From 1aa411694ab8960d9beaae251014b776d8bd9b19 Mon Sep 17 00:00:00 2001 From: Joe Fong Date: Mon, 22 Jul 2024 17:03:31 +0100 Subject: [PATCH 1/2] [PRMP-614] Bump up lambda runtime python version --- terraform/generate_cost_report.tf | 2 +- terraform/notification_lambda.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/terraform/generate_cost_report.tf b/terraform/generate_cost_report.tf index 72786f8..43b25b9 100644 --- a/terraform/generate_cost_report.tf +++ b/terraform/generate_cost_report.tf @@ -4,7 +4,7 @@ resource "aws_lambda_function" "generate_cost_report_lambda" { role = aws_iam_role.generate-cost-report-role.arn handler = "main.lambda_handler" source_code_hash = filebase64sha256(var.generate_cost_report_lambda_zip) - runtime = "python3.8" + runtime = "python3.12" timeout = 15 memory_size = 448 tags = { diff --git a/terraform/notification_lambda.tf b/terraform/notification_lambda.tf index a9d7193..094074a 100644 --- a/terraform/notification_lambda.tf +++ b/terraform/notification_lambda.tf @@ -9,7 +9,7 @@ resource "aws_lambda_function" "alarm_notifications_lambda" { role = aws_iam_role.alarm_notifications_lambda_role.arn handler = "main.lambda_handler" source_code_hash = filebase64sha256(var.alarm_lambda_zip) - runtime = "python3.8" + runtime = "python3.12" timeout = 15 tags = { Environment = var.environment From 0375301ea5eb56071492109a2684da457438f460 Mon Sep 17 00:00:00 2001 From: Joe Fong Date: Tue, 23 Jul 2024 15:43:57 +0100 Subject: [PATCH 2/2] run formatter --- terraform/dev.tfvars | 20 ++++++++--------- terraform/generate_cost_report.tf | 30 +++++++++++++------------- terraform/glue.tf | 2 +- terraform/iam.tf | 16 +++++++------- terraform/main.tf | 2 +- terraform/notification_lambda.tf | 14 ++++++------ terraform/output.tf | 4 ++-- terraform/perf.tfvars | 16 +++++++------- terraform/private_zone.tf | 24 ++++++++++----------- terraform/public_zone.tf | 24 ++++++++++----------- terraform/terraform.tfvars | 36 +++++++++++++++---------------- terraform/test.tfvars | 22 +++++++++---------- terraform/vpc-peering.tf | 4 ++-- 13 files changed, 107 insertions(+), 107 deletions(-) diff --git a/terraform/dev.tfvars b/terraform/dev.tfvars index 72f5477..1d915d1 100644 --- a/terraform/dev.tfvars +++ b/terraform/dev.tfvars @@ -1,6 +1,6 @@ environment = "dev" -mhs_cidr_newbits=8 +mhs_cidr_newbits = 8 deductions_private_cidr = "10.20.0.0/16" deductions_private_public_subnets = ["10.20.101.0/24", "10.20.102.0/24"] @@ -14,22 +14,22 @@ deductions_core_private_subnets = ["10.25.1.0/24", "10.25.2.0/24"] deductions_core_database_subnets = ["10.25.111.0/24", "10.25.112.0/24"] deductions_core_azs = ["eu-west-2a", "eu-west-2b"] -mhs_repo_private_subnets = ["10.34.0.0/22", "10.34.4.0/22", "10.34.8.0/22"] -mhs_repo_public_subnets_inbound = ["10.34.12.0/22", "10.34.16.0/22", "10.34.20.0/22"] -mhs_repo_public_subnets_outbound = ["10.34.24.0/22", "10.34.28.0/22", "10.34.32.0/22"] -mhs_test_harness_private_subnets = ["10.34.128.0/22", "10.34.132.0/22", "10.34.136.0/22"] -mhs_test_harness_public_subnets_inbound = ["10.34.140.0/22", "10.34.144.0/22", "10.34.148.0/22"] +mhs_repo_private_subnets = ["10.34.0.0/22", "10.34.4.0/22", "10.34.8.0/22"] +mhs_repo_public_subnets_inbound = ["10.34.12.0/22", "10.34.16.0/22", "10.34.20.0/22"] +mhs_repo_public_subnets_outbound = ["10.34.24.0/22", "10.34.28.0/22", "10.34.32.0/22"] +mhs_test_harness_private_subnets = ["10.34.128.0/22", "10.34.132.0/22", "10.34.136.0/22"] +mhs_test_harness_public_subnets_inbound = ["10.34.140.0/22", "10.34.144.0/22", "10.34.148.0/22"] mhs_test_harness_public_subnets_outbound = ["10.34.152.0/22", "10.34.156.0/22", "10.34.160.0/22"] -repo_mhs_cluster_domain_name = "mhs.patient-deductions.nhs.uk" +repo_mhs_cluster_domain_name = "mhs.patient-deductions.nhs.uk" test_harness_mhs_cluster_domain_name = "test-harness-mhs.patient-deductions.nhs.uk" -mhs_vpc_cidr_block = "10.34.0.0/16" +mhs_vpc_cidr_block = "10.34.0.0/16" -deploy_mhs_test_harness = true +deploy_mhs_test_harness = true deploy_cross_account_vpc_peering = true -inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32","3.11.177.31/32","35.177.15.89/32","3.11.199.83/32","18.132.113.121/32","18.132.31.159/32","35.178.64.126/32"] +inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32", "3.11.177.31/32", "35.177.15.89/32", "3.11.199.83/32", "18.132.113.121/32", "18.132.31.159/32", "35.178.64.126/32"] grant_access_to_queues_through_vpn = true diff --git a/terraform/generate_cost_report.tf b/terraform/generate_cost_report.tf index 43b25b9..55cd8e7 100644 --- a/terraform/generate_cost_report.tf +++ b/terraform/generate_cost_report.tf @@ -1,25 +1,25 @@ resource "aws_lambda_function" "generate_cost_report_lambda" { - filename = var.generate_cost_report_lambda_zip - function_name = "${var.environment}-generate-cost-report-lambda" - role = aws_iam_role.generate-cost-report-role.arn - handler = "main.lambda_handler" + filename = var.generate_cost_report_lambda_zip + function_name = "${var.environment}-generate-cost-report-lambda" + role = aws_iam_role.generate-cost-report-role.arn + handler = "main.lambda_handler" source_code_hash = filebase64sha256(var.generate_cost_report_lambda_zip) - runtime = "python3.12" - timeout = 15 - memory_size = 448 + runtime = "python3.12" + timeout = 15 + memory_size = 448 tags = { Environment = var.environment CreatedBy = var.repo_name } environment { variables = { - ENVIRONMENT = var.environment, - SENDER_EMAIL_SSM_PARAMETER = data.aws_ssm_parameter.sender_cost_report_email_id.name, + ENVIRONMENT = var.environment, + SENDER_EMAIL_SSM_PARAMETER = data.aws_ssm_parameter.sender_cost_report_email_id.name, RECEIVER_EMAIL_SSM_PARAMETER = data.aws_ssm_parameter.receiver_cost_report_email_id.name - SUPPORT_EMAIL_SSM_PARAMETER = data.aws_ssm_parameter.support_cost_report_email_id.name - ACCOUNT_ID = data.aws_caller_identity.current.account_id - GENERATE_REPORT_FOR_YEAR = "" - GENERATE_REPORT_FOR_MONTH = "" + SUPPORT_EMAIL_SSM_PARAMETER = data.aws_ssm_parameter.support_cost_report_email_id.name + ACCOUNT_ID = data.aws_caller_identity.current.account_id + GENERATE_REPORT_FOR_YEAR = "" + GENERATE_REPORT_FOR_MONTH = "" } } } @@ -35,9 +35,9 @@ resource "aws_cloudwatch_event_rule" "generate_cost_report_end_of_every_month" { } resource "aws_cloudwatch_event_target" "invoke_generate_cost_report_lambda" { - rule = aws_cloudwatch_event_rule.generate_cost_report_end_of_every_month.name + rule = aws_cloudwatch_event_rule.generate_cost_report_end_of_every_month.name target_id = "InvokeLambda" - arn = aws_lambda_function.generate_cost_report_lambda.arn + arn = aws_lambda_function.generate_cost_report_lambda.arn } resource "aws_lambda_permission" "allow_invocation_from_event_bridge_rule" { diff --git a/terraform/glue.tf b/terraform/glue.tf index 754ea1e..9823e19 100644 --- a/terraform/glue.tf +++ b/terraform/glue.tf @@ -13,7 +13,7 @@ resource "aws_glue_crawler" "generate_cost_report_crawler" { } resource "aws_iam_role" "generate_cost_report_glue_role" { - name = "${var.environment}-generate-cost-report-glue-role" + name = "${var.environment}-generate-cost-report-glue-role" description = "Glue Role to allow access to the billing