diff --git a/.devcontainer/devcontainer-lock.json b/.devcontainer/devcontainer-lock.json
index af245365880..37e26c5a47a 100644
--- a/.devcontainer/devcontainer-lock.json
+++ b/.devcontainer/devcontainer-lock.json
@@ -16,4 +16,4 @@
"integrity": "sha256:ee331ef839de0479888df2049da48aaf980be9887e5ce90937ba5273105b2032"
}
}
-}
\ No newline at end of file
+}
diff --git a/terraform/environments/cdpt-chaps/README.md b/terraform/environments/cdpt-chaps/README.md
index 108d5b20b8d..b77b53b79be 100644
--- a/terraform/environments/cdpt-chaps/README.md
+++ b/terraform/environments/cdpt-chaps/README.md
@@ -17,9 +17,9 @@ The Ministerial Correspondence Unit (MCU) receives correspondence from MP on beh
### **Service URLs:**
-Prod: https://correspondence-handling-and-processing.service.justice.gov.uk/
-Staging: https://cdpt-chaps.hq-preproduction.modernisation-platform.service.justice.gov.uk/
-Dev: https://cdpt-chaps.hq-development.modernisation-platform.service.justice.gov.uk/
+Prod:
+Staging:
+Dev:
### **Incident response hours:**
@@ -27,11 +27,11 @@ Office Hours, usually 9am - 6pm Monday to Friday
### **Incident contact details:**
-Email: CHAPS-Support@digital.justice.gov.uk Slack: #cdpt-chaps
+Email: Slack: #cdpt-chaps
### **Service team contact:**
-Email: CHAPS-Support@digital.justice.gov.uk Slack: #cdpt-chaps
+Email: Slack: #cdpt-chaps
### **Hosting environment:**
@@ -41,4 +41,4 @@ Modernisation Platform
### **Other URLs:**
-GitHub repo: https://github.com/ministryofjustice/CHAPS
+GitHub repo:
diff --git a/terraform/environments/cdpt-ifs/application_variables.json b/terraform/environments/cdpt-ifs/application_variables.json
index 955f679b66a..dda777f5955 100644
--- a/terraform/environments/cdpt-ifs/application_variables.json
+++ b/terraform/environments/cdpt-ifs/application_variables.json
@@ -27,4 +27,3 @@
}
}
}
-
diff --git a/terraform/environments/cdpt-ifs/bastion_linux.json b/terraform/environments/cdpt-ifs/bastion_linux.json
index f97bec0e4f8..fe32b91421f 100644
--- a/terraform/environments/cdpt-ifs/bastion_linux.json
+++ b/terraform/environments/cdpt-ifs/bastion_linux.json
@@ -10,4 +10,4 @@
"acurtis": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP7Z+QprFiensJ1Kw08i9shm5lfritcI3/71nrDu2S3H alistair.curtis@digital.justice.gov.uk"
}
}
-}
\ No newline at end of file
+}
diff --git a/terraform/environments/cdpt-ifs/ecs.tf b/terraform/environments/cdpt-ifs/ecs.tf
index 1dd824e0b92..c580836cfda 100644
--- a/terraform/environments/cdpt-ifs/ecs.tf
+++ b/terraform/environments/cdpt-ifs/ecs.tf
@@ -117,7 +117,7 @@ resource "aws_ecs_task_definition" "ifs_task_definition" {
value = "${local.application_data.accounts[local.environment].db_name}"
},
{
- name = "CLIENT_ID"
+ name = "CLIENT_ID"
value = "${local.application_data.accounts[local.environment].client_id}"
}
]
@@ -309,22 +309,22 @@ resource "aws_security_group" "cluster_ec2" {
description = "controls access to the cluster ec2 instance"
vpc_id = data.aws_vpc.shared.id
-ingress {
- description = "allow access on HTTP from load balancer"
- from_port = 80
- to_port = 80
- protocol = "tcp"
- cidr_blocks = ["0.0.0.0/0"]
- security_groups = [aws_security_group.ifs_lb_sc.id]
- }
-
- ingress {
- description = "Allow RDP ingress"
- from_port = 3389
- to_port = 3389
- protocol = "tcp"
- security_groups = [module.bastion_linux.bastion_security_group]
- }
+ ingress {
+ description = "allow access on HTTP from load balancer"
+ from_port = 80
+ to_port = 80
+ protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ security_groups = [aws_security_group.ifs_lb_sc.id]
+ }
+
+ ingress {
+ description = "Allow RDP ingress"
+ from_port = 3389
+ to_port = 3389
+ protocol = "tcp"
+ security_groups = [module.bastion_linux.bastion_security_group]
+ }
egress {
description = "Cluster EC2 loadbalancer egress rule"
@@ -349,7 +349,7 @@ resource "aws_iam_instance_profile" "ec2_instance_profile" {
}
resource "aws_ecs_service" "ecs_service" {
- depends_on = [aws_lb_listener.https_listener]
+ depends_on = [aws_lb_listener.https_listener]
name = var.networking[0].application
cluster = aws_ecs_cluster.ecs_cluster.id
task_definition = aws_ecs_task_definition.ifs_task_definition.arn
@@ -444,7 +444,7 @@ resource "aws_key_pair" "ec2-user" {
key_name = "${local.application_name}-ec2"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwVil3c3Nh/F6S1IzMFUMhykwj1SwQEXVvNghpUW5Ncm82ibJqtVccgCFW96HoHO7Bv8jt5O+TrfENlNI6yywASKEiJRDNUpBBK/UCqXQrYJ0KTvJ7FHegQjrxBOM/Lo3o3IniB2lNTe8hijBMrdaeKivWjB2YKTJxLFdUdLFjBop5uH0gL5Or6+P5/CyKmkIftn3Wazyq4Oe3mYQhB9Gr45/T8/UZCPnWWZ/p7AB3hH5jVO3BqHsB0t3YqJrbCV3Uo85xM62BBBV0AcWXNADY2f4A+6zcUX6j6BIfgAmYP3EQCZBxFq0BgxurF7xIh7CIjl4iIMQJ0sz3uoyLdh9f alistair.curtis@MJ004521"
tags = local.tags
- }
+}
resource "aws_security_group" "ecs_service" {
name_prefix = "ecs-service-sg-"
diff --git a/terraform/environments/cdpt-ifs/locals.tf b/terraform/environments/cdpt-ifs/locals.tf
index 8d9234c26cd..d50c701409c 100644
--- a/terraform/environments/cdpt-ifs/locals.tf
+++ b/terraform/environments/cdpt-ifs/locals.tf
@@ -1,6 +1,6 @@
locals {
-domain_types = { for dvo in aws_acm_certificate.external.domain_validation_options : dvo.domain_name => {
+ domain_types = { for dvo in aws_acm_certificate.external.domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
type = dvo.resource_record_type
@@ -14,9 +14,9 @@ domain_types = { for dvo in aws_acm_certificate.external.domain_validation_optio
domain_type_main = [for k, v in local.domain_types : v.type if k == "modernisation-platform.service.justice.gov.uk"]
domain_type_sub = [for k, v in local.domain_types : v.type if k != "modernisation-platform.service.justice.gov.uk"]
-ecr_url = "${local.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/cdpt-ifs-ecr-repo"
+ ecr_url = "${local.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/cdpt-ifs-ecr-repo"
-user_data = base64encode(templatefile("user_data.txt", {
+ user_data = base64encode(templatefile("user_data.txt", {
cluster_name = "${local.application_name}-ecs-cluster"
}))
diff --git a/terraform/environments/corporate-staff-rostering/iam.tf b/terraform/environments/corporate-staff-rostering/iam.tf
index a50ab0158ec..675f26aa2d3 100644
--- a/terraform/environments/corporate-staff-rostering/iam.tf
+++ b/terraform/environments/corporate-staff-rostering/iam.tf
@@ -57,8 +57,8 @@ data "aws_iam_policy_document" "lambda_assume_role_policy" {
}
resource "aws_iam_role" "lambda-ad-role" {
- name = "LambdaFunctionADObjectCleanUp"
- tags = local.tags
+ name = "LambdaFunctionADObjectCleanUp"
+ tags = local.tags
assume_role_policy = data.aws_iam_policy_document.lambda_assume_role_policy.json
}
@@ -68,12 +68,12 @@ resource "aws_iam_policy" "lambda_eventbridge_policy" {
description = "Policy allowing Lambda to be triggered by EventBridge"
policy = jsonencode({
- "Version": "2012-10-17",
- "Statement": [
+ "Version" : "2012-10-17",
+ "Statement" : [
{
- "Effect": "Allow",
- "Action": "lambda:InvokeFunction",
- "Resource": module.ad-clean-up-lambda.lambda_function_arn
+ "Effect" : "Allow",
+ "Action" : "lambda:InvokeFunction",
+ "Resource" : module.ad-clean-up-lambda.lambda_function_arn
}
]
})
diff --git a/terraform/environments/corporate-staff-rostering/lambda.tf b/terraform/environments/corporate-staff-rostering/lambda.tf
index aebca79038d..dc0945e70d0 100644
--- a/terraform/environments/corporate-staff-rostering/lambda.tf
+++ b/terraform/environments/corporate-staff-rostering/lambda.tf
@@ -40,12 +40,12 @@ data "archive_file" "ad-cleanup-lambda" {
resource "aws_cloudwatch_event_rule" "ec2_state_change_terminated" {
name = "Ec2StateChangedTerminated"
description = "Rule to trigger Lambda on EC2 state change"
-
+
event_pattern = jsonencode({
- "source": ["aws.ec2"],
- "detail-type": ["EC2 Instance State-change Notification for EC2 termination event"],
- "detail": {
- "state": ["terminated"]
+ "source" : ["aws.ec2"],
+ "detail-type" : ["EC2 Instance State-change Notification for EC2 termination event"],
+ "detail" : {
+ "state" : ["terminated"]
}
})
}
diff --git a/terraform/environments/corporate-staff-rostering/locals_defaults.tf b/terraform/environments/corporate-staff-rostering/locals_defaults.tf
index fa25bd93f2c..e9950618cf0 100644
--- a/terraform/environments/corporate-staff-rostering/locals_defaults.tf
+++ b/terraform/environments/corporate-staff-rostering/locals_defaults.tf
@@ -23,7 +23,7 @@ locals {
},
{
instance-or-cloudwatch-agent-stopped = merge(module.baseline_presets.cloudwatch_metric_alarms_by_sns_topic["csr_pagerduty"].ec2_instance_or_cwagent_stopped_linux["instance-or-cloudwatch-agent-stopped"], {
- threshold = "0"
+ threshold = "0"
evaluation_periods = "5"
datapoints_to_alarm = "2"
period = "60"
@@ -42,7 +42,7 @@ locals {
module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_windows,
{
instance-or-cloudwatch-agent-stopped = merge(module.baseline_presets.cloudwatch_metric_alarms_by_sns_topic["csr_pagerduty"].ec2_instance_or_cwagent_stopped_windows["instance-or-cloudwatch-agent-stopped"], {
- threshold = "0"
+ threshold = "0"
evaluation_periods = "5"
datapoints_to_alarm = "2"
period = "60"
@@ -55,7 +55,7 @@ locals {
module.baseline_presets.cloudwatch_metric_alarms_by_sns_topic["csr_pagerduty"].ec2_cwagent_windows,
{
instance-or-cloudwatch-agent-stopped = merge(module.baseline_presets.cloudwatch_metric_alarms_by_sns_topic["csr_pagerduty"].ec2_instance_or_cwagent_stopped_windows["instance-or-cloudwatch-agent-stopped"], {
