Modify AWS BYOVPC documentation to use terraform module examples#506
Modify AWS BYOVPC documentation to use terraform module examples#506frenchfrywpepper wants to merge 10 commits intomainfrom
Conversation
✅ Deploy Preview for rp-cloud ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Use the checkbox below for a quick retry:
📝 WalkthroughWalkthroughThis pull request rewrites the AWS BYOVPC deployment documentation to replace manual Terraform setup references with a registry-based Redpanda module approach. The guide shifts from cloud-examples repository patterns and Cloud API-based authentication flows to a consolidated Terraform module-centric deployment. Key additions include the Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 2
🧹 Nitpick comments (2)
modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc (2)
206-210: Note the dependency betweenenable_redpanda_connectand theredpanda_connect_*cluster fields.The
redpanda_connect_node_group_instance_profileandredpanda_connect_security_groupblocks inredpanda_clusterconsume outputs that the module only produces whenenable_redpanda_connect = true(set at line 98). If a user adjusts the module flag tofalse, they must also remove those two blocks from the cluster resource, or Terraform will reference non-existent outputs. A short inline note or comment would preempt this silent misconfiguration.📝 Suggested inline comment
+ # The following two blocks are only required when + # enable_redpanda_connect = true in the module above. redpanda_connect_node_group_instance_profile = { arn = module.redpanda_byovpc.redpanda_connect_node_group_instance_profile_arn } redpanda_connect_security_group = { arn = module.redpanda_byovpc.redpanda_connect_security_group_arn }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc` around lines 206 - 210, Add an inline comment next to the redpanda_connect_node_group_instance_profile and redpanda_connect_security_group blocks explaining they depend on enable_redpanda_connect being true because they consume outputs from module.redpanda_byovpc (redpanda_connect_node_group_instance_profile_arn and redpanda_connect_security_group_arn); instruct users to remove these blocks or conditionally include them when enable_redpanda_connect is false to avoid Terraform referencing non-existent outputs.
90-105: Pin a module version in all threemodule "redpanda_byovpc"blocks.All three module invocations (lines 90–105, 262–266, and 287–303) omit a
versionconstraint. Without one,terraform initwill silently pull the latest release, which can introduce breaking changes between documentation readers' runs. The Terraform Registry shows2.1.7as the current latest release and includes it in the canonical example snippet.📌 Proposed fix (apply to all three module blocks)
module "redpanda_byovpc" { source = "redpanda-data/redpanda-byovpc/aws" + version = "~> 2.1" common_prefix = local.common_prefix ... }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc` around lines 90 - 105, The three module invocations named module "redpanda_byovpc" are missing a pinned Terraform Registry version; update each module block (the module "redpanda_byovpc" that sets source = "redpanda-data/redpanda-byovpc/aws") to include a version constraint (e.g. version = "2.1.7") so terraform init will use a fixed release; apply the same version line to all three module "redpanda_byovpc" blocks in the file.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc`:
- Around line 274-278: The allowed_principals ARN uses a shell-style $ACCOUNT_ID
which Terraform won't interpolate; update the
aws_private_link.allowed_principals entry to reference a Terraform variable
(e.g., var.aws_account_id) instead of $ACCOUNT_ID and add a corresponding
variable declaration named aws_account_id (string) with a description, or
alternatively add a clear inline comment next to the allowed_principals line
warning readers not to copy a shell-style placeholder and to replace it with
var.aws_account_id.
- Line 108: Update the NOTE that says "At least one public subnet is required to
create a cluster" to explicitly state that this requirement applies overall but
that when using a pre-existing VPC the module will rely on any already-existing
public subnets in that VPC; clarify that setting public_subnet_cidrs = [] only
prevents the module from creating public subnets (it does not negate the
requirement) and mention that if the pre-existing VPC lacks public subnets the
user must provide or create at least one before creating the cluster; reference
the configuration symbols create_internet_gateway and public_subnet_cidrs so the
reader knows which settings control module-managed gateway and subnet creation.
---
Nitpick comments:
In `@modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc`:
- Around line 206-210: Add an inline comment next to the
redpanda_connect_node_group_instance_profile and redpanda_connect_security_group
blocks explaining they depend on enable_redpanda_connect being true because they
consume outputs from module.redpanda_byovpc
(redpanda_connect_node_group_instance_profile_arn and
redpanda_connect_security_group_arn); instruct users to remove these blocks or
conditionally include them when enable_redpanda_connect is false to avoid
Terraform referencing non-existent outputs.
- Around line 90-105: The three module invocations named module
"redpanda_byovpc" are missing a pinned Terraform Registry version; update each
module block (the module "redpanda_byovpc" that sets source =
"redpanda-data/redpanda-byovpc/aws") to include a version constraint (e.g.
version = "2.1.7") so terraform init will use a fixed release; apply the same
version line to all three module "redpanda_byovpc" blocks in the file.
modules/get-started/pages/cluster-types/byoc/aws/vpc-byo-aws.adoc
Outdated
Show resolved
Hide resolved
micheleRP
force-pushed
the
sarah/CIAINFRA-2473
branch
from
5765a06 to
6009781
Compare
Instead of cloud-examples with API calls.
Apply docs-team-standards review fixes: sentence-case heading, add intro text before code blocks, proper WARNING admonition for delete section, correct terminology, fix trailing whitespace, use present tense. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Match the same conventions applied to the AWS BYOVPC page: convert markdown fenced code blocks to AsciiDoc syntax, fix headings with missing articles, convert inline NOTE to block admonition, remove contraction, rewrite See also pattern, and update description meta. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Change "give them to Redpanda" to "provide them to Redpanda" in vnet-azure.adoc to match vpc-byo-aws.adoc. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Replace backward-looking architecture link with forward-looking links to PrivateLink, IAM policies, and rpk commands, consistent with the Azure BYOVNet page. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Add page-topic-type, personas, and learning objectives metadata to both the AWS BYOVPC and Azure BYOVNet documentation pages. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
micheleRP
force-pushed
the
sarah/CIAINFRA-2473
branch
from
092bb1d to
8406757
Compare
| ``` | ||
| [NOTE] | ||
| ==== | ||
| * At least one public subnet is required to create a cluster. The example configuration includes multiple public subnets to allow for future scaling. |
There was a problem hiding this comment.
| * At least one public subnet is required to create a cluster. The example configuration includes multiple public subnets to allow for future scaling. | |
| * At least one public subnet is required to create a cluster to send telemetry back to the Redpanda Control Plane. If a public subnet is not provided, network connectivity through peering of transit gateway to another VPC that routes traffic through a public subnet is needed. The example configuration includes multiple public subnets to allow for future scaling. |
There was a problem hiding this comment.
@david-yu is this edit OK:
To send telemetry back to the Redpanda control plane, the cluster needs outbound internet access. You can provide this through at least one public subnet, or through network peering or a transit gateway to another VPC that routes traffic through a public subnet. The example configuration includes multiple public subnets to allow for future scaling.
david-yu
left a comment
david-yu
left a comment
There was a problem hiding this comment.
Approved aside from the comment about the subnet.
3 participants
Description
Instead of cloud-examples with API calls. @david-yu and @micheleRP and I discussed and agreed to go in this direction.
Review deadline: Feb 27
Page previews
Checks