diff --git a/src/common/_modules/redis/locals.tf b/src/common/_modules/redis/locals.tf
new file mode 100644
index 000000000..c46ad73d6
--- /dev/null
+++ b/src/common/_modules/redis/locals.tf
@@ -0,0 +1,9 @@
+locals {
+ nonstandard = {
+ weu = {
+ subnet = "rediscommon"
+ redis_common = "${var.project}-redis-common"
+ storage_account = replace(format("%s-stredisbackup", var.project), "-", "")
+ }
+ }
+}
diff --git a/src/common/_modules/redis/main.tf b/src/common/_modules/redis/main.tf
new file mode 100644
index 000000000..cab35958e
--- /dev/null
+++ b/src/common/_modules/redis/main.tf
@@ -0,0 +1,54 @@
+resource "azurerm_redis_cache" "common" {
+ name = try(local.nonstandard[var.location_short].redis_common, "${var.project}-common-redis-01")
+ resource_group_name = var.resource_group_name
+ location = var.location
+ capacity = 2
+ shard_count = 4
+ family = "P"
+ sku_name = "Premium"
+ subnet_id = azurerm_subnet.redis.id
+ public_network_access_enabled = true
+ redis_version = "6"
+ zones = null
+
+ redis_configuration {
+ authentication_enabled = true
+ rdb_backup_enabled = true
+ rdb_backup_frequency = 60
+ rdb_backup_max_snapshot_count = 1
+ rdb_storage_connection_string = module.redis_common_backup_zrs.primary_blob_connection_string
+ data_persistence_authentication_method = "SAS"
+ storage_account_subscription_id = "ec285037-c673-4f58-b594-d7c480da4e8b"
+ }
+
+ patch_schedule {
+ day_of_week = "Sunday"
+ start_hour_utc = 23
+ }
+ patch_schedule {
+ day_of_week = "Monday"
+ start_hour_utc = 23
+ }
+ patch_schedule {
+ day_of_week = "Tuesday"
+ start_hour_utc = 23
+ }
+ patch_schedule {
+ day_of_week = "Wednesday"
+ start_hour_utc = 23
+ }
+ patch_schedule {
+ day_of_week = "Thursday"
+ start_hour_utc = 23
+ }
+
+ # NOTE: There's a bug in the Redis API where the original storage connection string isn't being returned,
+ # which is being tracked here [https://github.com/Azure/azure-rest-api-specs/issues/3037].
+ # At first import/creation, apply without the lifecyle, add it later. Connection string
+ # should be about the blob storage
+ lifecycle {
+ ignore_changes = [redis_configuration[0].rdb_storage_connection_string]
+ }
+
+ tags = var.tags
+}
diff --git a/src/common/_modules/redis/storage_account.tf b/src/common/_modules/redis/storage_account.tf
new file mode 100644
index 000000000..b61f877ee
--- /dev/null
+++ b/src/common/_modules/redis/storage_account.tf
@@ -0,0 +1,17 @@
+module "redis_common_backup_zrs" {
+ source = "github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.27.0"
+
+ name = try(local.nonstandard[var.location_short].storage_account, "${var.project}-redis-common-st-01")
+ account_kind = "StorageV2"
+ account_tier = "Premium"
+ access_tier = "Hot"
+ account_replication_type = "ZRS"
+ resource_group_name = var.resource_group_name
+ location = var.location
+ advanced_threat_protection = true
+ use_legacy_defender_version = false
+ allow_nested_items_to_be_public = false
+ public_network_access_enabled = true
+
+ tags = var.tags
