Skip to content

Commit bdf9339

Browse files
raviharshicorpraviharshicorp
committed
fix: Add AWS IAM Redis passwordless authentication support
- Add redis_passwordless_aws_use_iam variable to variables.tf - Pass redis_passwordless_aws_use_iam to runtime_container_engine_config module - Enables AWS IAM authentication for Redis passwordless access via ElastiCache
1 parent 329ddef commit bdf9339

File tree

2 files changed

+13
-12
lines changed

2 files changed

+13
-12
lines changed

main.tf

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -312,12 +312,13 @@ module "runtime_container_engine_config" {
312312
s3_server_side_encryption_kms_key_id = local.kms_key_arn
313313
s3_use_instance_profile = var.aws_access_key_id == null ? "1" : "0"
314314

315-
redis_host = local.redis.hostname
316-
redis_user = local.redis.username
317-
redis_password = local.redis.password
318-
redis_use_tls = local.redis.use_tls
319-
redis_use_auth = local.redis.use_password_auth
320-
redis_use_sentinel = var.enable_redis_sentinel
315+
redis_host = local.redis.hostname
316+
redis_user = local.redis.username
317+
redis_password = local.redis.password
318+
redis_use_tls = local.redis.use_tls
319+
redis_use_auth = local.redis.use_password_auth
320+
redis_passwordless_aws_use_iam = var.redis_passwordless_aws_use_iam
321+
redis_use_sentinel = var.enable_redis_sentinel
321322
redis_sentinel_hosts = local.redis.sentinel_hosts
322323
redis_sentinel_leader_name = local.redis.sentinel_leader
323324
redis_sentinel_user = local.redis.sentinel_username

variables.tf

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -182,6 +182,12 @@ variable "redis_use_password_auth" {
182182
default = false
183183
}
184184

185+
variable "redis_passwordless_aws_use_iam" {
186+
type = bool
187+
description = "Whether to use AWS IAM authentication for Redis passwordless access."
188+
default = false
189+
}
190+
185191
variable "redis_authentication_mode" {
186192
description = "The authentincation mode for redis server instances. Must be one of [USER_AND_PASSWORD, PASSWORD, NONE]."
187193
type = string
@@ -208,12 +214,6 @@ variable "sentinel_leader" {
208214
description = "The name of the Redis Sentinel leader"
209215
}
210216

211-
variable "redis_enable_iam_auth" {
212-
type = bool
213-
description = "Whether to enable IAM authentication for Redis. Used for passwordless authentication."
214-
default = false
215-
}
216-
217217
# Postgres
218218
# --------
219219
variable "db_name" {

0 commit comments

Comments
 (0)