Skip to content

Module Structure

terraform-aws-arc-mq-broker

Latest Release Last Updated Terraform GitHub Actions

Quality gate

Known Vulnerabilities

Overview

SourceFuse AWS Reference Architecture (ARC) Terraform module provides an easy and scalable way to deploy and manage Amazon MQ brokers. It supports various deployment options and configurations, including engine types (ActiveMQ and RabbitMQ), instance classes, storage types, and security settings. The module simplifies the setup of brokers for message-oriented middleware with high availability and fault tolerance.

Usage

See the example folder for a working module example.

################################################################################
## RabbitMQ
################################################################################
module "mq_broker" {
  source              = "sourcefuse/arc-mq-broker/aws"
  version             = "0.0.1"
  name                = var.name
  broker_type         = var.broker_type
  engine_version      = var.engine_version
  host_instance_type  = var.host_instance_type
  vpc_id              = data.aws_vpc.default.id
  subnet_ids          = data.aws_subnets.private.ids
  deployment_mode     = var.deployment_mode
  users               = var.users
  enable_logging      = var.enable_logging
  security_group_data = local.security_group_data
  tags                = module.tags.tags

}

################################################################################
## Apache ActiveMQ
################################################################################
module "mq_broker" {
  source              = "sourcefuse/arc-mq-broker/aws"
  version             = "0.0.1"
  name                = var.name
  broker_type         = var.broker_type
  engine_version      = var.engine_version
  host_instance_type  = var.host_instance_type
  vpc_id              = data.aws_vpc.default.id
  subnet_ids          = data.aws_subnets.private.ids
  storage_type        = var.storage_type
  deployment_mode     = var.deployment_mode
  users_replica       = var.users_replica
  users               = var.users
  enable_logging      = var.enable_logging
  security_group_data = local.security_group_data
  tags                = module.tags.tags

}

Requirements

Name Version
terraform >= 1.5.0
aws ~> 5.0
random >= 3.0

Providers

Name Version
aws 5.80.0
random 3.6.3

Modules

Name Source Version
arc_security_group git::git@github.com:sourcefuse/terraform-aws-arc-security-group.git 0.0.1

Resources

Name Type
aws_mq_broker.active-mq resource
aws_mq_broker.rabbit-mq resource
aws_ssm_parameter.replication_user resource
aws_ssm_parameter.replication_user_password resource
aws_ssm_parameter.user_name resource
aws_ssm_parameter.user_password resource
random_password.mq_broker resource

Inputs

Name Description Type Default Required
apply_immediately Whether changes should be applied immediately. bool true no
auto_minor_version_upgrade Indicates whether minor engine upgrades are applied automatically to the instance during the maintenance window. bool true no
broker_type Specify the broker type: RabbitMQ or ActiveMQ string "RabbitMQ" no
data_replication_primary_broker_arn The ARN of the primary broker for data replication string "" no
deployment_mode Deployment mode for the RabbitMQ or ActiveMQ broker. string "SINGLE_INSTANCE" no
enable_data_replication Enable or disable data replication for the broker bool false no
enable_logging Enable general logging for the RabbitMQ broker. bool false no
encryption_options Encryption options for the resource.
object({
use_aws_owned_key = bool
kms_key_id = string
})
{
"kms_key_id": null,
"use_aws_owned_key": true
}
no
engine_version Version of the RabbitMQ or ActiveMQ engine. string "3.8.26" no
environment Name of the environment, i.e. dev, stage, prod string "dev" no
host_instance_type Instance type for the RabbitMQ or ActiveMQ broker. string "mq.t3.micro" no
ldap_config Configuration for LDAP server
object({
required = bool
hosts = list(string)
role_base = string
role_name = string
role_search_matching = string
role_search_subtree = bool
service_account_password = string
service_account_username = string
user_base = string
user_role_name = string
user_search_matching = string
user_search_subtree = bool
})
{
"hosts": [],
"required": false,
"role_base": "",
"role_name": "",
"role_search_matching": "",
"role_search_subtree": false,
"service_account_password": "",
"service_account_username": "",
"user_base": "",
"user_role_name": "",
"user_search_matching": "",
"user_search_subtree": false
}
no
maintenance_window Maintenance window configuration including day, time, and time zone.
object({
day_of_week = string
time_of_day = string
time_zone = string
})
{
"day_of_week": "MONDAY",
"time_of_day": "02:00",
"time_zone": "UTC"
}
no
name Name of the RabbitMQ or ActiveMQ broker. string n/a yes
namespace Namespace of the project, i.e. arc string "arc" no
publicly_accessible Whether the RabbitMQ or ActiveMQ broker is publicly accessible. bool false no
security_group_data (optional) Security Group data
object({
security_group_ids_to_attach = optional(list(string), [])
create = optional(bool, true)
description = optional(string, null)
ingress_rules = optional(list(object({
description = optional(string, null)
cidr_block = optional(string, null)
source_security_group_id = optional(string, null)
from_port = number
ip_protocol = string
to_port = string
self = optional(bool, false)
})), [])
egress_rules = optional(list(object({
description = optional(string, null)
cidr_block = optional(string, null)
destination_security_group_id = optional(string, null)
from_port = number
ip_protocol = string
to_port = string
prefix_list_id = optional(string, null)
})), [])
})
{
"create": false
}
no
storage_type Storage type for the RabbitMQ or ActiveMQ or ActiveMQ broker. string "ebs" no
subnet_ids List of subnet IDs for the RabbitMQ or ActiveMQ broker. list(string) [] no
tags Tags to apply to resources map(string) n/a yes
users List of users for the ActiveMQ broker
object({
username = optional(string)
groups = optional(list(string), [])
})
{} no
users_replica List of users for the ActiveMQ broker
object({
replication_username = optional(string)
groups = optional(list(string), [])
})
{} no
vpc_id The VPC ID for the VPC endpoint. string null no

Outputs

Name Description
broker_id The ID of the MQ broker (RabbitMQ or ActiveMQ) based on the broker type.
replication_user_password_ssm_parameter The SSM parameter storing the replication user password for ActiveMQ.
security_group_id The ID of the created security group for brokerMQ.
user_password_ssm_parameter The SSM parameter storing the brokerMQ user password.
user_ssm_parameter The SSM parameter storing the brokerMQ username.

Versioning

This project uses a .version file at the root of the repo which the pipeline reads from and does a git tag.

When you intend to commit to main, you will need to increment this version. Once the project is merged, the pipeline will kick off and tag the latest git commit.

Development

Prerequisites

Configurations

  • Configure pre-commit hooks
    pre-commit install
    

Versioning

while Contributing or doing git commit please specify the breaking change in your commit message whether its major,minor or patch

For Example

git commit -m "your commit message #major"
By specifying this , it will bump the version and if you don't specify this in your commit message then by default it will consider patch and will bump that accordingly

Tests

  • Tests are available in test directory
  • Configure the dependencies
    1
    2
    3
    cd test/
    go mod init github.com/sourcefuse/terraform-aws-refarch-<module_name>
    go get github.com/gruntwork-io/terratest/modules/terraform
    
  • Now execute the test
    go test -timeout  30m
    

Authors

This project is authored by: - SourceFuse ARC Team