[PRM-457] Ignore AMQ instance_type changes (#144)

chrisbloe-nhse · web-flow · commit 80cf8493fa5d · 2025-08-13T16:43:09.000+01:00
diff --git a/terraform/modules/deductions-private/mq.tf b/terraform/modules/deductions-private/mq.tf
@@ -37,7 +37,7 @@ resource "aws_mq_broker" "deductor_mq_broker" {
     console_access = false
   }
   lifecycle {
-    ignore_changes = [engine_version]
+    ignore_changes = [engine_version, host_instance_type]
   }
 
   tags = {
@@ -172,6 +172,17 @@ resource "aws_security_group_rule" "vpn_to_mq_through_amqp" {
   source_security_group_id = aws_security_group.vpn.id
 }
 
+resource "aws_security_group_rule" "vpn_to_mq_web_console" {
+  count = var.grant_access_to_queues_through_vpn ? 1 : 0
+  type = "ingress"
+  protocol = "tcp"
+  from_port = "8162"
+  to_port = "8162"
+  description = "Allow traffic from VPN to MQ Web Console"
+  security_group_id = aws_security_group.vpn_to_mq.id
+  source_security_group_id = aws_security_group.vpn.id
+}
+
 resource "aws_security_group" "gocd_to_mq" {
   name        = "${var.environment}-gocd-to-mq"
   description = "controls access from gocd to AMQ"
diff --git a/terraform/modules/deductions-private/variables.tf b/terraform/modules/deductions-private/variables.tf
@@ -89,8 +89,8 @@ variable "engine_version" {
 
 variable "host_instance_type" {
   type        = string
-  default     = "mq.t2.micro"
-  description = "The broker's instance type. e.g. mq.t2.micro or mq.m4.large"
+  default     = "mq.t3.micro"
+  description = "The broker's instance type. e.g. mq.t3.micro or mq.m5.large"
 }
 
 variable "general_log" {
diff --git a/terraform/terraform.tfvars b/terraform/terraform.tfvars
@@ -10,7 +10,7 @@ deployment_mode            = "ACTIVE_STANDBY_MULTI_AZ"
 mq_deployment_mode         = "SINGLE_INSTANCE"
 engine_type                = "ActiveMQ"
 engine_version             = "5.18.4"
-host_instance_type         = "mq.t2.micro"
+host_instance_type         = "mq.t3.micro"
 auto_minor_version_upgrade = "true"
 apply_immediately          = "false"
 general_log                = "true"
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -107,8 +107,8 @@ variable "engine_version" {
 
 variable "host_instance_type" {
   type        = string
-  default     = "mq.t2.micro"
-  description = "The broker's instance type. e.g. mq.t2.micro or mq.m4.large"
+  default     = "mq.t3.micro"
+  description = "The broker's instance type. e.g. mq.t3.micro or mq.m5.large"
 }
 
 variable "general_log" {

Original file line number	Diff line number	Diff line change
`@@ -89,8 +89,8 @@ variable "engine_version" {`
`89`	`89`
`90`	`90`	`variable "host_instance_type" {`
`91`	`91`	`type = string`
`92`		`- default = "mq.t2.micro"`
`93`		`- description = "The broker's instance type. e.g. mq.t2.micro or mq.m4.large"`
	`92`	`+ default = "mq.t3.micro"`
	`93`	`+ description = "The broker's instance type. e.g. mq.t3.micro or mq.m5.large"`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`variable "general_log" {`
Original file line number	Diff line number	Diff line change
`@@ -107,8 +107,8 @@ variable "engine_version" {`
`107`	`107`
`108`	`108`	`variable "host_instance_type" {`
`109`	`109`	`type = string`
`110`		`- default = "mq.t2.micro"`
`111`		`- description = "The broker's instance type. e.g. mq.t2.micro or mq.m4.large"`
	`110`	`+ default = "mq.t3.micro"`
	`111`	`+ description = "The broker's instance type. e.g. mq.t3.micro or mq.m5.large"`
`112`	`112`	`}`
`113`	`113`
`114`	`114`	`variable "general_log" {`