+}
diff --git a/src/common/_modules/redis/subnet.tf b/src/common/_modules/redis/subnet.tf
new file mode 100644
index 000000000..49cb99b84
--- /dev/null
+++ b/src/common/_modules/redis/subnet.tf
@@ -0,0 +1,7 @@
+resource "azurerm_subnet" "redis" {
+ name = try(local.nonstandard[var.location_short].subnet, "${var.project}-redis-snet-01")
+ address_prefixes = [var.cidr_subnet_redis_common]
+ resource_group_name = var.vnet_common.resource_group_name
+ virtual_network_name = var.vnet_common.name
+ private_endpoint_network_policies = "Enabled"
+}
diff --git a/src/common/_modules/redis/variables.tf b/src/common/_modules/redis/variables.tf
new file mode 100644
index 000000000..47d04bedc
--- /dev/null
+++ b/src/common/_modules/redis/variables.tf
@@ -0,0 +1,38 @@
+variable "project" {
+ type = string
+ description = "IO prefix, short environment and short location"
+}
+
+variable "location" {
+ type = string
+ description = "Azure region"
+}
+
+variable "location_short" {
+ type = string
+ description = "Azure region short name"
+}
+
+variable "tags" {
+ type = map(any)
+ description = "Resource tags"
+}
+
+variable "resource_group_name" {
+ type = string
+ description = "Resource group"
+}
+
+variable "vnet_common" {
+ type = object({
+ id = string
+ name = string
+ address_space = list(string)
+ resource_group_name = string
+ })
+ description = "Information of the common VNet"
+}
+
+variable "cidr_subnet_redis_common" {
+ type = string
+}
diff --git a/src/common/prod/.terraform.lock.hcl b/src/common/prod/.terraform.lock.hcl
index 0da24a0e3..1dd464b53 100644
--- a/src/common/prod/.terraform.lock.hcl
+++ b/src/common/prod/.terraform.lock.hcl
@@ -24,25 +24,25 @@ provider "registry.terraform.io/hashicorp/azuread" {
}
provider "registry.terraform.io/hashicorp/azurerm" {
- version = "3.114.0"
- constraints = "~> 3.30, ~> 3.33, ~> 3.76, != 3.97.0, != 3.97.1, <= 3.114.0"
+ version = "3.116.0"
+ constraints = "~> 3.30, ~> 3.33, ~> 3.76, != 3.97.0, != 3.97.1, <= 3.116.0"
hashes = [
- "h1:9gfR0VCUpoynii31LxsLaK9fV1blcnJQi3vnjJLSiaI=",
- "h1:af8gzp2nuiJVXGW2v3Ch9+W/SjbwFCTpWaylAhbiby4=",
- "h1:fIM8Lbg5w2m2HbETUx+aAYnTVtktETwOqnKZyVVajIo=",
- "h1:sP1K3rtDj2pVQqBBn50rOXe+QPFBAKRbI2uExOxnh3M=",
- "zh:016b6f4662d1cfcddbe968624e899c1a20c6df0ed5014cdeed19c3e945ea80ee",
- "zh:08448eeaaa9e9e84a2887282f9524faa2bb000fbdfcdac610c088a74e36e6911",
- "zh:17975bb18d0ad3e2530261773e4fbfae078bfc4db4e0a5458b823b3ec79642e1",
- "zh:3030ad1b13fe487ce791c851c6b5f3035af08f60b335d7be5ce6ce76af43062f",
- "zh:68b2914edae1049506aab9f2c11c5b2b2c8d01aa3e0ad53e07ce75ae58906a45",
- "zh:cffa9af324a0c621317b6d33f80a28159d01706846877d5784d37dad76635d78",
- "zh:d36d44617b890a8a6d404a016c10428c3393e072d484addfb56334183893998b",
- "zh:d5c217d7a24b32b18cb9ad47544050c5ec9e6b40ce3f34ff37be5e2d232b4dad",
- "zh:d5cd83a9701a9bcd17bbd86beb5accdc6c487fcfa472b868bc581e4d5b67d59d",
- "zh:f4ba0bd65d9a10f8185e163217e10e5fa91e386c68e6773c188881b088315477",
+ "h1:2QbjtN4oMXzdA++Nvrj/wSmWZTPgXKOSFGGQCLEMrb4=",
