Skip to content

Commit

Permalink
chore: making SSM parameter optional
Browse files Browse the repository at this point in the history
  • Loading branch information
kiraum committed Oct 7, 2024
1 parent 7359e11 commit 04d9179
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 4 deletions.
1 change: 1 addition & 0 deletions environments/prod/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -25,4 +25,5 @@ variable "cost_center" {
variable "slack_webhook_url" {
description = "Slack webhook URL for notifications"
type = string
default = ""
}
6 changes: 6 additions & 0 deletions modules/billing_report/data.tf
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,9 @@ data "archive_file" "lambda_zip" {
source_file = "${path.module}/lambda_function.py"
output_path = "${path.module}/lambda_function.zip"
}

# Retrieve the existing SSM parameter value
data "aws_ssm_parameter" "existing_slack_webhook_url" {
name = "/billing_report/slack_webhook_url"
with_decryption = true # Ensure we get the decrypted value
}
9 changes: 5 additions & 4 deletions modules/billing_report/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -263,9 +263,10 @@ resource "aws_sns_topic_subscription" "billing_report_email" {
endpoint = var.recipient_emails[count.index]
}

# Store Slack webhook URL securely in SSM Parameter Store
# Create or update the SSM parameter
resource "aws_ssm_parameter" "slack_webhook_url" {
name = "/billing_report/slack_webhook_url"
type = "SecureString"
value = var.slack_webhook_url
}
type = "SecureString" # Store the value as an encrypted string
value = var.slack_webhook_url != "" ? var.slack_webhook_url : data.aws_ssm_parameter.existing_slack_webhook_url.value
# Use the new value if provided, otherwise keep the existing value
}

0 comments on commit 04d9179

Please sign in to comment.