[FEAT] add global_replication_group_id support (#253)

README.md

@@ -247,6 +247,7 @@ Available targets:
 | <a name="input_existing_security_groups"></a> [existing\_security\_groups](#input\_existing\_security\_groups) | DEPRECATED: Use `associated_security_group_ids` instead.<br/>Historical description: List of existing Security Group IDs to place the cluster into.<br/>Set `use_existing_security_groups` to `true` to enable using `existing_security_groups` as Security Groups for the cluster. | `list(string)` | `[]` | no |
 | <a name="input_family"></a> [family](#input\_family) | The family of the ElastiCache parameter group | `string` | `"redis4.0"` | no |
 | <a name="input_final_snapshot_identifier"></a> [final\_snapshot\_identifier](#input\_final\_snapshot\_identifier) | The name of your final node group (shard) snapshot. ElastiCache creates the snapshot from the primary node in the cluster. If omitted, no final snapshot will be made. | `string` | `null` | no |
+| <a name="input_global_replication_group_id"></a> [global\_replication\_group\_id](#input\_global\_replication\_group\_id) | The ID of the global replication group to which this replication group should belong. If this parameter is specified, the replication group is added to the specified global replication group as a secondary replication group. When `global_replication_group_id` is set, the following parameters are ignored (set to `null`): `engine`, `engine_version`, `instance_type`, `cluster_mode_num_node_groups`, `transit_encryption_enabled`, and `snapshot_arns`. Additionally, `create_parameter_group` is set to `false`. | `string` | `null` | no |
 | <a name="input_id_length_limit"></a> [id\_length\_limit](#input\_id\_length\_limit) | Limit `id` to this many characters (minimum 6).<br/>Set to `0` for unlimited length.<br/>Set to `null` for keep the existing setting, which defaults to `0`.<br/>Does not affect `id_full`. | `number` | `null` | no |
 | <a name="input_inline_rules_enabled"></a> [inline\_rules\_enabled](#input\_inline\_rules\_enabled) | NOT RECOMMENDED. Create rules "inline" instead of as separate `aws_security_group_rule` resources.<br/>See [#20046](https://github.com/hashicorp/terraform-provider-aws/issues/20046) for one of several issues with inline rules.<br/>See [this post](https://github.com/hashicorp/terraform-provider-aws/pull/9032#issuecomment-639545250) for details on the difference between inline rules and rule resources. | `bool` | `false` | no |
 | <a name="input_instance_type"></a> [instance\_type](#input\_instance\_type) | Elastic cache instance type | `string` | `"cache.t2.micro"` | no |

main.tf

@@ -5,6 +5,14 @@ locals {
   enabled                    = module.this.enabled
   create_normal_instance     = local.enabled && !var.serverless_enabled
   create_serverless_instance = local.enabled && var.serverless_enabled
+  create_parameter_group     = var.global_replication_group_id == null ? var.create_parameter_group : false
+  engine                     = var.global_replication_group_id == null ? var.engine : null
+  engine_version             = var.global_replication_group_id == null ? var.engine_version : null
+  instance_type              = var.global_replication_group_id == null ? var.instance_type : null
+  num_node_groups            = (var.global_replication_group_id == null && var.cluster_mode_enabled) ? var.cluster_mode_num_node_groups : null
+  transit_encryption_enabled = var.global_replication_group_id == null ? var.transit_encryption_enabled : null
+  at_rest_encryption_enabled = var.global_replication_group_id == null ? var.at_rest_encryption_enabled : null
+  snapshot_arns              = var.global_replication_group_id == null ? var.snapshot_arns : null
 
   legacy_egress_rule = local.use_legacy_egress ? {
     key         = "legacy-egress"
@@ -89,14 +97,11 @@ locals {
   # The name of the parameter group can’t include "."
   safe_family = replace(var.family, ".", "-")
 
-  parameter_group_name = (
-    var.parameter_group_name != null ? var.parameter_group_name : (
-      var.create_parameter_group
-      ?
-      "${module.this.id}-${local.safe_family}" # The name of the new parameter group to be created
-      :
-      "default.${var.family}" # Default parameter group name created by AWS
-    )
+  parameter_group_name = var.global_replication_group_id != null ? null : coalesce(
+    var.parameter_group_name,
+    var.create_parameter_group ?
+    "${module.this.id}-${local.safe_family}" # The name of the new parameter group to be created
+    : "default.${var.family}"                # Default parameter group name created by AWS
   )
 
   arn = (
@@ -128,7 +133,7 @@ resource "aws_elasticache_subnet_group" "default" {
 }
 
