[Not a bug] By mistake I've destroyed our SSO Sync and lost all of the secrets

[Leny1996]

Describe the bug It's not a bug, but maybe some warning for others...

I was reading the docs on master branch of ssosync, at the same time updating our setup from 2.0.2 to 2.1.4 (I was thinking I'm upgrading to 2.2.0, which is still not released). I've used App only setup and provided all ARNs (which were created previously by SAM deployment). I've left GoogleGroupMatch empty (because a default is *) and clicked Deploy.

After a couple of minutes, all of my secrets were removed WITHOUT ANY SCHEDULE FOR DELETION (so I've lost all credentials that were generated). Also GoogleGroupMatch was set automatically to name:AWS*.

Because of secrets removal, Lambda is failing to read secrets (so it did not deleted all my groups and accounts).

Could you please provide any date for 2.2.0 release (which has all of those features I wanted)? Also - maybe you need to consider adding some warning that if you've already deployed ssosync using SAM, then please use App + secrets method to not destroy your current secrets

[ChrisPates]

Aiming for early next week, for v2.2.0 but I'll incorporate your recommendation of a warning in the Template and the README. Apologies for the inconvenience.

[ChrisPates]

As you need to re-enter your secrets I would create a separate stack selecting 'secrets only' enable termination protection on that stack and then you can copy and paste the output string and paste that into your 'app only' stack.

[ChrisPates]

Closing as Feature has been defined to address this item.