Pass Azure MSI Redis variables to runtime container engine config

Author: raviharshicorp

main.tf

@@ -342,6 +342,8 @@ module "runtime_container_engine_config" {
   redis_ca_cert_path             = "/etc/ssl/private/terraform-enterprise/redis/cacert.pem"
   redis_client_cert_path         = "/etc/ssl/private/terraform-enterprise/redis/cert.pem"
   redis_client_key_path          = "/etc/ssl/private/terraform-enterprise/redis/key.pem"
+  redis_passwordless_azure_use_msi = var.redis_passwordless_azure_use_msi
+  redis_passwordless_azure_client_id = var.redis_passwordless_azure_client_id
 
 
   trusted_proxies = local.trusted_proxies

variables.tf

@@ -208,6 +208,12 @@ variable "sentinel_leader" {
   description = "The name of the Redis Sentinel leader"
 }
 
+variable "redis_enable_iam_auth" {
+  type        = bool
+  description = "Whether to enable IAM authentication for Redis. Used for passwordless authentication."
+  default     = false
+}
+
 # Postgres
 # --------
 variable "db_name" {
@@ -222,6 +228,12 @@ variable "db_username" {
   description = "PostgreSQL instance username. No special characters."
 }
 
+variable "db_iam_username" {
+  default     = null
+  type        = string
+  description = "PostgreSQL IAM username for TFE connection when IAM auth is enabled. If null, uses db_username. No special characters."
+}
+
 variable "db_backup_retention" {
   type        = number
   description = "The days to retain backups for. Must be between 0 and 35"
@@ -902,15 +914,3 @@ variable "db_iam_username" {
   default     = null
   description = "The IAM username for database authentication. Required when postgres_enable_iam_auth is true."
 }
-
-variable "redis_passwordless_azure_use_msi" {
-  description = "Use Azure Managed Service Identity for Redis passwordless authentication"
-  type        = bool
-  default     = false
-}
-
-variable "redis_passwordless_azure_client_id" {
-  description = "Azure client ID for Redis passwordless authentication"
-  type        = string
-  default     = null
-}