Skip to content

Make scram secret assocation optional #78

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 18, 2023
Merged

Make scram secret assocation optional #78

merged 4 commits into from
Apr 18, 2023

Conversation

dougbw
Copy link
Contributor

@dougbw dougbw commented Mar 27, 2023

what

  • Make the aws_msk_scram_secret_association resource optional when sasl/scram authentication is enabled through a new variable client_sasl_scram_secret_association_enabled
  • The default behaviour is the same as before

why

  • The aws_msk_scram_secret_association resource is not very flexible and in certain use cases the preference is to manage the secret associations out of band from the cluster creation
  • In our case we need to enable sasl/scram at the point of creating the cluster of the cluster, but need to manage sasl/scram users in another tf root
  • Having aws_msk_scram_secret_association resources in separate roots creates conflicts where they will constantly overwrite each others changes

references

@dougbw dougbw requested review from a team as code owners March 27, 2023 09:44
@dougbw dougbw requested review from srhopkins and woz5999 March 27, 2023 09:44
@aknysh
Copy link
Member

aknysh commented Apr 18, 2023

@dougbw thanks for the PR, LGTM.
Can you please run the following commands and commit the changes:

make init
make github/init
make readme

@aknysh
Copy link
Member

aknysh commented Apr 18, 2023

/test all

aknysh
aknysh approved these changes Apr 18, 2023
View reviewed changes
Copy link
Member

@aknysh aknysh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks @dougbw

@aknysh aknysh merged commit bf44314 into cloudposse:master Apr 18, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@aknysh aknysh aknysh approved these changes

@srhopkins srhopkins Awaiting requested review from srhopkins srhopkins was automatically assigned from cloudposse/contributors

@woz5999 woz5999 Awaiting requested review from woz5999 woz5999 was automatically assigned from cloudposse/contributors

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dougbw @aknysh @cloudpossebot