- threshold = "0"
+ threshold = "0"
evaluation_periods = "5"
datapoints_to_alarm = "2"
period = "60"
diff --git a/terraform/environments/delius-core/bastion_linux.json b/terraform/environments/delius-core/bastion_linux.json
index 74da8d1c56d..6b83a1c2dcf 100644
--- a/terraform/environments/delius-core/bastion_linux.json
+++ b/terraform/environments/delius-core/bastion_linux.json
@@ -4,13 +4,13 @@
"ranbeers": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAACAEAhVcS1YUNa/ZoXUzQ0UyNX+SEBr4WVAbOBCWHw7VsspeUD6EXjGmlUYu9sTgFTGzOmhPPliKzaC5/h/pOR7+lXgOxoZVJM4rosTR/xjNGFzgEgJdLZ6sVxq60WpD/fW1S3LQrYnYZmlVkIq9zchvHLfB9GwzwKvhUeIFVlEdDrktJAZjnJw8HjfyNGKTZR/IfD/rkCETuad3wXpv7uQPyMkKk+oK+H7toStwfnlyQ439spk5yoVn0Ffob/1D/iZjGTMjtc+nmJoWxP/Hl1+kKn3fIw+DgEWpy1OBoViNvBCjX91KJ5Zc3t5kbQ90q1egKRbySYvzOauu8HMA7Z6yaBSY2OIP4Y8Pq61LviWN96TczVNjIfEU8mKzW+WgdZtjAXypNCmMlsXrtZP9hGKkA18tUVTcNsFRA/IBPhjuIOMMzCQXPtmYQF8si+4agR1WPj0eiJIkLYYXXSTd22y/sr9R85ttOrlDz0UNAERMPRGghFloL94LzUhBqlVd7CZ9M7cUaVfkln8hGuJScXzGA18Ajlf8q0s6MYispZsBRwzaQQgciqZHfsByyXCVGKooCvPy3egUhdsFZ0RmDlxRKlzphv0xLIErwG5MCDvKlSI/WPgQgn4oEcfBDFCXKB0PAErxU+7LuWtD2ak16JCO6VZsa9Ay/UcFps3ju8OOBjzSefh5VvsstPdprBdNqmmkhPI+LmTNlY/sDsuSAdsM9WuzawZBs4o2ub7LBdvzFX+5hD8ilWVOzDWrBRlCogCCxbVTiMefX5vm9yosTkwwp74SDKUoWIvMo9IRzU2n0X0An/aXbgNywhnfDTjp7Q8pO8aVOUS4udYfxRBm7oz63bCkWibLsBOUlUE/JnrA+aGGtJsJQwNsP/YUwBK/VNZxi2kyqVj3dx/q0GVEsGxaN+IvUX12Ew3RPsgK3qFjo9sncSOlBcFWTy0K+PS30O3sg47NyjdJlu5zGblFlxMIM8HduRxSIWzmZcV5enm8eFPY1fMTtSWidOr/DG37hQPzc0l9D97RcKlgYABeMObkGmdnccz8VgHo3qNB1FNDPzZUJviUk7lGj+i5R2iTLiphusCU8NW2CFH7iIGM5OJYEOUMlyHYwFQoshEaBtHXDFH0KoMqa+hN8rGIRxie8F6Ritq+J6Opsv3eKhcGJdu9nqxiDLajaB/TSqWGXGuu9iHnYPThqB2OMlvnOiyRvZj4chak6R8ouIjoBRy3L+M8zK9B4Oy04YqZAs//pfg8SU7nKy29Q5RVbfJiOHBUVAaAxfUG1YP97nuWc+U1N7MWdv7ZHqx6cFLH0rAfDU7B2o0MnkCkbqsc8dyxmZZ7p/y+rAq5975MgBcQTQlYgqTi7aY3FJ7aVCcJFk+s37XvYLE/QIw6zhbrZf5ao0JeUzE7SRIAcy+Ky2ofWHvedcm+nWlArhHpb6oAwubys5hRNwoe1ztYufKYwEDCJ3ir+BadlZv1NiuMLY9LUlhouN3Rr6KHG1+IuB02t7yCM55L6nvlroSgSf5LvJ8WusHkrqDwHUS/395I4Zxf+EIqJIuiAK8o2kuR5DhW4K61wtaEusWWGGC0Z+XWb2rzcRj/mB05O92AyvwZGrePhcqCYylARnURPsAeuozDzJdIhUASU5hhAMkLQX7gxymb74XaIwXZh4LicEXeEDg3J0WgIahSnWkzolaQPhOxIIvAvL1MS2FZNyn8hoPUMpWZQ9oU3kYh6xPKy9FE3HKI6/rHj2uXywChvtZ8Oz2fXGAYc9lE0smbYpbZMNA2zyvrUBeJjH6iV0oVoEdj2kjczUV2ic/wKfu3CgDe95rETk4aAvJPVRsEaCO8DVOlRv16FEbQ35QQS7Qfcx6+g2JYjaIvhOxdbVCL5KdY7HmasFpKH5N877wmzUL5dTKKwtDMF4ohrijgSiXS5lT958TNuygj4CMApu9DnTBoGSRI2z5gNJbkQjrO416NRO83pN3Uo7w6mUfFXjcBYQMI5tOz1npPnvi1gxttrucQrtbpc0Rh966k8hefwljp9RBm639FmZG1uc/y+EAInziuR7dSes93S4qw+VNXZ56h26Z37Ne43dGI7Qt7n7/Dj4p+mpjKVAbtBhj2wuPiTjHODJeonLGtvEpL2ffiwmnmXg6Vd2rADrfNvz2YG6Oxufma4KgaL8aXoTfVhmz4RTNvq7me53CC37kF1KRNOHjE2jrs/aBdRpjM1pdUdtqOvbP/Zn0HX9w9JKYR7jqC75aGtQ1+vJLwyEKqfipq6la85Esk/Ha+t3zZ1aJt0BQ6yuvwvhwh4ji162RKFsXJD8gaQyDSg5JsVZKATWeitxGGAHjbNSBPdQrBOpo8TpGT0zk4ZqmXzdq72yhZnmJ+5FXIPDbM6eM2kviQ7OEHJkYj9PIV6A5+YCQdCfPlDmWsipX4Rtl84uTL91LJdeNQJcoPQpRjzH77bbUFaUINetWBtC0AoJYc6oyX+zPdereVhyehlsu2+8a3fasXZdc+n24bnRKa9Cr/eGUPPk9tNHS7RzPlm2gU7litufzU5jUOxtGMIImJnXuiZow82vDY4Z4cnqF7B3h3qqE6bJeT+rkGMj3CkcxCLGThQg0ViNH/9XnDX7rkKDh3LfHjD+KtDdpHHc4dwFm99RAgjZcvuLqWSGTRCq4lSWW8PyAdmcy+0Mu4X4aQhqCKD15eTB9PfkpucvJ45CpnhDcECUC9qB5TfvRq5BTgBRCjR7/U= rsa-key-20180830",
"billb": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAACAEArGAp8lqSHIP7qpN/TILxmytD8zcYoQYpLFcPWI0rESBeBpIEyXiGbr9VEXhP4HIIj1o0jT49K6s0IQKChnZqvClI/DWrju2IsJpkPmUvuwDAlsR4T8+W1CrI/3a3ZAKEdVKN/BNv2jEdVbEztfhjCvRZwhioxnTjtqet5bC9CqWKwL5dOMGVnswU3gp72Qw+67t5jem1bvfukry9T85YzH8hEAIlyKGcdI1dYdaQoGs8Wm5UiwJCRCa3bQCGz9yNf49/KwGCt2RszITtZEmikvFbGMk4ciEWCEtJgAYXK+fCaaCFOsavsxus9raIKIyGLU1NF2XCMgoYHZ6FT+kifKtzJ4GZntHHompvMt+DDI3aPnpBnPgj5D9S28UI6V0oWvTY4Lttiu93SXHj9TT1dSS764FqOrVA07orQXjYeL+F8cGFKlOykK92jjOzo32GjiLL+1fc69KNhYoULaAE2+WTxeFgzrIOgAMtS3t+uiBGKmD0ysTxOZ825Qg2ko6tcv/13CLNldhgDLg05DJMIFKORJjeCvjM0c9LA1ozhIXMu2eC9T32IuZkVvdyDB72MgYwov4tz22Bhwk0ELjyoXlwZR1GYUdarOSgSGhXEleBAolHHGJnvz+0r0Dt/Xh18+zIc3mPuG4EduUkfITW1ZJXJsJDMYCXiSRErsQ7g2ZoC7hHt2XlARqpcaoRfMsX/7rId7wJh99WlpU8IOOwRqzeJuQgAOQRPpb/DennD338QRm72a8tkb8E5F9ze7gxa6H4wl5Qjh+1ku+rj/nBdHtXt/cExUJSZBuKri7w1shllUgIQDXjc4fn1Ym1uDAa26UWI8Is+H24bGJfcLM/T1WJKTnUVxtEUsIQ/wK3gDqKJZ55r0tbeqOnKqRCfaLFmWm9OYVk5+stxaSMmE9KyYmcHUuYFTHAV+0YXXUTh2OKKIoa3U+Y1FbCFPHkMdeNYPegoWLE3NasxZflrUzJOyV87Jd3DlAExiWRxrrHX4ZXFbRKWE4VPBzHLGZJbULu3yDOctENx2i8hl7jToBGGyqvOGopwPmHbV46NUxXyD063pLxul4iF5zsQSlNjwSqs8D5x96opA7YEcE0KeQsmxrv9aZxxrf8yh6H5eIf9ysRsnXwaNy7wGG3UpGFTz0i1Yq3ja7qnK9IcAEdNKD3GxIIHpIbtZpMST52FSvXOYbByDwWuyA0x8F5VrlAJ/6M4me8CqBCxV+xVwopmAgw6GfMZzb2kBdBu/iPBK0TDafUjg5QGkAae+yD3C1OGdvEgtnNqw4pNT+pbZAgLxNyODz39KpZP5xF8UhKMGGjJcSsSoR/wjw+0CvgKsbNHfEiALPmVnerzav3WOCiZk+oIYf3O78ez0I9hT2Wq89r5BYUkiYHccclxctcc4641BNqG3ChjYkpBfiVVK7MiKaNDS5wU7xdbDGfly2NqEZWTAZP6xXoOVXpPp5/pxWC9jXrRJL7S5rG5Cf7h2u0oHYeu2n8mDAnMPqet/d0Q+8oSZkF98+USGwis4DUc9nZkNyhUahcETdEPU69L6X556NO9PBTeevRrub4jzM3KuTgWr+n6BNllHxYtT7W5JY1BmSzWfRvuXa8Yi6t6E5ExSVHCDc7ErYriFJSHYrz3wruX+Hs5CaqsAJd+8C5z7KCPt6PHmvQGV4SMFOcWoVUPOc8/GEpiEWTK06PsGwQMsfZ6p+3OOXgUsX8aeIuBhuDmcRpmR/YLIyIA9TzH7PmzE4SjCKVYc2zZ6BrrbGqZkLaEE5RrLKiX4aG7SvJKOljZNo3p5gHaxcjyw00vEKBzP3lIkstH+t3E8GIY+Ypw6zCnEEchSc8WLX4tBsB0HC7+c/i8q6Q6a7gPyT8fiyYZbb/Wv+ynjf+D9bF9FJKCKLp0s8RyfE8gGaVX8RIxq0PhD2FMJhSJO/VkNnmDEW8ZFugkrIHzvXvkRNrNye+grDbV5iMjCmkRKHLJTqwA58P6X1Tfbf8HYT1NiG9Bk0pc8vYOwCLfSxvctR9V4TVkOdMaP6orJBk9gl5yd8PZ2IaBBStl3yOLA/R7/C7AOH/18V2ho9QuPgm7W8NQQZ1KRtvss1A3AwYm8a0todwnurkxvqsp+AQFfEUmdBX9hhZdTmPw7mfPHp4YmJbVxFoQDgWICaMG8grwZ2VCGGN4BwvWFoH62ZiuxylOKPfRR3wptJKIiOpgC3rAppfV0QYOxdJ0nTmebUfxv0cqPBcNWo7mqWLmWZkKXeyIBPTThmifRz7PuaIgMsAQhfpzn6EOJqodDV+R/hlbjBlEll52IwU+LVXNh0aUOf7kJcNZAZIjspSVYBBQOq28wQWhf/JE6SMGyr3eXR5fIfZ36FKGKM92xvc9cddZYCevb4PQkVuEqSZgd3WZ4GigKMrHY5VZvxccEMTng2Nr26rKpNvxL1gSRnzfTzy/mVWk4JEVhyOG3jDDqbN6R44l+Zzp/G6A8L2YHjoLtfvZFbiExT2/ETjMZoMPLwRWRIPm3+G7hzwyXQSRmlXJjezo4A9dJuo0yC7RuTy1d/XRzRHLp/5+Tbd0wYjM0/pQNk2DQjbvIYt90xs8aK83brmFoDnXhf9jWbk52xNJIfkBVwALnUR6qq93q+x7gaKWdYTpvmKeOPIOnF5iUyvMjzfq+EYkKsfqdiNrU1sadEKjgMcR4wuYwYf42ZMcH+z76F+10h4kpoOGJl4wA1UUsuhsNmWdZximz/SEm8= rsa-key-2019093",
"georget": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFMvFEa8HMnXQzOZydY/eKiEdOeP/poWbWo3konsabOw george.taylor@digital.justice.gov.uk",
- "maspin" : "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/cv+5KZn2IelWpMq5y6gmvWSm7leQXyq6grcb7l4k+ maspin@unilink.com"
+ "maspin": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/cv+5KZn2IelWpMq5y6gmvWSm7leQXyq6grcb7l4k+ maspin@unilink.com"
},
"test": {
"ranbeers": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAACAEAhVcS1YUNa/ZoXUzQ0UyNX+SEBr4WVAbOBCWHw7VsspeUD6EXjGmlUYu9sTgFTGzOmhPPliKzaC5/h/pOR7+lXgOxoZVJM4rosTR/xjNGFzgEgJdLZ6sVxq60WpD/fW1S3LQrYnYZmlVkIq9zchvHLfB9GwzwKvhUeIFVlEdDrktJAZjnJw8HjfyNGKTZR/IfD/rkCETuad3wXpv7uQPyMkKk+oK+H7toStwfnlyQ439spk5yoVn0Ffob/1D/iZjGTMjtc+nmJoWxP/Hl1+kKn3fIw+DgEWpy1OBoViNvBCjX91KJ5Zc3t5kbQ90q1egKRbySYvzOauu8HMA7Z6yaBSY2OIP4Y8Pq61LviWN96TczVNjIfEU8mKzW+WgdZtjAXypNCmMlsXrtZP9hGKkA18tUVTcNsFRA/IBPhjuIOMMzCQXPtmYQF8si+4agR1WPj0eiJIkLYYXXSTd22y/sr9R85ttOrlDz0UNAERMPRGghFloL94LzUhBqlVd7CZ9M7cUaVfkln8hGuJScXzGA18Ajlf8q0s6MYispZsBRwzaQQgciqZHfsByyXCVGKooCvPy3egUhdsFZ0RmDlxRKlzphv0xLIErwG5MCDvKlSI/WPgQgn4oEcfBDFCXKB0PAErxU+7LuWtD2ak16JCO6VZsa9Ay/UcFps3ju8OOBjzSefh5VvsstPdprBdNqmmkhPI+LmTNlY/sDsuSAdsM9WuzawZBs4o2ub7LBdvzFX+5hD8ilWVOzDWrBRlCogCCxbVTiMefX5vm9yosTkwwp74SDKUoWIvMo9IRzU2n0X0An/aXbgNywhnfDTjp7Q8pO8aVOUS4udYfxRBm7oz63bCkWibLsBOUlUE/JnrA+aGGtJsJQwNsP/YUwBK/VNZxi2kyqVj3dx/q0GVEsGxaN+IvUX12Ew3RPsgK3qFjo9sncSOlBcFWTy0K+PS30O3sg47NyjdJlu5zGblFlxMIM8HduRxSIWzmZcV5enm8eFPY1fMTtSWidOr/DG37hQPzc0l9D97RcKlgYABeMObkGmdnccz8VgHo3qNB1FNDPzZUJviUk7lGj+i5R2iTLiphusCU8NW2CFH7iIGM5OJYEOUMlyHYwFQoshEaBtHXDFH0KoMqa+hN8rGIRxie8F6Ritq+J6Opsv3eKhcGJdu9nqxiDLajaB/TSqWGXGuu9iHnYPThqB2OMlvnOiyRvZj4chak6R8ouIjoBRy3L+M8zK9B4Oy04YqZAs//pfg8SU7nKy29Q5RVbfJiOHBUVAaAxfUG1YP97nuWc+U1N7MWdv7ZHqx6cFLH0rAfDU7B2o0MnkCkbqsc8dyxmZZ7p/y+rAq5975MgBcQTQlYgqTi7aY3FJ7aVCcJFk+s37XvYLE/QIw6zhbrZf5ao0JeUzE7SRIAcy+Ky2ofWHvedcm+nWlArhHpb6oAwubys5hRNwoe1ztYufKYwEDCJ3ir+BadlZv1NiuMLY9LUlhouN3Rr6KHG1+IuB02t7yCM55L6nvlroSgSf5LvJ8WusHkrqDwHUS/395I4Zxf+EIqJIuiAK8o2kuR5DhW4K61wtaEusWWGGC0Z+XWb2rzcRj/mB05O92AyvwZGrePhcqCYylARnURPsAeuozDzJdIhUASU5hhAMkLQX7gxymb74XaIwXZh4LicEXeEDg3J0WgIahSnWkzolaQPhOxIIvAvL1MS2FZNyn8hoPUMpWZQ9oU3kYh6xPKy9FE3HKI6/rHj2uXywChvtZ8Oz2fXGAYc9lE0smbYpbZMNA2zyvrUBeJjH6iV0oVoEdj2kjczUV2ic/wKfu3CgDe95rETk4aAvJPVRsEaCO8DVOlRv16FEbQ35QQS7Qfcx6+g2JYjaIvhOxdbVCL5KdY7HmasFpKH5N877wmzUL5dTKKwtDMF4ohrijgSiXS5lT958TNuygj4CMApu9DnTBoGSRI2z5gNJbkQjrO416NRO83pN3Uo7w6mUfFXjcBYQMI5tOz1npPnvi1gxttrucQrtbpc0Rh966k8hefwljp9RBm639FmZG1uc/y+EAInziuR7dSes93S4qw+VNXZ56h26Z37Ne43dGI7Qt7n7/Dj4p+mpjKVAbtBhj2wuPiTjHODJeonLGtvEpL2ffiwmnmXg6Vd2rADrfNvz2YG6Oxufma4KgaL8aXoTfVhmz4RTNvq7me53CC37kF1KRNOHjE2jrs/aBdRpjM1pdUdtqOvbP/Zn0HX9w9JKYR7jqC75aGtQ1+vJLwyEKqfipq6la85Esk/Ha+t3zZ1aJt0BQ6yuvwvhwh4ji162RKFsXJD8gaQyDSg5JsVZKATWeitxGGAHjbNSBPdQrBOpo8TpGT0zk4ZqmXzdq72yhZnmJ+5FXIPDbM6eM2kviQ7OEHJkYj9PIV6A5+YCQdCfPlDmWsipX4Rtl84uTL91LJdeNQJcoPQpRjzH77bbUFaUINetWBtC0AoJYc6oyX+zPdereVhyehlsu2+8a3fasXZdc+n24bnRKa9Cr/eGUPPk9tNHS7RzPlm2gU7litufzU5jUOxtGMIImJnXuiZow82vDY4Z4cnqF7B3h3qqE6bJeT+rkGMj3CkcxCLGThQg0ViNH/9XnDX7rkKDh3LfHjD+KtDdpHHc4dwFm99RAgjZcvuLqWSGTRCq4lSWW8PyAdmcy+0Mu4X4aQhqCKD15eTB9PfkpucvJ45CpnhDcECUC9qB5TfvRq5BTgBRCjR7/U= rsa-key-20180830",
