From d78671ca92c2e0ab1712fd7b89e177f67504d1f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 23:16:49 +0000 Subject: [PATCH 01/31] Bump hashicorp/aws from 5.45.0 to 5.46.0 in /terraform/20-app Bumps [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws) from 5.45.0 to 5.46.0. - [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases) - [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/terraform-provider-aws/compare/v5.45.0...v5.46.0) --- updated-dependencies: - dependency-name: hashicorp/aws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/20-app/.terraform.lock.hcl | 38 ++++++++++++++-------------- terraform/20-app/versions.tf | 2 +- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/terraform/20-app/.terraform.lock.hcl b/terraform/20-app/.terraform.lock.hcl index 254b555f..c87c4882 100644 --- a/terraform/20-app/.terraform.lock.hcl +++ b/terraform/20-app/.terraform.lock.hcl @@ -2,27 +2,27 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.45.0" - constraints = ">= 2.49.0, >= 3.29.0, >= 3.74.0, >= 4.33.0, >= 4.59.0, >= 4.66.1, >= 5.0.0, >= 5.12.0, >= 5.27.0, >= 5.30.0, >= 5.32.0, >= 5.37.0, >= 5.42.0, 5.45.0" + version = "5.46.0" + constraints = ">= 2.49.0, >= 3.29.0, >= 3.74.0, >= 4.33.0, >= 4.59.0, >= 4.66.1, >= 5.0.0, >= 5.12.0, >= 5.27.0, >= 5.30.0, >= 5.32.0, >= 5.37.0, >= 5.42.0, 5.46.0" hashes = [ - "h1:4Vgk51R7iTY1oczaTQDG+DkA9nE8TmjlUtecqXX6qDU=", - "h1:8m3+C1VNevzU/8FsABoKp2rTOx3Ue7674INfhfk0TZY=", - "h1:xFKE0MsBjV86pMpbrLbAHCzv5kREDYO0xt5LRZMeZn8=", - "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368", - "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e", - "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6", - "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54", - "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe", - "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c", - "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a", - "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2", - "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7", - "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487", - "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35", + "h1:GK1y1qAGcPHPZxz01Ko6v+815T7kZPXt6POBsLg9c/k=", + "h1:d0Mf33mbbQujZ/JaYkqmH5gZGvP+iEIWf9yBSiOwimE=", + "h1:gagAtniijwJRhsKRBWWZfmnPiqu4u1A5oI626+KA/1g=", + "zh:05ae6180a7f23071435f6e5e59c19af0b6c5da42ee600c6c1568c8660214d548", + "zh:0d878d1565d5e57ce6b34ec5f04b28662044a50c999ec5770c374aa1f1020de2", + "zh:25ef1467af2514d8011c44759307445f7057836ff87dfe4503c3e1c9776d5c1a", + "zh:26c006df6200f0063b827aab05bec94f9f3f77848e82ed72e48a51d1170d1961", + "zh:37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274", + "zh:4315b0433c2fc512666c74e989e2d95240934ef370bea1c690d36cb02d30c4ce", + "zh:75df0b3f631b78aeff1832cc77d99b527c2a5e79d40f7aac40bdc4a66124dac2", + "zh:90693d936c9a556d2bf945de4920ff82052002eb73139bd7164fafd02920f0ef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814", - "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693", - "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a", + "zh:c9177ad09804c60fd2ed25950570407b6bdcdf0fcc309e1673b584f06a827fae", + "zh:ca8e8db24a4d62d92afd8d3d383b81a08693acac191a2e0a110fb46deeff56a3", + "zh:d5fa3a36e13957d63bfe9bbd6df0426a2422214403aac9f20b60c36f8d9ebec6", + "zh:e4ede44a112296c9cc77b15e439e41ee15c0e8b3a0dec94ae34df5ebba840e8b", + "zh:f2d4de8d8cde69caffede1544ebea74e69fcc4552e1b79ae053519a05c060706", + "zh:fc19e9266b1841d4a3aeefa8a5b5ad6988baed6540f85a373b6c2d0dc1ca5830", ] } diff --git a/terraform/20-app/versions.tf b/terraform/20-app/versions.tf index 21afb908..c0caceec 100644 --- a/terraform/20-app/versions.tf +++ b/terraform/20-app/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.45.0" + version = "5.46.0" } random = { source = "hashicorp/random" From c20e4c20c5ae76b4daa152d427ecaf11410640c3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 23:39:50 +0000 Subject: [PATCH 02/31] Bump terraform-aws-modules/s3-bucket/aws in /terraform/10-account Bumps [terraform-aws-modules/s3-bucket/aws](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/releases) - [Changelog](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/blob/master/CHANGELOG.md) - [Commits](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/compare/v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: terraform-aws-modules/s3-bucket/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- terraform/10-account/s3.alb-logs.tf | 4 ++-- terraform/10-account/s3.athena-query-results.tf | 2 +- terraform/10-account/s3.cloud-front-logs.tf | 2 +- terraform/10-account/s3.cur-exports.tf | 2 +- terraform/10-account/s3.vpc-flow-logs.tf | 2 +- terraform/modules/cloud-watch-logs-to-splunk/s3.tf | 2 +- terraform/modules/cloud-watch-metrics-to-splunk/s3.tf | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform/10-account/s3.alb-logs.tf b/terraform/10-account/s3.alb-logs.tf index ae66225b..0ef74ce7 100644 --- a/terraform/10-account/s3.alb-logs.tf +++ b/terraform/10-account/s3.alb-logs.tf @@ -1,6 +1,6 @@ module "s3_elb_logs" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "uhd-aws-elb-access-logs-${local.account_id}-${local.region}" @@ -11,7 +11,7 @@ module "s3_elb_logs" { module "elb_logs_new_object" { source = "terraform-aws-modules/s3-bucket/aws//modules/notification" - version = "4.1.1" + version = "4.1.2" bucket = module.s3_elb_logs.s3_bucket_id diff --git a/terraform/10-account/s3.athena-query-results.tf b/terraform/10-account/s3.athena-query-results.tf index 5fbd2af3..32f9538d 100644 --- a/terraform/10-account/s3.athena-query-results.tf +++ b/terraform/10-account/s3.athena-query-results.tf @@ -1,6 +1,6 @@ module "s3_athena_query_results" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "athena-query-results-${local.account_id}" diff --git a/terraform/10-account/s3.cloud-front-logs.tf b/terraform/10-account/s3.cloud-front-logs.tf index c7bbfe21..d207b494 100644 --- a/terraform/10-account/s3.cloud-front-logs.tf +++ b/terraform/10-account/s3.cloud-front-logs.tf @@ -1,6 +1,6 @@ module "s3_cloud_front_logs" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "uhd-aws-cloud-front-access-logs-${local.account_id}-${local.region}" diff --git a/terraform/10-account/s3.cur-exports.tf b/terraform/10-account/s3.cur-exports.tf index a3048d5c..aec37b0d 100644 --- a/terraform/10-account/s3.cur-exports.tf +++ b/terraform/10-account/s3.cur-exports.tf @@ -6,7 +6,7 @@ locals { module "s3_cur_exports" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = local.s3_cur_exports_bucket_name diff --git a/terraform/10-account/s3.vpc-flow-logs.tf b/terraform/10-account/s3.vpc-flow-logs.tf index dc3d5add..f6c2f3de 100644 --- a/terraform/10-account/s3.vpc-flow-logs.tf +++ b/terraform/10-account/s3.vpc-flow-logs.tf @@ -1,6 +1,6 @@ module "s3_vpc_flow_logs" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "uhd-aws-vpc-flow-logs-${local.account_id}-${local.region}" diff --git a/terraform/modules/cloud-watch-logs-to-splunk/s3.tf b/terraform/modules/cloud-watch-logs-to-splunk/s3.tf index e34f270b..2a6c0664 100644 --- a/terraform/modules/cloud-watch-logs-to-splunk/s3.tf +++ b/terraform/modules/cloud-watch-logs-to-splunk/s3.tf @@ -1,6 +1,6 @@ module "s3_kinesis_backup" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "splunk-cw-logs-kinesis-backup-${local.account_id}-${local.region}" diff --git a/terraform/modules/cloud-watch-metrics-to-splunk/s3.tf b/terraform/modules/cloud-watch-metrics-to-splunk/s3.tf index d28a9d1a..cbae507c 100644 --- a/terraform/modules/cloud-watch-metrics-to-splunk/s3.tf +++ b/terraform/modules/cloud-watch-metrics-to-splunk/s3.tf @@ -1,6 +1,6 @@ module "s3_kinesis_backup" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "splunk-cw-metrics-kinesis-backup-${local.account_id}-${local.region}" From 88cb87c137e7283423aed4671eaa1c5b01a3898a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 23:41:18 +0000 Subject: [PATCH 03/31] Bump hashicorp/aws from 5.45.0 to 5.46.0 in /terraform/10-account Bumps [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws) from 5.45.0 to 5.46.0. - [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases) - [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/terraform-provider-aws/compare/v5.45.0...v5.46.0) --- updated-dependencies: - dependency-name: hashicorp/aws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/10-account/.terraform.lock.hcl | 38 ++++++++++++------------ terraform/10-account/versions.tf | 2 +- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/terraform/10-account/.terraform.lock.hcl b/terraform/10-account/.terraform.lock.hcl index 71610fe0..68b7dda2 100644 --- a/terraform/10-account/.terraform.lock.hcl +++ b/terraform/10-account/.terraform.lock.hcl @@ -2,27 +2,27 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.45.0" - constraints = ">= 2.49.0, >= 3.74.0, >= 4.0.0, >= 4.33.0, >= 4.36.0, >= 4.40.0, >= 4.63.0, >= 5.0.0, >= 5.27.0, 5.45.0" + version = "5.46.0" + constraints = ">= 2.49.0, >= 3.74.0, >= 4.0.0, >= 4.33.0, >= 4.36.0, >= 4.40.0, >= 5.0.0, >= 5.27.0, >= 5.32.0, 5.46.0" hashes = [ - "h1:4Vgk51R7iTY1oczaTQDG+DkA9nE8TmjlUtecqXX6qDU=", - "h1:8m3+C1VNevzU/8FsABoKp2rTOx3Ue7674INfhfk0TZY=", - "h1:xFKE0MsBjV86pMpbrLbAHCzv5kREDYO0xt5LRZMeZn8=", - "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368", - "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e", - "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6", - "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54", - "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe", - "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c", - "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a", - "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2", - "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7", - "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487", - "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35", + "h1:GK1y1qAGcPHPZxz01Ko6v+815T7kZPXt6POBsLg9c/k=", + "h1:d0Mf33mbbQujZ/JaYkqmH5gZGvP+iEIWf9yBSiOwimE=", + "h1:gagAtniijwJRhsKRBWWZfmnPiqu4u1A5oI626+KA/1g=", + "zh:05ae6180a7f23071435f6e5e59c19af0b6c5da42ee600c6c1568c8660214d548", + "zh:0d878d1565d5e57ce6b34ec5f04b28662044a50c999ec5770c374aa1f1020de2", + "zh:25ef1467af2514d8011c44759307445f7057836ff87dfe4503c3e1c9776d5c1a", + "zh:26c006df6200f0063b827aab05bec94f9f3f77848e82ed72e48a51d1170d1961", + "zh:37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274", + "zh:4315b0433c2fc512666c74e989e2d95240934ef370bea1c690d36cb02d30c4ce", + "zh:75df0b3f631b78aeff1832cc77d99b527c2a5e79d40f7aac40bdc4a66124dac2", + "zh:90693d936c9a556d2bf945de4920ff82052002eb73139bd7164fafd02920f0ef", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814", - "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693", - "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a", + "zh:c9177ad09804c60fd2ed25950570407b6bdcdf0fcc309e1673b584f06a827fae", + "zh:ca8e8db24a4d62d92afd8d3d383b81a08693acac191a2e0a110fb46deeff56a3", + "zh:d5fa3a36e13957d63bfe9bbd6df0426a2422214403aac9f20b60c36f8d9ebec6", + "zh:e4ede44a112296c9cc77b15e439e41ee15c0e8b3a0dec94ae34df5ebba840e8b", + "zh:f2d4de8d8cde69caffede1544ebea74e69fcc4552e1b79ae053519a05c060706", + "zh:fc19e9266b1841d4a3aeefa8a5b5ad6988baed6540f85a373b6c2d0dc1ca5830", ] } diff --git a/terraform/10-account/versions.tf b/terraform/10-account/versions.tf index 61946c2a..ce6d48ec 100644 --- a/terraform/10-account/versions.tf +++ b/terraform/10-account/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.45.0" + version = "5.46.0" } } required_version = ">= 1.4.5" From 2c0e7d408c899bbc652c8badc6e9d5b36381c741 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 23:49:24 +0000 Subject: [PATCH 04/31] Bump @aws-sdk/client-s3 in /src/lambda-producer-handler Bumps [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-s3) from 3.554.0 to 3.556.0. - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.556.0/clients/client-s3) --- updated-dependencies: - dependency-name: "@aws-sdk/client-s3" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- src/lambda-producer-handler/package-lock.json | 343 +++++++++++++++--- src/lambda-producer-handler/package.json | 2 +- 2 files changed, 302 insertions(+), 43 deletions(-) diff --git a/src/lambda-producer-handler/package-lock.json b/src/lambda-producer-handler/package-lock.json index b7547dd1..2e5333b0 100644 --- a/src/lambda-producer-handler/package-lock.json +++ b/src/lambda-producer-handler/package-lock.json @@ -10,7 +10,7 @@ "license": "ISC", "dependencies": { "@aws-sdk/client-kinesis": "^3.554.0", - "@aws-sdk/client-s3": "^3.554.0", + "@aws-sdk/client-s3": "^3.556.0", "uuid": "^9.0.1" }, "devDependencies": { @@ -212,16 +212,16 @@ } }, "node_modules/@aws-sdk/client-s3": { - "version": "3.554.