+ "h1:BCR3NIorFSvGG3v/+JOiiw3VM4PkChLO4m84wzD9NDo=",
+ "h1:SJM/KQDW9blKFmLMaupsZVYtcZ0fYpjLHEriMgCBGCY=",
+ "h1:jwwbQ09fH1RdcNsknt1AkvfSUbULsl7nZQn6S8fabFI=",
+ "zh:02b6606aff025fc2a962b3e568e000300abe959adac987183c24dac8eb057f4d",
+ "zh:2a23a8ce24ff9e885925ffee0c3ea7eadba7a702541d05869275778aa47bdea7",
+ "zh:57d10746384baeca4d5c56e88872727cdc150f437b8c5e14f0542127f7475e24",
+ "zh:59e3ebde1a2e1e094c671e179f231ead60684390dbf02d2b1b7fe67a228daa1a",
+ "zh:5f1f5c7d09efa2ee8ddf21bd9efbbf8286f6e90047556bef305c062fa0ac5880",
+ "zh:a40646aee3c9907276dab926e6123a8d70b1e56174836d4c59a9992034f88d70",
+ "zh:c21d40461bc5836cf56ad3d93d2fc47f61138574a55e972ad5ff1cb73bab66dc",
+ "zh:c56fb91a5ae66153ba0f737a26da1b3d4f88fdef7d41c63e06c5772d93b26953",
+ "zh:d1e60e85f51d12fc150aeab8e31d3f18f859c32f927f99deb5b74cb1e10087aa",
+ "zh:ed35e727e7d79e687cd3d148f52b442961ede286e7c5b4da1dcd9f0128009466",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f807554e5e08e38e6526e363641219e89ad9eda0b24ec09f25e61c74eece2490",
+ "zh:f6d2a4e7c58f44e7d04a4a9c73f35ed452f412c97c85def68c4b52814cbe03ab",
]
}
diff --git a/src/common/prod/README.md b/src/common/prod/README.md
index 126e48640..07a2620fc 100644
--- a/src/common/prod/README.md
+++ b/src/common/prod/README.md
@@ -4,7 +4,7 @@
| Name | Version |
|------|---------|
-| [azurerm](#requirement\_azurerm) | <= 3.114.0 |
+| [azurerm](#requirement\_azurerm) | <= 3.116.0 |
## Modules
@@ -18,6 +18,7 @@
| [github\_runner\_itn](#module\_github\_runner\_itn) | ../_modules/github_runner | n/a |
| [global](#module\_global) | ../_modules/global | n/a |
| [monitoring\_weu](#module\_monitoring\_weu) | ../_modules/monitoring | n/a |
+| [redis\_weu](#module\_redis\_weu) | ../_modules/redis | n/a |
## Resources
diff --git a/src/common/prod/main.tf b/src/common/prod/main.tf
index cfb97387e..c9afe146f 100644
--- a/src/common/prod/main.tf
+++ b/src/common/prod/main.tf
@@ -10,7 +10,7 @@ terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
- version = "<= 3.114.0"
+ version = "<= 3.116.0"
}
}
}
diff --git a/src/common/prod/westeurope.tf b/src/common/prod/westeurope.tf
index 8f7ce03cc..9eba98afe 100644
--- a/src/common/prod/westeurope.tf
+++ b/src/common/prod/westeurope.tf
@@ -398,4 +398,18 @@ module "cosmos_api_weu" {
allowed_subnets_ids = values(data.azurerm_subnet.cosmos_api_allowed)[*].id
tags = local.tags
-}
\ No newline at end of file
+}
+
+module "redis_weu" {
+ source = "../_modules/redis"
+
+ location = data.azurerm_resource_group.common_weu.location
+ location_short = local.location_short[data.azurerm_resource_group.common_weu.location]
+ project = local.project_weu_legacy
+
+ resource_group_name = local.resource_groups[local.location_short[data.azurerm_resource_group.common_weu.location]].common
+ vnet_common = local.core.networking.weu.vnet_common
+ cidr_subnet_redis_common = "10.0.200.0/24"
+
+ tags = local.tags
+}
diff --git a/src/core/README.md b/src/core/README.md
index 422ca0fc0..088a978f8 100644
--- a/src/core/README.md
+++ b/src/core/README.md
