Steve-Louie-Bose/test.tf Secret

## test.tf
# https://www.daringway.com/how-to-rotate-random-passwords-in-terraform/
# The above password system is broken because it destroys and creates the random passwords in place at the same time
# as it's being used.

# This actually works if you commit password2 into the state before referring to it
# in the module

# If you add the password2 at the same time as referring to it, it will destroy/create

resource "random_password" "password" {
  min_upper        = 1
  min_lower        = 1
  min_numeric      = 1
  min_special      = 1
  length           = 32
  override_special = "!&#$^<>-"
}

resource "random_password" "password2" {
  min_upper        = 1
  min_lower        = 1
  min_numeric      = 1
  min_special      = 1
  length           = 32
  override_special = "!&#$^<>-"
}

locals{
    password = "hangops123hangops123hangops123hangops123"
    instance_type = "cache.m6g.large"
    subnet_group_name = "elasticache"
}

resource "aws_elasticache_replication_group" "default" {
  auth_token                 = random_password.password5.result
  node_type                  = local.instance_type
  subnet_group_name          = local.subnet_group_name
  replication_group_id       = "hangops-test"
  description                = "hi hangops"
  num_cache_clusters         = 2
  port                       = 6379
  parameter_group_name       = "default.redis7"
  preferred_cache_cluster_azs         = ["us-east-1a", "us-east-1b"]
  automatic_failover_enabled = true
  multi_az_enabled           = true
  security_group_ids         = []
  engine_version             = "7.0"
  at_rest_encryption_enabled = true
  transit_encryption_enabled = true
  apply_immediately          = true
}

module "redis" {
  source = "cloudposse/elasticache-redis/aws"
  # Cloud Posse recommends pinning every module to a specific version
  # version = "x.x.x"
  version = "0.50.0"
  auth_token = random_password.password5.result
  elasticache_subnet_group_name = local.subnet_group_name
  instance_type              = local.instance_type

  availability_zones         = ["us-east-1a", "us-east-1b"]
  vpc_id                     =  "REDACTED"
  cluster_size               = 2

  apply_immediately          = true
  automatic_failover_enabled = true
  engine_version             = "7.0"
  family                     = "redis7"
  at_rest_encryption_enabled = true
  transit_encryption_enabled = true

  context = module.this.context
}
	# https://www.daringway.com/how-to-rotate-random-passwords-in-terraform/
	# The above password system is broken because it destroys and creates the random passwords in place at the same time
	# as it's being used.

	# This actually works if you commit password2 into the state before referring to it
	# in the module

	# If you add the password2 at the same time as referring to it, it will destroy/create

	resource "random_password" "password" {
	min_upper = 1
	min_lower = 1
	min_numeric = 1
	min_special = 1
	length = 32
	override_special = "!&#$^<>-"
	}

	resource "random_password" "password2" {
	min_upper = 1
	min_lower = 1
	min_numeric = 1
	min_special = 1
	length = 32
	override_special = "!&#$^<>-"
	}

	locals{
	password = "hangops123hangops123hangops123hangops123"
	instance_type = "cache.m6g.large"
	subnet_group_name = "elasticache"
	}

	resource "aws_elasticache_replication_group" "default" {
	auth_token = random_password.password5.result
	node_type = local.instance_type
	subnet_group_name = local.subnet_group_name
	replication_group_id = "hangops-test"
	description = "hi hangops"
	num_cache_clusters = 2
	port = 6379
	parameter_group_name = "default.redis7"
	preferred_cache_cluster_azs = ["us-east-1a", "us-east-1b"]
	automatic_failover_enabled = true
	multi_az_enabled = true
	security_group_ids = []
	engine_version = "7.0"
	at_rest_encryption_enabled = true
	transit_encryption_enabled = true
	apply_immediately = true
	}

	module "redis" {
	source = "cloudposse/elasticache-redis/aws"
	# Cloud Posse recommends pinning every module to a specific version
	# version = "x.x.x"
	version = "0.50.0"
	auth_token = random_password.password5.result
	elasticache_subnet_group_name = local.subnet_group_name
	instance_type = local.instance_type

	availability_zones = ["us-east-1a", "us-east-1b"]
	vpc_id = "REDACTED"
	cluster_size = 2

	apply_immediately = true
	automatic_failover_enabled = true
	engine_version = "7.0"
	family = "redis7"
	at_rest_encryption_enabled = true
	transit_encryption_enabled = true

	context = module.this.context
	}