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.554.0.tgz", - "integrity": "sha512-d5TKKtGWhN0vl9QovUFrf3UsM7jgFQkowDPx1O+E/yeQUj1FBDOoRfDCcQOKW/9ghloI6k7f0bBpNxdd+x0oKA==", + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.556.0.tgz", + "integrity": "sha512-6WF9Kuzz1/8zqX8hKBpqj9+FYwQ5uTsVcOKpTW94AMX2qtIeVRlwlnNnYyywWo61yqD3g59CMNHcqSsaqAwglg==", "dependencies": { "@aws-crypto/sha1-browser": "3.0.0", "@aws-crypto/sha256-browser": "3.0.0", "@aws-crypto/sha256-js": "3.0.0", - "@aws-sdk/client-sts": "3.554.0", - "@aws-sdk/core": "3.554.0", - "@aws-sdk/credential-provider-node": "3.554.0", + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/credential-provider-node": "3.556.0", "@aws-sdk/middleware-bucket-endpoint": "3.535.0", "@aws-sdk/middleware-expect-continue": "3.535.0", "@aws-sdk/middleware-flexible-checksums": "3.535.0", @@ -229,12 +229,12 @@ "@aws-sdk/middleware-location-constraint": "3.535.0", "@aws-sdk/middleware-logger": "3.535.0", "@aws-sdk/middleware-recursion-detection": "3.535.0", - "@aws-sdk/middleware-sdk-s3": "3.552.0", - "@aws-sdk/middleware-signing": "3.552.0", + "@aws-sdk/middleware-sdk-s3": "3.556.0", + "@aws-sdk/middleware-signing": "3.556.0", "@aws-sdk/middleware-ssec": "3.537.0", "@aws-sdk/middleware-user-agent": "3.540.0", "@aws-sdk/region-config-resolver": "3.535.0", - "@aws-sdk/signature-v4-multi-region": "3.552.0", + "@aws-sdk/signature-v4-multi-region": "3.556.0", "@aws-sdk/types": "3.535.0", "@aws-sdk/util-endpoints": "3.540.0", "@aws-sdk/util-user-agent-browser": "3.535.0", @@ -278,6 +278,265 @@ "node": ">=14.0.0" } }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.556.0.tgz", + "integrity": "sha512-unXdWS7uvHqCcOyC1de+Fr8m3F2vMg2m24GPea0bg7rVGTYmiyn9mhUX11VCt+ozydrw+F50FQwL6OqoqPocmw==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.556.0.tgz", + "integrity": "sha512-AXKd2TB6nNrksu+OfmHl8uI07PdgzOo4o8AxoRO8SHlwoMAGvcT9optDGVSYoVfgOKTymCoE7h8/UoUfPc11wQ==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + }, + "peerDependencies": { + "@aws-sdk/credential-provider-node": "^3.556.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/client-sts": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.556.0.tgz", + "integrity": "sha512-TsK3js7Suh9xEmC886aY+bv0KdLLYtzrcmVt6sJ/W6EnDXYQhBuKYFhp03NrN2+vSvMGpqJwR62DyfKe1G0QzQ==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + }, + "peerDependencies": { + "@aws-sdk/credential-provider-node": "^3.556.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/core": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.556.0.tgz", + "integrity": "sha512-vJaSaHw2kPQlo11j/Rzuz0gk1tEaKdz+2ser0f0qZ5vwFlANjt08m/frU17ctnVKC1s58bxpctO/1P894fHLrA==", + "dependencies": { + "@smithy/core": "^1.4.2", + "@smithy/protocol-http": "^3.3.0", + "@smithy/signature-v4": "^2.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "fast-xml-parser": "4.2.5", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.556.0.tgz", + "integrity": "sha512-0Nz4ErOlXhe3muxWYMbPwRMgfKmVbBp36BAE2uv/z5wTbfdBkcgUwaflEvlKCLUTdHzuZsQk+BFS/gVyaUeOuA==", + "dependencies": { + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/credential-provider-env": "3.535.0", + "@aws-sdk/credential-provider-process": "3.535.0", + "@aws-sdk/credential-provider-sso": "3.556.0", + "@aws-sdk/credential-provider-web-identity": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/credential-provider-imds": "^2.3.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.556.0.tgz", + "integrity": "sha512-s1xVtKjyGc60O8qcNIzS1X3H+pWEwEfZ7TgNznVDNyuXvLrlNWiAcigPWGl2aAkc8tGcsSG0Qpyw2KYC939LFg==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.535.0", + "@aws-sdk/credential-provider-http": "3.552.0", + "@aws-sdk/credential-provider-ini": "3.556.0", + "@aws-sdk/credential-provider-process": "3.535.0", + "@aws-sdk/credential-provider-sso": "3.556.0", + "@aws-sdk/credential-provider-web-identity": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/credential-provider-imds": "^2.3.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.556.0.tgz", + "integrity": "sha512-ETuBgcnpfxqadEAqhQFWpKoV1C/NAgvs5CbBc5EJbelJ8f4prTdErIHjrRtVT8c02MXj92QwczsiNYd5IoOqyw==", + "dependencies": { + "@aws-sdk/client-sso": "3.556.0", + "@aws-sdk/token-providers": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.556.0.tgz", + "integrity": "sha512-R/YAL8Uh8i+dzVjzMnbcWLIGeeRi2mioHVGnVF+minmaIkCiQMZg2HPrdlKm49El+RljT28Nl5YHRuiqzEIwMA==", + "dependencies": { + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/token-providers": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.556.0.tgz", + "integrity": "sha512-tvIiugNF0/+2wfuImMrpKjXMx4nCnFWQjQvouObny+wrif/PGqqQYrybwxPJDvzbd965bu1I+QuSv85/ug7xsg==", + "dependencies": { + "@aws-sdk/client-sso-oidc": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/@aws-sdk/client-sso": { "version": "3.554.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.554.0.tgz", @@ -460,6 +719,25 @@ "node": ">=14.0.0" } }, + "node_modules/@aws-sdk/credential-provider-http": { + "version": "3.552.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.552.0.tgz", + "integrity": "sha512-vsmu7Cz1i45pFEqzVb4JcFmAmVnWFNLsGheZc8SCptlqCO5voETrZZILHYIl4cjKkSDk3pblBOf0PhyjqWW6WQ==", + "dependencies": { + "@aws-sdk/types": "3.535.0", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/util-stream": "^2.2.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/@aws-sdk/credential-provider-ini": { "version": "3.554.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.554.0.tgz", @@ -503,25 +781,6 @@ "node": ">=14.0.0" } }, - "node_modules/@aws-sdk/credential-provider-node/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.552.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.552.0.tgz", - "integrity": "sha512-vsmu7Cz1i45pFEqzVb4JcFmAmVnWFNLsGheZc8SCptlqCO5voETrZZILHYIl4cjKkSDk3pblBOf0PhyjqWW6WQ==", - "dependencies": { - "@aws-sdk/types": "3.535.0", - "@smithy/fetch-http-handler": "^2.5.0", - "@smithy/node-http-handler": "^2.5.0", - "@smithy/property-provider": "^2.2.0", - "@smithy/protocol-http": "^3.3.0", - "@smithy/smithy-client": "^2.5.1", - "@smithy/types": "^2.12.0", - "@smithy/util-stream": "^2.2.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=14.0.0" - } - }, "node_modules/@aws-sdk/credential-provider-process": { "version": "3.535.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.535.0.tgz", @@ -673,15 +932,15 @@ } }, "node_modules/@aws-sdk/middleware-sdk-s3": { - "version": "3.552.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.552.0.tgz", - "integrity": "sha512-9KzOqsbwJJuQcpmrpkkIftjPahB1bsrcWalYzcVqKCgHCylhkSHW2tX+uGHRnvAl9iobQD5D7LUrS+cv0NeQ/Q==", + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-sdk-s3/-/middleware-sdk-s3-3.556.0.tgz", + "integrity": "sha512-4W/dnxqj1B6/uS/5Z+3UHaqDDGjNPgEVlqf5d3ToOFZ31ZfpANwhcCmyX39JklC4aolCEi9renQ5wHnTCC8K8g==", "dependencies": { "@aws-sdk/types": "3.535.0", "@aws-sdk/util-arn-parser": "3.535.0", "@smithy/node-config-provider": "^2.3.0", "@smithy/protocol-http": "^3.3.0", - "@smithy/signature-v4": "^2.2.1", + "@smithy/signature-v4": "^2.3.0", "@smithy/smithy-client": "^2.5.1", "@smithy/types": "^2.12.0", "@smithy/util-config-provider": "^2.3.0", @@ -692,14 +951,14 @@ } }, "node_modules/@aws-sdk/middleware-signing": { - "version": "3.552.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.552.0.tgz", - "integrity": "sha512-ZjOrlEmwjhbmkINa4Zx9LJh+xb/kgEiUrcfud2kq/r8ath1Nv1/4zalI9jHnou1J+R+yS+FQlXLXHSZ7vqyFbA==", + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/middleware-signing/-/middleware-signing-3.556.0.tgz", + "integrity": "sha512-kWrPmU8qd3gI5qzpuW9LtWFaH80cOz1ZJDavXx6PRpYZJ5JaKdUHghwfDlVTzzFYAeJmVsWIkPcLT5d5mY5ZTQ==", "dependencies": { "@aws-sdk/types": "3.535.0", "@smithy/property-provider": "^2.2.0", "@smithy/protocol-http": "^3.3.0", - "@smithy/signature-v4": "^2.2.1", + "@smithy/signature-v4": "^2.3.0", "@smithy/types": "^2.12.0", "@smithy/util-middleware": "^2.2.0", "tslib": "^2.6.2" @@ -753,14 +1012,14 @@ } }, "node_modules/@aws-sdk/signature-v4-multi-region": { - "version": "3.552.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.552.0.tgz", - "integrity": "sha512-cC11/5ahp+LaBCq7cR+51AM2ftf6m9diRd2oWkbEpjSiEKQzZRAltUPZAJM6NXGypmDODQDJphLGt45tvS+8kg==", + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/signature-v4-multi-region/-/signature-v4-multi-region-3.556.0.tgz", + "integrity": "sha512-bWDSK0ggK7QzAOmPZGv29UAIZocL1MNY7XyOvm3P3P1U3tFMoIBilQQBLabXyHoZ9J3Ik0Vv4n95htUhRQ35ow==", "dependencies": { - "@aws-sdk/middleware-sdk-s3": "3.552.0", + "@aws-sdk/middleware-sdk-s3": "3.556.0", "@aws-sdk/types": "3.535.0", "@smithy/protocol-http": "^3.3.0", - "@smithy/signature-v4": "^2.2.1", + "@smithy/signature-v4": "^2.3.0", "@smithy/types": "^2.12.0", "tslib": "^2.6.2" }, diff --git a/src/lambda-producer-handler/package.json b/src/lambda-producer-handler/package.json index d4287012..82801a12 100644 --- a/src/lambda-producer-handler/package.json +++ b/src/lambda-producer-handler/package.json @@ -16,7 +16,7 @@ }, "dependencies": { "@aws-sdk/client-kinesis": "^3.554.0", - "@aws-sdk/client-s3": "^3.554.0", + "@aws-sdk/client-s3": "^3.556.0", "uuid": "^9.0.1" } } From 4f7876943877130930a528b1a5af3070bcdcfc0c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 23:50:02 +0000 Subject: [PATCH 05/31] Bump @aws-sdk/client-kinesis in /src/lambda-producer-handler Bumps [@aws-sdk/client-kinesis](https://github.com/aws/aws-sdk-js-v3/tree/HEAD/clients/client-kinesis) from 3.554.0 to 3.556.0. - [Release notes](https://github.com/aws/aws-sdk-js-v3/releases) - [Changelog](https://github.com/aws/aws-sdk-js-v3/blob/main/clients/client-kinesis/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js-v3/commits/v3.556.0/clients/client-kinesis) --- updated-dependencies: - dependency-name: "@aws-sdk/client-kinesis" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- src/lambda-producer-handler/package-lock.json | 311 ++++++++++++++++-- src/lambda-producer-handler/package.json | 2 +- 2 files changed, 286 insertions(+), 27 deletions(-) diff --git a/src/lambda-producer-handler/package-lock.json b/src/lambda-producer-handler/package-lock.json index b7547dd1..2dcf2a6c 100644 --- a/src/lambda-producer-handler/package-lock.json +++ b/src/lambda-producer-handler/package-lock.json @@ -9,7 +9,7 @@ "version": "1.0.0", "license": "ISC", "dependencies": { - "@aws-sdk/client-kinesis": "^3.554.0", + "@aws-sdk/client-kinesis": "^3.556.0", "@aws-sdk/client-s3": "^3.554.0", "uuid": "^9.0.1" }, @@ -158,15 +158,15 @@ "integrity": "sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==" }, "node_modules/@aws-sdk/client-kinesis": { - "version": "3.554.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/client-kinesis/-/client-kinesis-3.554.0.tgz", - "integrity": "sha512-xRlqaZVsTWYPUNwRlhpXczjbSb+Qj6LDpK4SNCynRUJzx1G7b5hZS1L3yb9QvFNTyGj9F91LjacjaEzjBw9Fpw==", + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-kinesis/-/client-kinesis-3.556.0.tgz", + "integrity": "sha512-S9Q6KGMKbSOQzEKpvS1PKNMW5CbyPlDQkBYhhGZpnXoEdEGN1+a4xIHLtqqgNqu4XTsREFuS0wOxAR+2VGOfjA==", "dependencies": { "@aws-crypto/sha256-browser": "3.0.0", "@aws-crypto/sha256-js": "3.0.0", - "@aws-sdk/client-sts": "3.554.0", - "@aws-sdk/core": "3.554.0", - "@aws-sdk/credential-provider-node": "3.554.0", + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/credential-provider-node": "3.556.0", "@aws-sdk/middleware-host-header": "3.535.0", "@aws-sdk/middleware-logger": "3.535.0", "@aws-sdk/middleware-recursion-detection": "3.535.0", @@ -211,6 +211,265 @@ "node": ">=14.0.0" } }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso/-/client-sso-3.556.0.tgz", + "integrity": "sha512-unXdWS7uvHqCcOyC1de+Fr8m3F2vMg2m24GPea0bg7rVGTYmiyn9mhUX11VCt+ozydrw+F50FQwL6OqoqPocmw==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sso-oidc": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sso-oidc/-/client-sso-oidc-3.556.0.tgz", + "integrity": "sha512-AXKd2TB6nNrksu+OfmHl8uI07PdgzOo4o8AxoRO8SHlwoMAGvcT9optDGVSYoVfgOKTymCoE7h8/UoUfPc11wQ==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + }, + "peerDependencies": { + "@aws-sdk/credential-provider-node": "^3.556.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/client-sts": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/client-sts/-/client-sts-3.556.0.tgz", + "integrity": "sha512-TsK3js7Suh9xEmC886aY+bv0KdLLYtzrcmVt6sJ/W6EnDXYQhBuKYFhp03NrN2+vSvMGpqJwR62DyfKe1G0QzQ==", + "dependencies": { + "@aws-crypto/sha256-browser": "3.0.0", + "@aws-crypto/sha256-js": "3.0.0", + "@aws-sdk/core": "3.556.0", + "@aws-sdk/middleware-host-header": "3.535.0", + "@aws-sdk/middleware-logger": "3.535.0", + "@aws-sdk/middleware-recursion-detection": "3.535.0", + "@aws-sdk/middleware-user-agent": "3.540.0", + "@aws-sdk/region-config-resolver": "3.535.0", + "@aws-sdk/types": "3.535.0", + "@aws-sdk/util-endpoints": "3.540.0", + "@aws-sdk/util-user-agent-browser": "3.535.0", + "@aws-sdk/util-user-agent-node": "3.535.0", + "@smithy/config-resolver": "^2.2.0", + "@smithy/core": "^1.4.2", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/hash-node": "^2.2.0", + "@smithy/invalid-dependency": "^2.2.0", + "@smithy/middleware-content-length": "^2.2.0", + "@smithy/middleware-endpoint": "^2.5.1", + "@smithy/middleware-retry": "^2.3.1", + "@smithy/middleware-serde": "^2.3.0", + "@smithy/middleware-stack": "^2.2.0", + "@smithy/node-config-provider": "^2.3.