diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index d921b00..9af94cf 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -18,7 +18,7 @@ repos:
args: ['--allow-missing-credentials']
- id: trailing-whitespace
- repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.79.1
+ rev: v1.77.1
hooks:
- id: terraform_fmt
- id: terraform_docs
diff --git a/README.md b/README.md
index 2443632..453405c 100644
--- a/README.md
+++ b/README.md
@@ -24,13 +24,13 @@ module "mq" {
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.3.0 |
-| [aws](#requirement\_aws) | >= 5.0.0 |
+| [aws](#requirement\_aws) | >= 4.0 |
## Providers
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | >= 5.0.0 |
+| [aws](#provider\_aws) | 4.60.0 |
## Modules
@@ -40,31 +40,8 @@ No modules.
| Name | Type |
|------|------|
-| [aws_lb.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb) | resource |
-| [aws_lb_listener.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_listener) | resource |
-| [aws_lb_target_group.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group) | resource |
-| [aws_lb_target_group_attachment.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lb_target_group_attachment) | resource |
| [aws_mq_broker.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_broker) | resource |
| [aws_mq_configuration.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/mq_configuration) | resource |
-| [aws_security_group.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group) | resource |
-| [aws_security_group_rule.cidr_blocks_15671](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_443](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_5671](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_61614](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_61617](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_61619](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_8162](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.cidr_blocks_8883](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_15671](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_443](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_5671](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_61614](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_61617](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_61619](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_8162](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_security_group_rule.prefix_lists_8883](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
-| [aws_subnet.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnet) | data source |
## Inputs
@@ -75,20 +52,9 @@ No modules.
| [authentication\_strategy](#input\_authentication\_strategy) | Authentication strategy used to secure the broker. Valid values are simple and ldap. ldap is not supported for engine\_type RabbitMQ. | `string` | `null` | no |
| [auto\_minor\_version\_upgrade](#input\_auto\_minor\_version\_upgrade) | Enables automatic upgrades to new minor versions for brokers, as Apache releases the versions | `bool` | `false` | no |
| [broker\_name](#input\_broker\_name) | Name of the broker | `string` | n/a | yes |
-| [cidr\_blocks\_15671](#input\_cidr\_blocks\_15671) | Cidr blocks for the Amazon MQ for RabbitMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_443](#input\_cidr\_blocks\_443) | Cidr blocks for the Amazon MQ for RabbitMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_5671](#input\_cidr\_blocks\_5671) | Cidr block for connections made via SSL AMQP security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_61614](#input\_cidr\_blocks\_61614) | Cidr blocks for the Amazon MQ Stomp SSL security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_61617](#input\_cidr\_blocks\_61617) | Cidr blocks for the Amazon MQ SSL security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_61619](#input\_cidr\_blocks\_61619) | Cidr block for the websocket security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_8162](#input\_cidr\_blocks\_8162) | Cidr blocks for the ActiveMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [cidr\_blocks\_8883](#input\_cidr\_blocks\_8883) | Cidr block for the MQTT security group ingress rule | `list(string)` | `[]` | no |
| [configuration\_data](#input\_configuration\_data) | Broker configuration in XML format | `string` | `null` | no |
| [configuration\_enabled](#input\_configuration\_enabled) | Enable configuration block for broker configuration. Applies to engine\_type of ActiveMQ only | `bool` | `true` | no |
-| [create\_security\_group](#input\_create\_security\_group) | Flag to create Security Group for the broker | `bool` | `false` | no |
| [deployment\_mode](#input\_deployment\_mode) | The deployment mode of the broker. Supported: SINGLE\_INSTANCE and ACTIVE\_STANDBY\_MULTI\_AZ | `string` | `"ACTIVE_STANDBY_MULTI_AZ"` | no |
-| [enable\_cross\_zone\_load\_balancing](#input\_enable\_cross\_zone\_load\_balancing) | Flag to enable/disable cross zone load balancing of the NLB | `bool` | `true` | no |
-| [enable\_deletion\_protection](#input\_enable\_deletion\_protection) | Flag to enable/disable deletion of NLB via AWS API and Terraform | `bool` | `true` | no |
| [encryption\_enabled](#input\_encryption\_enabled) | Flag to enable/disable Amazon MQ encryption at rest | `bool` | `true` | no |
| [engine\_type](#input\_engine\_type) | Type of broker engine, `ActiveMQ` or `RabbitMQ` | `string` | `"ActiveMQ"` | no |
| [engine\_version](#input\_engine\_version) | The version of the broker engine. See https://docs.aws.amazon.com/amazon-mq/latest/developer-guide/broker-engine.html for more details | `string` | `"5.17.1"` | no |
@@ -99,27 +65,8 @@ No modules.
