diff --git a/terraform/environments/apex/modules/codebuild/main.tf b/terraform/environments/apex/modules/codebuild/main.tf index 8339a67a2a0..093925db76a 100644 --- a/terraform/environments/apex/modules/codebuild/main.tf +++ b/terraform/environments/apex/modules/codebuild/main.tf @@ -117,8 +117,8 @@ data "template_file" "s3_resource_bucket_policy" { template = file("${path.module}/s3_bucket_policy.json.tpl") vars = { - account_id = var.account_id, - s3_resource_name = aws_s3_bucket.codebuild_resources.id, + account_id = var.account_id, + s3_resource_name = aws_s3_bucket.codebuild_resources.id, codebuild_role_name = aws_iam_role.codebuild_s3.id } } diff --git a/terraform/environments/corporate-staff-rostering/locals_preproduction.tf b/terraform/environments/corporate-staff-rostering/locals_preproduction.tf index ce68db01826..e6a60c11c6f 100644 --- a/terraform/environments/corporate-staff-rostering/locals_preproduction.tf +++ b/terraform/environments/corporate-staff-rostering/locals_preproduction.tf @@ -22,7 +22,7 @@ locals { monitoring = true vpc_security_group_ids = ["data-db"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) @@ -75,11 +75,11 @@ locals { } tags = { - description = "PP CSR DB server" - ami = "base_ol_8_5" - os-type = "Linux" - component = "test" - server-type = "csr-db" + description = "PP CSR DB server" + ami = "base_ol_8_5" + os-type = "Linux" + component = "test" + server-type = "csr-db" } } @@ -96,7 +96,7 @@ locals { monitoring = true vpc_security_group_ids = ["domain", "app", "jumpserver"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) @@ -131,7 +131,7 @@ locals { monitoring = true vpc_security_group_ids = ["migration-web-sg", "domain-controller"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) @@ -160,7 +160,7 @@ locals { monitoring = true vpc_security_group_ids = ["migration-web-sg", "domain-controller"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) @@ -189,7 +189,7 @@ locals { monitoring = true vpc_security_group_ids = ["migration-web-sg", "domain-controller"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) @@ -220,7 +220,7 @@ locals { monitoring = true vpc_security_group_ids = ["domain", "web", "jumpserver"] tags = { - backup-plan = "daily-and-weekly" + backup-plan = "daily-and-weekly" instance-scheduling = "skip-scheduling" } }) diff --git a/terraform/environments/data-platform/cloudtrail.tf b/terraform/environments/data-platform/cloudtrail.tf index ce68983fb81..03dd932dae0 100644 --- a/terraform/environments/data-platform/cloudtrail.tf +++ b/terraform/environments/data-platform/cloudtrail.tf @@ -1,14 +1,14 @@ # a cloudtrail trail to save log files for putObject S3 events in the landing and data # buckets resource "aws_cloudtrail" "data_s3_put_objects" { - name = "data_platform_s3_putobject_trail_${local.environment}" - s3_bucket_name = module.logs_s3_bucket.bucket.id + name = "data_platform_s3_putobject_trail_${local.environment}" + s3_bucket_name = module.logs_s3_bucket.bucket.id # this is needed if monitoring services without a specific region. Don't need for s3 include_global_service_events = false # enabling this would allow detection of modified log files - enable_log_file_validation = false + enable_log_file_validation = false advanced_event_selector { name = "Log PutObject events for landing and data S3 buckets" diff --git a/terraform/environments/data-platform/data-product-table-schema-json-schema/v1.0.0/moj_data_product_table_spec.json b/terraform/environments/data-platform/data-product-table-schema-json-schema/v1.0.0/moj_data_product_table_spec.json index e0d987c1b1a..2ac5185f277 100644 --- a/terraform/environments/data-platform/data-product-table-schema-json-schema/v1.0.0/moj_data_product_table_spec.json +++ b/terraform/environments/data-platform/data-product-table-schema-json-schema/v1.0.0/moj_data_product_table_spec.json @@ -3,28 +3,21 @@ "title": "Data Product Table Schema", "description": "Specification for MoJ Data Platform Data Product tables schemas for registering tables in the glue catalog", "type": "object", - "required": [ - "tableDescription", - "columns" - ], + "required": ["tableDescription", "columns"], "definitions": { "additional_col_properties": { - "required": [ - "name", - "type", - "description" - ], + "required": ["name", "type", "description"], "properties": { - "name": { - "type": "string", - "description": "The name of a column within your data.", - "pattern": "^[a-z0-9_]+$", - "maxLength": 128 - }, - "description": { - "type": "string", - "description": "A description of the column that will feed the data catalogue." - } + "name": { + "type": "string", + "description": "The name of a column within your data.", + "pattern": "^[a-z0-9_]+$", + "maxLength": 128 + }, + "description": { + "type": "string", + "description": "A description of the column that will feed the data catalogue." + } }, "additionalProperties": true }, diff --git a/terraform/environments/data-platform/glue.tf b/terraform/environments/data-platform/glue.tf index b8d5da47d95..d093fe36e1f 100644 --- a/terraform/environments/data-platform/glue.tf +++ b/terraform/environments/data-platform/glue.tf @@ -1,17 +1,17 @@ # creates database and tables in the glue catalogue for data as a product logs. # Meaning logs are queryable via Athena. resource "aws_glue_catalog_database" "data_product_logs" { - name = "daap_logs" + name = "daap_logs" } resource "aws_glue_catalog_table" "lambdas" { name = "lambdas" database_name = aws_glue_catalog_database.data_product_logs.name - table_type = "EXTERNAL_TABLE" + table_type = "EXTERNAL_TABLE" parameters = { - EXTERNAL = "TRUE" - comment = "table for logs from the python daap lambda functions" + EXTERNAL = "TRUE" + comment = "table for logs from the python daap lambda functions" } @@ -75,9 +75,9 @@ resource "aws_glue_catalog_table" "s3_objects" { table_type = "EXTERNAL_TABLE" parameters = { - EXTERNAL = "TRUE" - classification = "cloudtrail" - comment = "CloudTrail table for logs from the data and landing data buckets" + EXTERNAL = "TRUE" + classification = "cloudtrail" + comment = "CloudTrail table for logs from the data and landing data buckets" } diff --git a/terraform/environments/data-platform/iam.tf b/terraform/environments/data-platform/iam.tf index e9981cb97e0..69210f18620 100644 --- a/terraform/environments/data-platform/iam.tf +++ b/terraform/environments/data-platform/iam.tf @@ -436,7 +436,7 @@ data "aws_iam_policy_document" "logs_s3_bucket_policy_document" { resources = [ "${module.logs_s3_bucket.bucket.arn}/AWSLogs/${data.aws_caller_identity.current.account_id}/*" ] - + condition { test = "StringEquals" variable = "s3:x-amz-acl" @@ -449,7 +449,7 @@ data "aws_iam_policy_document" "logs_s3_bucket_policy_document" { test = "StringEquals" variable = "aws:SourceArn" - values = [aws_cloudtrail.data_s3_put_objects.arn] + values = [aws_cloudtrail.data_s3_put_objects.arn] } } @@ -472,7 +472,7 @@ data "aws_iam_policy_document" "logs_s3_bucket_policy_document" { test = "StringEquals" variable = "aws:SourceArn" - values = [aws_cloudtrail.data_s3_put_objects.arn] + values = [aws_cloudtrail.data_s3_put_objects.arn] } } diff --git a/terraform/environments/oasys/locals.tf b/terraform/environments/oasys/locals.tf index 6fcb3aa1aae..82abc1a6f56 100644 --- a/terraform/environments/oasys/locals.tf +++ b/terraform/environments/oasys/locals.tf @@ -220,11 +220,11 @@ locals { cloudwatch_metric_alarms = {} user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags autoscaling_schedules = module.baseline_presets.ec2_autoscaling_schedules.working_hours - autoscaling_group = merge(module.baseline_presets.ec2_autoscaling_group.default, { - desired_capacity = 2 - max_size = 2 + autoscaling_group = merge(module.baseline_presets.ec2_autoscaling_group.default, { + desired_capacity = 2 + max_size = 2 }) - lb_target_groups = {} + lb_target_groups = {} tags = { backup = "false" # opt out of mod platform default backup plan component = "bip" diff --git a/terraform/environments/oasys/locals_secrets.tf b/terraform/environments/oasys/locals_secrets.tf index 07f4a76bd0e..9442ae48fcf 100644 --- a/terraform/environments/oasys/locals_secrets.tf +++ b/terraform/environments/oasys/locals_secrets.tf @@ -10,14 +10,14 @@ locals { "arn:aws:iam::${module.environment.account_id}:role/ec2-database-*" ] - + secret_policy_write_db = { effect = "Allow" actions = [ "secretsmanager:PutSecretValue", ] principals = { - type = "AWS" + type = "AWS" identifiers = [ "arn:aws:iam::${module.environment.account_id}:role/ec2-database-*" ] @@ -30,7 +30,7 @@ locals { "secretsmanager:GetSecretValue", ] principals = { - type = "AWS" + type = "AWS" identifiers = [ "arn:aws:iam::${module.environment.account_id}:role/ec2-database-*" ] diff --git a/terraform/environments/oasys/locals_test.tf b/terraform/environments/oasys/locals_test.tf index fe2f388ee87..1df1b2fa42b 100644 --- a/terraform/environments/oasys/locals_test.tf +++ b/terraform/environments/oasys/locals_test.tf @@ -43,17 +43,17 @@ locals { "/oracle/database/T2ONRSYS" = local.secretsmanager_secrets_db "/oracle/database/T2ONRAUD" = local.secretsmanager_secrets_db "/oracle/database/T2ONRBDS" = local.secretsmanager_secrets_db - + "/database/t1/T1OASYS" = { secrets = { - apex_listenerpassword = {} + apex_listenerpassword = {} apex_public_userpassword = {} apex_rest_publicpassword = {} } } "/database/t2/T2OASYS" = { secrets = { - apex_listenerpassword = {} + apex_listenerpassword = {} apex_public_userpassword = {} apex_rest_publicpassword = {} } @@ -75,20 +75,20 @@ locals { } "/weblogic/test-oasys-bip-b" = { secrets = { - admin_password = {} - admin_username = {} + admin_password = {} + admin_username = {} biplatformpassword = {} - db_username = {} - mdspassword = {} - syspassword = {} + db_username = {} + mdspassword = {} + syspassword = {} } } "" = { postfix = "" secrets = { - account_ids = {} - ec2-user_pem = {} - environment_management_arn = {} + account_ids = {} + ec2-user_pem = {} + environment_management_arn = {} modernisation_platform_account_id = {} } } diff --git a/terraform/environments/oasys/main.tf b/terraform/environments/oasys/main.tf index 081e51844ee..e1f28103c04 100644 --- a/terraform/environments/oasys/main.tf +++ b/terraform/environments/oasys/main.tf @@ -83,5 +83,5 @@ module "baseline" { s3_buckets = merge(local.baseline_s3_buckets, module.baseline_presets.s3_buckets, lookup(local.environment_config, "baseline_s3_buckets", {})) security_groups = local.baseline_security_groups ssm_parameters = merge(module.baseline_presets.ssm_parameters, lookup(local.environment_config, "baseline_ssm_parameters", {})) - secretsmanager_secrets = merge(local.baseline_secretsmanager_secrets, lookup(local.environment_config, "baseline_secretsmanager_secrets", {})) + secretsmanager_secrets = merge(local.baseline_secretsmanager_secrets, lookup(local.environment_config, "baseline_secretsmanager_secrets", {})) } diff --git a/terraform/environments/ppud/instances.tf b/terraform/environments/ppud/instances.tf index a81e2181b16..865c610508e 100644 --- a/terraform/environments/ppud/instances.tf +++ b/terraform/environments/ppud/instances.tf @@ -143,7 +143,7 @@ resource "aws_instance" "s609693lo6vw110" { } tags = { - Name = "s609693lo6vw110" + Name = "s609693lo6vw110" patch_group = "dev_win_patch" backup = true } diff --git a/terraform/environments/tipstaff/ecs.tf b/terraform/environments/tipstaff/ecs.tf index 9b8fd879598..e194c634c0f 100644 --- a/terraform/environments/tipstaff/ecs.tf +++ b/terraform/environments/tipstaff/ecs.tf @@ -7,7 +7,7 @@ resource "aws_ecs_cluster" "tipstaff_cluster" { } resource "aws_cloudwatch_log_group" "deployment_logs" { - name = "/aws/events/deploymentLogs" + name = "/aws/events/deploymentLogs" retention_in_days = "7" } diff --git a/terraform/environments/tipstaff/providers.tf b/terraform/environments/tipstaff/providers.tf index 4bd8d1ed6aa..37fa16bd047 100644 --- a/terraform/environments/tipstaff/providers.tf +++ b/terraform/environments/tipstaff/providers.tf @@ -1,8 +1,8 @@ provider "aws" { - region = "eu-west-2" -# access_key = jsondecode(data.aws_secretsmanager_secret_version.get_tactical_products_rds_credentials.secret_string)["ACCESS_KEY"] -# secret_key = jsondecode(data.aws_secretsmanager_secret_version.get_tactical_products_rds_credentials.secret_string)["SECRET_KEY"] - alias = "tacticalproducts" + region = "eu-west-2" + # access_key = jsondecode(data.aws_secretsmanager_secret_version.get_tactical_products_rds_credentials.secret_string)["ACCESS_KEY"] + # secret_key = jsondecode(data.aws_secretsmanager_secret_version.get_tactical_products_rds_credentials.secret_string)["SECRET_KEY"] + alias = "tacticalproducts" } data "github_ip_ranges" "github_actions_ips" {}