Skip to content

Commit

Permalink
Merge pull request #3140 from ministryofjustice/NIT-795-delius-db-add…
Browse files Browse the repository at this point in the history 
…-connectivity-between-delius-core-dev-and-legacy-eng-dev

NIT-795 allow legacy rman in
  • Loading branch information
@pete-j-g
pete-j-g authored Aug 21, 2023
2 parents af885cf + 3630130 commit d5830e7
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 2 deletions.
13 changes: 12 additions & 1 deletion terraform/environments/delius-core/ec2_instance_db.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,18 @@ resource "aws_vpc_security_group_egress_rule" "base_ami_test_instance_https_out"
)
}

resource "aws_vpc_security_group_ingress_rule" "db_ec2_instance_rman_in" {
security_group_id = aws_security_group.base_ami_test_instance_sg.id
cidr_ipv4 = local.environment_config_dev.legacy_engineering_vpc_cidr
from_port = 1521
to_port = 1521
ip_protocol = "tcp"
description = "Allow communication in on port 1521 from legacy rman"
tags = merge(local.tags,
{ Name = "legacy-rman-in" }
)
}

# Pre-req - IAM role, attachment for SSM usage and instance profile
data "aws_iam_policy_document" "base_ami_test_instance_iam_assume_policy" {
statement {
Expand Down Expand Up @@ -170,4 +182,3 @@ resource "aws_instance" "base_ami_test_instance" {
{ database = "delius-db-1" }
)
}

1 change: 1 addition & 0 deletions terraform/environments/delius-core/locals_development_dev1.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ locals {

environment_config_dev = {
migration_environment_vpc_cidr = "10.161.20.0/22"
legacy_engineering_vpc_cidr = "10.161.98.0/25"
ec2_user_ssh_key = file("${path.module}/files/.ssh/${terraform.workspace}-dev/ec2-user.pub")
}

Expand Down
12 changes: 12 additions & 0 deletions terraform/environments/delius-core/modules/environment_all_components/db_ec2.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,18 @@ resource "aws_vpc_security_group_egress_rule" "db_ec2_instance_https_out" {
)
}

resource "aws_vpc_security_group_ingress_rule" "db_ec2_instance_rman_in" {
security_group_id = aws_security_group.db_ec2_instance_sg.id
cidr_ipv4 = var.environment_config.legacy_engineering_vpc_cidr
from_port = 1521
to_port = 1521
ip_protocol = "tcp"
description = "Allow communication in on port 1521 from legacy rman"
tags = merge(local.tags,
{ Name = "legacy-rman-in" }
)
}

# Pre-reqs - IAM role, attachment for SSM usage and instance profile
data "aws_iam_policy_document" "db_ec2_instance_iam_assume_policy" {
statement {
Expand Down
3 changes: 2 additions & 1 deletion terraform/environments/delius-core/modules/environment_all_components/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,8 @@ variable "account_config" {

variable "environment_config" {
type = object({
migration_environment_vpc_cidr = optional(string),
migration_environment_vpc_cidr = optional(string)
legacy_engineering_vpc_cidr = string
ec2_user_ssh_key = string
})
}
Expand Down

0 comments on commit d5830e7

Please sign in to comment.