From 8bb48a55349b7a4e638c4707ad2232b14d5e619d Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Fri, 25 Oct 2024 13:40:30 +0100
Subject: [PATCH 01/17] TM-65 Update user data for additional dba steps

---
 .../contract-work-administration/app_servers.tf            | 5 +++++
 .../contract-work-administration/concurrent_manager.tf     | 7 +++++++
 .../environments/contract-work-administration/database.tf  | 6 +++++-
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 79649677fc8..68db877397b 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -127,6 +127,11 @@ rm /var/cw-custom.sh
 chmod 700 /var/cw-custom.sh
 #  This script will be ran by the cron job in /etc/cron.d/custom_cloudwatch_metrics
 
+## Additional DBA Steps
+su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
+su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
+su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
+su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 
 EOF
 
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 5caaf4ee525..600e64125d5 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -127,6 +127,13 @@ rm /var/cw-custom.sh
 chmod 700 /var/cw-custom.sh
 #  This script will be ran by the cron job in /etc/cron.d/custom_cloudwatch_metrics
 
+## Additional DBA Steps
+su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
+su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
+su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
+su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
+
+
 EOF
 
 }
diff --git a/terraform/environments/contract-work-administration/database.tf b/terraform/environments/contract-work-administration/database.tf
index aec87ed93c0..a0aa2598589 100644
--- a/terraform/environments/contract-work-administration/database.tf
+++ b/terraform/environments/contract-work-administration/database.tf
@@ -142,6 +142,10 @@ cat <<EOT > /etc/cron.d/custom_cloudwatch_metrics
 */1 * * * * root /var/cw-custom.sh > /dev/null 2>&1
 EOT
 
+## Additional DBA steps
+su oracle -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/oracle/product/10.2.0/db_1/appsutil/CWA_cwa-db.xml"
+
+
 EOF
 
 }
@@ -187,7 +191,7 @@ resource "aws_instance" "database" {
   iam_instance_profile        = aws_iam_instance_profile.cwa.id
   key_name                    = aws_key_pair.cwa.key_name
   user_data_base64            = base64encode(local.db_userdata)
-  user_data_replace_on_change = true
+  user_data_replace_on_change = false
   metadata_options {
     http_tokens = "optional"
   }

From 14f849b8d517381c977c511079f20e61ace63d2a Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Tue, 29 Oct 2024 12:37:36 +0000
Subject: [PATCH 02/17] TM-65 Update ohs_serveradmin in config for EBS

---
 .../environments/contract-work-administration/app_servers.tf    | 1 +
 .../contract-work-administration/concurrent_manager.tf          | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 68db877397b..0f8977b50c9 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -132,6 +132,7 @@ su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_c
 su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
+su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 
 EOF
 
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 600e64125d5..dba4664f579 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -132,7 +132,7 @@ su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_c
 su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
 su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
 su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
-
+su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
 
 EOF
 

From caa6291e77e926c135cb259c0b52f2e2908d54fe Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 10:33:02 +0000
Subject: [PATCH 03/17] Spin up new App instance

---
 .../contract-work-administration/app_servers.tf       | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 0f8977b50c9..e110ffb776e 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -212,7 +212,7 @@ resource "aws_instance" "app1" {
 }
 
 resource "aws_instance" "app2" {
-  count                  = contains(["development", "testing"], local.environment) ? 0 : 1
+  count                  = contains(["development2", "testing"], local.environment) ? 0 : 1
   ami                    = local.application_data.accounts[local.environment].app_ami_id
   availability_zone      = "eu-west-2a"
   instance_type          = local.application_data.accounts[local.environment].app_instance_type
@@ -221,8 +221,8 @@ resource "aws_instance" "app2" {
   subnet_id              = data.aws_subnet.data_subnets_a.id
   iam_instance_profile   = aws_iam_instance_profile.cwa.id
   key_name               = aws_key_pair.cwa.key_name
-  #   user_data_base64            = base64encode(local.app_userdata)
-  #   user_data_replace_on_change = true
+  user_data_base64       = base64encode(local.app_userdata)
+  user_data_replace_on_change = true
 
   root_block_device {
     tags = merge(
@@ -404,7 +404,7 @@ resource "aws_volume_attachment" "app1" {
 }
 