"billb": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAACAEArGAp8lqSHIP7qpN/TILxmytD8zcYoQYpLFcPWI0rESBeBpIEyXiGbr9VEXhP4HIIj1o0jT49K6s0IQKChnZqvClI/DWrju2IsJpkPmUvuwDAlsR4T8+W1CrI/3a3ZAKEdVKN/BNv2jEdVbEztfhjCvRZwhioxnTjtqet5bC9CqWKwL5dOMGVnswU3gp72Qw+67t5jem1bvfukry9T85YzH8hEAIlyKGcdI1dYdaQoGs8Wm5UiwJCRCa3bQCGz9yNf49/KwGCt2RszITtZEmikvFbGMk4ciEWCEtJgAYXK+fCaaCFOsavsxus9raIKIyGLU1NF2XCMgoYHZ6FT+kifKtzJ4GZntHHompvMt+DDI3aPnpBnPgj5D9S28UI6V0oWvTY4Lttiu93SXHj9TT1dSS764FqOrVA07orQXjYeL+F8cGFKlOykK92jjOzo32GjiLL+1fc69KNhYoULaAE2+WTxeFgzrIOgAMtS3t+uiBGKmD0ysTxOZ825Qg2ko6tcv/13CLNldhgDLg05DJMIFKORJjeCvjM0c9LA1ozhIXMu2eC9T32IuZkVvdyDB72MgYwov4tz22Bhwk0ELjyoXlwZR1GYUdarOSgSGhXEleBAolHHGJnvz+0r0Dt/Xh18+zIc3mPuG4EduUkfITW1ZJXJsJDMYCXiSRErsQ7g2ZoC7hHt2XlARqpcaoRfMsX/7rId7wJh99WlpU8IOOwRqzeJuQgAOQRPpb/DennD338QRm72a8tkb8E5F9ze7gxa6H4wl5Qjh+1ku+rj/nBdHtXt/cExUJSZBuKri7w1shllUgIQDXjc4fn1Ym1uDAa26UWI8Is+H24bGJfcLM/T1WJKTnUVxtEUsIQ/wK3gDqKJZ55r0tbeqOnKqRCfaLFmWm9OYVk5+stxaSMmE9KyYmcHUuYFTHAV+0YXXUTh2OKKIoa3U+Y1FbCFPHkMdeNYPegoWLE3NasxZflrUzJOyV87Jd3DlAExiWRxrrHX4ZXFbRKWE4VPBzHLGZJbULu3yDOctENx2i8hl7jToBGGyqvOGopwPmHbV46NUxXyD063pLxul4iF5zsQSlNjwSqs8D5x96opA7YEcE0KeQsmxrv9aZxxrf8yh6H5eIf9ysRsnXwaNy7wGG3UpGFTz0i1Yq3ja7qnK9IcAEdNKD3GxIIHpIbtZpMST52FSvXOYbByDwWuyA0x8F5VrlAJ/6M4me8CqBCxV+xVwopmAgw6GfMZzb2kBdBu/iPBK0TDafUjg5QGkAae+yD3C1OGdvEgtnNqw4pNT+pbZAgLxNyODz39KpZP5xF8UhKMGGjJcSsSoR/wjw+0CvgKsbNHfEiALPmVnerzav3WOCiZk+oIYf3O78ez0I9hT2Wq89r5BYUkiYHccclxctcc4641BNqG3ChjYkpBfiVVK7MiKaNDS5wU7xdbDGfly2NqEZWTAZP6xXoOVXpPp5/pxWC9jXrRJL7S5rG5Cf7h2u0oHYeu2n8mDAnMPqet/d0Q+8oSZkF98+USGwis4DUc9nZkNyhUahcETdEPU69L6X556NO9PBTeevRrub4jzM3KuTgWr+n6BNllHxYtT7W5JY1BmSzWfRvuXa8Yi6t6E5ExSVHCDc7ErYriFJSHYrz3wruX+Hs5CaqsAJd+8C5z7KCPt6PHmvQGV4SMFOcWoVUPOc8/GEpiEWTK06PsGwQMsfZ6p+3OOXgUsX8aeIuBhuDmcRpmR/YLIyIA9TzH7PmzE4SjCKVYc2zZ6BrrbGqZkLaEE5RrLKiX4aG7SvJKOljZNo3p5gHaxcjyw00vEKBzP3lIkstH+t3E8GIY+Ypw6zCnEEchSc8WLX4tBsB0HC7+c/i8q6Q6a7gPyT8fiyYZbb/Wv+ynjf+D9bF9FJKCKLp0s8RyfE8gGaVX8RIxq0PhD2FMJhSJO/VkNnmDEW8ZFugkrIHzvXvkRNrNye+grDbV5iMjCmkRKHLJTqwA58P6X1Tfbf8HYT1NiG9Bk0pc8vYOwCLfSxvctR9V4TVkOdMaP6orJBk9gl5yd8PZ2IaBBStl3yOLA/R7/C7AOH/18V2ho9QuPgm7W8NQQZ1KRtvss1A3AwYm8a0todwnurkxvqsp+AQFfEUmdBX9hhZdTmPw7mfPHp4YmJbVxFoQDgWICaMG8grwZ2VCGGN4BwvWFoH62ZiuxylOKPfRR3wptJKIiOpgC3rAppfV0QYOxdJ0nTmebUfxv0cqPBcNWo7mqWLmWZkKXeyIBPTThmifRz7PuaIgMsAQhfpzn6EOJqodDV+R/hlbjBlEll52IwU+LVXNh0aUOf7kJcNZAZIjspSVYBBQOq28wQWhf/JE6SMGyr3eXR5fIfZ36FKGKM92xvc9cddZYCevb4PQkVuEqSZgd3WZ4GigKMrHY5VZvxccEMTng2Nr26rKpNvxL1gSRnzfTzy/mVWk4JEVhyOG3jDDqbN6R44l+Zzp/G6A8L2YHjoLtfvZFbiExT2/ETjMZoMPLwRWRIPm3+G7hzwyXQSRmlXJjezo4A9dJuo0yC7RuTy1d/XRzRHLp/5+Tbd0wYjM0/pQNk2DQjbvIYt90xs8aK83brmFoDnXhf9jWbk52xNJIfkBVwALnUR6qq93q+x7gaKWdYTpvmKeOPIOnF5iUyvMjzfq+EYkKsfqdiNrU1sadEKjgMcR4wuYwYf42ZMcH+z76F+10h4kpoOGJl4wA1UUsuhsNmWdZximz/SEm8= rsa-key-2019093",
"georget": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFMvFEa8HMnXQzOZydY/eKiEdOeP/poWbWo3konsabOw george.taylor@digital.justice.gov.uk",
- "maspin" : "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgijnmGaEDQT0aKE7dMVXQP0unnCcQKAYm/nM0Bood/ maspin@unilink.com"
+ "maspin": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgijnmGaEDQT0aKE7dMVXQP0unnCcQKAYm/nM0Bood/ maspin@unilink.com"
}
}
}
diff --git a/terraform/environments/delius-core/modules/components/oracle_db_shared/locals.tf b/terraform/environments/delius-core/modules/components/oracle_db_shared/locals.tf
index 26fb27a8ff4..854545d7c4f 100644
--- a/terraform/environments/delius-core/modules/components/oracle_db_shared/locals.tf
+++ b/terraform/environments/delius-core/modules/components/oracle_db_shared/locals.tf
@@ -2,5 +2,5 @@ locals {
secret_prefix = join("-", [lookup(var.tags, "environment-name", null), lookup(var.tags, "delius-environment", null), lookup(var.tags, "application", null)])
dba_secret_name = "${local.secret_prefix}-dba-passwords"
application_secret_name = "${local.secret_prefix}-application-passwords"
- oem_account_id = var.platform_vars.environment_management.account_ids[join("-",["hmpps-oem", var.account_info.mp_environment])]
+ oem_account_id = var.platform_vars.environment_management.account_ids[join("-", ["hmpps-oem", var.account_info.mp_environment])]
}
\ No newline at end of file
diff --git a/terraform/environments/delius-mis/temp-ec2.tf b/terraform/environments/delius-mis/temp-ec2.tf
index 1c62db8515c..0e605280035 100644
--- a/terraform/environments/delius-mis/temp-ec2.tf
+++ b/terraform/environments/delius-mis/temp-ec2.tf
@@ -57,7 +57,7 @@ resource "aws_vpc_security_group_egress_rule" "ad_tcp" {
}
resource "aws_vpc_security_group_egress_rule" "ad_udp" {
- for_each = toset(["53", "88", "123", "138", "389", "445","464"])
+ for_each = toset(["53", "88", "123", "138", "389", "445", "464"])
description = "Legacy AD UDP"
security_group_id = aws_security_group.example.id
diff --git a/terraform/environments/digital-prison-reporting/locals.tf b/terraform/environments/digital-prison-reporting/locals.tf
index 0ccd80f41a8..6cc5e5feb81 100644
--- a/terraform/environments/digital-prison-reporting/locals.tf
+++ b/terraform/environments/digital-prison-reporting/locals.tf
@@ -228,7 +228,7 @@ locals {
enable_s3_file_transfer_trigger = local.application_data.accounts[local.environment].enable_s3_file_transfer_trigger
# step function notification lambda
- step_function_notification_lambda_handler = "uk.gov.justice.digital.lambda.StepFunctionDMSNotificationLambda::handleRequest"
+ step_function_notification_lambda_handler = "uk.gov.justice.digital.lambda.StepFunctionDMSNotificationLambda::handleRequest"
step_function_notification_lambda_policies = [
"arn:aws:iam::${local.account_id}:policy/${local.kms_read_access_policy}",
"arn:aws:iam::${local.account_id}:policy/${local.all_state_machine_policy}",
diff --git a/terraform/environments/digital-prison-reporting/main.tf b/terraform/environments/digital-prison-reporting/main.tf
index ebc6d5a4f0c..ee11c1e670c 100644
--- a/terraform/environments/digital-prison-reporting/main.tf
+++ b/terraform/environments/digital-prison-reporting/main.tf
@@ -223,10 +223,10 @@ module "glue_hive_table_creation_job" {
)
arguments = {
- "--extra-jars" = local.glue_jobs_latest_jar_location
- "--class" = "uk.gov.justice.digital.job.HiveTableCreationJob"
- "--dpr.aws.region" = local.account_region
- "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
+ "--extra-jars" = local.glue_jobs_latest_jar_location
+ "--class" = "uk.gov.justice.digital.job.HiveTableCreationJob"
+ "--dpr.aws.region" = local.account_region
+ "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
"--dpr.raw.archive.s3.path" = "s3://${module.s3_raw_archive_bucket.bucket_id}"
"--dpr.structured.s3.path" = "s3://${module.s3_structured_bucket.bucket_id}"
"--dpr.curated.s3.path" = "s3://${module.s3_curated_bucket.bucket_id}"
@@ -288,10 +288,10 @@ module "glue_s3_file_transfer_job" {
)
arguments = {
- "--extra-jars" = local.glue_jobs_latest_jar_location
- "--class" = "uk.gov.justice.digital.job.S3FileTransferJob"
- "--dpr.aws.region" = local.account_region
- "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
+ "--extra-jars" = local.glue_jobs_latest_jar_location
+ "--class" = "uk.gov.justice.digital.job.S3FileTransferJob"
+ "--dpr.aws.region" = local.account_region
+ "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
"--dpr.file.transfer.source.bucket" = module.s3_raw_bucket.bucket_id
"--dpr.file.transfer.destination.bucket" = module.s3_raw_archive_bucket.bucket_id
"--dpr.file.transfer.retention.days" = tostring(local.scheduled_s3_file_transfer_retention_days)
@@ -354,10 +354,10 @@ module "glue_switch_prisons_hive_data_location_job" {
)
arguments = {
- "--extra-jars" = local.glue_jobs_latest_jar_location
- "--class" = "uk.gov.justice.digital.job.SwitchHiveTableJob"
- "--dpr.aws.region" = local.account_region
- "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
+ "--extra-jars" = local.glue_jobs_latest_jar_location
+ "--class" = "uk.gov.justice.digital.job.SwitchHiveTableJob"
+ "--dpr.aws.region" = local.account_region
+ "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
"--dpr.prisons.database" = module.glue_prisons_database.db_name
"--dpr.contract.registryName" = module.s3_schema_registry_bucket.bucket_id
"--dpr.schema.cache.max.size" = local.hive_table_creation_job_schema_cache_max_size
@@ -413,10 +413,10 @@ module "glue_s3_data_deletion_job" {
)
arguments = {
- "--extra-jars" = local.glue_jobs_latest_jar_location
- "--class" = "uk.gov.justice.digital.job.S3DataDeletionJob"
- "--dpr.aws.region" = local.account_region
- "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
+ "--extra-jars" = local.glue_jobs_latest_jar_location
+ "--class" = "uk.gov.justice.digital.job.S3DataDeletionJob"
+ "--dpr.aws.region" = local.account_region
+ "--dpr.config.s3.bucket" = module.s3_glue_job_bucket.bucket_id,
"--dpr.allowed.s3.file.extensions" = "*"
"--dpr.log.level" = local.refresh_job_log_level
}
@@ -469,7 +469,7 @@ module "glue_stop_glue_instance_job" {
"--extra-jars" = local.glue_jobs_latest_jar_location
"--class" = "uk.gov.justice.digital.job.StopGlueInstanceJob"
"--dpr.aws.region" = local.account_region
- "--dpr.log.level" = local.refresh_job_log_level
+ "--dpr.log.level" = local.refresh_job_log_level
}
}
diff --git a/terraform/environments/electronic-monitoring-data/data_store.tf b/terraform/environments/electronic-monitoring-data/data_store.tf