@@ -40,8 +40,6 @@
| [appservice\_app\_backendl2\_slot\_staging](#module\_appservice\_app\_backendl2\_slot\_staging) | github.com/pagopa/terraform-azurerm-v3//app_service_slot | v8.31.0 |
| [appservice\_app\_backendli](#module\_appservice\_app\_backendli) | github.com/pagopa/terraform-azurerm-v3//app_service | v8.31.0 |
| [appservice\_app\_backendli\_slot\_staging](#module\_appservice\_app\_backendli\_slot\_staging) | github.com/pagopa/terraform-azurerm-v3//app_service_slot | v8.31.0 |
-| [redis\_common\_backup\_zrs](#module\_redis\_common\_backup\_zrs) | github.com/pagopa/terraform-azurerm-v3//storage_account | v8.27.0 |
-| [redis\_common\_snet](#module\_redis\_common\_snet) | github.com/pagopa/terraform-azurerm-v3//subnet | v8.27.0 |
## Resources
diff --git a/src/core/app_backend.tf b/src/core/app_backend.tf
index dac7f148e..1c1a99867 100644
--- a/src/core/app_backend.tf
+++ b/src/core/app_backend.tf
@@ -1,3 +1,8 @@
+data "azurerm_redis_cache" "redis_common" {
+ name = format("%s-redis-common", local.project)
+ resource_group_name = azurerm_resource_group.rg_common.name
+}
+
### Common resources
locals {
diff --git a/src/core/redis.tf b/src/core/redis.tf
deleted file mode 100644
index 282761d8d..000000000
--- a/src/core/redis.tf
+++ /dev/null
@@ -1,32 +0,0 @@
-module "redis_common_snet" {
- source = "github.com/pagopa/terraform-azurerm-v3//subnet?ref=v8.27.0"
-
- name = "rediscommon"
- address_prefixes = var.cidr_subnet_redis_common
- resource_group_name = azurerm_resource_group.rg_common.name
- virtual_network_name = data.azurerm_virtual_network.common.name
- private_endpoint_network_policies_enabled = true
-}
-
-module "redis_common_backup_zrs" {
- source = "github.com/pagopa/terraform-azurerm-v3//storage_account?ref=v8.27.0"
-
- name = replace(format("%s-stredisbackup", local.project), "-", "")
- account_kind = "StorageV2"
- account_tier = "Premium"
- access_tier = "Hot"
- account_replication_type = "ZRS"
- resource_group_name = azurerm_resource_group.rg_common.name
- location = azurerm_resource_group.rg_common.location
- advanced_threat_protection = true
- use_legacy_defender_version = false
- allow_nested_items_to_be_public = false
- public_network_access_enabled = true
-
- tags = var.tags
-}
-
-data "azurerm_redis_cache" "redis_common" {
- name = format("%s-redis-common", local.project)
- resource_group_name = azurerm_resource_group.rg_common.name
-}
diff --git a/src/redis-common/prod/.terraform.lock.hcl b/src/redis-common/prod/.terraform.lock.hcl
deleted file mode 100644
index 0688764f9..000000000
--- a/src/redis-common/prod/.terraform.lock.hcl
+++ /dev/null
@@ -1,25 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/hashicorp/azurerm" {
- version = "3.113.0"
- constraints = "~> 3.30, <= 3.113.0"
- hashes = [
- "h1:32/ivdUXEkPBOQE9aVmuUafSbJNjvptDLHtOk/PXtvQ=",
- "h1:SMgp1in4oxxVeICJMy8qg3WG00jDmLwUfgd9jlO3Ysw=",
- "h1:SbNQLapCxbTbhM37LaRALPizAZMiA5sTRC09sUWgZOo=",
- "h1:eEUtt0lrLdpVaF6FiDq8BGQPgEcykmhj0aNIL7hTOGw=",