 resource "aws_ebs_volume" "app2" {
-  count             = contains(["development", "testing"], local.environment) ? 0 : 1
+  count             = contains(["development2", "testing"], local.environment) ? 0 : 1
   availability_zone = "eu-west-2a"
   size              = local.application_data.accounts[local.environment].ebs_app_size
   type              = "gp2"
@@ -423,8 +423,9 @@ resource "aws_ebs_volume" "app2" {
 }
 
 resource "aws_volume_attachment" "app2" {
-  count       = contains(["development", "testing"], local.environment) ? 0 : 1
+  count       = contains(["development2", "testing"], local.environment) ? 0 : 1
   device_name = "/dev/sdf"
   volume_id   = aws_ebs_volume.app2[0].id
   instance_id = aws_instance.app2[0].id
 }
+

From 38caec276bd011bad85939836ec4481eb8592e7c Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 11:03:57 +0000
Subject: [PATCH 04/17] Rebuild app 2 to get it working and in right subnet

---
 .../environments/contract-work-administration/app_servers.tf | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index e110ffb776e..e62f9e41968 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -218,11 +218,14 @@ resource "aws_instance" "app2" {
   instance_type          = local.application_data.accounts[local.environment].app_instance_type
   monitoring             = true
   vpc_security_group_ids = [aws_security_group.app.id]
-  subnet_id              = data.aws_subnet.data_subnets_a.id
+  subnet_id              = data.aws_subnet.private_subnets_a.id
   iam_instance_profile   = aws_iam_instance_profile.cwa.id
   key_name               = aws_key_pair.cwa.key_name
   user_data_base64       = base64encode(local.app_userdata)
   user_data_replace_on_change = true
+  metadata_options {
+    http_tokens = "optional"
+  }
 
   root_block_device {
     tags = merge(

From 5711a2046725b40db025afc5399fa7e0314f104b Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 13:57:18 +0000
Subject: [PATCH 05/17] Move App 2 to another subnet and enable volume
 snapshot...

---
 .../environments/contract-work-administration/app_servers.tf  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index e62f9e41968..6a7998c5dac 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -218,7 +218,7 @@ resource "aws_instance" "app2" {
   instance_type          = local.application_data.accounts[local.environment].app_instance_type
   monitoring             = true
   vpc_security_group_ids = [aws_security_group.app.id]
-  subnet_id              = data.aws_subnet.private_subnets_a.id
+  subnet_id              = data.aws_subnet.private_subnets_b.id
   iam_instance_profile   = aws_iam_instance_profile.cwa.id
   key_name               = aws_key_pair.cwa.key_name
   user_data_base64       = base64encode(local.app_userdata)
@@ -413,7 +413,7 @@ resource "aws_ebs_volume" "app2" {
   type              = "gp2"
   encrypted         = true
   kms_key_id        = data.aws_kms_key.ebs_shared.key_id
-  # snapshot_id       = local.application_data.accounts[local.environment].app_snapshot_id # This is used for when data is being migrated
+  snapshot_id       = local.application_data.accounts[local.environment].app_snapshot_id # This is used for when data is being migrated
 
   lifecycle {
     ignore_changes = [kms_key_id]

From 25befa4814b62c8a852d7119b2e76caf25cd9e18 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 15:14:55 +0000
Subject: [PATCH 06/17] Coreect App 2 availability_zone

---
 .../environments/contract-work-administration/app_servers.tf    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 6a7998c5dac..5dffee63f6e 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -214,7 +214,7 @@ resource "aws_instance" "app1" {
 resource "aws_instance" "app2" {
   count                  = contains(["development2", "testing"], local.environment) ? 0 : 1
   ami                    = local.application_data.accounts[local.environment].app_ami_id
-  availability_zone      = "eu-west-2a"
+  availability_zone      = "eu-west-2b"
   instance_type          = local.application_data.accounts[local.environment].app_instance_type
   monitoring             = true
   vpc_security_group_ids = [aws_security_group.app.id]

From 814a76385dfcc04be78366bf741f81e231e2671a Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 15:26:11 +0000
Subject: [PATCH 07/17] Coreect App 2 availability_zone 2

