jsonencoding

ministryofjustice · Jun 14, 2024 · 21811c8 · 21811c8
1 parent 35734eb
commit 21811c8
Showing 1 changed file with 137 additions and 139 deletions.
diff --git a/terraform/environments/electronic-monitoring-data/step_functions_main.tf b/terraform/environments/electronic-monitoring-data/step_functions_main.tf
@@ -2,75 +2,75 @@ resource "aws_sfn_state_machine" "athena_layer" {
   name     = "athena-layer"
   role_arn = aws_iam_role.step_functions_role.arn
 
-  definition = <<EOF
-{
-  "StartAt": "GetMetadataList",
-  "States": {
-    "GetMetadataList": {
-      "Type": "Task",
-      "Resource": "${module.get_metadata_from_rds_lambda.lambda_function_arn}",
-      "ResultPath": "$.metadata_list",
-      "Next": "LoopThroughMetadataList"
-    },
-    "LoopThroughMetadataList": {
-      "Type": "Map",
-      "ItemsPath": "$.metadata_list.metadata_list",
-      "MaxConcurrency": 4,
-      "Iterator": {
-        "StartAt": "CreateAthenaTable",
-        "States": {
-          "CreateAthenaTable": {
-            "Type": "Task",
-            "Resource": "${module.create_athena_table.lambda_function_arn}",
-            "ResultPath": "$.result",
-            "End": true
-          }
+  definition = jsonencode(
+    {
+      "StartAt": "GetMetadataList",
+      "States": {
+        "GetMetadataList": {
+          "Type": "Task",
+          "Resource": "${module.get_metadata_from_rds_lambda.lambda_function_arn}",
+          "ResultPath": "$.metadata_list",
+          "Next": "LoopThroughMetadataList"
+        },
+        "LoopThroughMetadataList": {
+          "Type": "Map",
+          "ItemsPath": "$.metadata_list.metadata_list",
+          "MaxConcurrency": 4,
+          "Iterator": {
+            "StartAt": "CreateAthenaTable",
+            "States": {
+              "CreateAthenaTable": {
+                "Type": "Task",
+                "Resource": "${module.create_athena_table.lambda_function_arn}",
+                "ResultPath": "$.result",
+                "End": true
+              }
+            }
+          },
+          "End": true
         }
-      },
-      "End": true
+      }
     }
-  }
-}
-EOF
+)
 
 }
 
 resource "aws_kms_key" "athena_layer_step_functions_log_key" {
   description = "KMS key for encrypting Step Functions logs for athena_layer"
   enable_key_rotation = true
 
-  policy = <<EOF
-{
-  "Id": "key-default",
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Sid": "Enable IAM User Permissions",
-      "Effect": "Allow",
-      "Principal": {
-        "AWS": "arn:aws:iam::${local.env_account_id}:root"
-      },
-      "Action": "kms:*",
-      "Resource": "*"
-    },
+  policy = jsonencode(
     {
-      "Sid": "Enable log service Permissions",
-      "Effect": "Allow",
-      "Principal": {
-        "Service": "logs.eu-west-2.amazonaws.com"
-      },
-      "Action": [
-        "kms:Encrypt*",
-        "kms:Decrypt*",
-        "kms:ReEncrypt*",
-        "kms:GenerateDataKey*",
-        "kms:Describe*"
-      ],
-      "Resource": "*"
+      "Id": "key-default",
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Sid": "Enable IAM User Permissions",
+          "Effect": "Allow",
+          "Principal": {
+            "AWS": "arn:aws:iam::${local.env_account_id}:root"
+          },
+          "Action": "kms:*",
+          "Resource": "*"
+        },
+        {
+          "Sid": "Enable log service Permissions",
+          "Effect": "Allow",
+          "Principal": {
+            "Service": "logs.eu-west-2.amazonaws.com"
+          },
+          "Action": [
+            "kms:Encrypt*",
+            "kms:Decrypt*",
+            "kms:ReEncrypt*",
+            "kms:GenerateDataKey*",
+            "kms:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
     }
-  ]
-}
-EOF
+)
 }
 
 resource "aws_cloudwatch_log_group" "athena_layer" {
@@ -86,106 +86,104 @@ resource "aws_sfn_state_machine" "send_database_to_ap" {
   name     = "send_database_to_ap_layer"
   role_arn = aws_iam_role.send_database_to_ap.arn
 
