add feature Master Passwords via Secrets Manager

[ByJacob]

what

• add parameter manage_master_user_password
• add parameter master_user_secret_kms_key_id

why

• allow use new feature

references

• https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#managed-master-passwords-via-secrets-manager-specific-kms-key
• https://github.com/hashicorp/terraform-provider-aws/blob/v4.61.0/CHANGELOG.md

[adamantike]

This would be really useful to have, and could potentially avoid the need for #118 for most users, while also not exposing the password in the state file. Can this be reviewed?

[adamantike]

I think exposing the entire master_user_secret object would be useful for users, and will simplify this logic by avoiding those local values:

output "master_user_secret" {
  value = one(aws_db_instance.default[*].master_user_secret)

[adamantike]

@joe-niland, @Gowiem, gentle ping. Can this be reviewed?
It will be really useful to have this option merged, as this new feature gains more traction.

[Gowiem]

/terratest

[Gowiem]

@ByJacob this looks good and I'm happy to provide another review after my couple of small requests. One larger issue is that this module hasn't been updated in a while, and that has resulted in our tests rotting and them using an old version of our VPC module that includes a deprecated argument (see screenshot). Can you update the VPC + Subnet module usages in these two locations to the latest versions and then we'll re-run tests?

1. https://github.com/cloudposse/terraform-aws-rds/blob/main/examples/complete/main.tf#L5-L26
2. https://github.com/cloudposse/terraform-aws-rds/blob/main/examples/mssql/main.tf#L5-L24

[Gowiem]

@adamantike thanks for the ping! I've seen you do that on a few PRs and it's appreciated when there are good fixes + enhancements like this one that fall through the cracks. Though I think we'd all like to do better, there are so many modules that the squeaky wheels get the grease. That said, I believe Erik + team are always looking for more maintainers so if you're interested in helping us get things reviewed + merged, please reach out to me or Erik via Slack and we can likely make that happen.

[adamantike]

@ByJacob, if needed, I can tackle the VPC and subnet module upgrade in the examples, for you to rebase your changes after that is done.

[ByJacob]

Thanks for message @adamantike. I forgot about this PR. Changes are added.

[Gowiem]

/terratest

[ByJacob]

/terratest

@Gowiem I fixed tflint and Readme

[Gowiem]

/terratest

[Gowiem]

/terratest

[Gowiem]

@ByJacob Tests are failing on the following:

[ByJacob]

@ByJacob Tests are failing on the following:

Id was change. I fix it and add identifier parameter

hashicorp/terraform-provider-aws@a7cb14b

[Gowiem]

/terratest

[Gowiem]

Solid work @ByJacob -- Thanks for working through the test failures!

[ByJacob]

Solid work @ByJacob -- Thanks for working through the test failures!

It was enough to tighten the main branch, there it was fixed :D

[Gowiem]

@ByJacob release of your changes are blocked on some internal issue that I'm fixing in #164. Once that ships, a new release will be cut for v1.1.0