| [maintenance\_time\_of\_day](#input\_maintenance\_time\_of\_day) | The maintenance time, in 24-hour format. e.g. 02:00 | `string` | `"03:00"` | no |
| [maintenance\_time\_zone](#input\_maintenance\_time\_zone) | The maintenance time zone, in either the Country/City format, or the UTC offset format. e.g. CET | `string` | `"UTC"` | no |
| [mq\_additional\_users](#input\_mq\_additional\_users) | Additional MQ users | list(object({
username = string
password = string
groups = optional(list(string), [])
console_access = optional(bool, false)
})) | `[]` | no |
-| [nlb\_certificate\_arn](#input\_nlb\_certificate\_arn) | Ceritificate ARN of NLB | `string` | `null` | no |
-| [nlb\_enabled](#input\_nlb\_enabled) | Flag to attach Network Load Balancer to Active MQ | `bool` | `false` | no |
-| [nlb\_internal](#input\_nlb\_internal) | Scheme type of the NLB, valid value is true or false where true is for internal and false for internet facing | `bool` | `true` | no |
-| [nlb\_name](#input\_nlb\_name) | Name of the NLB | `string` | `null` | no |
-| [nlb\_tags](#input\_nlb\_tags) | A mapping of additional tags to be attached to the NLB | `map(string)` | `{}` | no |
-| [nlb\_tg\_port](#input\_nlb\_tg\_port) | Target Group Port for NLB | `number` | `8883` | no |
-| [nlb\_tg\_protocol](#input\_nlb\_tg\_protocol) | Target Group Protocol for NLB | `string` | `"TCP"` | no |
| [password](#input\_password) | Username for the admin user | `string` | `"adminpass123"` | no |
-| [prefix\_lists\_15671](#input\_prefix\_lists\_15671) | Prefix list ids for the Amazon MQ for RabbitMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_443](#input\_prefix\_lists\_443) | Prefix list ids for the Amazon MQ for RabbitMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_5671](#input\_prefix\_lists\_5671) | Prefix list ids for connections made via SSL AMQP URL security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_61614](#input\_prefix\_lists\_61614) | Prefix list ids for the Amazon MQ Stomp SSL security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_61617](#input\_prefix\_lists\_61617) | Prefix list ids for the Amazon MQ SSL security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_61619](#input\_prefix\_lists\_61619) | Prefix list ids for the websocket security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_8162](#input\_prefix\_lists\_8162) | Prefix list ids for the ActiveMQ Console security group ingress rule | `list(string)` | `[]` | no |
-| [prefix\_lists\_8883](#input\_prefix\_lists\_8883) | Prefix list ids for the MQTT security group ingress rule | `list(string)` | `[]` | no |
| [publicly\_accessible](#input\_publicly\_accessible) | Whether to enable connections from applications outside of the VPC that hosts the broker's subnets | `bool` | `false` | no |
-| [revoke\_rules\_on\_delete](#input\_revoke\_rules\_on\_delete) | Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. | `string` | `true` | no |
-| [security\_group\_description](#input\_security\_group\_description) | Description of the Security Group | `string` | `"Security Group for the AWS MQ"` | no |
-| [security\_group\_name](#input\_security\_group\_name) | Name of the Security Group | `string` | `""` | no |
-| [security\_group\_tags](#input\_security\_group\_tags) | A mapping of additional tags to be attached to the Security Group | `map(string)` | `{}` | no |
| [security\_groups](#input\_security\_groups) | List of security group IDs assigned to the broker | `list(string)` | `[]` | no |
| [storage\_type](#input\_storage\_type) | Storage type of the broker. For engine\_type ActiveMQ, the valid values are efs and ebs, and the AWS-default is efs. For engine\_type RabbitMQ, only ebs is supported. When using ebs, only the mq.m5 broker instance type family is supported. | `string` | `null` | no |
| [subnet\_ids](#input\_subnet\_ids) | List of VPC subnet IDs | `list(string)` | n/a | yes |
diff --git a/data.tf b/data.tf
deleted file mode 100644
index 647a8e9..0000000
--- a/data.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-data "aws_subnet" "main" {
- id = var.subnet_ids[0]
-}
diff --git a/examples/activemq-with-nlb/main.tf b/examples/activemq-with-nlb/main.tf
deleted file mode 100644
index 9de8b46..0000000
--- a/examples/activemq-with-nlb/main.tf
+++ /dev/null
@@ -1,80 +0,0 @@
-terraform {
- required_version = ">= 1.3.0"
-
- required_providers {
- aws = ">= 5.0.0"
- }
-}
-
-provider "aws" {
- region = "eu-west-2"
-}
-
-data "aws_vpc" "default" {
- id = ""
-}
-
-data "aws_subnets" "all" {
