don't build egress checker by default

ministryofjustice · Dec 31, 2024 · bd8c245 · bd8c245
1 parent 65adeb0
commit bd8c245
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 2 deletions.
diff --git a/terraform/environment/region/egress-checker.tf b/terraform/environment/region/egress-checker.tf
@@ -1,7 +1,8 @@
 module "egress_checker" {
+  count                         = 0
   source                        = "./modules/egress_checker"
-  lambda_function_image_ecr_url = "311462405659.dkr.ecr.eu-west-1.amazonaws.com/egress-checker"
-  lambda_function_image_tag     = var.app_service_container_version
+  lambda_function_image_ecr_url = var.egress_checker_repository_url
+  lambda_function_image_tag     = var.egress_checker_container_version
   event_received_lambda_role    = var.iam_roles.event_received_lambda
   vpc_config = {
     subnet_ids         = data.aws_subnet.application[*].id

diff --git a/terraform/environment/region/variables.tf b/terraform/environment/region/variables.tf
@@ -194,3 +194,13 @@ variable "waf_alb_association_enabled" {
   description = "Enable WAF association with the ALBs"
   default     = true
 }
+
+variable "egress_checker_repository_url" {
+  type        = string
+  description = "Repository URL for the egress-checker lambda function"
+}
+
+variable "egress_checker_container_version" {
+  type        = string
+  description = "Container version the egress-checker lambda function"
+}
diff --git a/terraform/environment/regions.tf b/terraform/environment/regions.tf
@@ -13,6 +13,11 @@ data "aws_ecr_repository" "mock_pay" {
   provider = aws.management_eu_west_1
 }
 
+data "aws_ecr_repository" "egress_checker" {
+  name     = "egress-checker"
+  provider = aws.management_eu_west_1
+}
+
 data "aws_ecr_image" "mock_onelogin" {
   repository_name = data.aws_ecr_repository.mock_onelogin.name
   image_tag       = "latest"
@@ -46,6 +51,8 @@ module "eu_west_1" {
   mock_onelogin_service_container_version = data.aws_ecr_image.mock_onelogin.id
   mock_pay_service_repository_url         = data.aws_ecr_repository.mock_pay.repository_url
   mock_pay_service_container_version      = var.container_version
+  egress_checker_repository_url           = data.aws_ecr_repository.egress_checker.repository_url
+  egress_checker_container_version        = var.container_version
   ingress_allow_list_cidr                 = module.allow_list.moj_sites
   alb_deletion_protection_enabled         = local.environment.application_load_balancer.deletion_protection_enabled
   waf_alb_association_enabled             = local.environment.application_load_balancer.waf_alb_association_enabled