From 169f97d69fa514a6ef28bf1263bd462a3c6ccdfb Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Mon, 8 Jul 2024 12:17:29 -0500 Subject: [PATCH 01/10] Add elasticache tf file --- infrastructure/elasticache.tf | 39 +++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 infrastructure/elasticache.tf diff --git a/infrastructure/elasticache.tf b/infrastructure/elasticache.tf new file mode 100644 index 00000000..dba16374 --- /dev/null +++ b/infrastructure/elasticache.tf @@ -0,0 +1,39 @@ +resource "aws_security_group" "elasticache_security_group" { + name_prefix = "elasticache-" + description = "ElastiCache security group" + + ingress { + from_port = 6379 + to_port = 6379 + protocol = "tcp" + cidr_blocks = ["10.0.2.0/24"] // Restrict to a specific CIDR block, ideally your VPC's CIDR + } +} + +resource "aws_elasticache_subnet_group" "crossfeed_vpc" { + name = "aws_vpc.crossfeed_vpc" + subnet_ids = [aws_subnet.backend.id] + + tags = { + Name = "crossfeed_vpc" + } +} + +resource "aws_elasticache_cluster" "crossfeed_vpc_elasticache_cluster" { + count = var.create_elastcache_cluster ? 1 : 0 + cluster_id = "crossfeed-vpc-cluster" + engine = "redis" + node_type = "cache.r7g.xlarge" + num_cache_nodes = 1 + parameter_group_name = "default.redis7.1" + engine_version = "7.1.0" + port = 6379 + subnet_group_name = aws_elasticache_subnet_group.crossfeed_vpc.name + security_group_ids = [aws_security_group.elasticache_security_group.id] + + tags = { + Name = "crossfeed_vpc_elasticache-cluster" + Project = var.project + Stage = var.stage + } +} \ No newline at end of file From 84222283b21b359e366ad280bee42223b38bb6a9 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Mon, 8 Jul 2024 13:47:03 -0500 Subject: [PATCH 02/10] Update elasticache variables --- infrastructure/prod.tfvars | 1 + infrastructure/stage.tfvars | 1 + infrastructure/vars.tf | 6 ++++++ 3 files changed, 8 insertions(+) diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index 5d1bc555..f90e13ac 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -103,3 +103,4 @@ ssm_redshift_host = "/crossfeed/prod/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/prod/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/prod/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/prod/REDSHIFT_PASSWORD" +create_elastcache_cluster = false \ No newline at end of file diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index e40e34f0..d2b25e6d 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -105,3 +105,4 @@ ssm_redshift_host = "/crossfeed/staging/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/staging/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/staging/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/staging/REDSHIFT_PASSWORD" +create_elastcache_cluster = true \ No newline at end of file diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf index f920dc56..5f4e3097 100644 --- a/infrastructure/vars.tf +++ b/infrastructure/vars.tf @@ -656,3 +656,9 @@ variable "ssm_redshift_password" { type = string default = "/crossfeed/staging/REDSHIFT_PASSWORD" } + +variable "create_elastcache_cluster" { + description = "Whether to create a elasticache cluster." + type = bool + default = false +} From 7cdfb31264760b538b7dba6ed393013481423ed7 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Mon, 8 Jul 2024 14:34:05 -0500 Subject: [PATCH 03/10] Remove variable pe_cybersixgill_service_name --- infrastructure/stage.tfvars | 1 - 1 file changed, 1 deletion(-) diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index d2b25e6d..35ceb6d2 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -68,7 +68,6 @@ pe_worker_ecs_cluster_name = "pe-staging-worker" pe_worker_ecs_task_definition_family = "pe-staging-worker" pe_worker_ecs_log_group_name = "pe-staging-worker" pe_worker_ecs_role_name = "pe-staging-worker" -pe_cybersixgill_ecs_service_name = "pe-staging-cybersixgill" logging_bucket_name = "cisa-crossfeed-staging-logging" cloudtrail_name = "crossfeed-staging-all-events" cloudtrail_bucket_name = "cisa-crossfeed-staging-cloudtrail" From 6d09f36b72c0c9111248bf0998365fc7f9b34f21 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:23:10 -0500 Subject: [PATCH 04/10] Update variable names --- infrastructure/stage.tfvars | 2 +- infrastructure/vars.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index 35ceb6d2..7bc16d92 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -104,4 +104,4 @@ ssm_redshift_host = "/crossfeed/staging/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/staging/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/staging/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/staging/REDSHIFT_PASSWORD" -create_elastcache_cluster = true \ No newline at end of file +create_elasticache_cluster = true \ No newline at end of file diff --git a/infrastructure/vars.tf b/infrastructure/vars.tf index 5f4e3097..36cf07b7 100644 --- a/infrastructure/vars.tf +++ b/infrastructure/vars.tf @@ -657,7 +657,7 @@ variable "ssm_redshift_password" { default = "/crossfeed/staging/REDSHIFT_PASSWORD" } -variable "create_elastcache_cluster" { +variable "create_elasticache_cluster" { description = "Whether to create a elasticache cluster." type = bool default = false From 56973f37021515fe55e3578189a44bde87220e21 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:25:17 -0500 Subject: [PATCH 05/10] Add blank lines to EOF --- infrastructure/stage.