- filter {
- name = "vpc-id"
- values = [data.aws_vpc.default.id]
- }
-
- filter {
- name = "tag:Name"
- values = ["*private*"]
- }
-}
-
-locals {
- mq_admin_user = "adminUsername"
- mq_admin_password = "adminPassword"
-}
-
-module "active_mq" {
- source = "../../"
-
- broker_name = "my-active-mq-broker"
-
- subnet_ids = data.aws_subnets.all.ids
-
- engine_type = "ActiveMQ"
- engine_version = "5.17.2"
- host_instance_type = "mq.t3.micro"
-
- apply_immediately = true
-
- deployment_mode = "ACTIVE_STANDBY_MULTI_AZ"
-
- encryption_enabled = false
-
- username = local.mq_admin_user
- password = local.mq_admin_password
-
- general_log_enabled = true
- audit_log_enabled = true
-
- configuration_data = <
-
-
-
-
-
-
-
-DATA
-
- nlb_enabled = true
- nlb_certificate_arn = ""
-
- create_security_group = true
- security_group_name = "example"
- security_group_description = "example"
- cidr_blocks_8883 = [data.aws_vpc.default.cidr_block]
- prefix_lists_8883 = [data.aws_ec2_managed_prefix_list.example.id]
-}
-
-data "aws_ec2_managed_prefix_list" "example" {
- name = "example"
-}
diff --git a/examples/activemq/main.tf b/examples/activemq/main.tf
index b3569e6..3e12a7d 100644
--- a/examples/activemq/main.tf
+++ b/examples/activemq/main.tf
@@ -2,7 +2,7 @@ terraform {
required_version = ">= 1.3.0"
required_providers {
- aws = ">= 5.0.0"
+ aws = ">= 4.0.0"
}
}
diff --git a/examples/rabbitmq/main.tf b/examples/rabbitmq/main.tf
index 553ba34..6323bd3 100644
--- a/examples/rabbitmq/main.tf
+++ b/examples/rabbitmq/main.tf
@@ -2,7 +2,7 @@ terraform {
required_version = ">= 1.3.0"
required_providers {
- aws = ">= 5.0.0"
+ aws = ">= 4.0.0"
}
}
diff --git a/lb.tf b/lb.tf
deleted file mode 100644
index 728b455..0000000
--- a/lb.tf
+++ /dev/null
@@ -1,74 +0,0 @@
-resource "aws_lb" "main" {
- count = var.nlb_enabled && var.deployment_mode == "ACTIVE_STANDBY_MULTI_AZ" ? 1 : 0
-
- name = var.nlb_name == null ? "${var.broker_name}-nlb" : var.nlb_name
- internal = var.nlb_internal
- load_balancer_type = "network"
- subnets = var.subnet_ids
-
- enable_cross_zone_load_balancing = var.enable_cross_zone_load_balancing
- enable_deletion_protection = var.enable_deletion_protection
-
- tags = merge(var.nlb_tags, var.tags)
-
- depends_on = [
- aws_mq_broker.main,
- ]
-}
-
-resource "aws_lb_target_group" "main" {
- count = var.nlb_enabled && var.deployment_mode == "ACTIVE_STANDBY_MULTI_AZ" ? 1 : 0
-
- name = aws_lb.main[0].name
- port = var.nlb_tg_port
- protocol = var.nlb_tg_protocol
- target_type = "ip"
- vpc_id = data.aws_subnet.main.vpc_id
-
- health_check {
- enabled = true
- port = 8162
- protocol = "TCP"
- interval = 10
- healthy_threshold = 3
- }
-
- depends_on = [
- aws_lb.main,
- ]
-}
-
-resource "aws_lb_target_group_attachment" "main" {
- # TODO check this logic
- # for_each = toset([for instance in aws_mq_broker.main.instances : instance["ip_address"] if(var.nlb_enabled && var.deployment_mode == "ACTIVE_STANDBY_MULTI_AZ")])
- count = (var.nlb_enabled && var.deployment_mode == "ACTIVE_STANDBY_MULTI_AZ") ? length(var.subnet_ids) : 0
-
- target_group_arn = aws_lb_target_group.main[0].arn
- # target_id = each.value
- target_id = aws_mq_broker.main.instances[count.index]["ip_address"]
- port = 8883
-
- depends_on = [
- aws_mq_broker.main,
- ]
-}
-
-resource "aws_lb_listener" "main" {
- count = var.nlb_enabled && var.deployment_mode == "ACTIVE_STANDBY_MULTI_AZ" ? 1 : 0
-
- load_balancer_arn = aws_lb.main[0].arn
- port = "8883"
- protocol = "TLS"
- certificate_arn = var.nlb_certificate_arn
- alpn_policy = "HTTP2Preferred"
- ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
-
- default_action {
- type = "forward"
- target_group_arn = aws_lb_target_group.main[0].arn
- }
-
- depends_on = [
- aws_lb.main,
- ]
-}
diff --git a/sg.tf b/sg.tf
deleted file mode 100644
index 6c76fa3..0000000
--- a/sg.tf
+++ /dev/null
@@ -1,219 +0,0 @@
-resource "aws_security_group" "main" {
- count = var.create_security_group ? 1 : 0
-
- name = var.security_group_name
- description = var.security_group_description
- vpc_id = data.aws_subnet.main.vpc_id
-
- revoke_rules_on_delete = var.revoke_rules_on_delete
-
- tags = merge(var.tags, var.security_group_tags)
-
- lifecycle {
- create_before_destroy = true
- }
-}
-
-resource "aws_security_group_rule" "cidr_blocks_8883" {
- count = var.create_security_group && length(var.cidr_blocks_8883) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_8883
- description = "Cidr Blocks for MQTT"
- from_port = 8883
- to_port = 8883
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_8883" {