index 4032593bf53..2b7eb649400 100644
--- a/terraform/environments/electronic-monitoring-data/data_store.tf
+++ b/terraform/environments/electronic-monitoring-data/data_store.tf
@@ -88,7 +88,7 @@ resource "aws_s3_bucket_notification" "data_store" {
# from landing bucket.
lambda_function {
lambda_function_arn = aws_lambda_function.calculate_checksum_lambda.arn
- events = [
+ events = [
"s3:ObjectCreated:*"
]
}
@@ -147,8 +147,8 @@ resource "aws_iam_role" "calculate_checksum_lambda" {
data "aws_iam_policy_document" "calculate_checksum_lambda" {
statement {
- sid = "S3Permissions"
- effect = "Allow"
+ sid = "S3Permissions"
+ effect = "Allow"
actions = [
"s3:PutObject",
"s3:PutObjectTagging",
@@ -176,7 +176,7 @@ resource "aws_lambda_permission" "s3_allow_calculate_checksum_lambda" {
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.calculate_checksum_lambda.arn
principal = "s3.amazonaws.com"
- source_arn = "${aws_s3_bucket.data_store.arn}"
+ source_arn = aws_s3_bucket.data_store.arn
}
#------------------------------------------------------------------------------
@@ -206,8 +206,8 @@ resource "aws_iam_role" "summarise_zip_lambda" {
data "aws_iam_policy_document" "summarise_zip_lambda" {
statement {
- sid = "S3Permissions"
- effect = "Allow"
+ sid = "S3Permissions"
+ effect = "Allow"
actions = [
"s3:GetObject",
"s3:PutObject",
@@ -228,5 +228,5 @@ resource "aws_lambda_permission" "s3_allow_summarise_zip_lambda" {
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.summarise_zip_lambda.arn
principal = "s3.amazonaws.com"
- source_arn = "${aws_s3_bucket.data_store.arn}"
+ source_arn = aws_s3_bucket.data_store.arn
}
\ No newline at end of file
diff --git a/terraform/environments/electronic-monitoring-data/locals.tf b/terraform/environments/electronic-monitoring-data/locals.tf
index f6cb3dce4a3..50c5fb97664 100644
--- a/terraform/environments/electronic-monitoring-data/locals.tf
+++ b/terraform/environments/electronic-monitoring-data/locals.tf
@@ -4,8 +4,8 @@ locals {
# CAPITA
#----------------------------------------------------------------------------
capita_ssh_keys = [
- "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBFc140uxPfjq1ilaOxcLYbnyIau2vURzKWFHLsxra+5Vf1nSZypOZ/g9eavBxcf2tkxBjgTx06BeRh3j+QhA8rnV9vKtyh9ZXIe5SNcrGlsGLKMyn+eB05Dt2m58oyMwWA==",
- ]
+ "ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBFc140uxPfjq1ilaOxcLYbnyIau2vURzKWFHLsxra+5Vf1nSZypOZ/g9eavBxcf2tkxBjgTx06BeRh3j+QhA8rnV9vKtyh9ZXIe5SNcrGlsGLKMyn+eB05Dt2m58oyMwWA==",
+ ]
capita_cidr_ipv4s = [
"82.203.33.112/28",
"82.203.33.128/28",
@@ -21,7 +21,7 @@ locals {
cidr_ipv4s = local.capita_cidr_ipv4s
cidr_ipv6s = local.capita_cidr_ipv6s
}
-
+
sftp_account_capita_alcohol_monitoring = {
name = "alcohol_monitoring"
ssh_keys = local.capita_ssh_keys
@@ -46,7 +46,7 @@ locals {
#----------------------------------------------------------------------------
# CIVICA
#----------------------------------------------------------------------------
- civica_ssh_keys = [
+ civica_ssh_keys = [
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBK1ZcqH9f7jMPjoOdwQdykQHnOKpmYVVr5gneYtH0KEdhPUdWDE14sh4aOZPl3rDw8Pu7Kj356KJ0FEmKAl3ByJFn6+oBR9GcTpKVmTXUeYlAqptP5Sszr3Zgh0986v8Gw==",
]
civica_cidr_ipv4s = [
@@ -71,14 +71,14 @@ locals {
#----------------------------------------------------------------------------
# G4S
#----------------------------------------------------------------------------
- g4s_ssh_keys = [
+ g4s_ssh_keys = [
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBK85G9UwgU1KKgsYXfTWDsT4MqGSmjku1XGpH1EqmSuXLk5lmwFsgoLqqsROq2oEw2Yrr3uLyNVY2Dl6Pfm+dkdljfbPtqku+AkRSkhDo4K7bIwhWPh7HImcalxhde6BUA== ecdsa-key-20240208",
]
g4s_cidr_ipv4s = [
"18.135.195.129/32",
]
g4s_cidr_ipv6s = []
-
+
sftp_account_g4s_test = {
name = "test"
ssh_keys = local.g4s_ssh_keys
@@ -161,7 +161,7 @@ locals {
#----------------------------------------------------------------------------
sftp_account_dev = {
name = "dev_access"
- ssh_keys = [
+ ssh_keys = [
# Matt Price
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBA3BsCFaNiGxbmJffRi9q/W3aLmZWgqE6QkeFJD5O6F4nDdjsV1R0ZMUvTSoi3tKqoAE+1RYYj2Ra/F1buHov9e+sFPrlMl0wql6uMsBA1ndiIiKuq+NLY1NOxEvqm2J9Q==",
# Matt Heery
diff --git a/terraform/environments/electronic-monitoring-data/modules/landing_zone/landing_zone_user/main.tf b/terraform/environments/electronic-monitoring-data/modules/landing_zone/landing_zone_user/main.tf
index a4c12bfbf3a..91d2309d857 100644
--- a/terraform/environments/electronic-monitoring-data/modules/landing_zone/landing_zone_user/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/landing_zone/landing_zone_user/main.tf
@@ -30,11 +30,11 @@ resource "aws_transfer_user" "this" {
}
resource "aws_iam_role" "this_transfer_user" {
- name = "${var.supplier}-${var.user_name}-transfer-user-iam-role"
- assume_role_policy = data.aws_iam_policy_document.transfer_assume_role.json
+ name = "${var.supplier}-${var.user_name}-transfer-user-iam-role"
+ assume_role_policy = data.aws_iam_policy_document.transfer_assume_role.json
managed_policy_arns = [
"arn:aws:iam::aws:policy/service-role/AWSTransferLoggingAccess"
- ]
+ ]
}
resource "aws_iam_role_policy" "this_transfer_user" {
@@ -68,6 +68,6 @@ resource "aws_transfer_ssh_key" "this" {
server_id = var.transfer_server.id
user_name = aws_transfer_user.this.user_name
- for_each = { for ssh_key in var.ssh_keys : ssh_key => ssh_key }
- body = each.key
+ for_each = { for ssh_key in var.ssh_keys : ssh_key => ssh_key }
+ body = each.key
}
diff --git a/terraform/environments/electronic-monitoring-data/modules/landing_zone/main.tf b/terraform/environments/electronic-monitoring-data/modules/landing_zone/main.tf
index ffbcc36eb69..a27aa16025a 100644
--- a/terraform/environments/electronic-monitoring-data/modules/landing_zone/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/landing_zone/main.tf
@@ -107,7 +107,7 @@ module "log_bucket" {
source_bucket = aws_s3_bucket.landing_bucket
account_id = var.account_id
- tags = {
+ tags = {
supplier = var.supplier
}
}
@@ -381,7 +381,7 @@ module "landing_zone_security_groups" {
locals {
landing_zone_security_group_ids = flatten([
- for module_instance in values(module.landing_zone_security_groups) :
- module_instance.security_group_id
+ for module_instance in values(module.landing_zone_security_groups) :
+ module_instance.security_group_id
])
}
\ No newline at end of file
diff --git a/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/main.tf b/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/main.tf
index 9a9ef49a65f..23c9114bcad 100644
--- a/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/main.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/main.tf
@@ -8,7 +8,7 @@ resource "aws_security_group" "this" {
name = "${var.supplier}-${var.user_name}-inbound-ips"
description = "Allowed IP addresses for ${var.user_name} on ${var.supplier} server"
vpc_id = var.vpc_id
-
+
lifecycle {
create_before_destroy = true
}
diff --git a/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/variables.tf b/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/variables.tf
index 201dbc0435d..ae8f4610b46 100644
--- a/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/variables.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/landing_zone/server_security_group/variables.tf
@@ -21,5 +21,5 @@ variable "user_name" {
}
variable "vpc_id" {
- description = "The vpc used for the SFTP server"
+ description = "The vpc used for the SFTP server"
}
diff --git a/terraform/environments/electronic-monitoring-data/modules/landing_zone/variables.tf b/terraform/environments/electronic-monitoring-data/modules/landing_zone/variables.tf
index 1977d62df0e..245d37bbd6f 100644
--- a/terraform/environments/electronic-monitoring-data/modules/landing_zone/variables.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/landing_zone/variables.tf
@@ -1,5 +1,5 @@
variable "account_id" {
- description = "The AWS account id"
+ description = "The AWS account id"
}
variable "data_store_bucket" {
@@ -7,8 +7,8 @@ variable "data_store_bucket" {
}
variable "subnet_ids" {
- description = "The subnet ids used for the SFTP server"
- type = list(string)
+ description = "The subnet ids used for the SFTP server"
+ type = list(string)
}
variable "supplier" {
@@ -16,17 +16,17 @@ variable "supplier" {
type = string
}
-variable "user_accounts"{
+variable "user_accounts" {
description = "The names of the user accounts to create"
- type = list(object({
+ type = list(object({
name = string
ssh_keys = list(string)
cidr_ipv4s = list(string)
cidr_ipv6s = list(string)
}))
- default = []
+ default = []
}
variable "vpc_id" {
- description = "The vpc used for the SFTP server"
+ description = "The vpc used for the SFTP server"
}
diff --git a/terraform/environments/electronic-monitoring-data/modules/s3_log_bucket/variables.tf b/terraform/environments/electronic-monitoring-data/modules/s3_log_bucket/variables.tf
index 40f714e9d07..ecbf5ac36b6 100644
--- a/terraform/environments/electronic-monitoring-data/modules/s3_log_bucket/variables.tf
+++ b/terraform/environments/electronic-monitoring-data/modules/s3_log_bucket/variables.tf
@@ -1,9 +1,9 @@
variable "account_id" {
- description = "The account id"
+ description = "The account id"
}
variable "source_bucket" {
- description = "The bucket to have server access logging"
+ description = "The bucket to have server access logging"
}
variable "tags" {
diff --git a/terraform/environments/equip/main.tf b/terraform/environments/equip/main.tf
index a115dfda00d..c3389550d21 100644
--- a/terraform/environments/equip/main.tf
+++ b/terraform/environments/equip/main.tf
@@ -738,7 +738,7 @@ locals {
{ Name = "${local.name}-COR-A-GW01-ebs-block-1" }
)
}
-
+
]
tags = merge(local.tags,
{ Name = "${local.name}-COR-A-GW01"
diff --git a/terraform/environments/example/identity_store.tf b/terraform/environments/example/identity_store.tf
index 8101b2d3c71..d0adb1725cf 100644
--- a/terraform/environments/example/identity_store.tf
+++ b/terraform/environments/example/identity_store.tf
@@ -3,7 +3,7 @@ data "aws_ssoadmin_instances" "example" {
}
data "aws_identitystore_group" "example" {
- provider = aws.sso-readonly
+ provider = aws.sso-readonly
identity_store_id = tolist(data.aws_ssoadmin_instances.example.identity_store_ids)[0]
filter {
diff --git a/terraform/environments/hmpps-domain-services/lambda.tf b/terraform/environments/hmpps-domain-services/lambda.tf
index 32d117f2ba9..976df01ef4e 100644
--- a/terraform/environments/hmpps-domain-services/lambda.tf
+++ b/terraform/environments/hmpps-domain-services/lambda.tf
@@ -6,7 +6,7 @@ locals {
module "ad-clean-up-lambda" {
source = "github.com/ministryofjustice/modernisation-platform-terraform-lambda-function" # ref for V3.1
- count = local.environment == "development" ? 1 : 0 # temporary