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/url-parser": "^2.2.0", + "@smithy/util-base64": "^2.3.0", + "@smithy/util-body-length-browser": "^2.2.0", + "@smithy/util-body-length-node": "^2.3.0", + "@smithy/util-defaults-mode-browser": "^2.2.1", + "@smithy/util-defaults-mode-node": "^2.3.1", + "@smithy/util-endpoints": "^1.2.0", + "@smithy/util-middleware": "^2.2.0", + "@smithy/util-retry": "^2.2.0", + "@smithy/util-utf8": "^2.3.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + }, + "peerDependencies": { + "@aws-sdk/credential-provider-node": "^3.556.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/core": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/core/-/core-3.556.0.tgz", + "integrity": "sha512-vJaSaHw2kPQlo11j/Rzuz0gk1tEaKdz+2ser0f0qZ5vwFlANjt08m/frU17ctnVKC1s58bxpctO/1P894fHLrA==", + "dependencies": { + "@smithy/core": "^1.4.2", + "@smithy/protocol-http": "^3.3.0", + "@smithy/signature-v4": "^2.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "fast-xml-parser": "4.2.5", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-ini": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.556.0.tgz", + "integrity": "sha512-0Nz4ErOlXhe3muxWYMbPwRMgfKmVbBp36BAE2uv/z5wTbfdBkcgUwaflEvlKCLUTdHzuZsQk+BFS/gVyaUeOuA==", + "dependencies": { + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/credential-provider-env": "3.535.0", + "@aws-sdk/credential-provider-process": "3.535.0", + "@aws-sdk/credential-provider-sso": "3.556.0", + "@aws-sdk/credential-provider-web-identity": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/credential-provider-imds": "^2.3.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-node": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-node/-/credential-provider-node-3.556.0.tgz", + "integrity": "sha512-s1xVtKjyGc60O8qcNIzS1X3H+pWEwEfZ7TgNznVDNyuXvLrlNWiAcigPWGl2aAkc8tGcsSG0Qpyw2KYC939LFg==", + "dependencies": { + "@aws-sdk/credential-provider-env": "3.535.0", + "@aws-sdk/credential-provider-http": "3.552.0", + "@aws-sdk/credential-provider-ini": "3.556.0", + "@aws-sdk/credential-provider-process": "3.535.0", + "@aws-sdk/credential-provider-sso": "3.556.0", + "@aws-sdk/credential-provider-web-identity": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/credential-provider-imds": "^2.3.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-sso": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.556.0.tgz", + "integrity": "sha512-ETuBgcnpfxqadEAqhQFWpKoV1C/NAgvs5CbBc5EJbelJ8f4prTdErIHjrRtVT8c02MXj92QwczsiNYd5IoOqyw==", + "dependencies": { + "@aws-sdk/client-sso": "3.556.0", + "@aws-sdk/token-providers": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/credential-provider-web-identity": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.556.0.tgz", + "integrity": "sha512-R/YAL8Uh8i+dzVjzMnbcWLIGeeRi2mioHVGnVF+minmaIkCiQMZg2HPrdlKm49El+RljT28Nl5YHRuiqzEIwMA==", + "dependencies": { + "@aws-sdk/client-sts": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, + "node_modules/@aws-sdk/client-kinesis/node_modules/@aws-sdk/token-providers": { + "version": "3.556.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/token-providers/-/token-providers-3.556.0.tgz", + "integrity": "sha512-tvIiugNF0/+2wfuImMrpKjXMx4nCnFWQjQvouObny+wrif/PGqqQYrybwxPJDvzbd965bu1I+QuSv85/ug7xsg==", + "dependencies": { + "@aws-sdk/client-sso-oidc": "3.556.0", + "@aws-sdk/types": "3.535.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/shared-ini-file-loader": "^2.4.0", + "@smithy/types": "^2.12.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/@aws-sdk/client-s3": { "version": "3.554.0", "resolved": "https://registry.npmjs.org/@aws-sdk/client-s3/-/client-s3-3.554.0.tgz", @@ -460,6 +719,25 @@ "node": ">=14.0.0" } }, + "node_modules/@aws-sdk/credential-provider-http": { + "version": "3.552.0", + "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.552.0.tgz", + "integrity": "sha512-vsmu7Cz1i45pFEqzVb4JcFmAmVnWFNLsGheZc8SCptlqCO5voETrZZILHYIl4cjKkSDk3pblBOf0PhyjqWW6WQ==", + "dependencies": { + "@aws-sdk/types": "3.535.0", + "@smithy/fetch-http-handler": "^2.5.0", + "@smithy/node-http-handler": "^2.5.0", + "@smithy/property-provider": "^2.2.0", + "@smithy/protocol-http": "^3.3.0", + "@smithy/smithy-client": "^2.5.1", + "@smithy/types": "^2.12.0", + "@smithy/util-stream": "^2.2.0", + "tslib": "^2.6.2" + }, + "engines": { + "node": ">=14.0.0" + } + }, "node_modules/@aws-sdk/credential-provider-ini": { "version": "3.554.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.554.0.tgz", @@ -503,25 +781,6 @@ "node": ">=14.0.0" } }, - "node_modules/@aws-sdk/credential-provider-node/node_modules/@aws-sdk/credential-provider-http": { - "version": "3.552.0", - "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-http/-/credential-provider-http-3.552.0.tgz", - "integrity": "sha512-vsmu7Cz1i45pFEqzVb4JcFmAmVnWFNLsGheZc8SCptlqCO5voETrZZILHYIl4cjKkSDk3pblBOf0PhyjqWW6WQ==", - "dependencies": { - "@aws-sdk/types": "3.535.0", - "@smithy/fetch-http-handler": "^2.5.0", - "@smithy/node-http-handler": "^2.5.0", - "@smithy/property-provider": "^2.2.0", - "@smithy/protocol-http": "^3.3.0", - "@smithy/smithy-client": "^2.5.1", - "@smithy/types": "^2.12.0", - "@smithy/util-stream": "^2.2.0", - "tslib": "^2.6.2" - }, - "engines": { - "node": ">=14.0.0" - } - }, "node_modules/@aws-sdk/credential-provider-process": { "version": "3.535.0", "resolved": "https://registry.npmjs.org/@aws-sdk/credential-provider-process/-/credential-provider-process-3.535.0.tgz", diff --git a/src/lambda-producer-handler/package.json b/src/lambda-producer-handler/package.json index d4287012..6730936e 100644 --- a/src/lambda-producer-handler/package.json +++ b/src/lambda-producer-handler/package.json @@ -15,7 +15,7 @@ "sinon": "^17.0.1" }, "dependencies": { - "@aws-sdk/client-kinesis": "^3.554.0", + "@aws-sdk/client-kinesis": "^3.556.0", "@aws-sdk/client-s3": "^3.554.0", "uuid": "^9.0.1" } From 893a8928eb69db39c4e0d29516af12c8acf13299 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 08:58:42 +0000 Subject: [PATCH 06/31] Bump hashicorp/random from 3.5.1 to 3.6.1 in /terraform/20-app Bumps [hashicorp/random](https://github.com/hashicorp/terraform-provider-random) from 3.5.1 to 3.6.1. - [Release notes](https://github.com/hashicorp/terraform-provider-random/releases) - [Changelog](https://github.com/hashicorp/terraform-provider-random/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/terraform-provider-random/compare/v3.5.1...v3.6.1) --- updated-dependencies: - dependency-name: hashicorp/random dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/20-app/.terraform.lock.hcl | 32 ++++++++++++++-------------- terraform/20-app/versions.tf | 2 +- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/terraform/20-app/.terraform.lock.hcl b/terraform/20-app/.terraform.lock.hcl index c87c4882..d851f923 100644 --- a/terraform/20-app/.terraform.lock.hcl +++ b/terraform/20-app/.terraform.lock.hcl @@ -93,23 +93,23 @@ provider "registry.terraform.io/hashicorp/null" { } provider "registry.terraform.io/hashicorp/random" { - version = "3.5.1" - constraints = "3.5.1" + version = "3.6.1" + constraints = "3.6.1" hashes = [ - "h1:IL9mSatmwov+e0+++YX2V6uel+dV6bn+fC/cnGDK3Ck=", - "h1:VSnd9ZIPyfKHOObuQCaKfnjIHRtR7qTw19Rz8tJxm+k=", - "h1:sZ7MTSD4FLekNN2wSNFGpM+5slfvpm5A/NLVZiB7CO0=", - "zh:04e3fbd610cb52c1017d282531364b9c53ef72b6bc533acb2a90671957324a64", - "zh:119197103301ebaf7efb91df8f0b6e0dd31e6ff943d231af35ee1831c599188d", - "zh:4d2b219d09abf3b1bb4df93d399ed156cadd61f44ad3baf5cf2954df2fba0831", - "zh:6130bdde527587bbe2dcaa7150363e96dbc5250ea20154176d82bc69df5d4ce3", - "zh:6cc326cd4000f724d3086ee05587e7710f032f94fc9af35e96a386a1c6f2214f", + "h1:1OlP753r4lOKlBprL0HdZGWerm5DCabD5Mli8k8lWAg=", + "h1:8iqExjtAvirFTJkpm5YyYD+fC+DGV8NTJzKsE2c70VA=", + "h1:a+Goawwh6Qtg4/bRWzfDtIdrEFfPlnVy0y4LdUQY3nI=", + "zh:2a0ec154e39911f19c8214acd6241e469157489fc56b6c739f45fbed5896a176", + "zh:57f4e553224a5e849c99131f5e5294be3a7adcabe2d867d8a4fef8d0976e0e52", + "zh:58f09948c608e601bd9d0a9e47dcb78e2b2c13b4bda4d8f097d09152ea9e91c5", + "zh:5c2a297146ed6fb3fe934c800e78380f700f49ff24dbb5fb5463134948e3a65f", "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:b6d88e1d28cf2dfa24e9fdcc3efc77adcdc1c3c3b5c7ce503a423efbdd6de57b", - "zh:ba74c592622ecbcef9dc2a4d81ed321c4e44cddf7da799faa324da9bf52a22b2", - "zh:c7c5cde98fe4ef1143bd1b3ec5dc04baf0d4cc3ca2c5c7d40d17c0e9b2076865", - "zh:dac4bad52c940cd0dfc27893507c1e92393846b024c5a9db159a93c534a3da03", - "zh:de8febe2a2acd9ac454b844a4106ed295ae9520ef54dc8ed2faf29f12716b602", - "zh:eab0d0495e7e711cca367f7d4df6e322e6c562fc52151ec931176115b83ed014", + "zh:7ce41e26f0603e31cdac849085fc99e5cd5b3b73414c6c6d955c0ceb249b593f", + "zh:8c9e8d30c4ef08ee8bcc4294dbf3c2115cd7d9049c6ba21422bd3471d92faf8a", + "zh:93e91be717a7ffbd6410120eb925ebb8658cc8f563de35a8b53804d33c51c8b0", + "zh:982542e921970d727ce10ed64795bf36c4dec77a5db0741d4665230d12250a0d", + "zh:b9d1873f14d6033e216510ef541c891f44d249464f13cc07d3f782d09c7d18de", + "zh:cfe27faa0bc9556391c8803ade135a5856c34a3fe85b9ae3bdd515013c0c87c1", + "zh:e4aabf3184bbb556b89e4b195eab1514c86a2914dd01c23ad9813ec17e863a8a", ] } diff --git a/terraform/20-app/versions.tf b/terraform/20-app/versions.tf index c0caceec..7cdae051 100644 --- a/terraform/20-app/versions.tf +++ b/terraform/20-app/versions.tf @@ -6,7 +6,7 @@ terraform { } random = { source = "hashicorp/random" - version = "3.5.1" + version = "3.6.1" } local = { source = "hashicorp/local" From 056880a5b01cc4f33381584ac250776394c7e28a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 09:23:19 +0000 Subject: [PATCH 07/31] Bump terraform-aws-modules/s3-bucket/aws in /terraform/20-app Bumps [terraform-aws-modules/s3-bucket/aws](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/releases) - [Changelog](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/blob/master/CHANGELOG.md) - [Commits](https://github.com/terraform-aws-modules/terraform-aws-s3-bucket/compare/v4.1.1...v4.1.2) --- updated-dependencies: - dependency-name: terraform-aws-modules/s3-bucket/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- terraform/20-app/s3.archive-web-content.tf | 2 +- terraform/20-app/s3.ingest.tf | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/20-app/s3.archive-web-content.tf b/terraform/20-app/s3.archive-web-content.tf index 398ae876..16901d80 100644 --- a/terraform/20-app/s3.archive-web-content.tf +++ b/terraform/20-app/s3.archive-web-content.tf @@ -4,7 +4,7 @@ locals { module "s3_archive_web_content" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = local.s3_archive_web_content_bucket_name diff --git a/terraform/20-app/s3.ingest.tf b/terraform/20-app/s3.ingest.tf index 6c560c55..52dea13f 100644 --- a/terraform/20-app/s3.ingest.tf +++ b/terraform/20-app/s3.ingest.tf @@ -1,6 +1,6 @@ module "s3_ingest" { source = "terraform-aws-modules/s3-bucket/aws" - version = "4.1.1" + version = "4.1.2" bucket = "${local.prefix}-ingest" @@ -25,7 +25,7 @@ module "s3_ingest" { module "s3_ingest_notification" { source = "terraform-aws-modules/s3-bucket/aws//modules/notification" - version = "4.1.1" + version = "4.1.2" bucket = module.s3_ingest.s3_bucket_id From 3c80e159f5d2e2febf7e21ce7a32a76db7aad31a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Apr 2024 10:15:11 +0000 Subject: [PATCH 08/31] Bump terraform-aws-modules/lambda/aws in /terraform/20-app Bumps [terraform-aws-modules/lambda/aws](https://github.com/terraform-aws-modules/terraform-aws-lambda) from 7.2.2 to 7.2.6. - [Release notes](https://github.com/terraform-aws-modules/terraform-aws-lambda/releases) - [Changelog](https://github.com/terraform-aws-modules/terraform-aws-lambda/blob/master/CHANGELOG.md) - [Commits](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v7.2.2...v7.2.6) --- updated-dependencies: - dependency-name: terraform-aws-modules/lambda/aws dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- terraform/20-app/lambda.db-password-rotation.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/20-app/lambda.db-password-rotation.tf b/terraform/20-app/lambda.db-password-rotation.tf index 42a17203..d4967bc9 100644 --- a/terraform/20-app/lambda.db-password-rotation.tf +++ b/terraform/20-app/lambda.db-password-rotation.tf @@ -1,6 +1,6 @@ module "lambda_db_password_rotation" { source = "terraform-aws-modules/lambda/aws" - version = "7.2.2" + version = "7.2.6" function_name = "${local.prefix}-db-password-rotation" description = "Redeploys services which depend on the main database when the password in secrets manager is rotated" From 7be950ce581aaa3987e931f4bc5b90ca874d9678 Mon Sep 17 00:00:00 2001 From: Phillip Stanley Date: Tue, 23 Apr 2024 13:25:24 +0100 Subject: [PATCH 09/31] Update Phill's IP address --- terraform/20-app/ip-allow-lists.