 resource "aws_elasticache_parameter_group" "default" {
-  count       = local.enabled && var.create_parameter_group ? 1 : 0
+  count       = local.enabled && local.create_parameter_group ? 1 : 0
   name        = local.parameter_group_name
   description = var.parameter_group_description != null ? var.parameter_group_description : "Elasticache parameter group ${local.parameter_group_name}"
   family      = var.family
@@ -161,7 +166,7 @@ resource "aws_elasticache_replication_group" "default" {
   auth_token_update_strategy  = var.auth_token_update_strategy
   replication_group_id        = var.replication_group_id == "" ? module.this.id : var.replication_group_id
   description                 = coalesce(var.description, module.this.id)
-  node_type                   = var.instance_type
+  node_type                   = local.instance_type
   num_cache_clusters          = var.cluster_mode_enabled ? null : var.cluster_size
   port                        = var.port
   parameter_group_name        = local.parameter_group_name
@@ -173,23 +178,24 @@ resource "aws_elasticache_replication_group" "default" {
   # It would be nice to remove null or duplicate security group IDs, if there are any, using `compact`,
   # but that causes problems, and having duplicates does not seem to cause problems.
   # See https://github.com/hashicorp/terraform/issues/29799
-  security_group_ids         = local.create_security_group ? concat(local.associated_security_group_ids, [module.aws_security_group.id]) : local.associated_security_group_ids
-  maintenance_window         = var.maintenance_window
-  notification_topic_arn     = var.notification_topic_arn
-  engine                     = var.engine
-  engine_version             = var.engine_version
-  at_rest_encryption_enabled = var.at_rest_encryption_enabled
-  transit_encryption_enabled = var.transit_encryption_enabled
-  transit_encryption_mode    = var.transit_encryption_mode
-  kms_key_id                 = var.at_rest_encryption_enabled ? var.kms_key_id : null
-  snapshot_name              = var.snapshot_name
-  snapshot_arns              = var.snapshot_arns
-  snapshot_window            = var.snapshot_window
-  snapshot_retention_limit   = var.snapshot_retention_limit
-  final_snapshot_identifier  = var.final_snapshot_identifier
-  apply_immediately          = var.apply_immediately
-  data_tiering_enabled       = var.data_tiering_enabled
-  auto_minor_version_upgrade = var.auto_minor_version_upgrade
+  security_group_ids          = local.create_security_group ? concat(local.associated_security_group_ids, [module.aws_security_group.id]) : local.associated_security_group_ids
+  maintenance_window          = var.maintenance_window
+  notification_topic_arn      = var.notification_topic_arn
+  engine                      = local.engine
+  engine_version              = local.engine_version
+  at_rest_encryption_enabled  = local.at_rest_encryption_enabled
+  transit_encryption_enabled  = local.transit_encryption_enabled
+  transit_encryption_mode     = var.transit_encryption_mode
+  kms_key_id                  = var.at_rest_encryption_enabled ? var.kms_key_id : null
+  snapshot_name               = var.snapshot_name
+  snapshot_arns               = local.snapshot_arns
+  snapshot_window             = var.snapshot_window
+  snapshot_retention_limit    = var.snapshot_retention_limit
+  final_snapshot_identifier   = var.final_snapshot_identifier
+  apply_immediately           = var.apply_immediately
+  data_tiering_enabled        = var.data_tiering_enabled
+  auto_minor_version_upgrade  = var.auto_minor_version_upgrade
+  global_replication_group_id = var.global_replication_group_id
 
   dynamic "log_delivery_configuration" {
     for_each = var.log_delivery_configuration
@@ -204,7 +210,7 @@ resource "aws_elasticache_replication_group" "default" {
 
   tags = module.this.tags
 
-  num_node_groups         = var.cluster_mode_enabled ? var.cluster_mode_num_node_groups : null
+  num_node_groups         = local.num_node_groups
   replicas_per_node_group = var.cluster_mode_enabled ? var.cluster_mode_replicas_per_node_group : null
   user_group_ids          = var.user_group_ids
 

variables.tf

@@ -298,7 +298,6 @@ variable "auto_minor_version_upgrade" {
   description = "Specifies whether minor version engine upgrades will be applied automatically to the underlying Cache Cluster instances during the maintenance window. Only supported if the engine version is 6 or higher."
 }
 
-# Add boolean to create a serverless cluster
 variable "serverless_enabled" {
   type        = bool
   default     = false
@@ -334,3 +333,9 @@ variable "serverless_snapshot_arns_to_restore" {
   default     = []
   description = "The list of ARN(s) of the snapshot that the new serverless cache will be created from. Available for Redis only."
 }
+
+variable "global_replication_group_id" {
+  type        = string
+  default     = null
+  description = "The ID of the global replication group to which this replication group should belong. If this parameter is specified, the replication group is added to the specified global replication group as a secondary replication group; otherwise, the replication group is not part of any global replication group. If global_replication_group_id is set, the num_node_groups parameter cannot be set."
+}

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 5.47"
+      version = ">= 5.47.0"
     }
   }
 }