fix: publicly access

Signed-off-by: thxCode <[email protected]>

Author: thxCode

README.md

@@ -75,7 +75,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_context"></a> [context](#input\_context) | Receive contextual information. When Walrus deploys, Walrus will inject specific contextual information into this field.<br><br>Examples:<pre>context:<br>  project:<br>    name: string<br>    id: string<br>  environment:<br>    name: string<br>    id: string<br>  resource:<br>    name: string<br>    id: string</pre> | `map(any)` | `{}` | no |
-| <a name="input_infrastructure"></a> [infrastructure](#input\_infrastructure) | Specify the infrastructure information for deploying.<br><br>Examples:<pre>infrastructure:<br>  vpc_id: string                   # the ID of the VPC where the Redis service applies<br>  kms_key_id: string, optional     # the ID of the KMS key which to encrypt the Redis data<br>  domain_suffix: string, optional  # a private DNS namespace of the CloudMap where to register the applied Redis service<br>  publicly_accessible: bool        # whether the Redis service is publicly accessible</pre> | <pre>object({<br>    vpc_id              = string<br>    kms_key_id          = optional(string)<br>    domain_suffix       = optional(string)<br>    publicly_accessible = optional(bool, false)<br>  })</pre> | n/a | yes |
+| <a name="input_infrastructure"></a> [infrastructure](#input\_infrastructure) | Specify the infrastructure information for deploying.<br><br>Examples:<pre>infrastructure:<br>  vpc_id: string                       # the ID of the VPC where the Redis service applies<br>  kms_key_id: string, optional         # the ID of the KMS key which to encrypt the Redis data<br>  domain_suffix: string, optional      # a private DNS namespace of the CloudMap where to register the applied Redis service</pre> | <pre>object({<br>    vpc_id        = string<br>    kms_key_id    = optional(string)<br>    domain_suffix = optional(string)<br>  })</pre> | n/a | yes |
 | <a name="input_architecture"></a> [architecture](#input\_architecture) | Specify the deployment architecture, select from standalone or replication. | `string` | `"standalone"` | no |
 | <a name="input_replication_readonly_replicas"></a> [replication\_readonly\_replicas](#input\_replication\_readonly\_replicas) | Specify the number of read-only replicas under the replication deployment. | `number` | `1` | no |
 | <a name="input_engine_version"></a> [engine\_version](#input\_engine\_version) | Specify the deployment engine version. | `string` | `"7.0"` | no |

main.tf

@@ -34,7 +34,7 @@ data "aws_vpc" "selected" {
 
   lifecycle {
     postcondition {
-      condition     = try(var.infrastructure.domain_suffix == null, false) || (self.enable_dns_support && self.enable_dns_hostnames)
+      condition     = var.infrastructure.domain_suffix == null || (self.enable_dns_support && self.enable_dns_hostnames)
       error_message = "VPC needs to enable DNS support and DNS hostnames resolution"
     }
   }
@@ -68,7 +68,7 @@ data "aws_kms_key" "selected" {
 }
 
 data "aws_service_discovery_dns_namespace" "selected" {
-  count = try(var.infrastructure.domain_suffix != null, false) ? 1 : 0
+  count = var.infrastructure.domain_suffix != null ? 1 : 0
 
   name = var.infrastructure.domain_suffix
   type = "DNS_PRIVATE"
@@ -127,7 +127,6 @@ locals {
       if try(c.value != "", false)
     }
   )
-  publicly_accessible = try(var.infrastructure.publicly_accessible, false)
 }
 
 resource "aws_elasticache_parameter_group" "target" {
@@ -172,7 +171,7 @@ resource "aws_security_group_rule" "target" {
   security_group_id = aws_security_group.target.id
   type              = "ingress"
   protocol          = "tcp"
-  cidr_blocks       = local.publicly_accessible ? ["0.0.0.0/0", data.aws_vpc.selected.cidr_block] : [data.aws_vpc.selected.cidr_block]
+  cidr_blocks       = [data.aws_vpc.selected.cidr_block]
   from_port         = 6379
   to_port           = 6379
 }

schema.yaml

@@ -34,15 +34,6 @@ components:
           required:
           - vpc_id
           properties:
-            publicly_accessible:
-              description: |
-                Specify whether to enable public access. If enabled, the Redis service can be accessed from the public network.
-              default: false
-              nullable: true
-              title: Publicly Accessible
-              type: boolean
-              x-walrus-ui:
-                order: 4
             domain_suffix:
               title: Domain Suffix
               type: string

variables.tf

@@ -35,17 +35,15 @@ Specify the infrastructure information for deploying.
 Examples:
 ```
 infrastructure:
-  vpc_id: string                   # the ID of the VPC where the Redis service applies
-  kms_key_id: string, optional     # the ID of the KMS key which to encrypt the Redis data
-  domain_suffix: string, optional  # a private DNS namespace of the CloudMap where to register the applied Redis service
-  publicly_accessible: bool        # whether the Redis service is publicly accessible
+  vpc_id: string                       # the ID of the VPC where the Redis service applies
+  kms_key_id: string, optional         # the ID of the KMS key which to encrypt the Redis data
+  domain_suffix: string, optional      # a private DNS namespace of the CloudMap where to register the applied Redis service
 ```
 EOF
   type = object({
-    vpc_id              = string
-    kms_key_id          = optional(string)
-    domain_suffix       = optional(string)
-    publicly_accessible = optional(bool, false)
+    vpc_id        = string
+    kms_key_id    = optional(string)
+    domain_suffix = optional(string)
   })
 }