---
 .../environments/contract-work-administration/app_servers.tf    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 5dffee63f6e..5cb0950f7d7 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -408,7 +408,7 @@ resource "aws_volume_attachment" "app1" {
 
 resource "aws_ebs_volume" "app2" {
   count             = contains(["development2", "testing"], local.environment) ? 0 : 1
-  availability_zone = "eu-west-2a"
+  availability_zone = "eu-west-2b"
   size              = local.application_data.accounts[local.environment].ebs_app_size
   type              = "gp2"
   encrypted         = true

From 077f56ca2ac7323c633f7f41c0aae84635011970 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Wed, 30 Oct 2024 17:07:40 +0000
Subject: [PATCH 08/17] Revert app 2 az

---
 .../contract-work-administration/app_servers.tf             | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 5cb0950f7d7..a0aa1a006d8 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -214,11 +214,11 @@ resource "aws_instance" "app1" {
 resource "aws_instance" "app2" {
   count                  = contains(["development2", "testing"], local.environment) ? 0 : 1
   ami                    = local.application_data.accounts[local.environment].app_ami_id
-  availability_zone      = "eu-west-2b"
+  availability_zone      = "eu-west-2a"
   instance_type          = local.application_data.accounts[local.environment].app_instance_type
   monitoring             = true
   vpc_security_group_ids = [aws_security_group.app.id]
-  subnet_id              = data.aws_subnet.private_subnets_b.id
+  subnet_id              = data.aws_subnet.private_subnets_a.id
   iam_instance_profile   = aws_iam_instance_profile.cwa.id
   key_name               = aws_key_pair.cwa.key_name
   user_data_base64       = base64encode(local.app_userdata)
@@ -408,7 +408,7 @@ resource "aws_volume_attachment" "app1" {
 
 resource "aws_ebs_volume" "app2" {
   count             = contains(["development2", "testing"], local.environment) ? 0 : 1
-  availability_zone = "eu-west-2b"
+  availability_zone = "eu-west-2a"
   size              = local.application_data.accounts[local.environment].ebs_app_size
   type              = "gp2"
   encrypted         = true

From 47fc54dd9f5b1802cee3f3c75832a9f08e44337b Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Thu, 31 Oct 2024 10:08:37 +0000
Subject: [PATCH 09/17] TM-65 Rebuild all CWA instnaces with latest user data

---
 .../environments/contract-work-administration/app_servers.tf | 5 +++--
 .../contract-work-administration/concurrent_manager.tf       | 3 ++-
 .../environments/contract-work-administration/database.tf    | 3 +--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index a0aa1a006d8..746c138dca4 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -134,6 +134,7 @@ su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].ol
 su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
 
+
 EOF
 
 }
@@ -187,7 +188,7 @@ resource "aws_instance" "app1" {
   iam_instance_profile        = aws_iam_instance_profile.cwa.id
   key_name                    = aws_key_pair.cwa.key_name
   user_data_base64            = base64encode(local.app_userdata)
-  user_data_replace_on_change = false
+  user_data_replace_on_change = true
   metadata_options {
     http_tokens = "optional"
   }
@@ -222,7 +223,7 @@ resource "aws_instance" "app2" {
   iam_instance_profile   = aws_iam_instance_profile.cwa.id
   key_name               = aws_key_pair.cwa.key_name
   user_data_base64       = base64encode(local.app_userdata)
-  user_data_replace_on_change = true
+  user_data_replace_on_change = false
   metadata_options {
     http_tokens = "optional"
   }
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index dba4664f579..e2b570b20b0 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -134,6 +134,7 @@ su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].ol
 su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
 su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
 
+
 EOF
 
 }
@@ -165,7 +166,7 @@ resource "aws_instance" "concurrent_manager" {
   iam_instance_profile        = aws_iam_instance_profile.cwa.id
   key_name                    = aws_key_pair.cwa.key_name
   user_data_base64            = base64encode(local.cm_userdata)
-  user_data_replace_on_change = false
+  user_data_replace_on_change = true
   metadata_options {
     http_tokens = "optional"
   }
diff --git a/terraform/environments/contract-work-administration/database.tf b/terraform/environments/contract-work-administration/database.tf
index a0aa2598589..ce63f1d8aaa 100644
--- a/terraform/environments/contract-work-administration/database.tf
+++ b/terraform/environments/contract-work-administration/database.tf
@@ -145,7 +145,6 @@ EOT
 ## Additional DBA steps
 su oracle -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/oracle/product/10.2.0/db_1/appsutil/CWA_cwa-db.xml"
 