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/20-app/ip-allow-lists.tf b/terraform/20-app/ip-allow-lists.tf index 2a8dae90..e32e002a 100644 --- a/terraform/20-app/ip-allow-lists.tf +++ b/terraform/20-app/ip-allow-lists.tf @@ -7,7 +7,7 @@ locals { "82.2.4.244/32", # Kev "78.147.110.81/32", # Kev 2 "31.94.59.185/32", # Kev's phone - "188.220.99.50/32", # Phil + "188.220.4.44/32", # Phil "94.192.143.49/32", # Rhys "82.23.201.161/32", # Tom "35.176.13.254/32", # UKHSA test EC2 @@ -18,7 +18,7 @@ locals { "80.7.227.61/32", # Kiran ], project_team = [ - "78.105.5.74/32", # Debbie + "78.105.5.74/32", # Debbie ], other_stakeholders = [ "62.253.228.56/32", # Georgina From ae7be4e446edf2c41c0713d2153522f7057142fa Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Tue, 23 Apr 2024 13:40:46 +0100 Subject: [PATCH 10/31] Formatting --- terraform/20-app/cloud-front.front-end.tf | 16 ++++++++-------- terraform/20-app/cloud-front.public-api.tf | 18 +++++++++--------- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/terraform/20-app/cloud-front.front-end.tf b/terraform/20-app/cloud-front.front-end.tf index 154c03e6..180918ce 100644 --- a/terraform/20-app/cloud-front.front-end.tf +++ b/terraform/20-app/cloud-front.front-end.tf @@ -45,15 +45,15 @@ module "cloudfront_front_end" { } default_cache_behavior = { - allowed_methods = ["HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH"] - cache_policy_id = aws_cloudfront_cache_policy.front_end.id - cached_methods = ["GET", "HEAD"] - compress = true - origin_request_policy_id = aws_cloudfront_origin_request_policy.front_end.id + allowed_methods = ["HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH"] + cache_policy_id = aws_cloudfront_cache_policy.front_end.id + cached_methods = ["GET", "HEAD"] + compress = true + origin_request_policy_id = aws_cloudfront_origin_request_policy.front_end.id response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63" # CORS-with-preflight-and-SecurityHeadersPolicy - target_origin_id = "alb" - use_forwarded_values = false - viewer_protocol_policy = "redirect-to-https" + target_origin_id = "alb" + use_forwarded_values = false + viewer_protocol_policy = "redirect-to-https" } custom_error_response = [ diff --git a/terraform/20-app/cloud-front.public-api.tf b/terraform/20-app/cloud-front.public-api.tf index ed078054..72bd84c8 100644 --- a/terraform/20-app/cloud-front.public-api.tf +++ b/terraform/20-app/cloud-front.public-api.tf @@ -45,16 +45,16 @@ module "cloudfront_public_api" { } default_cache_behavior = { - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cache_policy_id = aws_cloudfront_cache_policy.public_api.id - cached_methods = ["GET", "HEAD"] - compress = true - origin_request_policy_id = aws_cloudfront_origin_request_policy.public_api.id + allowed_methods = ["GET", "HEAD", "OPTIONS"] + cache_policy_id = aws_cloudfront_cache_policy.public_api.id + cached_methods = ["GET", "HEAD"] + compress = true + origin_request_policy_id = aws_cloudfront_origin_request_policy.public_api.id response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63" # CORS-with-preflight-and-SecurityHeadersPolicy - target_origin_id = "alb" - use_forwarded_values = false - viewer_protocol_policy = "redirect-to-https" - function_association = { + target_origin_id = "alb" + use_forwarded_values = false + viewer_protocol_policy = "redirect-to-https" + function_association = { viewer-request = { function_arn = aws_cloudfront_function.public_api_viewer_request.arn } From 03edc68f56270f53a9d6a8509fcfb70596874db5 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Tue, 23 Apr 2024 13:41:27 +0100 Subject: [PATCH 11/31] Bypass cloudfront cache and hit origin for `api/health` endpoint --- terraform/20-app/cloud-front.front-end.tf | 60 +++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/terraform/20-app/cloud-front.front-end.tf b/terraform/20-app/cloud-front.front-end.tf index 180918ce..f557eb73 100644 --- a/terraform/20-app/cloud-front.front-end.tf +++ b/terraform/20-app/cloud-front.front-end.tf @@ -56,6 +56,23 @@ module "cloudfront_front_end" { viewer_protocol_policy = "redirect-to-https" } + ordered_cache_behavior = [ + # Behaviour to bypass cloudfront for health check + { + path_pattern = "api/health" + allowed_methods = ["GET", "HEAD", "OPTIONS"] + cache_policy_id = aws_cloudfront_cache_policy.front_end_health_check.id + cached_methods = ["GET", "HEAD"] + compress = true + origin_request_policy_id = aws_cloudfront_origin_request_policy.front_end.id + response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63" + target_origin_id = "alb" + use_forwarded_values = false + viewer_protocol_policy = "redirect-to-https" + query_string = false + } + ] + custom_error_response = [ { error_code = 404 @@ -71,6 +88,10 @@ module "cloudfront_front_end" { } } +################################################################################ +# Request policies +################################################################################ + resource "aws_cloudfront_origin_request_policy" "front_end" { name = "${local.prefix}-front-end" @@ -85,6 +106,24 @@ resource "aws_cloudfront_origin_request_policy" "front_end" { } } +resource "aws_cloudfront_origin_request_policy" "front_end_health_check" { + name = "${local.prefix}-front-end-health-check" + + cookies_config { + cookie_behavior = "none" + } + headers_config { + header_behavior = "none" + } + query_strings_config { + query_string_behavior = "none" + } +} + +################################################################################ +# Cache policies +################################################################################ + resource "aws_cloudfront_cache_policy" "front_end" { name = "${local.prefix}-front-end" @@ -117,3 +156,24 @@ resource "aws_cloudfront_cache_policy" "front_end" { } } } + +resource "aws_cloudfront_cache_policy" "front_end_health_check" { + name = "${local.prefix}-front-end-health-check" + + min_ttl = 0 + max_ttl = 0 + default_ttl = 0 + + parameters_in_cache_key_and_forwarded_to_origin { + cookies_config { + cookie_behavior = "none" + } + headers_config { + header_behavior = "none" + } + + query_strings_config { + query_string_behavior = "none" + } + } +} From 597a9965af31d17b6af225b99a77c136ec35a980 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Tue, 23 Apr 2024 13:42:08 +0100 Subject: [PATCH 12/31] Bypass cloudfront cache and hit origin for `.well-known/health-check` endpoint --- terraform/20-app/cloud-front.public-api.tf | 64 ++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/terraform/20-app/cloud-front.public-api.tf b/terraform/20-app/cloud-front.public-api.tf index 72bd84c8..dee09d08 100644 --- a/terraform/20-app/cloud-front.public-api.tf +++ b/terraform/20-app/cloud-front.public-api.tf @@ -61,6 +61,23 @@ module "cloudfront_public_api" { } } + ordered_cache_behavior = [ + # Behaviour to bypass cloudfront for health check + { + path_pattern = ".well-known/health-check" + allowed_methods = ["GET", "HEAD", "OPTIONS"] + cache_policy_id = aws_cloudfront_cache_policy.public_api_health_check.id + cached_methods = ["GET", "HEAD"] + compress = true + origin_request_policy_id = aws_cloudfront_origin_request_policy.public_api_health_check.id + response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63" + target_origin_id = "alb" + use_forwarded_values = false + viewer_protocol_policy = "redirect-to-https" + query_string = false + } + ] + custom_error_response = [ { count = 0 @@ -77,6 +94,10 @@ module "cloudfront_public_api" { } } +################################################################################ +# Request policies +################################################################################ + resource "aws_cloudfront_origin_request_policy" "public_api" { name = "${local.prefix}-public-api" @@ -91,6 +112,24 @@ resource "aws_cloudfront_origin_request_policy" "public_api" { } } +resource "aws_cloudfront_origin_request_policy" "public_api_health_check" { + name = "${local.prefix}-public-api-health-check" + + cookies_config { + cookie_behavior = "none" + } + headers_config { + header_behavior = "none" + } + query_strings_config { + query_string_behavior = "none" + } +} + +################################################################################ +# Cache policies +################################################################################ + resource "aws_cloudfront_cache_policy" "public_api" { name = "${local.prefix}-public-api" @@ -126,6 +165,31 @@ resource "aws_cloudfront_cache_policy" "public_api" { } } +resource "aws_cloudfront_cache_policy" "public_api_health_check" { + name = "${local.prefix}-public-api-health-check" + + min_ttl = 0 + max_ttl = 0 + default_ttl = 0 + + parameters_in_cache_key_and_forwarded_to_origin { + cookies_config { + cookie_behavior = "none" + } + headers_config { + header_behavior = "none" + } + + query_strings_config { + query_string_behavior = "none" + } + } +} + +################################################################################ +# Viewer function +################################################################################ + resource "aws_cloudfront_function" "public_api_viewer_request" { name = "${local.prefix}-public-api-viewer-request" runtime = "cloudfront-js-2.0" From 5d88cf33e988fa05576d79265ec900f2356d904d Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Wed, 24 Apr 2024 13:22:44 +0100 Subject: [PATCH 13/31] Update path to `.well-known/health-check/` --- terraform/20-app/cloud-front.public-api.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/20-app/cloud-front.public-api.tf b/terraform/20-app/cloud-front.public-api.tf index dee09d08..dddd81bf 100644 --- a/terraform/20-app/cloud-front.public-api.tf +++ b/terraform/20-app/cloud-front.public-api.tf @@ -64,7 +64,7 @@ module "cloudfront_public_api" { ordered_cache_behavior = [ # Behaviour to bypass cloudfront for health check { - path_pattern = ".well-known/health-check" + path_pattern = ".well-known/health-check/" allowed_methods = ["GET", "HEAD", "OPTIONS"] cache_policy_id = aws_cloudfront_cache_policy.public_api_health_check.id cached_methods = ["GET", "HEAD"] From 4511b03f6e91616a97d9cfe7889687b744f45ca7 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Thu, 25 Apr 2024 14:23:19 +0100 Subject: [PATCH 14/31] Open `role-duration-seconds` parameter to allow for timeouts greater than 1 hour default limit --- .github/actions/configure-aws-credentials/action.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/actions/configure-aws-credentials/action.yml b/.github/actions/configure-aws-credentials/action.yml index 2b4f68f3..188146ef 100644 --- a/.github/actions/configure-aws-credentials/action.yml +++ b/.github/actions/configure-aws-credentials/action.yml @@ -9,6 +9,9 @@ inputs: aws-region: description: "The AWS region to configure credentials in." required: true + role-duration-seconds: + description: "The assumed role duration in seconds. Defaults to 1 hour." + default: "3600" # Note that the roles are optional by default. # When using this composite action, you must pass in the role you need @@ -38,6 +41,7 @@ runs: with: role-to-assume: ${{ inputs.tools-account-role }} aws-region: ${{ inputs.aws-region }} + role-duration-seconds: ${{ inputs.role-duration-seconds }} - name: Configure AWS credentials for prod account uses: aws-actions/configure-aws-credentials@v4 @@ -46,6 +50,7 @@ runs: role-to-assume: ${{ inputs.prod-account-role }} aws-region: ${{ inputs.aws-region }} role-chaining: true + role-duration-seconds: ${{ inputs.role-duration-seconds }} - name: Configure AWS credentials for dev account uses: aws-actions/configure-aws-credentials@v4 @@ -54,6 +59,7 @@ runs: role-to-assume: ${{ inputs.dev-account-role }} aws-region: ${{ inputs.aws-region }} role-chaining: true + role-duration-seconds: ${{ inputs.role-duration-seconds }} - name: Configure AWS credentials for test account uses: aws-actions/configure-aws-credentials@v4 @@ -62,6 +68,7 @@ runs: role-to-assume: ${{ inputs.test-account-role }} aws-region: ${{ inputs.aws-region }} role-chaining: true + role-duration-seconds: ${{ inputs.role-duration-seconds }} - name: Configure AWS credentials for uat account uses: aws-actions/configure-aws-credentials@v4 @@ -70,3 +77,4 @@ runs: role-to-assume: ${{ inputs.uat-account-role }} aws-region: ${{ inputs.aws-region }} role-chaining: true + role-duration-seconds: ${{ inputs.role-duration-seconds }} From 646c4c9524571b2bd1ef31fa7aab0f1435fcf6ee Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Thu, 25 Apr 2024 14:23:32 +0100 Subject: [PATCH 15/31] Set CI cleanup cronjob to timeout after 6h instead of the default 1h limit --- .github/workflows/cleanup-ci-test-environments.