Skip to content

Commit

Permalink
preprod-database-changes
Browse files Browse the repository at this point in the history
  • Loading branch information
@crvgilbertson @matt-heery
crvgilbertson authored and matt-heery committed Apr 5, 2024
1 parent 8f0eeaa commit 2cbd316
Showing 1 changed file with 33 additions and 19 deletions.
52 changes: 33 additions & 19 deletions terraform/environments/nomis-combined-reporting/locals_preproduction.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,12 +20,12 @@ locals {
}
}
baseline_secretsmanager_secrets = {
"/oracle/database/PREPRODBIPSYS" = local.database_secretsmanager_secrets
"/oracle/database/PREPRODBIPAUD" = local.database_secretsmanager_secrets
"/oracle/database/PPBIPSYS" = local.database_secretsmanager_secrets
"/oracle/database/PPBIPAUD" = local.database_secretsmanager_secrets
}

baseline_iam_policies = {
Ec2PREPRODDatabasePolicy = {
Ec2PPDatabasePolicy = {
description = "Permissions required for PREPROD Database EC2s"
statements = [
{
Expand All @@ -44,8 +44,8 @@ locals {
"secretsmanager:PutSecretValue",
]
resources = [
"arn:aws:secretsmanager:*:*:secret:/oracle/database/*PREPROD/*",
"arn:aws:secretsmanager:*:*:secret:/oracle/database/PREPROD*/*",
"arn:aws:secretsmanager:*:*:secret:/oracle/database/*PP/*",
"arn:aws:secretsmanager:*:*:secret:/oracle/database/PP*/*",
]
}
]
Expand Down Expand Up @@ -75,8 +75,8 @@ locals {
}
]
}
Ec2PREPRODReportingPolicy = {
description = "Permissions required for PREPROD reporting EC2s"
Ec2PPReportingPolicy = {
description = "Permissions required for PP reporting EC2s"
statements = [
{
effect = "Allow"
Expand All @@ -85,8 +85,8 @@ locals {
"secretsmanager:PutSecretValue",
]
resources = [
"arn:aws:secretsmanager:*:*:secret:/ec2/ncr-bip-cms/PREPROD/*",
"arn:aws:secretsmanager:*:*:secret:/ec2/ncr-tomcat-admin/PREPROD/*",
"arn:aws:secretsmanager:*:*:secret:/ec2/ncr-bip-cms/PP/*",
"arn:aws:secretsmanager:*:*:secret:/ec2/ncr-tomcat-admin/PP/*",
]
}
]
Expand Down Expand Up @@ -116,7 +116,7 @@ locals {
# cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms
# config = merge(local.bip_cms_ec2_default.config, {
# instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -132,7 +132,7 @@ locals {
# cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms
# config = merge(local.bip_cms_ec2_default.config, {
# instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -148,7 +148,7 @@ locals {
# cloudwatch_metric_alarms = local.bip_cms_cloudwatch_metric_alarms
# config = merge(local.bip_cms_ec2_default.config, {
# instance_profile_policies = concat(local.bip_cms_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -164,7 +164,7 @@ locals {
# cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms
# config = merge(local.tomcat_admin_ec2_default.config, {
# instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -179,7 +179,7 @@ locals {
# cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms
# config = merge(local.tomcat_admin_ec2_default.config, {
# instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -194,7 +194,7 @@ locals {
# cloudwatch_metric_alarms = local.tomcat_admin_cloudwatch_metric_alarms
# config = merge(local.tomcat_admin_ec2_default.config, {
# instance_profile_policies = concat(local.tomcat_admin_ec2_default.config.instance_profile_policies, [
# "Ec2PREPRODReportingPolicy",
# "Ec2PPReportingPolicy",
# ])
# })
# instance = merge(local.bip_cms_ec2_default.instance, {
Expand All @@ -205,21 +205,35 @@ locals {
# nomis-combined-reporting-environment = "preprod"
# })
# })
preprod-ncr-db-1-a = merge(local.database_ec2_default, {
pp-ncr-db-1-a = merge(local.database_ec2_default, {
cloudwatch_metric_alarms = merge(
local.database_cloudwatch_metric_alarms.standard,
local.database_cloudwatch_metric_alarms.db_connected,
local.database_cloudwatch_metric_alarms.db_backup,
)
config = merge(local.database_ec2_default.config, {
instance_profile_policies = concat(local.database_ec2_default.config.instance_profile_policies, [
"Ec2PREPRODDatabasePolicy",
"Ec2PPDatabasePolicy",
])
})
ebs_volume_config = {
data = {
iops = 3000 # min 3000
type = "gp3"
throughput = 125
total_size = 500
}
flash = {
iops = 3000 # min 3000
type = "gp3"
throughput = 125
total_size = 200
}
}
tags = merge(local.database_ec2_default.tags, {
description = "PREPROD NCR DATABASE"
nomis-combined-reporting-environment = "preprod"
oracle-sids = "PREPRODBIPSYS PREPRODBIPAUD"
nomis-combined-reporting-environment = "pp"
oracle-sids = "PPBIPSYS PPBIPAUD"
instance-scheduling = "skip-scheduling"
})
})
Expand Down

0 comments on commit 2cbd316

Please sign in to comment.