Add option to ignore changes - Githubissues

cloudposse / terraform-aws-ssm-parameter-store

Terraform module to populate AWS Systems Manager (SSM) Parameter Store with values from Terraform. Works great with Chamber.

https://cloudposse.com/accelerate

Apache License 2.0

107 stars 61 forks source link

Add option to ignore changes #37

Closed wszychta closed 2 years ago

wszychta commented 2 years ago

what

This change gives possibility to add lifecycle rule to ignore changes in value - useful when we are unable to provide secrets via Terraform, but we want to have them securely stored

why

Our OIDC provider doesn't have terraform provider, so we are unable to pass secrets in secure way. Also we don't want to persist secrets inside git repository
This change will create SSM parameter, but will also ignore future changes to it. Thanks to that we are able to provide correct credentials to SSM via AWS console.

wszychta commented 2 years ago

Terraform doesn't support running dynamic lifecycle block, so this solution will not work at all.