+ count = local.environment == "development" ? 1 : 0 # temporary
application_name = local.lambda_ad_object_cleanup.function_name
@@ -33,9 +33,9 @@ module "ad-clean-up-lambda" {
}
data "archive_file" "ad-cleanup-lambda" {
- type = "zip"
- source_dir = "lambda/ad-clean-up"
- output_path = "lambda/ad-clean-up/ad-clean-up-lambda-payload-test.zip"
+ type = "zip"
+ source_dir = "lambda/ad-clean-up"
+ output_path = "lambda/ad-clean-up/ad-clean-up-lambda-payload-test.zip"
}
data "aws_iam_policy_document" "lambda_assume_role_policy" {
diff --git a/terraform/environments/hmpps-domain-services/locals_development.tf b/terraform/environments/hmpps-domain-services/locals_development.tf
index fb447947d8d..7551bf9ee3d 100644
--- a/terraform/environments/hmpps-domain-services/locals_development.tf
+++ b/terraform/environments/hmpps-domain-services/locals_development.tf
@@ -65,7 +65,7 @@ locals {
availability_zone = null
ebs_volumes_copy_all_from_ami = false
user_data_raw = base64encode(file("./templates/rds-gateway-user-data.yaml"))
- instance_profile_policies = concat(module.baseline_presets.ec2_instance.config.default.instance_profile_policies, ["SSMPolicy"])
+ instance_profile_policies = concat(module.baseline_presets.ec2_instance.config.default.instance_profile_policies, ["SSMPolicy"])
})
instance = merge(module.baseline_presets.ec2_instance.instance.default, {
vpc_security_group_ids = ["rds-ec2s"]
diff --git a/terraform/environments/maat/api-cw.tf b/terraform/environments/maat/api-cw.tf
index e2227f4298c..9317d10b9fe 100644
--- a/terraform/environments/maat/api-cw.tf
+++ b/terraform/environments/maat/api-cw.tf
@@ -36,7 +36,7 @@ resource "aws_cloudwatch_metric_alarm" "maat_api_ecs_cpu_over_threshold" {
{
Name = "${local.application_name}-api-ECS-CPU-high-threshold-alarm1"
},
- )
+ )
}
resource "aws_cloudwatch_metric_alarm" "maat_api_ecs_memory_over_threshold" {
@@ -62,7 +62,7 @@ resource "aws_cloudwatch_metric_alarm" "maat_api_ecs_memory_over_threshold" {
{
Name = "${local.application_name}-api-ECS-Memory-high-threshold-alarm"
},
- )
+ )
}
# Application Load Balancer Alerting
diff --git a/terraform/environments/maat/api-gw.tf b/terraform/environments/maat/api-gw.tf
index 92d5ee825d2..f75e0015478 100644
--- a/terraform/environments/maat/api-gw.tf
+++ b/terraform/environments/maat/api-gw.tf
@@ -1,7 +1,7 @@
# Variables
locals {
- maat_api_api_scope = local.application_data.accounts[local.environment].maat_api_api_scope
- api_stage_name = "v1"
+ maat_api_api_scope = local.application_data.accounts[local.environment].maat_api_api_scope
+ api_stage_name = "v1"
}
# API Gateway configuration
diff --git a/terraform/environments/maat/application_variables.json b/terraform/environments/maat/application_variables.json
index 2407c996776..ba87d9a32fd 100644
--- a/terraform/environments/maat/application_variables.json
+++ b/terraform/environments/maat/application_variables.json
@@ -31,7 +31,7 @@
"maat_api_ecs_env_TogDataUsername": "togdata",
"maat_api_ecs_cpu_alarm_threshold": 75,
"maat_api_ecs_memory_alarm_threshold": 75,
- "maat_api_ecs_high_cpu_scaling_threshold": 70,
+ "maat_api_ecs_high_cpu_scaling_threshold": 70,
"maat_api_ecs_low_cpu_scaling_threshold": 20,
"maat_api_ecs_high_memory_scaling_threshold": 70,
"maat_api_ecs_low_memory_scaling_threshold": 20,
@@ -77,17 +77,17 @@
"maat_ecs_scaling_target_max": "2",
"maat_ecs_scaling_target_min": "1",
"maat_ecs_service_desired_count": "1",
- "maat_ECSCPUAlarmThreshold":"70",
- "maat_EcsMemoryOverThreshold":"75",
- "maat_ASGStatusFailureAlarmThreshold":"1",
- "maat_ALBTargetResponseTimeThreshold":"0",
- "maat_ALBTargetResponseTimeThresholdMaximum":"60",
- "maat_ALBUnhealthyAlarmThreshold":"0",
- "maat_ALBRejectedAlarmThreshold":"10",
- "maat_ALBTarget5xxAlarmThreshold":"10",
- "maat_ALB5xxAlarmThreshold":"10",
- "maat_ALBTarget4xxAlarmThreshold":"10",
- "maat_ALB4xxAlarmThreshold":"10",
+ "maat_ECSCPUAlarmThreshold": "70",
+ "maat_EcsMemoryOverThreshold": "75",
+ "maat_ASGStatusFailureAlarmThreshold": "1",
+ "maat_ALBTargetResponseTimeThreshold": "0",
+ "maat_ALBTargetResponseTimeThresholdMaximum": "60",
+ "maat_ALBUnhealthyAlarmThreshold": "0",
+ "maat_ALBRejectedAlarmThreshold": "10",
+ "maat_ALBTarget5xxAlarmThreshold": "10",
+ "maat_ALB5xxAlarmThreshold": "10",
+ "maat_ALBTarget4xxAlarmThreshold": "10",
+ "maat_ALB4xxAlarmThreshold": "10",
"maat_pagerduty_integration_key_name": "laa_maat_nonprod_alarms"
},
"test": {
diff --git a/terraform/environments/maat/cloudfront.tf b/terraform/environments/maat/cloudfront.tf
index 0ac90e1974f..8ae56ac5bb9 100644
--- a/terraform/environments/maat/cloudfront.tf
+++ b/terraform/environments/maat/cloudfront.tf
@@ -1,81 +1,81 @@
locals {
- application_url_prefix = "meansassessment"
- lower_env_cloudfront_url = "${local.application_url_prefix}.${data.aws_route53_zone.external.name}"
- custom_header = "X-Custom-Header-LAA-${upper(local.application_name)}"
-
- # TODO Note that the application variable's domain_name will be the actual CloudFront alias for production
- cloudfront_alias = local.environment == "production" ? local.application_data.accounts[local.environment].cloudfront_domain_name : local.lower_env_cloudfront_url
-
-
- cloudfront_default_cache_behavior = {
- smooth_streaming = false
- allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = true
- forwarded_values_headers = ["Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "User-Agent"]
- forwarded_values_cookies_forward = "whitelist"
- forwarded_values_cookies_whitelisted_names = ["AWSALB", "JSESSIONID"]
- viewer_protocol_policy = "https-only"
- }
+ application_url_prefix = "meansassessment"
+ lower_env_cloudfront_url = "${local.application_url_prefix}.${data.aws_route53_zone.external.name}"
+ custom_header = "X-Custom-Header-LAA-${upper(local.application_name)}"
+
+ # TODO Note that the application variable's domain_name will be the actual CloudFront alias for production
+ cloudfront_alias = local.environment == "production" ? local.application_data.accounts[local.environment].cloudfront_domain_name : local.lower_env_cloudfront_url
+
+
+ cloudfront_default_cache_behavior = {
+ smooth_streaming = false
+ allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = true
+ forwarded_values_headers = ["Authorization", "CloudFront-Forwarded-Proto", "CloudFront-Is-Desktop-Viewer", "CloudFront-Is-Mobile-Viewer", "CloudFront-Is-SmartTV-Viewer", "CloudFront-Is-Tablet-Viewer", "CloudFront-Viewer-Country", "Host", "User-Agent"]
+ forwarded_values_cookies_forward = "whitelist"
+ forwarded_values_cookies_whitelisted_names = ["AWSALB", "JSESSIONID"]
+ viewer_protocol_policy = "https-only"
+ }
- # Other cache behaviors are processed in the order in which they're listed in the CloudFront console or, if you're using the CloudFront API, the order in which they're listed in the DistributionConfig element for the distribution.
- cloudfront_ordered_cache_behavior = {
- "cache_behavior_0" = {
- smooth_streaming = false
- path_pattern = "*.png"
- min_ttl = 0
- allowed_methods = ["GET", "HEAD"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = false
- forwarded_values_headers = ["Host", "User-Agent"]
- forwarded_values_cookies_forward = "none"
- viewer_protocol_policy = "https-only"
- },
- "cache_behavior_1" = {
- smooth_streaming = false
- path_pattern = "*.jpg"
- min_ttl = 0
- allowed_methods = ["GET", "HEAD"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = false
- forwarded_values_headers = ["Host", "User-Agent"]
- forwarded_values_cookies_forward = "none"
- viewer_protocol_policy = "https-only"
- },
- "cache_behavior_2" = {
- smooth_streaming = false
- path_pattern = "*.gif"
- min_ttl = 0
- allowed_methods = ["GET", "HEAD"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = false
- forwarded_values_headers = ["Host", "User-Agent"]
- forwarded_values_cookies_forward = "none"
- viewer_protocol_policy = "https-only"
- },
- "cache_behavior_3" = {
- smooth_streaming = false
- path_pattern = "*.css"
- min_ttl = 0
- allowed_methods = ["GET", "HEAD"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = false
- forwarded_values_headers = ["Host", "User-Agent"]
- forwarded_values_cookies_forward = "none"
- viewer_protocol_policy = "https-only"
- },
- "cache_behavior_4" = {
- smooth_streaming = false
- path_pattern = "*.js"
- min_ttl = 0
- allowed_methods = ["GET", "HEAD"]
- cached_methods = ["HEAD", "GET"]
- forwarded_values_query_string = false
- forwarded_values_headers = ["Host", "User-Agent"]
- forwarded_values_cookies_forward = "none"
- viewer_protocol_policy = "https-only"
- }
+ # Other cache behaviors are processed in the order in which they're listed in the CloudFront console or, if you're using the CloudFront API, the order in which they're listed in the DistributionConfig element for the distribution.
+ cloudfront_ordered_cache_behavior = {
+ "cache_behavior_0" = {
+ smooth_streaming = false
+ path_pattern = "*.png"
+ min_ttl = 0
+ allowed_methods = ["GET", "HEAD"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = false
+ forwarded_values_headers = ["Host", "User-Agent"]
+ forwarded_values_cookies_forward = "none"
+ viewer_protocol_policy = "https-only"
+ },
+ "cache_behavior_1" = {
+ smooth_streaming = false
+ path_pattern = "*.jpg"
+ min_ttl = 0
+ allowed_methods = ["GET", "HEAD"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = false
+ forwarded_values_headers = ["Host", "User-Agent"]
+ forwarded_values_cookies_forward = "none"
+ viewer_protocol_policy = "https-only"
+ },
+ "cache_behavior_2" = {
+ smooth_streaming = false
+ path_pattern = "*.gif"
+ min_ttl = 0
+ allowed_methods = ["GET", "HEAD"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = false
+ forwarded_values_headers = ["Host", "User-Agent"]
+ forwarded_values_cookies_forward = "none"
+ viewer_protocol_policy = "https-only"
+ },
+ "cache_behavior_3" = {
+ smooth_streaming = false
+ path_pattern = "*.css"
+ min_ttl = 0
+ allowed_methods = ["GET", "HEAD"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = false
+ forwarded_values_headers = ["Host", "User-Agent"]
+ forwarded_values_cookies_forward = "none"
+ viewer_protocol_policy = "https-only"
+ },
+ "cache_behavior_4" = {
+ smooth_streaming = false
+ path_pattern = "*.js"
+ min_ttl = 0
+ allowed_methods = ["GET", "HEAD"]
+ cached_methods = ["HEAD", "GET"]
+ forwarded_values_query_string = false
+ forwarded_values_headers = ["Host", "User-Agent"]
+ forwarded_values_cookies_forward = "none"
+ viewer_protocol_policy = "https-only"
}
+ }
}
# data "aws_ec2_managed_prefix_list" "cloudfront" {
@@ -114,7 +114,7 @@ data "aws_secretsmanager_secret_version" "cloudfront" {
}
# Mirroring laa-cloudfront-logging-development in laa-dev
-resource "aws_s3_bucket" "cloudfront" {
+resource "aws_s3_bucket" "cloudfront" {
bucket = "laa-${local.application_name}-cloudfront-logging-${local.environment}"
