Fix ssm param name and remove sg

modules/create-rds-postgres-tester/create_user_task.tf

@@ -15,7 +15,7 @@ module "create_user_task" {
       # N.B. $DUMP_FILENAME is injected by the Step Function task
       override_command = [
         "sh", "-c",
-        "aws ssm get-parameter --name /${var.db_name}/sql_script --query 'Parameter.Value' --output text > /tmp/myfile && psql -d connection_string -f /tmp/myfile"
+        "aws ssm get-parameter --name ${var.db_name}-postgres-create-tester-user-sql --query 'Parameter.Value' --output text > /tmp/create_tester_user.sql && psql -d connection_string -f /tmp/create_tester_user.sql"
       ]
       port = null
       secret_environment_variables = [

modules/create-rds-postgres-tester/main.tf

@@ -4,7 +4,7 @@ resource "aws_sfn_state_machine" "create_rds_postgres_tester" {
 
   definition = <<EOF
 {
-  "StartAt": "RetrieveSSMParameter",
+  "StartAt": "CreateUser",
   "States": {
     "CreateUser": {
       "Type": "Task",
@@ -16,7 +16,7 @@ resource "aws_sfn_state_machine" "create_rds_postgres_tester" {
         "NetworkConfiguration": {
           "awsvpcConfiguration": {
             "Subnets": ["${var.subnet_id}"],
-            "SecurityGroups": "States.Array('${aws_security_group.ecs_security_group.id}', '${aws_security_group.create_user_task.id}', ${var.db_clients_security_group_id}')",
+            "SecurityGroups": "States.Array('${var.db_clients_security_group_id}')",
             "AssignPublicIp": "ENABLED"
           }
         },

modules/create-rds-postgres-tester/ssm.tf

@@ -1,5 +1,5 @@
-resource "aws_ssm_parameter" "sql_script" {
-  name        = "/${var.db_name}/sql_script"
+resource "aws_ssm_parameter" "postgres-create-tester-user-sql" {
+  name        = "${var.db_name}-postgres-create-tester-user-sql"
   description = "SQL script to conditionally create the 'tester' user in the Postgres database"
   type        = "String"
   value       = <<EOF