diff --git a/environments/prod/variables.tf b/environments/prod/variables.tf index 2ce8f34..06d5dfb 100644 --- a/environments/prod/variables.tf +++ b/environments/prod/variables.tf @@ -25,4 +25,5 @@ variable "cost_center" { variable "slack_webhook_url" { description = "Slack webhook URL for notifications" type = string + default = "" } diff --git a/modules/billing_report/data.tf b/modules/billing_report/data.tf index 66d073b..f9499ad 100644 --- a/modules/billing_report/data.tf +++ b/modules/billing_report/data.tf @@ -10,3 +10,9 @@ data "archive_file" "lambda_zip" { source_file = "${path.module}/lambda_function.py" output_path = "${path.module}/lambda_function.zip" } + +# Retrieve the existing SSM parameter value +data "aws_ssm_parameter" "existing_slack_webhook_url" { + name = "/billing_report/slack_webhook_url" + with_decryption = true # Ensure we get the decrypted value +} \ No newline at end of file diff --git a/modules/billing_report/main.tf b/modules/billing_report/main.tf index b030921..a0fca67 100644 --- a/modules/billing_report/main.tf +++ b/modules/billing_report/main.tf @@ -263,9 +263,10 @@ resource "aws_sns_topic_subscription" "billing_report_email" { endpoint = var.recipient_emails[count.index] } -# Store Slack webhook URL securely in SSM Parameter Store +# Create or update the SSM parameter resource "aws_ssm_parameter" "slack_webhook_url" { name = "/billing_report/slack_webhook_url" - type = "SecureString" - value = var.slack_webhook_url -} + type = "SecureString" # Store the value as an encrypted string + value = var.slack_webhook_url != "" ? var.slack_webhook_url : data.aws_ssm_parameter.existing_slack_webhook_url.value + # Use the new value if provided, otherwise keep the existing value +} \ No newline at end of file