = 2
+
+  # tls_enabled              = true
+  security_group_ids       = [module.secondary_security_group.security_group_id]
+  maintenance_window       = "sun:23:00-mon:01:30"
+  snapshot_retention_limit = 7
+  snapshot_window          = "05:00-09:00"
+
+  # ACL
+  create_acl = false
+  acl_name   = "${local.name}-acl"
+  acl_tags   = { acl = "custom" }
+
+  # Parameter group
+  create_parameter_group = false
+
+  # Subnet group
+  subnet_group_name        = "${local.name}-subnet-group"
+  subnet_group_description = "Example MemoryDB subnet group"
+  subnet_ids               = module.secondary_vpc.database_subnets
+  subnet_group_tags = {
+    subnet_group = "custom"
+  }
+
+  tags = local.tags
+
+  providers = {
+    aws = aws.us-west-2
+  }
+}
+
+################################################################################
+# Supporting Resources
+################################################################################
+
+module "vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 5.0"
+
+  name = local.name
+  cidr = "10.99.0.0/18"
+
+  azs              = ["${local.region}a", "${local.region}b", "${local.region}d"] # Caution: check which zones are available
+  private_subnets  = ["10.99.0.0/24", "10.99.1.0/24", "10.99.2.0/24"]
+  database_subnets = ["10.99.3.0/24", "10.99.4.0/24", "10.99.5.0/24"]
+
+  create_database_subnet_group = true
+  enable_nat_gateway           = false
+
+  manage_default_security_group  = true
+  default_security_group_ingress = []
+  default_security_group_egress  = []
+
+  tags = local.tags
+}
+
+module "secondary_vpc" {
+  source  = "terraform-aws-modules/vpc/aws"
+  version = "~> 5.0"
+
+  name = local.name
+  cidr = "10.99.0.0/18"
+
+  azs              = ["us-west-2a", "us-west-2b", "us-west-2d"] # Caution: check which zones are available
+  private_subnets  = ["10.99.0.0/24", "10.99.1.0/24", "10.99.2.0/24"]
+  database_subnets = ["10.99.3.0/24", "10.99.4.0/24", "10.99.5.0/24"]
+
+  create_database_subnet_group = true
+  enable_nat_gateway           = false
+
+  manage_default_security_group  = true
+  default_security_group_ingress = []
+  default_security_group_egress  = []
+
+  tags = local.tags
+
+  providers = {
+    aws = aws.us-west-2
+  }
+}
+
+module "security_group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "~> 4.0"
+
+  name        = local.name
+  description = "Security group for ${local.name}"
+  vpc_id      = module.vpc.vpc_id
+
+  ingress_cidr_blocks = module.vpc.private_subnets_cidr_blocks
+  ingress_rules       = ["redis-tcp"]
+
+  egress_cidr_blocks = [module.vpc.vpc_cidr_block]
+  egress_rules       = ["all-all"]
+
+  tags = local.tags
+}
+
+module "secondary_security_group" {
+  source  = "terraform-aws-modules/security-group/aws"
+  version = "~> 4.0"
+
+  name        = local.name
+  description = "Security group for ${local.name}"
+  vpc_id      = module.secondary_vpc.vpc_id
+
+  ingress_cidr_blocks = module.secondary_vpc.private_subnets_cidr_blocks
+  ingress_rules       = ["redis-tcp"]
+
+  egress_cidr_blocks = [module.secondary_vpc.vpc_cidr_block]
+  egress_rules       = ["all-all"]
+
+  tags = local.tags
+
+  providers = {
+    aws = aws.us-west-2
+  }
+}
+
+resource "random_password" "password" {
+  length           = 16
+  special          = true
+  override_special = "_%@"
+}

examples/multi-region/outputs.tf

@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.0"
+
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 5.82"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.0"
+    }
+  }
+}

examples/multi-region/variables.tf

@@ -26,14 +26,14 @@ Note that this example may create resources which will incur monetary charges on
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.78 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.82 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.78 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.82 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 3.0 |
 
 ## Modules

examples/multi-region/versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.78"
+      version = ">= 5.82"
     }
     random = {
       source  = "hashicorp/random"

examples/valkey/README.md

@@ -29,6 +29,7 @@ resource "aws_memorydb_cluster" "this" {
   num_replicas_per_shard     = var.num_replicas_per_shard
   parameter_group_name       = local.parameter_group_name
   data_tiering               = var.data_tiering
+  multi_region_cluster_name  = var.multi_region_cluster_name
 
   acl_name           = local.acl_name
   kms_key_arn        = var.kms_key_arn