Merge pull request #83 from nhsconnect/PRMT-4703

[PRMT-4703] Allow outbound TCP traffic to DynamoDB

terraform/ecs-task.tf

@@ -87,6 +87,14 @@ resource "aws_security_group" "ecs-tasks-sg" {
     cidr_blocks = [data.aws_vpc.mhs.cidr_block]
   }
 
+  egress {
+    description     = "Allow outbound HTTPS traffic to dynamodb"
+    protocol        = "tcp"
+    from_port       = 443
+    to_port         = 443
+    prefix_list_ids = [data.aws_ssm_parameter.dynamodb_prefix_list_id.value]
+  }
+
   egress {
     description     = "Allow outbound HTTPS traffic to s3"
     protocol        = "tcp"
@@ -117,11 +125,14 @@ data "aws_vpc" "mhs" {
   }
 }
 
+data "aws_ssm_parameter" "dynamodb_prefix_list_id" {
+  name = "/repo/${var.environment}/output/prm-deductions-infra/deductions-core/dynamodb_prefix_list_id"
+}
+
 data "aws_ssm_parameter" "s3_prefix_list_id" {
   name = "/repo/${var.environment}/output/prm-deductions-infra/deductions-core/s3-prefix-list-id"
 }
 
-
 resource "aws_security_group" "vpn_to_ehr_repo_ecs" {
   count       = var.allow_vpn_to_ecs_tasks ? 1 : 0
   name        = "${var.environment}-vpn-to-${var.component_name}-ecs"