- count = var.create_security_group && length(var.prefix_lists_8883) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_8883
- description = "Prefix Lists for MQTT"
- from_port = 8883
- to_port = 8883
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_8162" {
- count = var.create_security_group && length(var.cidr_blocks_8162) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_8162
- description = "Cidr Blocks for Amazon MQ for ActiveMQ console"
- from_port = 8162
- to_port = 8162
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_8162" {
- count = var.create_security_group && length(var.prefix_lists_8162) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_8162
- description = "Prefix Lists for Amazon MQ for ActiveMQ console"
- from_port = 8162
- to_port = 8162
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_61619" {
- count = var.create_security_group && length(var.cidr_blocks_61619) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_61619
- description = "Cidr Blocks for ActiveMQ Websocket"
- from_port = 61619
- to_port = 61619
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_61619" {
- count = var.create_security_group && length(var.prefix_lists_61619) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_61619
- description = "Prefix Lists for ActiveMQ Websocket"
- from_port = 61619
- to_port = 61619
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_5671" {
- count = var.create_security_group && length(var.cidr_blocks_5671) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_5671
- description = "Cidr block for connections made via SSL AMQP"
- from_port = 5671
- to_port = 5671
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_5671" {
- count = var.create_security_group && length(var.prefix_lists_5671) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_5671
- description = "Prefix Lists for connections made via SSL AMQP"
- from_port = 5671
- to_port = 5671
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_443" {
- count = var.create_security_group && length(var.cidr_blocks_443) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_443
- description = "Cidr Blocks for Amazon MQ RabbitMQ console"
- from_port = 443
- to_port = 443
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_443" {
- count = var.create_security_group && length(var.prefix_lists_443) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_443
- description = "Prefix Lists for Amazon MQ RabbitMQ console"
- from_port = 443
- to_port = 443
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_15671" {
- count = var.create_security_group && length(var.cidr_blocks_15671) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_15671
- description = "Cidr blocks for Amazon MQ RabbitMQ console"
- from_port = 15671
- to_port = 15671
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_15671" {
- count = var.create_security_group && length(var.prefix_lists_15671) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_15671
- description = "Prefix Lists for Amazon MQ RabbitMQ console"
- from_port = 15671
- to_port = 15671
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_61617" {
- count = var.create_security_group && length(var.cidr_blocks_61617) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_61617
- description = "Cidr block for Amazon MQ SSL"
- from_port = 61617
- to_port = 61617
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_61617" {
- count = var.create_security_group && length(var.prefix_lists_61617) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_61617
- description = "Prefix Lists for Amazon MQ SSL"
- from_port = 61617
- to_port = 61617
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "cidr_blocks_61614" {
- count = var.create_security_group && length(var.cidr_blocks_61614) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- cidr_blocks = var.cidr_blocks_61614
- description = "Cidr block for Amazon MQ Stomp + SSL"
- from_port = 61614
- to_port = 61614
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "prefix_lists_61614" {
- count = var.create_security_group && length(var.prefix_lists_61614) > 0 ? 1 : 0
-
- type = "ingress"
- security_group_id = aws_security_group.main[0].id
- prefix_list_ids = var.prefix_lists_61614
- description = "Prefix Lists for Amazon MQ Stomp + SSL"
- from_port = 61614
- to_port = 61614
- protocol = "tcp"
-}
-
-resource "aws_security_group_rule" "main" {
- count = var.create_security_group ? 1 : 0
-
- type = "egress"
- description = "Egress Rule for ${aws_mq_broker.main.broker_name}"