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/cleanup-ci-test-environments.yml b/.github/workflows/cleanup-ci-test-environments.yml index db1a377b..1b4fa0a0 100644 --- a/.github/workflows/cleanup-ci-test-environments.yml +++ b/.github/workflows/cleanup-ci-test-environments.yml @@ -26,6 +26,8 @@ jobs: with: aws-region: ${{ env.AWS_REGION }} tools-account-role: ${{ secrets.UHD_TERRAFORM_ROLE }} + # Timeout after 6 hours + role-duration-seconds: "21600" - name: Terraform cleanup run: | From dc164f05b69df4d09cdcff0d761de66838c246d1 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Thu, 25 Apr 2024 15:13:45 +0100 Subject: [PATCH 16/31] Declare as explicit function --- scripts/_terraform.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/_terraform.sh b/scripts/_terraform.sh index b6a8eff5..fee3a8e4 100644 --- a/scripts/_terraform.sh +++ b/scripts/_terraform.sh @@ -405,6 +405,7 @@ function _terraform_force_unlock() { _terraform_cleanup() { +function _terraform_cleanup() { local envs=($(terraform -chdir=terraform/20-app workspace list)) local files=($(echo \*)) From 8da163f48d567774fd244fac05f99a786582a68a Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Thu, 25 Apr 2024 15:14:20 +0100 Subject: [PATCH 17/31] Add `uhd terraform workspace-list` command to list all current terraform workspaces --- scripts/_terraform.sh | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/scripts/_terraform.sh b/scripts/_terraform.sh index fee3a8e4..6cfdfe87 100644 --- a/scripts/_terraform.sh +++ b/scripts/_terraform.sh @@ -28,7 +28,8 @@ function _terraform_help() { echo echo " cleanup - destroys all CI test environments" echo " force-unlock - releases the lock on a workspace" - echo + echo " workspace-list - lists all terraform workspaces" + echo return 1 } @@ -51,6 +52,7 @@ function _terraform() { "output-file:layer") _terraform_output_layer_file $args ;; "destroy:layer") _terraform_destroy_layer $args ;; "force-unlock") _terraform_force_unlock $args ;; + "workspace-list") _terraform_workspace_list $args ;; "cleanup") _terraform_cleanup $args ;; @@ -403,8 +405,16 @@ function _terraform_force_unlock() { terraform force-unlock --force $lock_id } -_terraform_cleanup() { - +function _terraform_workspace_list() { + local envs=($(terraform -chdir=terraform/20-app workspace list)) + + for env in ${envs[@]}; do + if [[ ! $env == "*" ]] && [[ ! " ${files[@]} " =~ " ${env} " ]]; then + echo "-> ${env}" + fi + done +} + function _terraform_cleanup() { local envs=($(terraform -chdir=terraform/20-app workspace list)) local files=($(echo \*)) From 703e5fd3622fba0822e2890cb4407e19a319a250 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Mon, 29 Apr 2024 13:26:55 +0100 Subject: [PATCH 18/31] Bump `terraform-aws-modules/alb/aws` from `v8.7.0` -> `v9.9.0` --- terraform/20-app/alb.cms-admin.tf | 2 +- terraform/20-app/alb.feature-flags.tf | 2 +- terraform/20-app/alb.feedback_api.tf | 2 +- terraform/20-app/alb.front-end.tf | 2 +- terraform/20-app/alb.private_api.tf | 2 +- terraform/20-app/alb.public_api.tf | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/terraform/20-app/alb.cms-admin.tf b/terraform/20-app/alb.cms-admin.tf index 345172d6..5d3696dc 100644 --- a/terraform/20-app/alb.cms-admin.tf +++ b/terraform/20-app/alb.cms-admin.tf @@ -1,6 +1,6 @@ module "cms_admin_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-cms-admin" diff --git a/terraform/20-app/alb.feature-flags.tf b/terraform/20-app/alb.feature-flags.tf index 11221541..2c4d587d 100644 --- a/terraform/20-app/alb.feature-flags.tf +++ b/terraform/20-app/alb.feature-flags.tf @@ -1,6 +1,6 @@ module "feature_flags_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-feature-flags" diff --git a/terraform/20-app/alb.feedback_api.tf b/terraform/20-app/alb.feedback_api.tf index 36a3178f..4a088414 100644 --- a/terraform/20-app/alb.feedback_api.tf +++ b/terraform/20-app/alb.feedback_api.tf @@ -1,6 +1,6 @@ module "feedback_api_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-feedback-api" diff --git a/terraform/20-app/alb.front-end.tf b/terraform/20-app/alb.front-end.tf index 18826b0a..242558a4 100644 --- a/terraform/20-app/alb.front-end.tf +++ b/terraform/20-app/alb.front-end.tf @@ -1,6 +1,6 @@ module "front_end_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-front-end" diff --git a/terraform/20-app/alb.private_api.tf b/terraform/20-app/alb.private_api.tf index 622f9656..1e7c618d 100644 --- a/terraform/20-app/alb.private_api.tf +++ b/terraform/20-app/alb.private_api.tf @@ -1,6 +1,6 @@ module "private_api_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-private-api" diff --git a/terraform/20-app/alb.public_api.tf b/terraform/20-app/alb.public_api.tf index a6715db5..853bc9e4 100644 --- a/terraform/20-app/alb.public_api.tf +++ b/terraform/20-app/alb.public_api.tf @@ -1,6 +1,6 @@ module "public_api_alb" { source = "terraform-aws-modules/alb/aws" - version = "8.7.0" + version = "9.9.0" name = "${local.prefix}-public-api" From c8825a4201cf99cc8cfe238e4cf2975a08354108 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Mon, 29 Apr 2024 13:28:31 +0100 Subject: [PATCH 19/31] Set `enable_deletion_protection` to false across all load balancers to allow terraform to be able to delete --- terraform/20-app/alb.cms-admin.tf | 1 + terraform/20-app/alb.feature-flags.tf | 1 + terraform/20-app/alb.feedback_api.tf | 1 + terraform/20-app/alb.front-end.tf | 1 + terraform/20-app/alb.private_api.tf | 1 + terraform/20-app/alb.public_api.tf | 1 + 6 files changed, 6 insertions(+) diff --git a/terraform/20-app/alb.cms-admin.tf b/terraform/20-app/alb.cms-admin.tf index 5d3696dc..727dd26c 100644 --- a/terraform/20-app/alb.cms-admin.tf +++ b/terraform/20-app/alb.cms-admin.tf @@ -10,6 +10,7 @@ module "cms_admin_alb" { subnets = module.vpc.public_subnets security_groups = [module.cms_admin_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id diff --git a/terraform/20-app/alb.feature-flags.tf b/terraform/20-app/alb.feature-flags.tf index 2c4d587d..e135c3dc 100644 --- a/terraform/20-app/alb.feature-flags.tf +++ b/terraform/20-app/alb.feature-flags.tf @@ -10,6 +10,7 @@ module "feature_flags_alb" { subnets = module.vpc.public_subnets security_groups = [module.feature_flags_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id diff --git a/terraform/20-app/alb.feedback_api.tf b/terraform/20-app/alb.feedback_api.tf index 4a088414..5ef9d90b 100644 --- a/terraform/20-app/alb.feedback_api.tf +++ b/terraform/20-app/alb.feedback_api.tf @@ -10,6 +10,7 @@ module "feedback_api_alb" { subnets = module.vpc.public_subnets security_groups = [module.feedback_api_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id diff --git a/terraform/20-app/alb.front-end.tf b/terraform/20-app/alb.front-end.tf index 242558a4..828bf9ad 100644 --- a/terraform/20-app/alb.front-end.tf +++ b/terraform/20-app/alb.front-end.tf @@ -10,6 +10,7 @@ module "front_end_alb" { subnets = module.vpc.public_subnets security_groups = [module.front_end_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id diff --git a/terraform/20-app/alb.private_api.tf b/terraform/20-app/alb.private_api.tf index 1e7c618d..5c2a6958 100644 --- a/terraform/20-app/alb.private_api.tf +++ b/terraform/20-app/alb.private_api.tf @@ -10,6 +10,7 @@ module "private_api_alb" { subnets = module.vpc.public_subnets security_groups = [module.private_api_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id diff --git a/terraform/20-app/alb.public_api.tf b/terraform/20-app/alb.public_api.tf index 853bc9e4..8da3817c 100644 --- a/terraform/20-app/alb.public_api.tf +++ b/terraform/20-app/alb.public_api.tf @@ -10,6 +10,7 @@ module "public_api_alb" { subnets = module.vpc.public_subnets security_groups = [module.public_api_alb_security_group.security_group_id] drop_invalid_header_fields = true + enable_deletion_protection = false access_logs = { bucket = data.aws_s3_bucket.elb_logs_eu_west_2.id From d8035b16ee2a9c77ba22bdabdcb1abb4b1d9127c Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Mon, 29 Apr 2024 13:32:23 +0100 Subject: [PATCH 20/31] Bump terraform module for albs to `v9.9.0` - replace deprecated output variables --- terraform/20-app/route-53.tf | 24 ++++++++++++------------ terraform/20-app/route-53.wke-account.tf | 24 ++++++++++++------------ terraform/20-app/route-53.wke-others.tf | 24 ++++++++++++------------ terraform/20-app/waf.cms.tf | 2 +- terraform/20-app/waf.feature-flags.tf | 2 +- 5 files changed, 38 insertions(+), 38 deletions(-) diff --git a/terraform/20-app/route-53.tf b/terraform/20-app/route-53.tf index 67ecef78..89198b78 100644 --- a/terraform/20-app/route-53.tf +++ b/terraform/20-app/route-53.tf @@ -17,8 +17,8 @@ module "route_53_records" { name = "${local.environment}-lb" type = "A" alias = { - name = module.front_end_alb.lb_dns_name - zone_id = module.front_end_alb.lb_zone_id + name = module.front_end_alb.dns_name + zone_id = module.front_end_alb.zone_id } }, { @@ -33,32 +33,32 @@ module "route_53_records" { name = "${local.environment}-api-lb" type = "A" alias = { - name = module.public_api_alb.lb_dns_name - zone_id = module.public_api_alb.lb_zone_id + name = module.public_api_alb.dns_name + zone_id = module.public_api_alb.zone_id } }, { name = "${local.environment}-private-api", type = "A" alias = { - name = module.private_api_alb.lb_dns_name - zone_id = module.private_api_alb.lb_zone_id + name = module.private_api_alb.dns_name + zone_id = module.private_api_alb.zone_id } }, { name = "${local.environment}-feedback-api", type = "A" alias = { - name = module.feedback_api_alb.lb_dns_name - zone_id = module.feedback_api_alb.lb_zone_id + name = module.feedback_api_alb.dns_name + zone_id = module.feedback_api_alb.zone_id } }, { name = "${local.environment}-cms" type = "A" alias = { - name = module.cms_admin_alb.lb_dns_name - zone_id = module.cms_admin_alb.lb_zone_id + name = module.cms_admin_alb.dns_name + zone_id = module.cms_admin_alb.zone_id } }, { @@ -73,8 +73,8 @@ module "route_53_records" { name = "${local.environment}-feature-flags" type = "A" alias = { - name = module.feature_flags_alb.lb_dns_name - zone_id = module.feature_flags_alb.lb_zone_id + name = module.feature_flags_alb.dns_name + zone_id = module.feature_flags_alb.zone_id } } ] diff --git a/terraform/20-app/route-53.wke-account.tf b/terraform/20-app/route-53.wke-account.tf index 2ba07b8b..38a1ec73 100644 --- a/terraform/20-app/route-53.wke-account.tf +++ b/terraform/20-app/route-53.wke-account.tf @@ -18,8 +18,8 @@ module "route_53_records_wke_account" { name = "lb" type = "A" alias = { - name = module.front_end_alb.lb_dns_name - zone_id = module.front_end_alb.lb_zone_id + name = module.front_end_alb.dns_name + zone_id = module.front_end_alb.zone_id } }, { @@ -34,32 +34,32 @@ module "route_53_records_wke_account" { name = "api-lb" type = "A" alias = { - name = module.public_api_alb.lb_dns_name - zone_id = module.public_api_alb.lb_zone_id + name = module.public_api_alb.dns_name + zone_id = module.public_api_alb.zone_id } }, { name = "private-api" type = "A" alias = { - name = module.private_api_alb.lb_dns_name - zone_id = module.private_api_alb.lb_zone_id + name = module.private_api_alb.dns_name + zone_id = module.private_api_alb.zone_id } }, { name = "feedback-api" type = "A" alias = { - name = module.feedback_api_alb.lb_dns_name - zone_id = module.feedback_api_alb.lb_zone_id + name = module.feedback_api_alb.dns_name + zone_id = module.feedback_api_alb.zone_id } }, { name = "cms" type = "A" alias = { - name = module.cms_admin_alb.lb_dns_name - zone_id = module.cms_admin_alb.lb_zone_id + name = module.cms_admin_alb.dns_name + zone_id = module.cms_admin_alb.zone_id } }, { @@ -74,8 +74,8 @@ module "route_53_records_wke_account" { name = "feature-flags" type = "A" alias = { - name = module.feature_flags_alb.lb_dns_name - zone_id = module.feature_flags_alb.lb_zone_id + name = module.feature_flags_alb.dns_name + zone_id = module.feature_flags_alb.zone_id } } ] diff --git a/terraform/20-app/route-53.wke-others.tf b/terraform/20-app/route-53.wke-others.tf index 775a1d64..5f594724 100644 --- a/terraform/20-app/route-53.wke-others.tf +++ b/terraform/20-app/route-53.wke-others.tf @@ -18,8 +18,8 @@ module "route_53_records_wke_others" { name = "lb" type = "A" alias = { - name = module.front_end_alb.lb_dns_name - zone_id = module.front_end_alb.lb_zone_id + name = module.front_end_alb.dns_name + zone_id = module.front_end_alb.zone_id } }, { @@ -34,32 +34,32 @@ module "route_53_records_wke_others" { name = "api-lb" type = "A" alias = { - name = module.public_api_alb.lb_dns_name - zone_id = module.public_api_alb.lb_zone_id + name = module.public_api_alb.dns_name + zone_id = module.public_api_alb.zone_id } }, { name = "private-api" type = "A" alias = { - name = module.private_api_alb.lb_dns_name - zone_id = module.private_api_alb.lb_zone_id + name = module.private_api_alb.dns_name + zone_id = module.private_api_alb.zone_id } }, { name = "feedback-api" type = "A" alias = { - name = module.feedback_api_alb.lb_dns_name - zone_id = module.feedback_api_alb.lb_zone_id + name = module.feedback_api_alb.dns_name + zone_id = module.feedback_api_alb.zone_id } }, { name = "cms" type = "A" alias = { - name = module.cms_admin_alb.lb_dns_name - zone_id = module.cms_admin_alb.lb_zone_id + name = module.cms_admin_alb.dns_name + zone_id = module.cms_admin_alb.zone_id } }, { @@ -74,8 +74,8 @@ module "route_53_records_wke_others" { name = "feature-flags" type = "A" alias = { - name = module.feature_flags_alb.lb_dns_name - zone_id = module.feature_flags_alb.lb_zone_id + name = module.feature_flags_alb.dns_name + zone_id = module.feature_flags_alb.zone_id } } ] diff --git a/terraform/20-app/waf.cms.tf b/terraform/20-app/waf.cms.tf index a666d9e8..3bd8bc2d 100644 --- a/terraform/20-app/waf.cms.tf +++ b/terraform/20-app/waf.cms.tf @@ -70,7 +70,7 @@ resource "aws_wafv2_web_acl" "cms_admin" { } resource "aws_wafv2_web_acl_association" "cms_admin" { - resource_arn = module.cms_admin_alb.lb_arn + resource_arn = module.cms_admin_alb.arn web_acl_arn = aws_wafv2_web_acl.cms_admin.arn } diff --git a/terraform/20-app/waf.feature-flags.tf b/terraform/20-app/waf.feature-flags.tf index 830c9e54..157e540c 100644 --- a/terraform/20-app/waf.feature-flags.tf +++ b/terraform/20-app/waf.feature-flags.tf @@ -70,7 +70,7 @@ resource "aws_wafv2_web_acl" "feature_flags" { } resource "aws_wafv2_web_acl_association" "feature-flags" { - resource_arn = module.feature_flags_alb.lb_arn + resource_arn = module.feature_flags_alb.arn web_acl_arn = aws_wafv2_web_acl.feature_flags.arn } From 49657e4372ed6a8d9e60e2fe24fd97dcac268c96 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Mon, 29 Apr 2024 15:21:51 +0100 Subject: [PATCH 21/31] Reimplement target groups and listeners on ALBs to conform to `v9` --- terraform/20-app/alb.cms-admin.tf | 25 +++--- terraform/20-app/alb.feature-flags.tf | 36 ++++---- terraform/20-app/alb.feedback_api.tf | 85 +++++++++---------- terraform/20-app/alb.front-end.tf | 73 ++++++++-------- terraform/20-app/alb.private_api.tf | 71 ++++++++-------- terraform/20-app/alb.public_api.tf | 73 ++++++++-------- terraform/20-app/ecs.service.cms-admin.tf | 2 +- terraform/20-app/ecs.service.feature-flags.tf | 2 +- terraform/20-app/ecs.service.feedback-api.tf | 2 +- terraform/20-app/ecs.service.front-end.tf | 2 +- terraform/20-app/ecs.service.private-api.tf | 2 +- terraform/20-app/ecs.service.public-api.tf | 2 +- 12 files changed, 192 insertions(+), 183 deletions(-) diff --git a/terraform/20-app/alb.cms-admin.tf b/terraform/20-app/alb.cms-admin.tf index 727dd26c..9d9794cb 100644 --- a/terraform/20-app/alb.cms-admin.tf +++ b/terraform/20-app/alb.cms-admin.tf @@ -18,12 +18,13 @@ module "cms_admin_alb" { prefix = "cms-admin-alb" } - target_groups = [ - { - name = "${local.prefix}-cms-admin" - backend_protocol = "HTTP" - backend_port = 80 - target_type = "ip" + target_groups = { + "${local.prefix}-cms-admin" = { + name = "${local.prefix}-cms-admin" + backend_protocol = "HTTP" + backend_port = 80 + target_type = "ip" + create_attachment = false health_check = { enabled = true interval = 30 @@ -36,17 +37,21 @@ module "cms_admin_alb" { matcher = "200" } } - ] + } - https_listeners = [ - { + listeners = { + "${local.prefix}-cms-admin-alb-listener" = { + name = "${local.prefix}-cms-admin-alb-listener" port = 443 protocol = "HTTPS" certificate_arn = local.certificate_arn target_group_index = 0 ssl_policy = local.alb_security_policy + forward = { + target_group_key = "${local.prefix}-cms-admin" + } } - ] + } } module "cms_admin_alb_security_group" { diff --git a/terraform/20-app/alb.feature-flags.tf b/terraform/20-app/alb.feature-flags.tf index e135c3dc..c47c76bd 100644 --- a/terraform/20-app/alb.feature-flags.tf +++ b/terraform/20-app/alb.feature-flags.tf @@ -18,13 +18,14 @@ module "feature_flags_alb" { prefix = "feature-flags-alb" } - target_groups = [ - { - name = "${local.prefix}-feature-flags" - backend_protocol = "HTTP" - backend_port = 4242 - target_type = "ip" - health_check = { + target_groups = { + "${local.prefix}-feature-flags" = { + name = "${local.prefix}-feature-flags" + backend_protocol = "HTTP" + backend_port = 4242 + target_type = "ip" + create_attachment = false + health_check = { enabled = true interval = 30 path = "/health/" @@ -36,17 +37,20 @@ module "feature_flags_alb" { matcher = "200" } } - ] + } - https_listeners = [ - { - port = 443 - protocol = "HTTPS" - certificate_arn = local.certificate_arn - target_group_index = 0 - ssl_policy = local.alb_security_policy + listeners = { + "${local.prefix}-feature-flags-alb-listener" = { + name = "${local.prefix}-feature-flags-alb-listener" + port = 443 + protocol = "HTTPS" + certificate_arn = local.certificate_arn + ssl_policy = local.alb_security_policy + forward = { + target_group_key = "${local.prefix}-feature-flags" + } } - ] + } } module "feature_flags_alb_security_group" { diff --git a/terraform/20-app/alb.feedback_api.tf b/terraform/20-app/alb.feedback_api.tf index 5ef9d90b..59a53052 100644 --- a/terraform/20-app/alb.feedback_api.tf +++ b/terraform/20-app/alb.feedback_api.tf @@ -18,13 +18,14 @@ module "feedback_api_alb" { prefix = "feedback-api-alb" } - target_groups = [ - { - name = "${local.prefix}-feedback-api" - backend_protocol = "HTTP" - backend_port = 80 - target_type = "ip" - health_check = { + target_groups = { + "${local.prefix}-feedback-api" = { + name = "${local.prefix}-feedback-api" + backend_protocol = "HTTP" + backend_port = 80 + target_type = "ip" + create_attachment = false + health_check = { enabled = true interval = 30 path = "/health/" @@ -36,46 +37,44 @@ module "feedback_api_alb" { matcher = "200" } } - ] + } - https_listeners = [ - { - port = 443 - protocol = "HTTPS" - certificate_arn = local.certificate_arn - target_group_index = 0 - ssl_policy = local.alb_security_policy - action_type = "fixed-response" - fixed_response = { - content_type = "application/json" - message_body = jsonencode({ - message = "Authentication credentials were not provided." - }) - status_code = "401" + listeners = { + "${local.prefix}-feedback-api-alb-listener" = { + name = "${local.prefix}-feedback-api-alb-listener" + port = 443 + protocol = "HTTPS" + certificate_arn = local.certificate_arn + ssl_policy = local.alb_security_policy + forward = { + target_group_key = "${local.prefix}-feedback-api" } - } - ] - - https_listener_rules = [ - { - https_listener_index = 0 - priority = 1 - actions = [ - { - type = "forward" - target_group_index = 0 - } - ] - conditions = [ - { - http_headers = [{ - http_header_name = "Authorization" - values = [aws_secretsmanager_secret_version.private_api_key.secret_string] - }] + rules = { + enforce-api-key = { + listener_key = "${local.prefix}-feedback-api-alb-listener" + priority = 1 + actions = [ + { + type = "fixed-response" + content_type = "application/json" + message_body = jsonencode({ + message = "Authentication credentials were not provided." + }) + status_code = "401" + } + ] + conditions = [ + { + http_header = { + http_header_name = "Authorization" + values = [aws_secretsmanager_secret_version.private_api_key.secret_string] + } + } + ] } - ] + } } - ] + } } module "feedback_api_alb_security_group" { diff --git a/terraform/20-app/alb.front-end.tf b/terraform/20-app/alb.front-end.tf index 828bf9ad..622bda61 100644 --- a/terraform/20-app/alb.front-end.tf +++ b/terraform/20-app/alb.front-end.tf @@ -18,12 +18,13 @@ module "front_end_alb" { prefix = "front-end-alb" } - target_groups = [ - { - name = "${local.prefix}-front-end" - backend_protocol = "HTTP" - backend_port = 3000 - target_type = "ip" + target_groups = { + "${local.prefix}-front-end" = { + name = "${local.prefix}-front-end" + backend_protocol = "HTTP" + backend_port = 3000 + target_type = "ip" + create_attachment = false health_check = { enabled = true interval = 30 @@ -36,44 +37,44 @@ module "front_end_alb" { matcher = "200,404" } } - ] + } - https_listeners = [ - { - port = 443 - protocol = "HTTPS" - certificate_arn = local.certificate_arn - target_group_index = 0 - ssl_policy = local.alb_security_policy - action_type = "fixed-response" + listeners = { + "${local.prefix}-front-end-alb-listener" = { + name = "${local.prefix}-front-end-alb-listener" + port = 443 + protocol = "HTTPS" + certificate_arn = local.certificate_arn + ssl_policy = local.alb_security_policy fixed_response = { content_type = "text/plain" message_body = "403 Forbidden" status_code = "403" } - } - ] - - https_listener_rules = [ - { - https_listener_index = 0 - priority = 1 - actions = [ - { - type = "forward" - target_group_index = 0 - } - ] - conditions = [ - { - http_headers = [{ - http_header_name = "x-cdn-auth" - values = [jsonencode(aws_secretsmanager_secret_version.cdn_front_end_secure_header_value.secret_string)] - }] + rules = { + enforce-header-value = { + listener_key = "${local.prefix}-front-end-alb-listener" + priority = 1 + actions = [ + { + type = "forward" + target_group_key = "${local.prefix}-front-end" + } + ] + conditions = [ + { + http_header = { + http_header_name = "x-cdn-auth" + values = [ + jsonencode(aws_secretsmanager_secret_version.cdn_front_end_secure_header_value.secret_string) + ] + } + } + ] } - ] + } } - ] + } } module "front_end_alb_security_group" { diff --git a/terraform/20-app/alb.private_api.tf b/terraform/20-app/alb.private_api.tf index 5c2a6958..be1bf79b 100644 --- a/terraform/20-app/alb.private_api.tf +++ b/terraform/20-app/alb.private_api.tf @@ -18,12 +18,13 @@ module "private_api_alb" { prefix = "private-api-alb" } - target_groups = [ - { - name = "${local.prefix}-private-api" - backend_protocol = "HTTP" - backend_port = 80 - target_type = "ip" + target_groups = { + "${local.prefix}-private-api" = { + name = "${local.prefix}-private-api" + backend_protocol = "HTTP" + backend_port = 80 + target_type = "ip" + create_attachment = false health_check = { enabled = true interval = 30 @@ -36,16 +37,15 @@ module "private_api_alb" { matcher = "200" } } - ] + } - https_listeners = [ - { - port = 443 - protocol = "HTTPS" - certificate_arn = local.certificate_arn - target_group_index = 0 - ssl_policy = local.alb_security_policy - action_type = "fixed-response" + listeners = { + "${local.prefix}-private-api-alb-listener" = { + name = "${local.prefix}-private-api-alb-listener" + port = 443 + protocol = "HTTPS" + certificate_arn = local.certificate_arn + ssl_policy = local.alb_security_policy fixed_response = { content_type = "application/json" message_body = jsonencode({ @@ -53,29 +53,28 @@ module "private_api_alb" { }) status_code = "401" } - } - ] - - https_listener_rules = [ - { - https_listener_index = 0 - priority = 1 - actions = [ - { - type = "forward" - target_group_index = 0 - } - ] - conditions = [ - { - http_headers = [{ - http_header_name = "Authorization" - values = [aws_secretsmanager_secret_version.private_api_key.secret_string] - }] + rules = { + enforce-api-key = { + listener_key = "${local.prefix}-private-api-alb-listener" + priority = 1 + actions = [ + { + type = "forward" + target_group_key = "${local.prefix}-private-api" + } + ] + conditions = [ + { + http_header = { + http_header_name = "Authorization" + values = [aws_secretsmanager_secret_version.private_api_key.secret_string] + } + } + ] } - ] + } } - ] + } } module "private_api_alb_security_group" { diff --git a/terraform/20-app/alb.public_api.tf b/terraform/20-app/alb.public_api.tf index 8da3817c..ff35e6cd 100644 --- a/terraform/20-app/alb.public_api.tf +++ b/terraform/20-app/alb.public_api.tf @@ -18,12 +18,13 @@ module "public_api_alb" { prefix = "public-api-alb" } - target_groups = [ - { - name = "${local.prefix}-public-api" - backend_protocol = "HTTP" - backend_port = 80 - target_type = "ip" + target_groups = { + "${local.prefix}-public-api" = { + name = "${local.prefix}-public-api" + backend_protocol = "HTTP" + backend_port = 80 + target_type = "ip" + create_attachment = false health_check = { enabled = true interval = 30 @@ -36,44 +37,44 @@ module "public_api_alb" { matcher = "200" } } - ] + } - https_listeners = [ - { - port = 443 - protocol = "HTTPS" - certificate_arn = local.certificate_arn - target_group_index = 0 - ssl_policy = local.alb_security_policy - action_type = "fixed-response" + listeners = { + "${local.prefix}-public-api-alb-listener" = { + name = "${local.prefix}-public-api-alb-listener" + port = 443 + protocol = "HTTPS" + certificate_arn = local.certificate_arn + ssl_policy = local.alb_security_policy fixed_response = { content_type = "text/plain" message_body = "403 Forbidden" status_code = "403" } - } - ] - - https_listener_rules = [ - { - https_listener_index = 0 - priority = 1 - actions = [ - { - type = "forward" - target_group_index = 0 - } - ] - conditions = [ - { - http_headers = [{ - http_header_name = "x-cdn-auth" - values = [jsonencode(aws_secretsmanager_secret_version.cdn_public_api_secure_header_value.secret_string)] - }] + rules = { + enforce-header-value = { + listener_key = "${local.prefix}-public-api-alb-listener" + priority = 1 + actions = [ + { + type = "forward" + target_group_key = "${local.prefix}-public-api" + } + ] + conditions = [ + { + http_header = { + http_header_name = "x-cdn-auth" + values = [ + jsonencode(aws_secretsmanager_secret_version.cdn_public_api_secure_header_value.secret_string) + ] + } + } + ] } - ] + } } - ] + } } module "public_api_alb_security_group" { diff --git a/terraform/20-app/ecs.service.cms-admin.tf b/terraform/20-app/ecs.service.cms-admin.tf index a9eff6e6..968bf83d 100644 --- a/terraform/20-app/ecs.service.cms-admin.tf +++ b/terraform/20-app/ecs.service.cms-admin.tf @@ -74,7 +74,7 @@ module "ecs_service_cms_admin" { load_balancer = { service = { - target_group_arn = element(module.cms_admin_alb.target_group_arns, 0) + target_group_arn = module.cms_admin_alb.target_groups["${local.prefix}-cms-admin"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.feature-flags.tf b/terraform/20-app/ecs.service.feature-flags.tf index 36ff6a14..16877f73 100644 --- a/terraform/20-app/ecs.service.feature-flags.tf +++ b/terraform/20-app/ecs.service.feature-flags.tf @@ -83,7 +83,7 @@ module "ecs_service_feature_flags" { load_balancer = { service = { - target_group_arn = element(module.feature_flags_alb.target_group_arns, 0) + target_group_arn = module.feature_flags_alb.target_groups["${local.prefix}-feature-flags"].arn container_name = "api" container_port = 4242 } diff --git a/terraform/20-app/ecs.service.feedback-api.tf b/terraform/20-app/ecs.service.feedback-api.tf index b7f9497b..60f32a49 100644 --- a/terraform/20-app/ecs.service.feedback-api.tf +++ b/terraform/20-app/ecs.service.feedback-api.tf @@ -70,7 +70,7 @@ module "ecs_service_feedback_api" { load_balancer = { service = { - target_group_arn = element(module.feedback_api_alb.target_group_arns, 0) + target_group_arn = module.feedback_api_alb.target_groups["${local.prefix}-feedback-api"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.front-end.tf b/terraform/20-app/ecs.service.front-end.tf index 8ae589e8..ab9688bc 100644 --- a/terraform/20-app/ecs.service.front-end.tf +++ b/terraform/20-app/ecs.service.front-end.tf @@ -70,7 +70,7 @@ module "ecs_service_front_end" { load_balancer = { service = { - target_group_arn = element(module.front_end_alb.target_group_arns, 0) + target_group_arn = module.front_end_alb.target_groups["${local.prefix}-front-end"].arn container_name = "front-end" container_port = 3000 } diff --git a/terraform/20-app/ecs.service.private-api.tf b/terraform/20-app/ecs.service.private-api.tf index a68410a2..d617400f 100644 --- a/terraform/20-app/ecs.service.private-api.tf +++ b/terraform/20-app/ecs.service.private-api.tf @@ -82,7 +82,7 @@ module "ecs_service_private_api" { load_balancer = { service = { - target_group_arn = element(module.private_api_alb.target_group_arns, 0) + target_group_arn = module.private_api_alb.target_groups["${local.prefix}-private-api"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.public-api.tf b/terraform/20-app/ecs.service.public-api.tf index 536d8fb4..a54d7564 100644 --- a/terraform/20-app/ecs.service.public-api.tf +++ b/terraform/20-app/ecs.service.public-api.tf @@ -78,7 +78,7 @@ module "ecs_service_public_api" { load_balancer = { service = { - target_group_arn = element(module.public_api_alb.target_group_arns, 0) + target_group_arn = module.public_api_alb.target_groups["${local.prefix}-public-api"].arn container_name = "api" container_port = 80 } From efb180ecc3f3a27cec8d3c9ad830858c1db9ee8c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 23:48:02 +0000 Subject: [PATCH 22/31] Bump hashicorp/aws from 5.46.0 to 5.47.0 in /terraform/10-account Bumps [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws) from 5.46.0 to 5.47.0. - [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases) - [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/terraform-provider-aws/compare/v5.46.0...v5.47.0) --- updated-dependencies: - dependency-name: hashicorp/aws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/10-account/.terraform.lock.hcl | 38 ++++++++++++------------ terraform/10-account/versions.tf | 2 +- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/terraform/10-account/.terraform.lock.hcl b/terraform/10-account/.terraform.lock.hcl index 68b7dda2..6e89c061 100644 --- a/terraform/10-account/.terraform.lock.hcl +++ b/terraform/10-account/.terraform.lock.hcl @@ -2,27 +2,27 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.46.0" - constraints = ">= 2.49.0, >= 3.74.0, >= 4.0.0, >= 4.33.0, >= 4.36.0, >= 4.40.0, >= 5.0.0, >= 5.27.0, >= 5.32.0, 5.46.0" + version = "5.47.0" + constraints = ">= 2.49.0, >= 3.74.0, >= 4.0.0, >= 4.33.0, >= 4.36.0, >= 4.40.0, >= 5.0.0, >= 5.27.0, >= 5.32.0, 5.47.0" hashes = [ - "h1:GK1y1qAGcPHPZxz01Ko6v+815T7kZPXt6POBsLg9c/k=", - "h1:d0Mf33mbbQujZ/JaYkqmH5gZGvP+iEIWf9yBSiOwimE=", - "h1:gagAtniijwJRhsKRBWWZfmnPiqu4u1A5oI626+KA/1g=", - "zh:05ae6180a7f23071435f6e5e59c19af0b6c5da42ee600c6c1568c8660214d548", - "zh:0d878d1565d5e57ce6b34ec5f04b28662044a50c999ec5770c374aa1f1020de2", - "zh:25ef1467af2514d8011c44759307445f7057836ff87dfe4503c3e1c9776d5c1a", - "zh:26c006df6200f0063b827aab05bec94f9f3f77848e82ed72e48a51d1170d1961", - "zh:37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274", - "zh:4315b0433c2fc512666c74e989e2d95240934ef370bea1c690d36cb02d30c4ce", - "zh:75df0b3f631b78aeff1832cc77d99b527c2a5e79d40f7aac40bdc4a66124dac2", - "zh:90693d936c9a556d2bf945de4920ff82052002eb73139bd7164fafd02920f0ef", + "h1:49aEnvHJ/M8BRGAXKzU6W3zSbf7HgIrjXkXjC5DGEWY=", + "h1:T0tupfn2Ubj18Y7xmO0pFMvti1Qns2K6EGXenR6Hg30=", + "h1:bZEm2TDCM7jmpNXK6QOWsT1YU8GiGGQaraUvwO887U8=", + "zh:06037a14e47e8f82d0b3b326cd188566272b808b7970a9249a11db26d475b83d", + "zh:116b7dd58ca964a1056249d2b6550f399b0a6bc9a7920b7ee134242114432c9f", + "zh:1aa089c81459071c1d65ba7454f1122159e1fa1b5384e6e9ef85c8264f8a9ecb", + "zh:2c1471acba40c4944aa88dda761093c0c969db6408bdc1a4fb62417788cd6bb6", + "zh:3b950bea06ea4bf1ec359a97a4f1745b7efca7fc2da368843666020dd0ebc5d4", + "zh:7191c5c2fce834d584153dcd5269ed3042437f224d341ad85df06b2247bd09b2", + "zh:76d841b3f247f9bb3899dec3b4d871613a4ae8a83a581a827655d34b1bbee0ee", + "zh:7c656ce252fafc2c915dad43a0a7da17dba975207d75841a02f3f2b92d51ec25", + "zh:8ec97118cbdef64139c52b719e4e22443e67a1f37ea1597cd45b2e9b97332a35", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:c9177ad09804c60fd2ed25950570407b6bdcdf0fcc309e1673b584f06a827fae", - "zh:ca8e8db24a4d62d92afd8d3d383b81a08693acac191a2e0a110fb46deeff56a3", - "zh:d5fa3a36e13957d63bfe9bbd6df0426a2422214403aac9f20b60c36f8d9ebec6", - "zh:e4ede44a112296c9cc77b15e439e41ee15c0e8b3a0dec94ae34df5ebba840e8b", - "zh:f2d4de8d8cde69caffede1544ebea74e69fcc4552e1b79ae053519a05c060706", - "zh:fc19e9266b1841d4a3aeefa8a5b5ad6988baed6540f85a373b6c2d0dc1ca5830", + "zh:a369deca7938236a7da59f7ad1fe18137f736764c9015ed10e88edb6e8505980", + "zh:a743882fb099401eae0c86d9388a6faadbbc27b2ac9477aeef643e5de4eec3f9", + "zh:d5f960f58aff06fc58e244fea6e665800384cacb8cd64a556f8e145b98650372", + "zh:e31ffcfd560132ffbff2f574928ba392e663202a750750ed39a8950031b75623", + "zh:ebd9061b92a772144564f35a63d5a08cb45e14a9d39294fda185f2e0de9c8e28", ] } diff --git a/terraform/10-account/versions.tf b/terraform/10-account/versions.tf index ce6d48ec..9ceee36f 100644 --- a/terraform/10-account/versions.tf +++ b/terraform/10-account/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.46.0" + version = "5.47.0" } } required_version = ">= 1.4.5" From 52a227f6cf3ecfc97b5d4973aa7a5c01554c8853 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 23:54:12 +0000 Subject: [PATCH 23/31] Bump hashicorp/aws from 5.46.0 to 5.47.0 in /terraform/20-app Bumps [hashicorp/aws](https://github.com/hashicorp/terraform-provider-aws) from 5.46.0 to 5.47.0. - [Release notes](https://github.com/hashicorp/terraform-provider-aws/releases) - [Changelog](https://github.com/hashicorp/terraform-provider-aws/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/terraform-provider-aws/compare/v5.46.0...v5.47.0) --- updated-dependencies: - dependency-name: hashicorp/aws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/20-app/.terraform.lock.hcl | 38 ++++++++++++++-------------- terraform/20-app/versions.tf | 2 +- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/terraform/20-app/.terraform.lock.hcl b/terraform/20-app/.terraform.lock.hcl index d851f923..e4d8475b 100644 --- a/terraform/20-app/.terraform.lock.hcl +++ b/terraform/20-app/.terraform.lock.hcl @@ -2,27 +2,27 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.46.0" - constraints = ">= 2.49.0, >= 3.29.0, >= 3.74.0, >= 4.33.0, >= 4.59.0, >= 4.66.1, >= 5.0.0, >= 5.12.0, >= 5.27.0, >= 5.30.0, >= 5.32.0, >= 5.37.0, >= 5.42.0, 5.46.0" + version = "5.47.0" + constraints = ">= 2.49.0, >= 3.29.0, >= 3.74.0, >= 4.33.0, >= 4.59.0, >= 4.66.1, >= 5.0.0, >= 5.12.0, >= 5.27.0, >= 5.30.0, >= 5.32.0, >= 5.37.0, >= 5.42.0, 5.47.0" hashes = [ - "h1:GK1y1qAGcPHPZxz01Ko6v+815T7kZPXt6POBsLg9c/k=", - "h1:d0Mf33mbbQujZ/JaYkqmH5gZGvP+iEIWf9yBSiOwimE=", - "h1:gagAtniijwJRhsKRBWWZfmnPiqu4u1A5oI626+KA/1g=", - "zh:05ae6180a7f23071435f6e5e59c19af0b6c5da42ee600c6c1568c8660214d548", - "zh:0d878d1565d5e57ce6b34ec5f04b28662044a50c999ec5770c374aa1f1020de2", - "zh:25ef1467af2514d8011c44759307445f7057836ff87dfe4503c3e1c9776d5c1a", - "zh:26c006df6200f0063b827aab05bec94f9f3f77848e82ed72e48a51d1170d1961", - "zh:37cdf4292649a10f12858622826925e18ad4eca354c31f61d02c66895eb91274", - "zh:4315b0433c2fc512666c74e989e2d95240934ef370bea1c690d36cb02d30c4ce", - "zh:75df0b3f631b78aeff1832cc77d99b527c2a5e79d40f7aac40bdc4a66124dac2", - "zh:90693d936c9a556d2bf945de4920ff82052002eb73139bd7164fafd02920f0ef", + "h1:49aEnvHJ/M8BRGAXKzU6W3zSbf7HgIrjXkXjC5DGEWY=", + "h1:T0tupfn2Ubj18Y7xmO0pFMvti1Qns2K6EGXenR6Hg30=", + "h1:bZEm2TDCM7jmpNXK6QOWsT1YU8GiGGQaraUvwO887U8=", + "zh:06037a14e47e8f82d0b3b326cd188566272b808b7970a9249a11db26d475b83d", + "zh:116b7dd58ca964a1056249d2b6550f399b0a6bc9a7920b7ee134242114432c9f", + "zh:1aa089c81459071c1d65ba7454f1122159e1fa1b5384e6e9ef85c8264f8a9ecb", + "zh:2c1471acba40c4944aa88dda761093c0c969db6408bdc1a4fb62417788cd6bb6", + "zh:3b950bea06ea4bf1ec359a97a4f1745b7efca7fc2da368843666020dd0ebc5d4", + "zh:7191c5c2fce834d584153dcd5269ed3042437f224d341ad85df06b2247bd09b2", + "zh:76d841b3f247f9bb3899dec3b4d871613a4ae8a83a581a827655d34b1bbee0ee", + "zh:7c656ce252fafc2c915dad43a0a7da17dba975207d75841a02f3f2b92d51ec25", + "zh:8ec97118cbdef64139c52b719e4e22443e67a1f37ea1597cd45b2e9b97332a35", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:c9177ad09804c60fd2ed25950570407b6bdcdf0fcc309e1673b584f06a827fae", - "zh:ca8e8db24a4d62d92afd8d3d383b81a08693acac191a2e0a110fb46deeff56a3", - "zh:d5fa3a36e13957d63bfe9bbd6df0426a2422214403aac9f20b60c36f8d9ebec6", - "zh:e4ede44a112296c9cc77b15e439e41ee15c0e8b3a0dec94ae34df5ebba840e8b", - "zh:f2d4de8d8cde69caffede1544ebea74e69fcc4552e1b79ae053519a05c060706", - "zh:fc19e9266b1841d4a3aeefa8a5b5ad6988baed6540f85a373b6c2d0dc1ca5830", + "zh:a369deca7938236a7da59f7ad1fe18137f736764c9015ed10e88edb6e8505980", + "zh:a743882fb099401eae0c86d9388a6faadbbc27b2ac9477aeef643e5de4eec3f9", + "zh:d5f960f58aff06fc58e244fea6e665800384cacb8cd64a556f8e145b98650372", + "zh:e31ffcfd560132ffbff2f574928ba392e663202a750750ed39a8950031b75623", + "zh:ebd9061b92a772144564f35a63d5a08cb45e14a9d39294fda185f2e0de9c8e28", ] } diff --git a/terraform/20-app/versions.tf b/terraform/20-app/versions.tf index 7cdae051..de5d1d6c 100644 --- a/terraform/20-app/versions.tf +++ b/terraform/20-app/versions.tf @@ -2,7 +2,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "5.46.0" + version = "5.47.0" } random = { source = "hashicorp/random" From 05d07e43b1326d6e80b11ced02509f7340453873 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Apr 2024 05:26:58 +0000 Subject: [PATCH 24/31] Bump terraform-aws-modules/vpc/aws in /terraform/20-app Bumps [terraform-aws-modules/vpc/aws](https://github.com/terraform-aws-modules/terraform-aws-vpc) from 5.7.1 to 5.8.1. - [Release notes](https://github.com/terraform-aws-modules/terraform-aws-vpc/releases) - [Changelog](https://github.com/terraform-aws-modules/terraform-aws-vpc/blob/master/CHANGELOG.md) - [Commits](https://github.com/terraform-aws-modules/terraform-aws-vpc/compare/v5.7.1...v5.8.1) --- updated-dependencies: - dependency-name: terraform-aws-modules/vpc/aws dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- terraform/20-app/vpc.