# force_destroy = true # Enable to recreate bucket deleting everything inside
tags = merge(
@@ -234,18 +234,18 @@ resource "aws_cloudfront_distribution" "external" {
bucket = aws_s3_bucket.cloudfront.bucket_domain_name
prefix = local.application_name
}
-
+
web_acl_id = aws_waf_web_acl.waf_acl.id
# This is a required block in Terraform. Here we are having no geo restrictions.
- restrictions {
+ restrictions {
geo_restriction {
restriction_type = "none"
locations = []
}
}
-# is_ipv6_enabled = true
+ # is_ipv6_enabled = true
tags = local.tags
@@ -314,7 +314,7 @@ resource "aws_route53_record" "cloudfront_external_validation_subdomain" {
}
resource "aws_acm_certificate_validation" "cloudfront" {
- provider = aws.us-east-1
+ provider = aws.us-east-1
certificate_arn = aws_acm_certificate.cloudfront.arn
validation_record_fqdns = [local.cloudfront_domain_name_main[0], local.cloudfront_domain_name_sub[0]]
}
diff --git a/terraform/environments/maat/locals.tf b/terraform/environments/maat/locals.tf
index 23e34f9519b..be5cd7f33b9 100644
--- a/terraform/environments/maat/locals.tf
+++ b/terraform/environments/maat/locals.tf
@@ -19,7 +19,7 @@ locals {
maat_api_domain_type_sub = [for k, v in local.maat_api_domain_types : v.type if k != "modernisation-platform.service.justice.gov.uk"]
# For CloudFront validation for MAAT
-
+
cloudfront_domain_types = { for dvo in aws_acm_certificate.cloudfront.domain_validation_options : dvo.domain_name => {
name = dvo.resource_record_name
record = dvo.resource_record_value
diff --git a/terraform/environments/maat/maat-cw.tf b/terraform/environments/maat/maat-cw.tf
index eacd2c1e0bd..50bb30f05f7 100644
--- a/terraform/environments/maat/maat-cw.tf
+++ b/terraform/environments/maat/maat-cw.tf
@@ -175,7 +175,7 @@ resource "aws_cloudwatch_metric_alarm" "maat_UnHealthyHosts" {
treat_missing_data = "notBreaching"
dimensions = {
LoadBalancer = aws_lb.external.name
- TargetGroup = aws_lb_target_group.external.arn
+ TargetGroup = aws_lb_target_group.external.arn
}
comparison_operator = "GreaterThanThreshold"
tags = merge(
@@ -292,7 +292,7 @@ resource "aws_cloudwatch_metric_alarm" "maat_ApplicationELB4xxError" {
evaluation_periods = "5"
alarm_actions = [aws_sns_topic.maat_alerting_topic.arn]
ok_actions = [aws_sns_topic.maat_alerting_topic.arn]
- threshold = local.application_data.accounts[local.environment].maat_ALB4xxAlarmThreshold
+ threshold = local.application_data.accounts[local.environment].maat_ALB4xxAlarmThreshold
treat_missing_data = "notBreaching"
dimensions = {
LoadBalancer = aws_lb.external.name
@@ -451,7 +451,7 @@ locals {
# Create SNS topic
resource "aws_sns_topic" "maat_alerting_topic" {
name = "${local.application_name}-${local.environment}-alerting-topic"
- tags = merge(
+ tags = merge(
local.tags,
{
Name = "${local.application_name}-maat-alerting-topic"
diff --git a/terraform/environments/maat/maat-ecs.tf b/terraform/environments/maat/maat-ecs.tf
index 454212c1be3..8b395b60e16 100644
--- a/terraform/environments/maat/maat-ecs.tf
+++ b/terraform/environments/maat/maat-ecs.tf
@@ -41,28 +41,28 @@ resource "aws_iam_policy" "maat_ec2_instance_role_policy" {
name = "${local.application_name}-ec2-instance-role-policy"
policy = jsonencode({
- Version = "2012-10-17"
- Statement = [
+ Version = "2012-10-17"
+ Statement = [
{
Effect = "Allow"
Action = [
- "ecs:CreateCluster",
- "ecs:DeregisterContainerInstance",
- "ecs:DiscoverPollEndpoint",
- "ecs:Poll",
- "ecs:RegisterContainerInstance",
- "ecs:StartTelemetrySession",
- "ecs:Submit*",
- "logs:CreateLogGroup",
- "logs:CreateLogStream",
- "logs:PutLogEvents",
- "logs:DescribeLogStreams",
- "ecr:*",
- "xray:PutTraceSegments",
- "xray:PutTelemetryRecords",
- "xray:GetSamplingRules",
- "xray:GetSamplingTargets",
- "xray:GetSamplingStatisticSummaries"
+ "ecs:CreateCluster",
+ "ecs:DeregisterContainerInstance",
+ "ecs:DiscoverPollEndpoint",
+ "ecs:Poll",
+ "ecs:RegisterContainerInstance",
+ "ecs:StartTelemetrySession",
+ "ecs:Submit*",
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutLogEvents",
+ "logs:DescribeLogStreams",
+ "ecr:*",
+ "xray:PutTraceSegments",
+ "xray:PutTelemetryRecords",
+ "xray:GetSamplingRules",
+ "xray:GetSamplingTargets",
+ "xray:GetSamplingStatisticSummaries"
]
Resource = "*"
},
@@ -108,9 +108,9 @@ resource "aws_ecs_cluster" "maat_ecs_cluster" {
##### EC2 launch config/template -----
resource "aws_launch_template" "maat_ec2_launch_template" {
- name_prefix = "${local.application_name}-ec2-launch-template"
- image_id = local.application_data.accounts[local.environment].ami_id
- instance_type = local.application_data.accounts[local.environment].instance_type
+ name_prefix = "${local.application_name}-ec2-launch-template"
+ image_id = local.application_data.accounts[local.environment].ami_id
+ instance_type = local.application_data.accounts[local.environment].instance_type
monitoring {
enabled = true
@@ -121,11 +121,11 @@ resource "aws_launch_template" "maat_ec2_launch_template" {
}
network_interfaces {
- security_groups = [aws_security_group.maat_ecs_security_group.id]
+ security_groups = [aws_security_group.maat_ecs_security_group.id]
}
user_data = base64encode(templatefile("maat-ec2-user-data.sh", {
- maat_ec2_log_group = local.application_data.accounts[local.environment].maat_ec2_log_group, app_ecs_cluster = aws_ecs_cluster.maat_ecs_cluster.name }))
+ maat_ec2_log_group = local.application_data.accounts[local.environment].maat_ec2_log_group, app_ecs_cluster = aws_ecs_cluster.maat_ecs_cluster.name }))
tag_specifications {
resource_type = "instance"
@@ -149,12 +149,12 @@ resource "aws_launch_template" "maat_ec2_launch_template" {
#### EC2 Scaling Group -----
resource "aws_autoscaling_group" "maat_ec2_scaling_group" {
- vpc_zone_identifier = sort(data.aws_subnets.shared-private.ids)
- name = "${local.application_name}-EC2-asg"
- desired_capacity = local.application_data.accounts[local.environment].maat_ec2_asg_desired_capacity
- max_size = local.application_data.accounts[local.environment].maat_ec2_asg_max_size
- min_size = local.application_data.accounts[local.environment].maat_ec2_asg_min_size
- metrics_granularity = "1Minute"
+ vpc_zone_identifier = sort(data.aws_subnets.shared-private.ids)
+ name = "${local.application_name}-EC2-asg"
+ desired_capacity = local.application_data.accounts[local.environment].maat_ec2_asg_desired_capacity
+ max_size = local.application_data.accounts[local.environment].maat_ec2_asg_max_size
+ min_size = local.application_data.accounts[local.environment].maat_ec2_asg_min_size
+ metrics_granularity = "1Minute"
launch_template {
@@ -176,21 +176,21 @@ resource "aws_autoscaling_group" "maat_ec2_scaling_group" {
#### EC2 Scaling Policies
resource "aws_autoscaling_policy" "maat_ec2_scaling_up_policy" {
- name = "${local.application_name}-ec2-scaling-up"
- policy_type = "SimpleScaling"
- adjustment_type = "ChangeInCapacity"
+ name = "${local.application_name}-ec2-scaling-up"
+ policy_type = "SimpleScaling"
+ adjustment_type = "ChangeInCapacity"
autoscaling_group_name = aws_autoscaling_group.maat_ec2_scaling_group.name
- cooldown = 60
- scaling_adjustment = 1
+ cooldown = 60
+ scaling_adjustment = 1
}
resource "aws_autoscaling_policy" "maat_ec2_scaling_down_policy" {
- name = "${local.application_name}-ec2-scaling-down"
- policy_type = "SimpleScaling"
- adjustment_type = "ChangeInCapacity"
+ name = "${local.application_name}-ec2-scaling-down"
+ policy_type = "SimpleScaling"
+ adjustment_type = "ChangeInCapacity"
autoscaling_group_name = aws_autoscaling_group.maat_ec2_scaling_group.name
- cooldown = 60
- scaling_adjustment = -1
+ cooldown = 60
+ scaling_adjustment = -1
}
#### ECS Security Groups -----
@@ -220,11 +220,11 @@ resource "aws_security_group_rule" "outbound" {
}
resource "aws_security_group_rule" "maat_sg_rule_int_lb_to_ecs" {
- security_group_id = aws_security_group.maat_ecs_security_group.id
- type = "ingress"
- from_port = 0
- to_port = 0
- protocol = "-1"
+ security_group_id = aws_security_group.maat_ecs_security_group.id
+ type = "ingress"
+ from_port = 0
+ to_port = 0
+ protocol = "-1"
source_security_group_id = aws_security_group.maat_int_lb_sg.id
}
@@ -278,7 +278,7 @@ resource "aws_kms_key_policy" "maat_cloudwatch_logs_policy_ec2" {
resource "aws_cloudwatch_log_group" "ec2_cloudwatch_log_group" {
name = local.application_data.accounts[local.environment].maat_ec2_log_group
retention_in_days = 90
- kms_key_id = aws_kms_key.maat_ec2_cloudwatch_log_key.arn
+ kms_key_id = aws_kms_key.maat_ec2_cloudwatch_log_key.arn
}
##### EC2 CloudWatch Alarms
@@ -357,18 +357,18 @@ resource "aws_iam_policy" "maat_ecs_service_role_policy" {
name = "${local.application_name}-ecs-service-role-policy"
policy = jsonencode({
- Version = "2012-10-17"
- Statement = [
+ Version = "2012-10-17"
+ Statement = [
{
Effect = "Allow"
Action = [
- "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
- "elasticloadbalancing:DeregisterTargets",
- "elasticloadbalancing:Describe*",
- "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
- "elasticloadbalancing:RegisterTargets",
- "ec2:Describe*",
- "ec2:AuthorizeSecurityGroupIngress"
+ "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+ "elasticloadbalancing:DeregisterTargets",
+ "elasticloadbalancing:Describe*",
+ "elasticloadbalancing:RegisterInstancesWithLoadBalancer",
+ "elasticloadbalancing:RegisterTargets",
+ "ec2:Describe*",
+ "ec2:AuthorizeSecurityGroupIngress"
]
Resource = "*"
},
@@ -411,17 +411,17 @@ resource "aws_iam_policy" "maat_ecs_autoscaling_role_policy" {
name = "${local.application_name}-ecs-autoscaling-role-policy"
policy = jsonencode({
- Version = "2012-10-17"
- Statement = [
+ Version = "2012-10-17"
+ Statement = [
{
Effect = "Allow"
Action = [
- "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
- "application-autoscaling:*",
- "cloudwatch:DescribeAlarms",
- "cloudwatch:PutMetricAlarm",
- "ecs:DescribeServices",
- "ecs:UpdateService"
+ "elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
+ "application-autoscaling:*",
+ "cloudwatch:DescribeAlarms",
+ "cloudwatch:PutMetricAlarm",
+ "ecs:DescribeServices",
+ "ecs:UpdateService"
]
Resource = "*"
},
@@ -482,34 +482,34 @@ resource "aws_iam_role_policy_attachment" "maat_ecs_tasks_role_policy_attachment
#### ECS TASK DEFINITION -------
resource "aws_ecs_task_definition" "maat_ecs_task_definition" {
- family = "${local.application_name}-ecs-task-definition"
- execution_role_arn = aws_iam_role.maat_ec2_instance_role.arn
+ family = "${local.application_name}-ecs-task-definition"
+ execution_role_arn = aws_iam_role.maat_ec2_instance_role.arn
# task_role_arn = aws_iam_role.maat_ec2_instance_role.arn
-
- container_definitions = templatefile("maat-task-definition.json",
+
+ container_definitions = templatefile("maat-task-definition.json",
{
- maat_docker_image_tag = local.application_data.accounts[local.environment].maat_docker_image_tag
- xray_docker_image_tag = local.application_data.accounts[local.environment].xray_docker_image_tag
- region = local.application_data.accounts[local.environment].region
- sentry_env = local.environment
- maat_orch_base_url = local.application_data.accounts[local.environment].maat_orch_base_url
- maat_ccp_base_url = local.application_data.accounts[local.environment].maat_ccp_base_url
- maat_orch_oauth_url = local.application_data.accounts[local.environment].maat_orch_oauth_url
- maat_ccc_oauth_url = local.application_data.accounts[local.environment].maat_ccc_oauth_url
- maat_cma_endpoint_auth_url = local.application_data.accounts[local.environment].maat_cma_endpoint_auth_url
- maat_ccp_endpoint_auth_url = local.application_data.accounts[local.environment].maat_ccp_endpoint_auth_url
- maat_db_url = local.application_data.accounts[local.environment].maat_db_url
- maat_ccc_base_url = local.application_data.accounts[local.environment].maat_ccc_base_url
- maat_caa_oauth_url = local.application_data.accounts[local.environment].maat_caa_oauth_url
- maat_bc_endpoint_url = local.application_data.accounts[local.environment].maat_bc_endpoint_url
- maat_mlra_url = local.application_data.accounts[local.environment].maat_mlra_url
- maat_caa_base_url = local.application_data.accounts[local.environment].maat_caa_base_url
- maat_cma_base_url = local.application_data.accounts[local.environment].maat_cma_base_url
- ecr_url = "${local.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/maat-ecr-repo"
- maat_ecs_log_group = local.application_data.accounts[local.environment].maat_ecs_log_group
- maat_aws_stream_prefix = local.application_data.accounts[local.environment].maat_aws_stream_prefix
- env_account_region = local.env_account_region
- env_account_id = local.env_account_id
+ maat_docker_image_tag = local.application_data.accounts[local.environment].maat_docker_image_tag
+ xray_docker_image_tag = local.application_data.accounts[local.environment].xray_docker_image_tag
+ region = local.application_data.accounts[local.environment].region
+ sentry_env = local.environment
+ maat_orch_base_url = local.application_data.accounts[local.environment].maat_orch_base_url
+ maat_ccp_base_url = local.application_data.accounts[local.environment].maat_ccp_base_url
+ maat_orch_oauth_url = local.application_data.accounts[local.environment].maat_orch_oauth_url
+ maat_ccc_oauth_url = local.application_data.accounts[local.environment].maat_ccc_oauth_url
+ maat_cma_endpoint_auth_url = local.application_data.accounts[local.environment].maat_cma_endpoint_auth_url
+ maat_ccp_endpoint_auth_url = local.application_data.accounts[local.environment].maat_ccp_endpoint_auth_url
+ maat_db_url = local.application_data.accounts[local.environment].maat_db_url
+ maat_ccc_base_url = local.application_data.accounts[local.environment].maat_ccc_base_url
+ maat_caa_oauth_url = local.application_data.accounts[local.environment].maat_caa_oauth_url
+ maat_bc_endpoint_url = local.application_data.accounts[local.environment].maat_bc_endpoint_url
+ maat_mlra_url = local.application_data.accounts[local.environment].maat_mlra_url
+ maat_caa_base_url = local.application_data.accounts[local.environment].maat_caa_base_url
+ maat_cma_base_url = local.application_data.accounts[local.environment].maat_cma_base_url
+ ecr_url = "${local.environment_management.account_ids["core-shared-services-production"]}.dkr.ecr.eu-west-2.amazonaws.com/maat-ecr-repo"
+ maat_ecs_log_group = local.application_data.accounts[local.environment].maat_ecs_log_group
+ maat_aws_stream_prefix = local.application_data.accounts[local.environment].maat_aws_stream_prefix
+ env_account_region = local.env_account_region
+ env_account_id = local.env_account_id
}
)
@@ -628,12 +628,12 @@ resource "aws_cloudwatch_log_group" "maat_ecs_cloudwatch_log_group" {
#### ECS Service ------
resource "aws_ecs_service" "maat_ecs_service" {
- name = "${local.application_name}-ecs-service"
- cluster = aws_ecs_cluster.maat_ecs_cluster.id
- desired_count = local.application_data.accounts[local.environment].maat_ecs_service_desired_count
- task_definition = aws_ecs_task_definition.maat_ecs_task_definition.arn
+ name = "${local.application_name}-ecs-service"
+ cluster = aws_ecs_cluster.maat_ecs_cluster.id
+ desired_count = local.application_data.accounts[local.environment].maat_ecs_service_desired_count
+ task_definition = aws_ecs_task_definition.maat_ecs_task_definition.arn
# iam_role = aws_iam_role.maat_ecs_service_role.arn
- depends_on = [aws_lb_listener.external, aws_lb_listener.maat_internal_lb_https_listener]
+ depends_on = [aws_lb_listener.external, aws_lb_listener.maat_internal_lb_https_listener]
ordered_placement_strategy {
field = "attribute:ecs.availability-zone"
@@ -646,7 +646,7 @@ resource "aws_ecs_service" "maat_ecs_service" {
target_group_arn = aws_lb_target_group.external.arn
}
- load_balancer {
+ load_balancer {
container_name = upper(local.application_name)
container_port = 8080
target_group_arn = aws_lb_target_group.maat_internal_lb_target_group.arn
diff --git a/terraform/environments/maat/maat-ext-lb.tf b/terraform/environments/maat/maat-ext-lb.tf
index 02c47e95e3f..780dd644f5f 100644
--- a/terraform/environments/maat/maat-ext-lb.tf
+++ b/terraform/environments/maat/maat-ext-lb.tf
@@ -1,12 +1,12 @@
locals {
- existing_bucket_name = ""
- account_number = local.environment_management.account_ids[terraform.workspace]
- external_lb_idle_timeout = 65
- ext_lb_listener_protocol = "HTTPS"
- ext_lb_ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
- ext_listener_custom_header = "X-Custom-Header-LAA-${upper(local.application_name)}"
- # TODO This URL to access Internal ALB needs to be confirmed, and may need another hosted zone for production
- int_lb_url = local.environment == "production" ? "${local.application_url_prefix}-lb.${data.aws_route53_zone.production-network-services.name}" : "${local.application_url_prefix}-lb.${data.aws_route53_zone.external.name}"
+ existing_bucket_name = ""
+ account_number = local.environment_management.account_ids[terraform.workspace]
+ external_lb_idle_timeout = 65
+ ext_lb_listener_protocol = "HTTPS"
+ ext_lb_ssl_policy = "ELBSecurityPolicy-TLS-1-2-2017-01"
+ ext_listener_custom_header = "X-Custom-Header-LAA-${upper(local.application_name)}"
+ # TODO This URL to access Internal ALB needs to be confirmed, and may need another hosted zone for production
+ int_lb_url = local.environment == "production" ? "${local.application_url_prefix}-lb.${data.aws_route53_zone.production-network-services.name}" : "${local.application_url_prefix}-lb.${data.aws_route53_zone.external.name}"