- "zh:12479f5664288943400447b55e50df675c28ae82ad8d373cc2e5682f3a3411f0",
- "zh:1b42a14e80e568429d3b55fed753ca3ef0df9dcdfa107890d7264599c020940f",
- "zh:381be6ca617f848de3baa3985a6e1788e91a803afe04a3c5c727453528b6310d",
- "zh:3e70e2e07b6db1c363de3e5d0ca47f27fc956473df03329c7d2e54d3ac29176b",
- "zh:87c7633aeaa828098c6055da9e67d4acaf4b46748b6b3f0267e105e55f05de25",
- "zh:8d0d98226901f874770dd5220d4701a12ae8bd586994615aa7dcba12b9736bec",
- "zh:9fd913acd42a60c3a90a18ce803567ef861db8779a59aacced91f2cbd86de9d9",
- "zh:b6f3f7ae0a055437fb36c139af9bb3135e7f4dad172157ae1eb0177dc74d703f",
- "zh:b927027ba2bf40d34e03d742fd2b6c5299023b5ab8e6f05e50aac76a46ad1094",
- "zh:ceb5187b9d2a439f4e48944f3ffeeeaf47a03dbe6f3325ea1775bf659ce0aa88",
- "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:fb9d78dfeca7489bffca9b1a1f3abee7f16dbbcba31388aea1102062c1d6dce8",
- ]
-}
diff --git a/src/redis-common/prod/main.tf b/src/redis-common/prod/main.tf
deleted file mode 100644
index 5abebf7c5..000000000
--- a/src/redis-common/prod/main.tf
+++ /dev/null
@@ -1,88 +0,0 @@
-terraform {
- required_providers {
- azurerm = {
- source = "hashicorp/azurerm"
- version = "<= 3.113.0"
- }
- }
-
- backend "azurerm" {
- resource_group_name = "terraform-state-rg"
- storage_account_name = "tfinfprodio"
- container_name = "terraform-state"
- key = "io-infra.redis-common.tfstate"
- }
-}
-
-provider "azurerm" {
- features {
- }
-}
-
-data "azurerm_storage_account" "redis_common_backup" {
- name = "iopstredisbackup"
- resource_group_name = "io-p-rg-common"
-}
-
-module "redis_common" {
- source = "github.com/pagopa/terraform-azurerm-v3//redis_cache?ref=v8.27.0"
-
- name = "io-p-redis-common"
- resource_group_name = "io-p-rg-common"
- location = "westeurope"
- capacity = 2
- shard_count = 4
- family = "P"
- sku_name = "Premium"
- subnet_id = "/subscriptions/ec285037-c673-4f58-b594-d7c480da4e8b/resourceGroups/io-p-rg-common/providers/Microsoft.Network/virtualNetworks/io-p-vnet-common/subnets/rediscommon"
- public_network_access_enabled = true
- redis_version = "6"
- zones = null
-
- backup_configuration = {
- frequency = 60
- max_snapshot_count = 1
- storage_connection_string = data.azurerm_storage_account.redis_common_backup.primary_connection_string
- }
-
- # when azure can apply patch?
- patch_schedules = [
- {
- day_of_week = "Sunday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Monday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Tuesday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Wednesday"
- start_hour_utc = 23
- },
- {
- day_of_week = "Thursday"
- start_hour_utc = 23
- },
- ]
-
- # only for this redis we use vnet integration (legacy configuration)
- # DO NOT COPY THIS CONFIGURATION FOR NEW REDIS CACHE
- private_endpoint = {
- enabled = false
- virtual_network_id = ""
- subnet_id = ""
- private_dns_zone_ids = [""]
- }
-
- tags = {
- CreatedBy = "Terraform"
- Environment = "Prod"
- Owner = "IO"
- Source = "https://github.com/pagopa/io-infra"
- CostCenter = "TS310 - PAGAMENTI & SERVIZI"
- }
-}