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/20-app/vpc.tf b/terraform/20-app/vpc.tf index 98ef9360..40555519 100644 --- a/terraform/20-app/vpc.tf +++ b/terraform/20-app/vpc.tf @@ -1,6 +1,6 @@ module "vpc" { source = "terraform-aws-modules/vpc/aws" - version = "5.7.1" + version = "5.8.1" name = "${local.prefix}-main" cidr = "10.0.0.0/16" From 748e61a663b98cdda5e1299076b86770a2195cf5 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Tue, 30 Apr 2024 16:23:15 +0100 Subject: [PATCH 25/31] Prefix all target group name tags to force fresh deployments --- terraform/20-app/alb.cms-admin.tf | 6 +++--- terraform/20-app/alb.feature-flags.tf | 6 +++--- terraform/20-app/alb.feedback_api.tf | 6 +++--- terraform/20-app/alb.front-end.tf | 6 +++--- terraform/20-app/alb.private_api.tf | 6 +++--- terraform/20-app/alb.public_api.tf | 6 +++--- terraform/20-app/ecs.service.cms-admin.tf | 2 +- terraform/20-app/ecs.service.feature-flags.tf | 2 +- terraform/20-app/ecs.service.feedback-api.tf | 2 +- terraform/20-app/ecs.service.front-end.tf | 2 +- terraform/20-app/ecs.service.private-api.tf | 2 +- terraform/20-app/ecs.service.public-api.tf | 2 +- 12 files changed, 24 insertions(+), 24 deletions(-) diff --git a/terraform/20-app/alb.cms-admin.tf b/terraform/20-app/alb.cms-admin.tf index 9d9794cb..aba2ffd8 100644 --- a/terraform/20-app/alb.cms-admin.tf +++ b/terraform/20-app/alb.cms-admin.tf @@ -19,8 +19,8 @@ module "cms_admin_alb" { } target_groups = { - "${local.prefix}-cms-admin" = { - name = "${local.prefix}-cms-admin" + "${local.prefix}-cms-admin-tg" = { + name = "${local.prefix}-cms-admin-tg" backend_protocol = "HTTP" backend_port = 80 target_type = "ip" @@ -48,7 +48,7 @@ module "cms_admin_alb" { target_group_index = 0 ssl_policy = local.alb_security_policy forward = { - target_group_key = "${local.prefix}-cms-admin" + target_group_key = "${local.prefix}-cms-admin-tg" } } } diff --git a/terraform/20-app/alb.feature-flags.tf b/terraform/20-app/alb.feature-flags.tf index c47c76bd..d0009539 100644 --- a/terraform/20-app/alb.feature-flags.tf +++ b/terraform/20-app/alb.feature-flags.tf @@ -19,8 +19,8 @@ module "feature_flags_alb" { } target_groups = { - "${local.prefix}-feature-flags" = { - name = "${local.prefix}-feature-flags" + "${local.prefix}-feature-flags-tg" = { + name = "${local.prefix}-feature-flags-tg" backend_protocol = "HTTP" backend_port = 4242 target_type = "ip" @@ -47,7 +47,7 @@ module "feature_flags_alb" { certificate_arn = local.certificate_arn ssl_policy = local.alb_security_policy forward = { - target_group_key = "${local.prefix}-feature-flags" + target_group_key = "${local.prefix}-feature-flags-tg" } } } diff --git a/terraform/20-app/alb.feedback_api.tf b/terraform/20-app/alb.feedback_api.tf index 59a53052..0e81509b 100644 --- a/terraform/20-app/alb.feedback_api.tf +++ b/terraform/20-app/alb.feedback_api.tf @@ -19,8 +19,8 @@ module "feedback_api_alb" { } target_groups = { - "${local.prefix}-feedback-api" = { - name = "${local.prefix}-feedback-api" + "${local.prefix}-feedback-api-tg" = { + name = "${local.prefix}-feedback-api-tg" backend_protocol = "HTTP" backend_port = 80 target_type = "ip" @@ -47,7 +47,7 @@ module "feedback_api_alb" { certificate_arn = local.certificate_arn ssl_policy = local.alb_security_policy forward = { - target_group_key = "${local.prefix}-feedback-api" + target_group_key = "${local.prefix}-feedback-api-tg" } rules = { enforce-api-key = { diff --git a/terraform/20-app/alb.front-end.tf b/terraform/20-app/alb.front-end.tf index 622bda61..407a9851 100644 --- a/terraform/20-app/alb.front-end.tf +++ b/terraform/20-app/alb.front-end.tf @@ -19,8 +19,8 @@ module "front_end_alb" { } target_groups = { - "${local.prefix}-front-end" = { - name = "${local.prefix}-front-end" + "${local.prefix}-front-end-tg" = { + name = "${local.prefix}-front-end-tg" backend_protocol = "HTTP" backend_port = 3000 target_type = "ip" @@ -58,7 +58,7 @@ module "front_end_alb" { actions = [ { type = "forward" - target_group_key = "${local.prefix}-front-end" + target_group_key = "${local.prefix}-front-end-tg" } ] conditions = [ diff --git a/terraform/20-app/alb.private_api.tf b/terraform/20-app/alb.private_api.tf index be1bf79b..7eaf0d45 100644 --- a/terraform/20-app/alb.private_api.tf +++ b/terraform/20-app/alb.private_api.tf @@ -19,8 +19,8 @@ module "private_api_alb" { } target_groups = { - "${local.prefix}-private-api" = { - name = "${local.prefix}-private-api" + "${local.prefix}-private-api-tg" = { + name = "${local.prefix}-private-api-tg" backend_protocol = "HTTP" backend_port = 80 target_type = "ip" @@ -60,7 +60,7 @@ module "private_api_alb" { actions = [ { type = "forward" - target_group_key = "${local.prefix}-private-api" + target_group_key = "${local.prefix}-private-api-tg" } ] conditions = [ diff --git a/terraform/20-app/alb.public_api.tf b/terraform/20-app/alb.public_api.tf index ff35e6cd..d6e6328b 100644 --- a/terraform/20-app/alb.public_api.tf +++ b/terraform/20-app/alb.public_api.tf @@ -19,8 +19,8 @@ module "public_api_alb" { } target_groups = { - "${local.prefix}-public-api" = { - name = "${local.prefix}-public-api" + "${local.prefix}-public-api-tg" = { + name = "${local.prefix}-public-api-tg" backend_protocol = "HTTP" backend_port = 80 target_type = "ip" @@ -58,7 +58,7 @@ module "public_api_alb" { actions = [ { type = "forward" - target_group_key = "${local.prefix}-public-api" + target_group_key = "${local.prefix}-public-api-tg" } ] conditions = [ diff --git a/terraform/20-app/ecs.service.cms-admin.tf b/terraform/20-app/ecs.service.cms-admin.tf index 968bf83d..150976b7 100644 --- a/terraform/20-app/ecs.service.cms-admin.tf +++ b/terraform/20-app/ecs.service.cms-admin.tf @@ -74,7 +74,7 @@ module "ecs_service_cms_admin" { load_balancer = { service = { - target_group_arn = module.cms_admin_alb.target_groups["${local.prefix}-cms-admin"].arn + target_group_arn = module.cms_admin_alb.target_groups["${local.prefix}-cms-admin-tg"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.feature-flags.tf b/terraform/20-app/ecs.service.feature-flags.tf index 16877f73..14c85233 100644 --- a/terraform/20-app/ecs.service.feature-flags.tf +++ b/terraform/20-app/ecs.service.feature-flags.tf @@ -83,7 +83,7 @@ module "ecs_service_feature_flags" { load_balancer = { service = { - target_group_arn = module.feature_flags_alb.target_groups["${local.prefix}-feature-flags"].arn + target_group_arn = module.feature_flags_alb.target_groups["${local.prefix}-feature-flags-tg"].arn container_name = "api" container_port = 4242 } diff --git a/terraform/20-app/ecs.service.feedback-api.tf b/terraform/20-app/ecs.service.feedback-api.tf index 60f32a49..0ddcf801 100644 --- a/terraform/20-app/ecs.service.feedback-api.tf +++ b/terraform/20-app/ecs.service.feedback-api.tf @@ -70,7 +70,7 @@ module "ecs_service_feedback_api" { load_balancer = { service = { - target_group_arn = module.feedback_api_alb.target_groups["${local.prefix}-feedback-api"].arn + target_group_arn = module.feedback_api_alb.target_groups["${local.prefix}-feedback-api-tg"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.front-end.tf b/terraform/20-app/ecs.service.front-end.tf index ab9688bc..5637e7d8 100644 --- a/terraform/20-app/ecs.service.front-end.tf +++ b/terraform/20-app/ecs.service.front-end.tf @@ -70,7 +70,7 @@ module "ecs_service_front_end" { load_balancer = { service = { - target_group_arn = module.front_end_alb.target_groups["${local.prefix}-front-end"].arn + target_group_arn = module.front_end_alb.target_groups["${local.prefix}-front-end-tg"].arn container_name = "front-end" container_port = 3000 } diff --git a/terraform/20-app/ecs.service.private-api.tf b/terraform/20-app/ecs.service.private-api.tf index d617400f..7224ff0d 100644 --- a/terraform/20-app/ecs.service.private-api.tf +++ b/terraform/20-app/ecs.service.private-api.tf @@ -82,7 +82,7 @@ module "ecs_service_private_api" { load_balancer = { service = { - target_group_arn = module.private_api_alb.target_groups["${local.prefix}-private-api"].arn + target_group_arn = module.private_api_alb.target_groups["${local.prefix}-private-api-tg"].arn container_name = "api" container_port = 80 } diff --git a/terraform/20-app/ecs.service.public-api.tf b/terraform/20-app/ecs.service.public-api.tf index a54d7564..0b6bcffa 100644 --- a/terraform/20-app/ecs.service.public-api.tf +++ b/terraform/20-app/ecs.service.public-api.tf @@ -78,7 +78,7 @@ module "ecs_service_public_api" { load_balancer = { service = { - target_group_arn = module.public_api_alb.target_groups["${local.prefix}-public-api"].arn + target_group_arn = module.public_api_alb.target_groups["${local.prefix}-public-api-tg"].arn container_name = "api" container_port = 80 } From 3e18e279a106a81bb055f0dc895871ff2eb3b628 Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Tue, 30 Apr 2024 17:30:29 +0100 Subject: [PATCH 26/31] Drop node from feature flags db cluster --- terraform/20-app/aurora-db.feature-flags.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/terraform/20-app/aurora-db.feature-flags.tf b/terraform/20-app/aurora-db.feature-flags.tf index e7dbd89f..7447bb9d 100644 --- a/terraform/20-app/aurora-db.feature-flags.tf +++ b/terraform/20-app/aurora-db.feature-flags.tf @@ -25,7 +25,6 @@ module "aurora_db_feature_flags" { } instances = { 1 = {} - 2 = {} } vpc_id = module.vpc.vpc_id From 2466493f820f5bf46172a89b99066cb89e54b5f5 Mon Sep 17 00:00:00 2001 From: rhys-burendo <126494410+rhys-burendo@users.noreply.github.com> Date: Wed, 1 May 2024 09:09:07 +0100 Subject: [PATCH 27/31] Update Rhys' IP --- terraform/20-app/ip-allow-lists.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/20-app/ip-allow-lists.tf b/terraform/20-app/ip-allow-lists.tf index e32e002a..f01e383b 100644 --- a/terraform/20-app/ip-allow-lists.tf +++ b/terraform/20-app/ip-allow-lists.tf @@ -8,7 +8,7 @@ locals { "78.147.110.81/32", # Kev 2 "31.94.59.185/32", # Kev's phone "188.220.4.44/32", # Phil - "94.192.143.49/32", # Rhys + "94.0.1.168/32", # Rhys "82.23.201.161/32", # Tom "35.176.13.254/32", # UKHSA test EC2 "35.176.178.91/32", # UKHSA test EC2 From 2e3e1cf4e9b664ce75130da47ba208e861465a6c Mon Sep 17 00:00:00 2001 From: A-Ashiq Date: Wed, 1 May 2024 14:31:49 +0100 Subject: [PATCH 28/31] Enforce header key on feedback API load balancers --- terraform/20-app/alb.feedback_api.tf | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/terraform/20-app/alb.feedback_api.tf b/terraform/20-app/alb.feedback_api.tf index 0e81509b..eb5a1ffd 100644 --- a/terraform/20-app/alb.feedback_api.tf +++ b/terraform/20-app/alb.feedback_api.tf @@ -46,8 +46,12 @@ module "feedback_api_alb" { protocol = "HTTPS" certificate_arn = local.certificate_arn ssl_policy = local.alb_security_policy - forward = { - target_group_key = "${local.prefix}-feedback-api-tg" + fixed_response = { + content_type = "application/json" + message_body = jsonencode({ + message = "Authentication credentials were not provided." + }) + status_code = "401" } rules = { enforce-api-key = { @@ -55,12 +59,8 @@ module "feedback_api_alb" { priority = 1 actions = [ { - type = "fixed-response" - content_type = "application/json" - message_body = jsonencode({ - message = "Authentication credentials were not provided." - }) - status_code = "401" + type = "forward" + target_group_key = "${local.prefix}-feedback-api-tg" } ] conditions = [ From 28be3caedf9812cf1a6de10bf98016384cdc34ba Mon Sep 17 00:00:00 2001 From: 8lane Date: Thu, 2 May 2024 10:07:53 +0100 Subject: [PATCH 29/31] chore: update tom ip --- terraform/20-app/ip-allow-lists.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/20-app/ip-allow-lists.tf b/terraform/20-app/ip-allow-lists.tf index f01e383b..3cee4189 100644 --- a/terraform/20-app/ip-allow-lists.tf +++ b/terraform/20-app/ip-allow-lists.tf @@ -8,8 +8,8 @@ locals { "78.147.110.81/32", # Kev 2 "31.94.59.185/32", # Kev's phone "188.220.4.44/32", # Phil - "94.0.1.168/32", # Rhys - "82.23.201.161/32", # Tom + "94.0.1.168/32", # Rhys + "86.6.247.91/32", # Tom "35.176.13.254/32", # UKHSA test EC2 "35.176.178.91/32", # UKHSA test EC2 "35.179.30.107/32", # UKHSA test EC2 From 844cf1204178bf038f7baafeed930463fd26c774 Mon Sep 17 00:00:00 2001 From: 8lane Date: Thu, 2 May 2024 12:37:01 +0100 Subject: [PATCH 30/31] chore: add unleash api url to fe env vars --- terraform/20-app/ecs.service.front-end.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/terraform/20-app/ecs.service.front-end.tf b/terraform/20-app/ecs.service.front-end.tf index 5637e7d8..6144ed3b 100644 --- a/terraform/20-app/ecs.service.front-end.tf +++ b/terraform/20-app/ecs.service.front-end.tf @@ -42,6 +42,10 @@ module "ecs_service_front_end" { name = "API_URL" value = local.urls.private_api }, + { + name = "UNLEASH_URL" + value = local.urls.feature_flags + }, { name = "FEEDBACK_API_URL" value = local.urls.feedback_api From 092255582b3a04c533e9e4aab20b4ab15359dcc1 Mon Sep 17 00:00:00 2001 From: 8lane Date: Thu, 2 May 2024 14:27:47 +0100 Subject: [PATCH 31/31] chore: rename unleash env vars --- terraform/20-app/ecs.service.front-end.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/terraform/20-app/ecs.service.front-end.tf b/terraform/20-app/ecs.service.front-end.tf index 6144ed3b..bd4ab35e 100644 --- a/terraform/20-app/ecs.service.front-end.tf +++ b/terraform/20-app/ecs.service.front-end.tf @@ -43,8 +43,8 @@ module "ecs_service_front_end" { value = local.urls.private_api }, { - name = "UNLEASH_URL" - value = local.urls.feature_flags + name = "UNLEASH_SERVER_API_URL" + value = "${local.urls.feature_flags}/api" }, { name = "FEEDBACK_API_URL" @@ -65,7 +65,7 @@ module "ecs_service_front_end" { valueFrom = "${aws_secretsmanager_secret.google_analytics_credentials.arn}:google_tag_manager_id::" }, { - name = "FEATURE_FLAGS_API_KEY", + name = "UNLEASH_SERVER_API_TOKEN", valueFrom = "${aws_secretsmanager_secret.feature_flags_api_keys.arn}:client_api_key::" } ]