- protocol = "-1"
- from_port = -1
- to_port = -1
- cidr_blocks = ["0.0.0.0/0"]
- security_group_id = aws_security_group.main[0].id
-}
diff --git a/variables.tf b/variables.tf
index 940b2b3..e8e23a5 100644
--- a/variables.tf
+++ b/variables.tf
@@ -157,183 +157,3 @@ variable "tags" {
type = map(string)
default = {}
}
-
-variable "nlb_enabled" {
- description = "Flag to attach Network Load Balancer to Active MQ"
- type = bool
- default = false
-}
-
-variable "nlb_name" {
- description = "Name of the NLB"
- type = string
- default = null
-}
-
-variable "nlb_internal" {
- description = "Scheme type of the NLB, valid value is true or false where true is for internal and false for internet facing"
- type = bool
- default = true
-}
-
-variable "enable_cross_zone_load_balancing" {
- description = "Flag to enable/disable cross zone load balancing of the NLB"
- type = bool
- default = true
-}
-
-variable "enable_deletion_protection" {
- description = "Flag to enable/disable deletion of NLB via AWS API and Terraform"
- type = bool
- default = true
-}
-
-variable "nlb_certificate_arn" {
- description = "Ceritificate ARN of NLB"
- type = string
- default = null
-}
-
-variable "nlb_tg_port" {
- description = "Target Group Port for NLB"
- type = number
- default = 8883
-}
-
-variable "nlb_tg_protocol" {
- description = "Target Group Protocol for NLB"
- type = string
- default = "TCP"
-}
-
-variable "nlb_tags" {
- description = "A mapping of additional tags to be attached to the NLB"
- type = map(string)
- default = {}
-}
-
-variable "create_security_group" {
- description = "Flag to create Security Group for the broker"
- type = bool
- default = false
-}
-
-variable "security_group_name" {
- description = "Name of the Security Group"
- type = string
- default = ""
-}
-
-variable "security_group_description" {
- description = "Description of the Security Group"
- type = string
- default = "Security Group for the AWS MQ"
-}
-
-variable "security_group_tags" {
- description = "A mapping of additional tags to be attached to the Security Group"
- type = map(string)
- default = {}
-}
-
-variable "revoke_rules_on_delete" {
- description = "Instruct Terraform to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself."
- type = string
- default = true
-}
-
-variable "cidr_blocks_8883" {
- description = "Cidr block for the MQTT security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_8883" {
- description = "Prefix list ids for the MQTT security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_8162" {
- description = "Cidr blocks for the ActiveMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_8162" {
- description = "Prefix list ids for the ActiveMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_61619" {
- description = "Cidr block for the websocket security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_61619" {
- description = "Prefix list ids for the websocket security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_5671" {
- description = "Cidr block for connections made via SSL AMQP security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_5671" {
- description = "Prefix list ids for connections made via SSL AMQP URL security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_443" {
- description = "Cidr blocks for the Amazon MQ for RabbitMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_443" {
- description = "Prefix list ids for the Amazon MQ for RabbitMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_15671" {
- description = "Cidr blocks for the Amazon MQ for RabbitMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_15671" {
- description = "Prefix list ids for the Amazon MQ for RabbitMQ Console security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_61617" {
- description = "Cidr blocks for the Amazon MQ SSL security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_61617" {
- description = "Prefix list ids for the Amazon MQ SSL security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "cidr_blocks_61614" {
- description = "Cidr blocks for the Amazon MQ Stomp SSL security group ingress rule"
- type = list(string)
- default = []
-}
-
-variable "prefix_lists_61614" {
- description = "Prefix list ids for the Amazon MQ Stomp SSL security group ingress rule"
- type = list(string)
- default = []
-}
diff --git a/versions.tf b/versions.tf
index a9e6407..4c8603d 100644
--- a/versions.tf
+++ b/versions.tf
@@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
- version = ">= 5.0.0"
+ version = ">= 4.0"
}
}
}