diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 76e00fb..28c547c 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -1,6 +1,10 @@ name: 'Create README.md file' on: + + # push: + # push: + # branches: # - master # paths-ignore: diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf index 5768a88..f4ca47e 100644 --- a/examples/complete/variables.tf +++ b/examples/complete/variables.tf @@ -196,6 +196,14 @@ variable "maintenance_day_of_week" { default = "Sunday" # Example default value, modify based on your need } +variable "use_hardcoded_values" { + description = "Flag to decide whether to use hardcoded credentials or not." + type = bool + default = true # Set to `true` if you want hardcoded values to be used by default +} + + + # Declare variable for use_aws_owned_key variable "use_aws_owned_key" { description = "Boolean flag to use AWS owned KMS key for MQ encryption." @@ -244,7 +252,11 @@ variable "cloudwatch_log_retention_days" { variable "use_secrets_manager" { description = "Flag to determine if Secrets Manager should be used for storing passwords." type = bool - default = true # Default to true, to use Secrets Manager + + default = false # Default to true, to use Secrets Manager + + # default = true # Default to true, to use Secrets Manager + } variable "secret_manager_key_prefix" { diff --git a/main.tf b/main.tf index 1b80b2e..cc5a679 100644 --- a/main.tf +++ b/main.tf @@ -119,7 +119,6 @@ resource "aws_secretsmanager_secret_version" "mq_application_password_version" { # Fallback to SSM if not using Secrets Manager resource "aws_ssm_parameter" "mq_master_username_ssm" { count = var.mq_admin_user != "" && !var.use_secrets_manager ? 1 : 0 - name = format("%s%s", replace(trimspace(var.ssm_path), "/$", ""), var.mq_admin_user_ssm_parameter_name @@ -139,7 +138,6 @@ resource "aws_ssm_parameter" "mq_master_username_ssm" { resource "aws_ssm_parameter" "mq_master_password_ssm" { count = var.mq_admin_password != "" && !var.use_secrets_manager ? 1 : 0 - name = "kms-alias" value = var.mq_admin_password != "" ? var.mq_admin_password : "default_password" description = "MQ Password for the admin user" @@ -267,11 +265,14 @@ resource "aws_mq_broker" "default" { console_access = var.console_access } } + lifecycle { prevent_destroy = false create_before_destroy = true - ignore_changes = [value] } - depends_on = [aws_ssm_parameter.mq_application_username_ssm, aws_ssm_parameter.mq_master_username_ssm] + depends_on = [ + aws_ssm_parameter.mq_application_username_ssm, + aws_ssm_parameter.mq_master_username_ssm + ] } diff --git a/variables.tf b/variables.tf index 4059fbb..b487913 100644 --- a/variables.tf +++ b/variables.tf @@ -418,7 +418,11 @@ variable "cloudwatch_log_retention_days" { variable "use_secrets_manager" { description = "Flag to determine if Secrets Manager should be used for storing passwords." type = bool - default = true # Set to true if you want to use Secrets Manager + + default = false # Set to true if you want to use Secrets Manager + + # default = true # Set to true if you want to use Secrets Manager + } variable "secret_manager_key_prefix" { @@ -454,5 +458,9 @@ variable "security_group_id" { variable "use_hardcoded_values" { description = "Flag to decide whether to use hardcoded credentials or not." type = bool - default = false # Set to `true` if you want hardcoded values to be used by default + + default = true # Set to `true` if you want hardcoded values to be used by default + + # default = false # Set to `true` if you want hardcoded values to be used by default + }