From bd8c2453e3e01637265fe0b4d1d0cd1549d18529 Mon Sep 17 00:00:00 2001 From: Andrew Pearce Date: Tue, 31 Dec 2024 14:52:56 +0000 Subject: [PATCH] don't build egress checker by default --- terraform/environment/region/egress-checker.tf | 5 +++-- terraform/environment/region/variables.tf | 10 ++++++++++ terraform/environment/regions.tf | 7 +++++++ 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/terraform/environment/region/egress-checker.tf b/terraform/environment/region/egress-checker.tf index 0895f8766e..f4d617980b 100644 --- a/terraform/environment/region/egress-checker.tf +++ b/terraform/environment/region/egress-checker.tf @@ -1,7 +1,8 @@ module "egress_checker" { + count = 0 source = "./modules/egress_checker" - lambda_function_image_ecr_url = "311462405659.dkr.ecr.eu-west-1.amazonaws.com/egress-checker" - lambda_function_image_tag = var.app_service_container_version + lambda_function_image_ecr_url = var.egress_checker_repository_url + lambda_function_image_tag = var.egress_checker_container_version event_received_lambda_role = var.iam_roles.event_received_lambda vpc_config = { subnet_ids = data.aws_subnet.application[*].id diff --git a/terraform/environment/region/variables.tf b/terraform/environment/region/variables.tf index 9b4a65e6ec..ce37f32561 100644 --- a/terraform/environment/region/variables.tf +++ b/terraform/environment/region/variables.tf @@ -194,3 +194,13 @@ variable "waf_alb_association_enabled" { description = "Enable WAF association with the ALBs" default = true } + +variable "egress_checker_repository_url" { + type = string + description = "Repository URL for the egress-checker lambda function" +} + +variable "egress_checker_container_version" { + type = string + description = "Container version the egress-checker lambda function" +} diff --git a/terraform/environment/regions.tf b/terraform/environment/regions.tf index f35a37f7d0..caa4859944 100644 --- a/terraform/environment/regions.tf +++ b/terraform/environment/regions.tf @@ -13,6 +13,11 @@ data "aws_ecr_repository" "mock_pay" { provider = aws.management_eu_west_1 } +data "aws_ecr_repository" "egress_checker" { + name = "egress-checker" + provider = aws.management_eu_west_1 +} + data "aws_ecr_image" "mock_onelogin" { repository_name = data.aws_ecr_repository.mock_onelogin.name image_tag = "latest" @@ -46,6 +51,8 @@ module "eu_west_1" { mock_onelogin_service_container_version = data.aws_ecr_image.mock_onelogin.id mock_pay_service_repository_url = data.aws_ecr_repository.mock_pay.repository_url mock_pay_service_container_version = var.container_version + egress_checker_repository_url = data.aws_ecr_repository.egress_checker.repository_url + egress_checker_container_version = var.container_version ingress_allow_list_cidr = module.allow_list.moj_sites alb_deletion_protection_enabled = local.environment.application_load_balancer.deletion_protection_enabled waf_alb_association_enabled = local.environment.application_load_balancer.waf_alb_association_enabled