-
 EOF
 
 }
@@ -191,7 +190,7 @@ resource "aws_instance" "database" {
   iam_instance_profile        = aws_iam_instance_profile.cwa.id
   key_name                    = aws_key_pair.cwa.key_name
   user_data_base64            = base64encode(local.db_userdata)
-  user_data_replace_on_change = false
+  user_data_replace_on_change = true
   metadata_options {
     http_tokens = "optional"
   }

From 66c80a9aebfe868b4d658cfdd73db7be880572c2 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Thu, 31 Oct 2024 10:58:11 +0000
Subject: [PATCH 10/17] Fixing backing up config not working

---
 .../contract-work-administration/app_servers.tf          | 9 +++++----
 .../contract-work-administration/concurrent_manager.tf   | 9 +++++----
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 746c138dca4..a6e1732a746 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -128,11 +128,12 @@ chmod 700 /var/cw-custom.sh
 #  This script will be ran by the cron job in /etc/cron.d/custom_cloudwatch_metrics
 
 ## Additional DBA Steps
+echo "Updating CWA_cwa-app1.xml"
 su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
-su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
-su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
-su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
-su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml"
+sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
+sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
+sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
+sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 
 
 EOF
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index e2b570b20b0..a714ed47107 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -128,11 +128,12 @@ chmod 700 /var/cw-custom.sh
 #  This script will be ran by the cron job in /etc/cron.d/custom_cloudwatch_metrics
 
 ## Additional DBA Steps
+echo "Updating CWA_cwa-app2.xml"
 su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
-su applmgr -c "sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
-su applmgr -c "sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
-su applmgr -c "sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
-su applmgr -c "sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml"
+sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 
 
 EOF

From 0e714f97e37d768e999339ac6c4d453b4607084a Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Thu, 31 Oct 2024 11:28:29 +0000
Subject: [PATCH 11/17] Fixing backing up config not working 2

---
 .../environments/contract-work-administration/app_servers.tf    | 2 +-
 .../contract-work-administration/concurrent_manager.tf          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index a6e1732a746..46d5471accf 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -82,6 +82,7 @@ chmod 700 /userdata/postbuild.sh
 sed -i 's/. \/CWA\/app\/appl\/APPSCWA_SERVER_HOSTNAME.env/. \/CWA\/app\/appl\/APPSCWA_${local.appserver1_hostname}.env/g' /userdata/postbuild.sh
 sed -i 's/development/${local.application_data.accounts[local.environment].env_short}/g' /userdata/postbuild.sh
 . /userdata/postbuild.sh
+su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
 
 echo "mp-${local.environment}" > /etc/cwaenv
 sed -i '/^PS1=/d' /etc/bashrc
@@ -129,7 +130,6 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app1.xml"
-su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index a714ed47107..cbb7a5e31ee 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -83,6 +83,7 @@ chmod 700 /userdata/postbuild.sh
 sed -i 's/. \/CWA\/app\/appl\/APPSCWA_SERVER_HOSTNAME.env/. \/CWA\/app\/appl\/APPSCWA_${local.cm_hostname}.env/g' /userdata/postbuild.sh
 sed -i 's/development/${local.application_data.accounts[local.environment].env_short}/g' /userdata/postbuild.sh
 . /userdata/postbuild.sh
+su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
 
 echo "mp-${local.environment}" > /etc/cwaenv
 sed -i '/^PS1=/d' /etc/bashrc
@@ -129,7 +130,6 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app2.xml"
-su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml

From 85c5ba22df07f1911b9516973dce904669bc0f7c Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Thu, 31 Oct 2024 12:25:55 +0000
Subject: [PATCH 12/17] Fixing backing up config not working 3