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index 7bc16d92..ecc33f94 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -104,4 +104,4 @@ ssm_redshift_host = "/crossfeed/staging/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/staging/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/staging/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/staging/REDSHIFT_PASSWORD" -create_elasticache_cluster = true \ No newline at end of file +create_elasticache_cluster = true From bc8c12eed4dda081aaa06e3496f92d80d82a597c Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:27:22 -0500 Subject: [PATCH 06/10] Update statge.tfvars formatting --- infrastructure/stage.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/stage.tfvars b/infrastructure/stage.tfvars index ecc33f94..85720ffb 100644 --- a/infrastructure/stage.tfvars +++ b/infrastructure/stage.tfvars @@ -104,4 +104,4 @@ ssm_redshift_host = "/crossfeed/staging/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/staging/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/staging/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/staging/REDSHIFT_PASSWORD" -create_elasticache_cluster = true +create_elasticache_cluster = true From 2e9cf4135415f627e4b08e27c259d4d074d78ae0 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:30:38 -0500 Subject: [PATCH 07/10] Fix variable spelling --- infrastructure/elasticache.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/elasticache.tf b/infrastructure/elasticache.tf index dba16374..b5553912 100644 --- a/infrastructure/elasticache.tf +++ b/infrastructure/elasticache.tf @@ -20,13 +20,13 @@ resource "aws_elasticache_subnet_group" "crossfeed_vpc" { } resource "aws_elasticache_cluster" "crossfeed_vpc_elasticache_cluster" { - count = var.create_elastcache_cluster ? 1 : 0 + count = var.create_elasticache_cluster ? 1 : 0 cluster_id = "crossfeed-vpc-cluster" engine = "redis" node_type = "cache.r7g.xlarge" num_cache_nodes = 1 parameter_group_name = "default.redis7.1" - engine_version = "7.1.0" + engine_version = "7.1" port = 6379 subnet_group_name = aws_elasticache_subnet_group.crossfeed_vpc.name security_group_ids = [aws_security_group.elasticache_security_group.id] @@ -36,4 +36,4 @@ resource "aws_elasticache_cluster" "crossfeed_vpc_elasticache_cluster" { Project = var.project Stage = var.stage } -} \ No newline at end of file +} From 7dbdc2526d25355e2165598f530e4a1c2077b6fa Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:36:38 -0500 Subject: [PATCH 08/10] Update prod.tfvars formatting --- infrastructure/prod.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index f90e13ac..3da79467 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -103,4 +103,4 @@ ssm_redshift_host = "/crossfeed/prod/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/prod/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/prod/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/prod/REDSHIFT_PASSWORD" -create_elastcache_cluster = false \ No newline at end of file +create_elastcache_cluster = false From 7d13030b719c127424eee287b215a359031ca3d8 Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:39:51 -0500 Subject: [PATCH 09/10] Update prod.tfvars variable --- infrastructure/prod.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index 3da79467..0c87d90d 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -103,4 +103,4 @@ ssm_redshift_host = "/crossfeed/prod/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/prod/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/prod/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/prod/REDSHIFT_PASSWORD" -create_elastcache_cluster = false +create_elasticache_cluster = false From 3aefd3b349b769629aa5fe5d91a6a2bee05a631c Mon Sep 17 00:00:00 2001 From: cduhn17 Date: Thu, 11 Jul 2024 07:44:43 -0500 Subject: [PATCH 10/10] Update prod.tfvars format --- infrastructure/prod.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars index 0c87d90d..4d03b446 100644 --- a/infrastructure/prod.tfvars +++ b/infrastructure/prod.tfvars @@ -103,4 +103,4 @@ ssm_redshift_host = "/crossfeed/prod/REDSHIFT_HOST" ssm_redshift_database = "/crossfeed/prod/REDSHIFT_DATABASE" ssm_redshift_user = "/crossfeed/prod/REDSHIFT_USER" ssm_redshift_password = "/crossfeed/prod/REDSHIFT_PASSWORD" -create_elasticache_cluster = false +create_elasticache_cluster = false