diff --git a/terraform/environments/oasys/locals_preproduction.tf b/terraform/environments/oasys/locals_preproduction.tf index ae5200e12d2..7bd42ea9d05 100644 --- a/terraform/environments/oasys/locals_preproduction.tf +++ b/terraform/environments/oasys/locals_preproduction.tf @@ -19,6 +19,9 @@ locals { "/oracle/database/PPONRAUD" = local.secretsmanager_secrets_db "/oracle/database/PPONRBDS" = local.secretsmanager_secrets_db "/oracle/bip/preprod" = local.secretsmanager_secrets_bip + + # for azure, remove when migrated to aws db + "/oracle/database/OASPROD" = local.secretsmanager_secrets_oasys_db } baseline_iam_policies = { @@ -104,9 +107,14 @@ locals { # ssm_parameters_prefix = "ec2-web-pp/" # iam_resource_names_prefix = "ec2-web-pp" # }) + # user_data_cloud_init = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags, { + # args = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags.args, { + # branch = "oasys-ords-secrets" + # }) + # }) # tags = merge(local.webserver_a.tags, { - # oracle-db-hostname = "db.t2.oasys.hmpps-test.modernisation-platform.internal"################################### - # oracle-db-sid = "T2OASYS" # for each env using azure DB will need to be OASPROD############################################## + # oracle-db-hostname = "PPODL00009.azure.noms.root" # "db.pp.oasys.hmpps-preproduction.modernisation-platform.internal" + # oracle-db-sid = "OASPROD" # "PPOASYS" # }) # }) } @@ -140,6 +148,7 @@ locals { public = { internal_lb = false access_logs = false + s3_versioning = false force_destroy_bucket = true enable_delete_protection = false existing_target_groups = { @@ -208,8 +217,8 @@ locals { } private = { internal_lb = true - access_logs = false - # s3_versioning = false + access_logs = true + s3_versioning = false force_destroy_bucket = true enable_delete_protection = false existing_target_groups = {} diff --git a/terraform/modules/baseline/lb.tf b/terraform/modules/baseline/lb.tf index 955f878629a..33f6c03608d 100644 --- a/terraform/modules/baseline/lb.tf +++ b/terraform/modules/baseline/lb.tf @@ -127,6 +127,7 @@ module "lb" { access_logs = each.value.access_logs enable_cross_zone_load_balancing = each.value.enable_cross_zone_load_balancing dns_record_client_routing_policy = each.value.dns_record_client_routing_policy + s3_versioning = each.value.s3_versioning existing_bucket_name = try(module.s3_bucket[each.value.existing_bucket_name].bucket.id, each.value.existing_bucket_name) diff --git a/terraform/modules/baseline/variables.tf b/terraform/modules/baseline/variables.tf index 12000215c3c..e2bdf30e26d 100644 --- a/terraform/modules/baseline/variables.tf +++ b/terraform/modules/baseline/variables.tf @@ -577,6 +577,7 @@ variable "lbs" { existing_bucket_name = optional(string, "") # NOTE: module default value is empty string "" enable_cross_zone_load_balancing = optional(bool, false) # network and gateway lb types only, application lb's this is always true dns_record_client_routing_policy = optional(string, "any_availability_zone") # network load-balancer types only + s3_versioning = optional(bool, true) instance_target_groups = optional(map(object({ port = optional(number) protocol = optional(string)