}
# Terraform module which creates S3 Bucket resources for Load Balancer Access Logs on AWS.
@@ -182,9 +182,9 @@ resource "aws_lb_listener" "external" {
load_balancer_arn = aws_lb.external.arn
port = 443
- protocol = local.ext_lb_listener_protocol
- ssl_policy = local.ext_lb_listener_protocol == "HTTPS" ? local.ext_lb_ssl_policy : null
- certificate_arn = local.ext_lb_listener_protocol == "HTTPS" ? aws_acm_certificate_validation.load_balancers.certificate_arn : null
+ protocol = local.ext_lb_listener_protocol
+ ssl_policy = local.ext_lb_listener_protocol == "HTTPS" ? local.ext_lb_ssl_policy : null
+ certificate_arn = local.ext_lb_listener_protocol == "HTTPS" ? aws_acm_certificate_validation.load_balancers.certificate_arn : null
default_action {
type = "fixed-response"
diff --git a/terraform/environments/maat/maat-int-lb.tf b/terraform/environments/maat/maat-int-lb.tf
index f0d80030550..681cd8bfc62 100644
--- a/terraform/environments/maat/maat-int-lb.tf
+++ b/terraform/environments/maat/maat-int-lb.tf
@@ -17,11 +17,11 @@ resource "aws_security_group" "maat_int_lb_sg" {
resource "aws_security_group_rule" "maat_int_lb_sg_rule_transit_gw" {
security_group_id = aws_security_group.maat_int_lb_sg.id
- type = "ingress"
- protocol = "tcp"
- from_port = 443
- to_port = 443
- cidr_blocks = ["172.20.0.0/16"] #The transit gateway cidr would need to replaced without something equivalent when migrated to MP
+ type = "ingress"
+ protocol = "tcp"
+ from_port = 443
+ to_port = 443
+ cidr_blocks = ["172.20.0.0/16"] #The transit gateway cidr would need to replaced without something equivalent when migrated to MP
}
@@ -39,12 +39,12 @@ resource "aws_lb" "maat_internal_lb" {
enable_deletion_protection = true
-# access_logs {
-# bucket = local.existing_bucket_name != "" ? local.existing_bucket_name : module.lb-s3-access-logs[0].bucket.id
-# prefix = "${local.application_name}-InternalLoadBalancer"
-# enabled = true
-# }
-
+ # access_logs {
+ # bucket = local.existing_bucket_name != "" ? local.existing_bucket_name : module.lb-s3-access-logs[0].bucket.id
+ # prefix = "${local.application_name}-InternalLoadBalancer"
+ # enabled = true
+ # }
+
tags = merge(
local.tags,
{
@@ -59,11 +59,11 @@ resource "aws_lb" "maat_internal_lb" {
######################################
resource "aws_lb_target_group" "maat_internal_lb_target_group" {
- name = "${local.application_name}-Int-LB-TG"
- port = 80
- protocol = "HTTP"
- vpc_id = data.aws_vpc.shared.id
- deregistration_delay = 30
+ name = "${local.application_name}-Int-LB-TG"
+ port = 80
+ protocol = "HTTP"
+ vpc_id = data.aws_vpc.shared.id
+ deregistration_delay = 30
health_check {
interval = 15
@@ -75,9 +75,9 @@ resource "aws_lb_target_group" "maat_internal_lb_target_group" {
}
stickiness {
- enabled = true
- type = "lb_cookie"
- cookie_duration = 10800
+ enabled = true
+ type = "lb_cookie"
+ cookie_duration = 10800
}
}
@@ -127,16 +127,16 @@ resource "aws_route53_record" "internal_lb_non_prod" {
name = local.int_lb_url
type = "CNAME"
ttl = 300
- records = [aws_lb.maat_internal_lb.dns_name]
+ records = [aws_lb.maat_internal_lb.dns_name]
}
resource "aws_route53_record" "internal_lb_prod" {
count = local.environment == "production" ? 1 : 0
provider = aws.core-network-services
zone_id = data.aws_route53_zone.production-network-services.zone_id # TODO The zone may change as this currently points to the same one that hosted the CloudFront record
- name = "tbc" # TODO Production URL to be confirmed
+ name = "tbc" # TODO Production URL to be confirmed
type = "CNAME"
ttl = 300
- records = [aws_lb.maat_internal_lb.dns_name]
+ records = [aws_lb.maat_internal_lb.dns_name]
}
diff --git a/terraform/environments/maat/maat-task-definition.json b/terraform/environments/maat/maat-task-definition.json
index ca0bd68c5c0..ce977629db7 100644
--- a/terraform/environments/maat/maat-task-definition.json
+++ b/terraform/environments/maat/maat-task-definition.json
@@ -1,230 +1,227 @@
[
- {
- "name": "xray-daemon",
- "image": "${ecr_url}:${xray_docker_image_tag}",
- "cpu": 32,
- "memory": 256,
- "portMappings": [
- {
- "containerPort": 2000,
- "hostPort": 0,
- "protocol": "udp"
- }
- ],
- "essential": false,
- "logConfiguration": {
- "logDriver": "awslogs",
- "options": {
- "awslogs-group": "${maat_ecs_log_group}",
- "awslogs-region": "${region}",
- "awslogs-stream-prefix": "${maat_aws_stream_prefix}"
- }
- }
- },
- {
- "name": "MAAT",
- "image": "${ecr_url}:${maat_docker_image_tag}",
- "cpu": 992,
- "memory": 3000,
- "links": [
- "xray-daemon"
- ],
- "portMappings": [
- {
- "containerPort": 8080,
- "hostPort": 0,
- "protocol": "tcp"
- }
- ],
- "essential": true,
- "secrets": [
- {
- "name": "APP_CMA_OAUTH_SCOPE",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_OAUTH_SCOPE"
- },
- {
- "name": "APP_BC_CLIENT_USER_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_BC_CLIENT_USER_ID"
- },
- {
- "name": "APP_CCC_ENDPOINT",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_ENDPOINT"
- },
- {
- "name": "APP_ORCH_OAUTH_SCOPE",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_OAUTH_SCOPE"
- },
- {
- "name": "APP_CCP_CLIENT_SECRET",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_CLIENT_SECRET"
- },
- {
- "name": "APP_GOOGLE_ANALYTICS_4_TAG_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_GOOGLE_ANALYTICS_4_TAG_ID"
- },
- {
- "name": "APP_CMA_CLIENT_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_CLIENT_ID"
- },
- {
- "name": "APP_CMA_CLIENT_SECRET",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_CLIENT_SECRET"
- },
- {
- "name": "APP_BC_CLIENT_ORIG_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_BC_CLIENT_ORIG_ID"
- },
- {
- "name": "APP_DB_PASSWORD",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_DB_PASSWORD"
- },
- {
- "name": "APP_CAA_CLIENT_SECRET",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_CLIENT_SECRET"
- },
- {
- "name": "APP_ORCH_CLIENT_SECRET",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_CLIENT_SECRET"
- },
- {
- "name": "APP_CAA_CLIENT_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_CLIENT_ID"
- },
- {
- "name": "APP_ORCH_CLIENT_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_CLIENT_ID"
- },
- {
- "name": "APP_CCC_CLIENT_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_CLIENT_ID"
- },
- {
- "name": "APP_DB_USERID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_DB_USERID"
- },
- {
- "name": "APP_CCC_CLIENT_SECRET",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_CLIENT_SECRET"
- },
- {
- "name": "APP_ORCH_ENDPOINT",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_ENDPOINT"
- },
- {
- "name": "APP_CCC_OAUTH_SCOPE",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_OAUTH_SCOPE"
- },
- {
- "name": "APP_CCP_CLIENT_ID",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_CLIENT_ID"
- },
- {
- "name": "APP_CCP_ENDPOINT_PROCEEDINGS",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_ENDPOINT_PROCEEDINGS"
- },
- {
- "name": "APP_CAA_ENDPOINT",
- "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_ENDPOINT"
- }
- ],
- "environment": [
-
- {
- "name": "APP_CMA_ENDPOINT_CREATE_ASSESSMENT",
- "value": "/api/internal/v1/assessment/means"
- },
- {
- "name": "APP_ORCH_BASE_URL",
- "value": "${maat_orch_base_url}"
- },
- {
- "name": "APP_BC_SERVICE_NAME",
- "value": ""
- },
- {
- "name": "APP_CCP_OAUTH_SCOPE",
- "value": ""
- },
- {
- "name": "APP_CCP_BASE_URL",
- "value": "${maat_ccp_base_url}"
- },
- {
- "name": "APP_DB_POOL_MAX_CONNECTION",
- "value": "200"
- },
- {
- "name": "APP_TEMP_TRIGGER_GARBAGE",
- "value": "arandomstring"
- },
- {
- "name": "APP_ORCH_OAUTH_URL",
- "value": "${maat_orch_oauth_url}"
- },
- {
- "name": "APP_CCC_OAUTH_URL",
- "value": "${maat_ccc_oauth_url}"
- },
- {
- "name": "APP_LOG_LEVEL",
- "value": "debug"
- },
- {
- "name": "APP_CMA_ENDPOINT_AUTH",
- "value": "${maat_cma_endpoint_auth_url}"
- },
- {
- "name": "APP_CCP_ENDPOINT_AUTH",
- "value": "${maat_ccp_endpoint_auth_url}"
- },
- {
- "name": "APP_DB_URL",
- "value": "${maat_db_url}"
- },
- {
- "name": "APP_CCC_BASE_URL",
- "value": "${maat_ccc_base_url}"
- },
- {
- "name": "APP_CAA_OAUTH_URL",
- "value": "${maat_caa_oauth_url}"
- },
- {
- "name": "SENTRY_ENVIRONMENT",
- "value": "${sentry_env}"
- },
- {
- "name": "APP_BC_ENDPOINT",
- "value": "${maat_bc_endpoint_url}"
- },
- {
- "name": "APP_CAA_OAUTH_SCOPE",
- "value": "caa-api-dev/standard"
- },
- {
- "name": "AWS_XRAY_DAEMON_ADDRESS",
- "value": "xray-daemon:2000"
- },
- {
- "name": "APP_MLRA_LOCATION",
- "value": "${maat_mlra_url}"
- },
- {
- "name": "APP_CAA_BASE_URL",
- "value": "${maat_caa_base_url}"
- },
- {
- "name": "APP_CMA_BASE_URL",
- "value": "${maat_cma_base_url}"
- }
- ],
- "logConfiguration": {
- "logDriver": "awslogs",
- "options": {
- "awslogs-group": "${maat_ecs_log_group}",
- "awslogs-region": "eu-west-2",
- "awslogs-stream-prefix": "${maat_aws_stream_prefix}"
- }
- }
+ {
+ "name": "xray-daemon",
+ "image": "${ecr_url}:${xray_docker_image_tag}",
+ "cpu": 32,
+ "memory": 256,
+ "portMappings": [
+ {
+ "containerPort": 2000,
+ "hostPort": 0,
+ "protocol": "udp"
+ }
+ ],
+ "essential": false,
+ "logConfiguration": {
+ "logDriver": "awslogs",
+ "options": {
+ "awslogs-group": "${maat_ecs_log_group}",
+ "awslogs-region": "${region}",
+ "awslogs-stream-prefix": "${maat_aws_stream_prefix}"
+ }
}
-]
\ No newline at end of file
+ },
+ {
+ "name": "MAAT",
+ "image": "${ecr_url}:${maat_docker_image_tag}",
+ "cpu": 992,
+ "memory": 3000,
+ "links": ["xray-daemon"],
+ "portMappings": [
+ {
+ "containerPort": 8080,
+ "hostPort": 0,
+ "protocol": "tcp"
+ }
+ ],
+ "essential": true,
+ "secrets": [
+ {
+ "name": "APP_CMA_OAUTH_SCOPE",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_OAUTH_SCOPE"
+ },
+ {
+ "name": "APP_BC_CLIENT_USER_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_BC_CLIENT_USER_ID"
+ },
+ {
+ "name": "APP_CCC_ENDPOINT",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_ENDPOINT"
+ },
+ {
+ "name": "APP_ORCH_OAUTH_SCOPE",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_OAUTH_SCOPE"
+ },
+ {
+ "name": "APP_CCP_CLIENT_SECRET",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_CLIENT_SECRET"
+ },
+ {
+ "name": "APP_GOOGLE_ANALYTICS_4_TAG_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_GOOGLE_ANALYTICS_4_TAG_ID"
+ },
+ {
+ "name": "APP_CMA_CLIENT_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_CLIENT_ID"
+ },
+ {
+ "name": "APP_CMA_CLIENT_SECRET",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CMA_CLIENT_SECRET"
+ },
+ {
+ "name": "APP_BC_CLIENT_ORIG_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_BC_CLIENT_ORIG_ID"
+ },
+ {
+ "name": "APP_DB_PASSWORD",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_DB_PASSWORD"
+ },
+ {
+ "name": "APP_CAA_CLIENT_SECRET",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_CLIENT_SECRET"
+ },
+ {
+ "name": "APP_ORCH_CLIENT_SECRET",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_CLIENT_SECRET"
+ },
+ {
+ "name": "APP_CAA_CLIENT_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_CLIENT_ID"
+ },
+ {
+ "name": "APP_ORCH_CLIENT_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_CLIENT_ID"
+ },
+ {
+ "name": "APP_CCC_CLIENT_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_CLIENT_ID"