---
 .../contract-work-administration/concurrent_manager.tf        | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index cbb7a5e31ee..0e76188bac0 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -83,7 +83,6 @@ chmod 700 /userdata/postbuild.sh
 sed -i 's/. \/CWA\/app\/appl\/APPSCWA_SERVER_HOSTNAME.env/. \/CWA\/app\/appl\/APPSCWA_${local.cm_hostname}.env/g' /userdata/postbuild.sh
 sed -i 's/development/${local.application_data.accounts[local.environment].env_short}/g' /userdata/postbuild.sh
 . /userdata/postbuild.sh
-su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
 
 echo "mp-${local.environment}" > /etc/cwaenv
 sed -i '/^PS1=/d' /etc/bashrc
@@ -130,6 +129,9 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app2.xml"
+su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
+echo "Adding a sleep..."
+sleep 5
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml

From fdde2abf4b28cda9d4a36c5c7b336c17bc9c6499 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Thu, 31 Oct 2024 12:48:22 +0000
Subject: [PATCH 13/17] Fixing backing up config not working 5

---
 .../environments/contract-work-administration/app_servers.tf  | 2 +-
 .../contract-work-administration/concurrent_manager.tf        | 4 +---
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 46d5471accf..cd7595e8bba 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -82,7 +82,6 @@ chmod 700 /userdata/postbuild.sh
 sed -i 's/. \/CWA\/app\/appl\/APPSCWA_SERVER_HOSTNAME.env/. \/CWA\/app\/appl\/APPSCWA_${local.appserver1_hostname}.env/g' /userdata/postbuild.sh
 sed -i 's/development/${local.application_data.accounts[local.environment].env_short}/g' /userdata/postbuild.sh
 . /userdata/postbuild.sh
-su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
 
 echo "mp-${local.environment}" > /etc/cwaenv
 sed -i '/^PS1=/d' /etc/bashrc
@@ -130,6 +129,7 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app1.xml"
+cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 0e76188bac0..db3e4c2b7f8 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -129,9 +129,7 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app2.xml"
-su applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
-echo "Adding a sleep..."
-sleep 5
+cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml

From d9859868baec727f8142a59b9c82f09019fc999b Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Fri, 1 Nov 2024 09:30:44 +0000
Subject: [PATCH 14/17] Look into cp file issue on CM

---
 .../contract-work-administration/concurrent_manager.tf | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index db3e4c2b7f8..6e93b3e25d8 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -129,11 +129,11 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app2.xml"
-cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup
-sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+su - applmgr -c ""cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
+# sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+# sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+# sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+# sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 
 
 EOF

From 706f1f8fa0c34a6734c78ddec9bb3500191fd2a2 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Fri, 1 Nov 2024 10:12:52 +0000
Subject: [PATCH 15/17] TM-65 Revert unnec changes

---
 .../contract-work-administration/app_servers.tf        |  2 +-
 .../contract-work-administration/concurrent_manager.tf | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index cd7595e8bba..e865a47f826 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -129,7 +129,7 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app1.xml"
-cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup
+su - applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app1.xml /CWA/app/appl/admin/CWA_cwa-app1.xml.tf_backup"
 sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app1.xml
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 6e93b3e25d8..5ce5a4e07a7 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -129,11 +129,11 @@ chmod 700 /var/cw-custom.sh
 
 ## Additional DBA Steps
 echo "Updating CWA_cwa-app2.xml"
-su - applmgr -c ""cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
-# sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-# sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-# sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
-# sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+su - applmgr -c "cp /CWA/app/appl/admin/CWA_cwa-app2.xml /CWA/app/appl/admin/CWA_cwa-app2.xml.tf_backup"
+sed -i 's/aws.${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
+sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 
 
 EOF

From 5eea49b53e262ee2875452b8e370f5fbf6ff6eae Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Fri, 1 Nov 2024 15:26:41 +0000
Subject: [PATCH 16/17] TM-65 Rebuild App, CM along with volumes

---
 .../contract-work-administration/app_servers.tf            | 7 +++----
 .../contract-work-administration/concurrent_manager.tf     | 7 +++----
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index e865a47f826..6ec2df469bf 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -113,7 +113,6 @@ sed -i 's/${local.application_data.accounts[local.environment].old_mail_server_u
 sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/${data.aws_route53_zone.external.name}/g' /etc/mail/sendmail.mc
 /etc/init.d/sendmail restart
 
