
terraform-aws-arc-mq-broker¶
Module:
sourcefuse/arc-mq-broker/awsRegistry: https://registry.terraform.io/modules/sourcefuse/arc-mq-broker/aws
Category: Messaging / Message Broker
Source: https://github.com/sourcefuse/terraform-aws-arc-mq-broker
Tip
🤖 New: Use this module with AI assistants via the ARC IaC MCP Server — search, scaffold, and security-scan ARC modules from natural language. Quick setup ↓
Overview¶
Creates Amazon MQ brokers (ActiveMQ or RabbitMQ) with VPC, security groups, users, and CloudWatch logging.
Architecture¶

What It Does¶
- ActiveMQ and RabbitMQ broker support
- Single-instance and active/standby deployment modes
- VPC and security group configuration
- User management with password storage in Secrets Manager
- CloudWatch logging for broker and audit logs
- Maintenance window configuration
Quickstart¶
Required Inputs¶
| Name | Type | Description |
|---|---|---|
name |
string |
Broker name |
broker_type |
string |
ActiveMQ or RabbitMQ |
host_instance_type |
string |
Broker instance type |
vpc_id |
string |
VPC ID |
subnet_ids |
list(string) |
Subnet IDs |
| ## Key Outputs |
| Name | Description |
|---|---|
broker_id |
MQ broker ID |
broker_arn |
MQ broker ARN |
broker_endpoints |
List of broker endpoints |
| ## Full Variable & Output Reference |
The complete inputs/outputs reference is auto-generated below.
Requirements¶
| Name | Version |
|---|---|
| terraform | >= 1.5.0 |
| aws | ~> 5.0 |
| random | >= 3.0 |
Providers¶
| Name | Version |
|---|---|
| aws | 5.80.0 |
| random | 3.6.3 |
Modules¶
| Name | Source | Version |
|---|---|---|
| arc_security_group | sourcefuse/arc-security-group/aws | 0.0.1 |
Resources¶
| Name | Type |
|---|---|
| aws_mq_broker.active-mq | resource |
| aws_mq_broker.rabbit-mq | resource |
| aws_ssm_parameter.replication_user | resource |
| aws_ssm_parameter.replication_user_password | resource |
| aws_ssm_parameter.user_name | resource |
| aws_ssm_parameter.user_password | resource |
| random_password.mq_broker | resource |
Inputs¶
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| apply_immediately | Whether changes should be applied immediately. | bool |
true |
no |
| auto_minor_version_upgrade | Indicates whether minor engine upgrades are applied automatically to the instance during the maintenance window. | bool |
true |
no |
| broker_type | Specify the broker type: RabbitMQ or ActiveMQ | string |
"RabbitMQ" |
no |
| data_replication_primary_broker_arn | The ARN of the primary broker for data replication | string |
"" |
no |
| deployment_mode | Deployment mode for the RabbitMQ or ActiveMQ broker. | string |
"SINGLE_INSTANCE" |
no |
| enable_data_replication | Enable or disable data replication for the broker | bool |
false |
no |
| enable_logging | Enable general logging for the RabbitMQ broker. | bool |
false |
no |
| encryption_options | Encryption options for the resource. | object({ |
{ |
no |
| engine_version | Version of the RabbitMQ or ActiveMQ engine. | string |
"3.8.26" |
no |
| environment | Name of the environment, i.e. dev, stage, prod | string |
"dev" |
no |
| host_instance_type | Instance type for the RabbitMQ or ActiveMQ broker. | string |
"mq.t3.micro" |
no |
| ldap_config | Configuration for LDAP server | object({ |
{ |
no |
| maintenance_window | Maintenance window configuration including day, time, and time zone. | object({ |
{ |
no |
| name | Name of the RabbitMQ or ActiveMQ broker. | string |
n/a | yes |
| namespace | Namespace of the project, i.e. arc | string |
"arc" |
no |
| publicly_accessible | Whether the RabbitMQ or ActiveMQ broker is publicly accessible. | bool |
false |
no |
| security_group_data | (optional) Security Group data | object({ |
{ |
no |
| storage_type | Storage type for the RabbitMQ or ActiveMQ or ActiveMQ broker. | string |
"ebs" |
no |
| subnet_ids | List of subnet IDs for the RabbitMQ or ActiveMQ broker. | list(string) |
[] |
no |
| tags | Tags to apply to resources | map(string) |
n/a | yes |
| users | List of users for the ActiveMQ broker | object({ |
{} |
no |
| users_replica | List of users for the ActiveMQ broker | object({ |
{} |
no |
| vpc_id | The VPC ID for the VPC endpoint. | string |
null |
no |
Outputs¶
| Name | Description |
|---|---|
| broker_id | The ID of the MQ broker (RabbitMQ or ActiveMQ) based on the broker type. |
| replication_user_password_ssm_parameter | The SSM parameter storing the replication user password for ActiveMQ. |
| security_group_id | The ID of the created security group for brokerMQ. |
| user_password_ssm_parameter | The SSM parameter storing the brokerMQ user password. |
| user_ssm_parameter | The SSM parameter storing the brokerMQ username. |
Versioning¶
This project uses a .version file at the root of the repo which the pipeline reads from and does a git tag.
When you intend to commit to main, you will need to increment this version. Once the project is merged,
the pipeline will kick off and tag the latest git commit.
Development¶
Prerequisites¶
Configurations¶
- Configure pre-commit hooks
Versioning¶
while Contributing or doing git commit please specify the breaking change in your commit message whether its major,minor or patch
For Example
Tests¶
- Tests are available in
testdirectory - Configure the dependencies
- Now execute the test
AI Assistant Integration (ARC IaC MCP)¶
The ARC IaC MCP Server is a hosted Model Context Protocol service that lets AI assistants browse, search, scaffold, compare, and security-scan any of the SourceFuse ARC Terraform modules — directly from natural language.
What you can do with it:
- Discover — search and filter modules by keyword or AWS resource type.
- Understand — get inputs, outputs, and resources for any module without leaving your editor.
- Scaffold — generate production-ready, multi-file Terraform with cross-module wiring already done.
- Secure — scan generated or existing HCL for misconfigurations before it hits a PR.
- Compare — diff modules side-by-side to make informed architectural decisions.
Setup (one minute)¶
The MCP endpoint is https://arc-iac-mcp.sourcef.us/mcp. Pick your client:
Claude Code CLI:
Claude Desktop — edit ~/Library/Application Support/Claude/claude_desktop_config.json:
Cursor / Windsurf / Kiro — add the same block to .cursor/mcp.json (or the equivalent for your client).
Example prompts to try¶
- "List all ARC modules sorted by downloads"
- "What inputs does
arc-ecsrequire?" - "Scaffold a production-ready
arc-dbAurora setup with Secrets Manager" - "Compare
arc-eksandarc-ecsfor running 10 microservices" - "Scan this Terraform before I raise a PR:
<paste HCL>"
See the ARC IaC MCP repo for the full tool reference, troubleshooting tips, and local-development instructions.
Contributing¶
See CONTRIBUTING.md for commit conventions and development setup.
Authors¶
This project is authored by: - SourceFuse ARC Team