-  definition = <<EOF
-{
-  "StartAt": "GetValidatedTableList",
-  "States": {
-      "GetValidatedTableList": {
-      "Type": "Task",
-      "Resource": "arn:aws:states:::athena:startQueryExecution.sync",
-      "Parameters": {
-        "QueryString.$": "States.Format('SELECT full_table_name FROM \"dms_data_validation\".\"glue_df_output\" WHERE validation_msg like \"%Validated%\" and database_name = \"{}\"', $.db_name)",
-        "WorkGroup": "primary"
+  definition = jsonencode(
+    {
+      "StartAt": "GetValidatedTableList",
+      "States": {
+          "GetValidatedTableList": {
+          "Type": "Task",
+          "Resource": "arn:aws:states:::athena:startQueryExecution.sync",
+          "Parameters": {
+            "QueryString.$": "States.Format('SELECT full_table_name FROM \"dms_data_validation\".\"glue_df_output\" WHERE validation_msg like \"%Validated%\" and database_name = \"{}\"', $.db_name)",
+            "WorkGroup": "primary"
+            },
+          "ResultPath": "$.queryResult",
+          "Next": "GetQueryResults"
+          }
         },
-      "ResultPath": "$.queryResult",
-      "Next": "GetQueryResults"
-      }
-    },
-    "GetQueryResults": {
-      "Type": "Task",
-      "Resource": "arn:aws:states:::athena:getQueryResults",
-      "Parameters": {
-        "QueryExecutionId.$": "$.queryResult.QueryExecutionId"
-      },
-      "ResultPath": "$.queryOutput",
-      "Next": "LoopThroughTables"
-    },
-    "LoopThroughTables": {
-      "Type": "Map",
-      "ItemsPath": "$.queryOutput.ResultSet.Rows",
-      "MaxConcurrency": 4,
-      "Iterator": {
-        "StartAt": "GetTableFileNames",
-        "States": {
-          "GetTableFileNames": {
-            "Type": "Task",
-            "Resource": "${module.get_file_keys_for_table.lambda_function_arn}",
-            "ResultPath": "$.result",
-            "Next": "LoopThroughFileKeys"
+        "GetQueryResults": {
+          "Type": "Task",
+          "Resource": "arn:aws:states:::athena:getQueryResults",
+          "Parameters": {
+            "QueryExecutionId.$": "$.queryResult.QueryExecutionId"
           },
-          "LoopThroughFileKeys": {
+          "ResultPath": "$.queryOutput",
+          "Next": "LoopThroughTables"
+        },
+        "LoopThroughTables": {
           "Type": "Map",
-          "ItemsPath": "$.result",
+          "ItemsPath": "$.queryOutput.ResultSet.Rows",
           "MaxConcurrency": 4,
           "Iterator": {
-            "StartAt": "SendTableToAp",
+            "StartAt": "GetTableFileNames",
             "States": {
-              "SendTableToAp": {
+              "GetTableFileNames": {
                 "Type": "Task",
-                "Resource": "${module.send_table_to_ap.lambda_function_arn}",
-                "ResultPath": "$.final_result",
+                "Resource": "${module.get_file_keys_for_table.lambda_function_arn}",
+                "ResultPath": "$.result",
+                "Next": "LoopThroughFileKeys"
+              },
+              "LoopThroughFileKeys": {
+              "Type": "Map",
+              "ItemsPath": "$.result",
+              "MaxConcurrency": 4,
+              "Iterator": {
+                "StartAt": "SendTableToAp",
+                "States": {
+                  "SendTableToAp": {
+                    "Type": "Task",
+                    "Resource": "${module.send_table_to_ap.lambda_function_arn}",
+                    "ResultPath": "$.final_result",
+                    "End": true
+                    }
+                  }
+                },
                 "End": true
-                }
               }
-            },
-            "End": true
-          }
+            }
+          },
+        "End": true
         }
-      },
-    "End": true
     }
-  }
-}
-EOF
-
+  )
 }
 
 resource "aws_kms_key" "send_database_to_ap_step_functions_log_key" {
   description = "KMS key for encrypting Step Functions logs for send_database_to_ap"
   enable_key_rotation = true
 
-  policy = <<EOF
-{
-  "Id": "key-default",
-  "Version": "2012-10-17",
-  "Statement": [
+  policy = jsonencode(
     {
-      "Sid": "Enable IAM User Permissions",
-      "Effect": "Allow",
-      "Principal": {
-        "AWS": "arn:aws:iam::${local.env_account_id}:root"
-      },
-      "Action": "kms:*",
-      "Resource": "*"
-    },
-    {
-      "Sid": "Enable log service Permissions",
-      "Effect": "Allow",
-      "Principal": {
-        "Service": "logs.eu-west-2.amazonaws.com"
-      },
-      "Action": [
-        "kms:Encrypt*",
-        "kms:Decrypt*",
-        "kms:ReEncrypt*",
-        "kms:GenerateDataKey*",
-        "kms:Describe*"
-      ],
-      "Resource": "*"
+      "Id": "key-default",
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Sid": "Enable IAM User Permissions",
+          "Effect": "Allow",
+          "Principal": {
+            "AWS": "arn:aws:iam::${local.env_account_id}:root"
+          },
+          "Action": "kms:*",
+          "Resource": "*"
+        },
+        {
+          "Sid": "Enable log service Permissions",
+          "Effect": "Allow",
+          "Principal": {
+            "Service": "logs.eu-west-2.amazonaws.com"
+          },
+          "Action": [
+            "kms:Encrypt*",
+            "kms:Decrypt*",
+            "kms:ReEncrypt*",
+            "kms:GenerateDataKey*",
+            "kms:Describe*"
+          ],
+          "Resource": "*"
+        }
+      ]
     }
-  ]
-}
-EOF
+)
 }
 
 resource "aws_cloudwatch_log_group" "send_database_to_ap" {