+ },
+ {
+ "name": "APP_DB_USERID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_DB_USERID"
+ },
+ {
+ "name": "APP_CCC_CLIENT_SECRET",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_CLIENT_SECRET"
+ },
+ {
+ "name": "APP_ORCH_ENDPOINT",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_ORCH_ENDPOINT"
+ },
+ {
+ "name": "APP_CCC_OAUTH_SCOPE",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCC_OAUTH_SCOPE"
+ },
+ {
+ "name": "APP_CCP_CLIENT_ID",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_CLIENT_ID"
+ },
+ {
+ "name": "APP_CCP_ENDPOINT_PROCEEDINGS",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CCP_ENDPOINT_PROCEEDINGS"
+ },
+ {
+ "name": "APP_CAA_ENDPOINT",
+ "valueFrom": "arn:aws:ssm:${env_account_region}:${env_account_id}:parameter/maat/APP_CAA_ENDPOINT"
+ }
+ ],
+ "environment": [
+ {
+ "name": "APP_CMA_ENDPOINT_CREATE_ASSESSMENT",
+ "value": "/api/internal/v1/assessment/means"
+ },
+ {
+ "name": "APP_ORCH_BASE_URL",
+ "value": "${maat_orch_base_url}"
+ },
+ {
+ "name": "APP_BC_SERVICE_NAME",
+ "value": ""
+ },
+ {
+ "name": "APP_CCP_OAUTH_SCOPE",
+ "value": ""
+ },
+ {
+ "name": "APP_CCP_BASE_URL",
+ "value": "${maat_ccp_base_url}"
+ },
+ {
+ "name": "APP_DB_POOL_MAX_CONNECTION",
+ "value": "200"
+ },
+ {
+ "name": "APP_TEMP_TRIGGER_GARBAGE",
+ "value": "arandomstring"
+ },
+ {
+ "name": "APP_ORCH_OAUTH_URL",
+ "value": "${maat_orch_oauth_url}"
+ },
+ {
+ "name": "APP_CCC_OAUTH_URL",
+ "value": "${maat_ccc_oauth_url}"
+ },
+ {
+ "name": "APP_LOG_LEVEL",
+ "value": "debug"
+ },
+ {
+ "name": "APP_CMA_ENDPOINT_AUTH",
+ "value": "${maat_cma_endpoint_auth_url}"
+ },
+ {
+ "name": "APP_CCP_ENDPOINT_AUTH",
+ "value": "${maat_ccp_endpoint_auth_url}"
+ },
+ {
+ "name": "APP_DB_URL",
+ "value": "${maat_db_url}"
+ },
+ {
+ "name": "APP_CCC_BASE_URL",
+ "value": "${maat_ccc_base_url}"
+ },
+ {
+ "name": "APP_CAA_OAUTH_URL",
+ "value": "${maat_caa_oauth_url}"
+ },
+ {
+ "name": "SENTRY_ENVIRONMENT",
+ "value": "${sentry_env}"
+ },
+ {
+ "name": "APP_BC_ENDPOINT",
+ "value": "${maat_bc_endpoint_url}"
+ },
+ {
+ "name": "APP_CAA_OAUTH_SCOPE",
+ "value": "caa-api-dev/standard"
+ },
+ {
+ "name": "AWS_XRAY_DAEMON_ADDRESS",
+ "value": "xray-daemon:2000"
+ },
+ {
+ "name": "APP_MLRA_LOCATION",
+ "value": "${maat_mlra_url}"
+ },
+ {
+ "name": "APP_CAA_BASE_URL",
+ "value": "${maat_caa_base_url}"
+ },
+ {
+ "name": "APP_CMA_BASE_URL",
+ "value": "${maat_cma_base_url}"
+ }
+ ],
+ "logConfiguration": {
+ "logDriver": "awslogs",
+ "options": {
+ "awslogs-group": "${maat_ecs_log_group}",
+ "awslogs-region": "eu-west-2",
+ "awslogs-stream-prefix": "${maat_aws_stream_prefix}"
+ }
+ }
+ }
+]
diff --git a/terraform/environments/maat/waf.tf b/terraform/environments/maat/waf.tf
index d85ed23e34a..f713a8cb54c 100644
--- a/terraform/environments/maat/waf.tf
+++ b/terraform/environments/maat/waf.tf
@@ -1,5 +1,5 @@
locals {
- ip_set_list = [for ip in split("\n", chomp(file("${path.module}/waf_ip_set.txt"))) : ip]
+ ip_set_list = [for ip in split("\n", chomp(file("${path.module}/waf_ip_set.txt"))) : ip]
}
resource "aws_waf_ipset" "allow" {
@@ -7,7 +7,7 @@ resource "aws_waf_ipset" "allow" {
# Ranges from https://github.com/ministryofjustice/moj-ip-addresses/blob/master/moj-cidr-addresses.yml
# disc_internet_pipeline, disc_dom1, moj_digital_wifi, petty_france_office365, petty_france_wifi, ark_internet, gateway_proxies
-
+
# TODO Note that there are CodeBuild IP Addresses here, which may not be required if CodeBuild is no longer needed for the testing
dynamic "ip_set_descriptors" {
diff --git a/terraform/environments/nomis-combined-reporting/locals_test.tf b/terraform/environments/nomis-combined-reporting/locals_test.tf
index 42db281716f..137748f9b58 100644
--- a/terraform/environments/nomis-combined-reporting/locals_test.tf
+++ b/terraform/environments/nomis-combined-reporting/locals_test.tf
@@ -153,7 +153,7 @@ locals {
tags = merge(local.tomcat_admin_ec2_default.tags, {
description = "For testing SAP BI Platform tomcat admin installation and configurations"
nomis-combined-reporting-environment = "t1"
- deployment = "green"
+ deployment = "green"
})
})
t1-ncr-tomcat-admin-b = merge(local.tomcat_admin_ec2_default, {
@@ -169,7 +169,7 @@ locals {
tags = merge(local.tomcat_admin_ec2_default.tags, {
description = "For testing SAP BI Platform tomcat admin installation and configurations"
nomis-combined-reporting-environment = "t1"
- deployment = "green"
+ deployment = "green"
})
})
t1-ncr-bip-cms-a = merge(local.bip_cms_ec2_default, {
@@ -185,7 +185,7 @@ locals {
tags = merge(local.bip_cms_ec2_default.tags, {
description = "For testing SAP BI Platform CMS installation and configurations"
nomis-combined-reporting-environment = "t1"
- deployment = "green"
+ deployment = "green"
})
})
t1-ncr-bip-cms-b = merge(local.bip_cms_ec2_default, {
@@ -201,7 +201,7 @@ locals {
tags = merge(local.bip_cms_ec2_default.tags, {
description = "For testing SAP BI Platform tomcat admin installation and configurations"
nomis-combined-reporting-environment = "t1"
- deployment = "blue"
+ deployment = "blue"
})
})
}
diff --git a/terraform/environments/oasys/locals.tf b/terraform/environments/oasys/locals.tf
index 5044d1c97f1..2efc97641b5 100644
--- a/terraform/environments/oasys/locals.tf
+++ b/terraform/environments/oasys/locals.tf
@@ -38,7 +38,7 @@ locals {
availability_zone = "eu-west-2a"
baseline_presets_options = {
- cloudwatch_log_groups = null
+ cloudwatch_log_groups = null
# cloudwatch_metric_alarms_default_actions = ["dso_pagerduty"]
enable_application_environment_wildcard_cert = true
enable_backup_plan_daily_and_weekly = true
diff --git a/terraform/environments/oasys/locals_preproduction.tf b/terraform/environments/oasys/locals_preproduction.tf
index 45bab5ea15a..4b621a8c884 100644
--- a/terraform/environments/oasys/locals_preproduction.tf
+++ b/terraform/environments/oasys/locals_preproduction.tf
@@ -129,7 +129,7 @@ locals {
"Ec2PreprodDatabasePolicy",
])
})
- user_data_cloud_init = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags, {
+ user_data_cloud_init = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags, {
args = merge(module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_ansible_no_tags.args, {
branch = "oracle_11g_oasys_patchset_addition"
})
@@ -367,7 +367,7 @@ locals {
records = [
# { name = "db.pp.${local.application_name}", type = "A", ttl = "300", records = ["10.40.40.133"] }, # for azure
{ name = "db.pp.${local.application_name}", type = "CNAME", ttl = "300", records = ["pp-oasys-db-a.oasys.hmpps-preproduction.modernisation-platform.internal"] }, # for aws
- { name = "db.pp.onr", type = "CNAME", ttl = "300", records = ["pp-onr-db-a.oasys.hmpps-preproduction.modernisation-platform.internal"] }, # for aws
+ { name = "db.pp.onr", type = "CNAME", ttl = "300", records = ["pp-onr-db-a.oasys.hmpps-preproduction.modernisation-platform.internal"] }, # for aws
]
lb_alias_records = [
# { name = "pp.${local.application_name}", type = "A", lbs_map_key = "public" },
diff --git a/terraform/environments/oasys/main.tf b/terraform/environments/oasys/main.tf
index d54432deb4e..b8f20593ca0 100644
--- a/terraform/environments/oasys/main.tf
+++ b/terraform/environments/oasys/main.tf
@@ -39,7 +39,7 @@ module "baseline" {
aws.us-east-1 = aws.us-east-1
}
- environment = module.environment
+ environment = module.environment
# bastion_linux = merge(
# local.baseline_bastion_linux,
@@ -109,7 +109,7 @@ module "baseline" {
local.baseline_lbs,
lookup(local.environment_config, "baseline_lbs", {})
)
- resource_explorer = true
+ resource_explorer = true
route53_resolvers = merge(
module.baseline_presets.route53_resolvers,
local.baseline_route53_resolvers,
@@ -132,7 +132,7 @@ module "baseline" {
local.baseline_security_groups,
lookup(local.environment_config, "baseline_security_groups", {})
)
- sns_topics = merge(
+ sns_topics = merge(
module.baseline_presets.sns_topics,
local.baseline_sns_topics,
lookup(local.environment_config, "baseline_sns_topics", {})
diff --git a/terraform/environments/planetfm/locals_defaults.tf b/terraform/environments/planetfm/locals_defaults.tf
index 211065e5ab8..5698b3907e2 100644
--- a/terraform/environments/planetfm/locals_defaults.tf
+++ b/terraform/environments/planetfm/locals_defaults.tf
@@ -19,7 +19,7 @@ locals {
module.baseline_presets.cloudwatch_metric_alarms.ec2_cwagent_windows,
{
instance-or-cloudwatch-agent-stopped = merge(module.baseline_presets.cloudwatch_metric_alarms_by_sns_topic["planetfm_pagerduty"].ec2_instance_or_cwagent_stopped_windows["instance-or-cloudwatch-agent-stopped"], {
- threshold = "0"
+ threshold = "0"
evaluation_periods = "5"
datapoints_to_alarm = "2"
period = "60"
diff --git a/terraform/environments/ppud/cloudwatch_windows.tf b/terraform/environments/ppud/cloudwatch_windows.tf
index 830a82e7913..b1bce5a9193 100644
--- a/terraform/environments/ppud/cloudwatch_windows.tf
+++ b/terraform/environments/ppud/cloudwatch_windows.tf
@@ -313,7 +313,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareScanStarted" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareScanStarted = "$MalwareScanStarted"
}
}
@@ -329,7 +329,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareScanFinished" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareScanFinished = "$MalwareScanFinished"
}
}
@@ -345,7 +345,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareScanStopped" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareScanStopped = "$MalwareScanStopped"
}
}
@@ -361,7 +361,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareScanFailed" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareScanFailed = "$MalwareScanFailed"
}
}
@@ -377,7 +377,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareBehaviorDetected" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareBehaviorDetected = "$MalwareBehaviorDetected"
}
}
@@ -393,7 +393,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareStateDetected" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareStateDetected = "$MalwareStateDetected"
}
}
@@ -409,7 +409,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareSignatureFailed" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareSignatureFailed = "$MalwareSignatureFailed"
}
}
@@ -425,7 +425,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareEngineFailed" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareEngineFailed = "$MalwareEngineFailed"
}
}
@@ -441,7 +441,7 @@ resource "aws_cloudwatch_log_metric_filter" "MalwareEngineOutofDate" {
namespace = "WindowsDefender"
value = "1"
dimensions = {
- Instance = "$Instance"
+ Instance = "$Instance"
MalwareEngineOutofDate = "$MalwareEngineOutofDate"
}
}
diff --git a/terraform/environments/ppud/iam.tf b/terraform/environments/ppud/iam.tf
index b40c1353d6c..b34bed7ccfb 100644
--- a/terraform/environments/ppud/iam.tf
+++ b/terraform/environments/ppud/iam.tf
@@ -223,7 +223,7 @@ data "aws_iam_policy_document" "sns_topic_policy_ec2cw" {
## UAT
data "aws_iam_policy_document" "sns_topic_policy_uat_ec2cw" {
- count = local.is-preproduction == true ? 1 : 0
+ count = local.is-preproduction == true ? 1 : 0
policy_id = "SnsUATTopicId"
statement {
sid = "statement1"