-
 ## Remove SSH key allowed
 echo "Removing old SSH key"
 sed -i '/.*-general$/d' /home/ec2-user/.ssh/authorized_keys
@@ -392,9 +391,9 @@ resource "aws_ebs_volume" "app1" {
   kms_key_id        = data.aws_kms_key.ebs_shared.key_id
   snapshot_id       = local.application_data.accounts[local.environment].app_snapshot_id # This is used for when data is being migrated
 
-  lifecycle {
-    ignore_changes = [kms_key_id]
-  }
+  # lifecycle {
+  #   ignore_changes = [kms_key_id]
+  # }
 
   tags = merge(
     local.tags,
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 5ce5a4e07a7..09883aa9f2c 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -135,7 +135,6 @@ sed -i 's/${local.application_data.accounts[local.environment].old_domain_name}/
 sed -i 's/cwa.${local.application_data.accounts[local.environment].old_domain_name}/${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 sed -i 's/db_admin@legalservices.gov.uk/db_admin@${resource.aws_route53_record.external.name}/g' /CWA/app/appl/admin/CWA_cwa-app2.xml
 
-
 EOF
 
 }
@@ -252,9 +251,9 @@ resource "aws_ebs_volume" "concurrent_manager" {
   kms_key_id        = data.aws_kms_key.ebs_shared.key_id
   snapshot_id       = local.application_data.accounts[local.environment].concurrent_manager_snapshot_id # This is used for when data is being migrated
 
-  lifecycle {
-    ignore_changes = [kms_key_id]
-  }
+  # lifecycle {
+  #   ignore_changes = [kms_key_id]
+  # }
 
   tags = merge(
     local.tags,

From 194198350d7cf69a81c03e2f0665ca84ada8e828 Mon Sep 17 00:00:00 2001
From: "Vincent.Cheung" <vincent.cheung@digital.justice.gov.uk>
Date: Fri, 1 Nov 2024 15:30:48 +0000
Subject: [PATCH 17/17] TM-65 Rebuild App, CM along with volumes 2

---
 .../contract-work-administration/app_servers.tf          | 9 ++++++---
 .../contract-work-administration/concurrent_manager.tf   | 9 ++++++---
 2 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/terraform/environments/contract-work-administration/app_servers.tf b/terraform/environments/contract-work-administration/app_servers.tf
index 6ec2df469bf..e9dcef44ed2 100644
--- a/terraform/environments/contract-work-administration/app_servers.tf
+++ b/terraform/environments/contract-work-administration/app_servers.tf
@@ -391,9 +391,12 @@ resource "aws_ebs_volume" "app1" {
   kms_key_id        = data.aws_kms_key.ebs_shared.key_id
   snapshot_id       = local.application_data.accounts[local.environment].app_snapshot_id # This is used for when data is being migrated
 
-  # lifecycle {
-  #   ignore_changes = [kms_key_id]
-  # }
+  lifecycle {
+    replace_triggered_by = [
+      aws_instance.app1.id
+    ]
+    ignore_changes = [kms_key_id]
+  }
 
   tags = merge(
     local.tags,
diff --git a/terraform/environments/contract-work-administration/concurrent_manager.tf b/terraform/environments/contract-work-administration/concurrent_manager.tf
index 09883aa9f2c..995989f6877 100644
--- a/terraform/environments/contract-work-administration/concurrent_manager.tf
+++ b/terraform/environments/contract-work-administration/concurrent_manager.tf
@@ -251,9 +251,12 @@ resource "aws_ebs_volume" "concurrent_manager" {
   kms_key_id        = data.aws_kms_key.ebs_shared.key_id
   snapshot_id       = local.application_data.accounts[local.environment].concurrent_manager_snapshot_id # This is used for when data is being migrated
 
-  # lifecycle {
-  #   ignore_changes = [kms_key_id]
-  # }
+  lifecycle {
+    replace_triggered_by = [
+      aws_instance.concurrent_manager.id
+    ]
+    ignore_changes = [kms_key_id]
+  }
 
   tags = merge(
     local.tags,