reports" assume_role_policy = data.aws_iam_policy_document.generate_cost_report_glue_assume_role_policy.json } diff --git a/terraform/iam.tf b/terraform/iam.tf index b16a474..f3c4c9b 100644 --- a/terraform/iam.tf +++ b/terraform/iam.tf @@ -1,7 +1,7 @@ locals { receiver_email_arns = split(",", "arn:aws:ses:${var.region}:${local.account_id}:identity/${join(",arn:aws:ses:${var.region}:${local.account_id}:identity/", split(",", data.aws_ssm_parameter.receiver_cost_report_email_id.value))}") - support_email_arns = split(",", "arn:aws:ses:${var.region}:${local.account_id}:identity/${join(",arn:aws:ses:${var.region}:${local.account_id}:identity/", split(",", data.aws_ssm_parameter.support_cost_report_email_id.value))}") - sender_email_arn = ["arn:aws:ses:${var.region}:${local.account_id}:identity/${data.aws_ssm_parameter.sender_cost_report_email_id.value}"] + support_email_arns = split(",", "arn:aws:ses:${var.region}:${local.account_id}:identity/${join(",arn:aws:ses:${var.region}:${local.account_id}:identity/", split(",", data.aws_ssm_parameter.support_cost_report_email_id.value))}") + sender_email_arn = ["arn:aws:ses:${var.region}:${local.account_id}:identity/${data.aws_ssm_parameter.sender_cost_report_email_id.value}"] } data "aws_ssm_parameter" "splunk_trusted_principal" { @@ -9,8 +9,8 @@ data "aws_ssm_parameter" "splunk_trusted_principal" { } resource "aws_iam_role" "splunk_sqs_forwarder" { - name = "SplunkSqsForwarder" - description = "Role to allow repo to integrate with splunk" + name = "SplunkSqsForwarder" + description = "Role to allow repo to integrate with splunk" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [ @@ -49,15 +49,15 @@ data "aws_iam_policy_document" "splunk_access_policy_document" { resources = ["arn:aws:sqs:*:*:*-audit", "arn:aws:sqs:*:*:*-audit-uploader"] } statement { - effect = "Allow" - actions = ["kms:Decrypt"] + effect = "Allow" + actions = ["kms:Decrypt"] resources = ["*"] } } resource "aws_iam_role" "generate-cost-report-role" { - name = "GenerateCostReportLambdaExecution" - description = "Role to generate the cost report" + name = "GenerateCostReportLambdaExecution" + description = "Role to generate the cost report" assume_role_policy = jsonencode({ Version = "2012-10-17" Statement = [ diff --git a/terraform/main.tf b/terraform/main.tf index 3bcdc14..6965696 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -1,5 +1,5 @@ provider "aws" { - region = var.region + region = var.region } provider "aws" { diff --git a/terraform/notification_lambda.tf b/terraform/notification_lambda.tf index 094074a..64dbf74 100644 --- a/terraform/notification_lambda.tf +++ b/terraform/notification_lambda.tf @@ -1,16 +1,16 @@ locals { alarm_webhook_ssm_path = "/repo/${var.environment}/user-input/external/alarm-notifications-webhook-url" - account_id = data.aws_caller_identity.current.account_id + account_id = data.aws_caller_identity.current.account_id } resource "aws_lambda_function" "alarm_notifications_lambda" { - filename = var.alarm_lambda_zip - function_name = "${var.environment}-alarm-notifications-lambda" - role = aws_iam_role.alarm_notifications_lambda_role.arn - handler = "main.lambda_handler" + filename = var.alarm_lambda_zip + function_name = "${var.environment}-alarm-notifications-lambda" + role = aws_iam_role.alarm_notifications_lambda_role.arn + handler = "main.lambda_handler" source_code_hash = filebase64sha256(var.alarm_lambda_zip) - runtime = "python3.12" - timeout = 15 + runtime = "python3.12" + timeout = 15 tags = { Environment = var.environment CreatedBy = var.repo_name diff --git a/terraform/output.tf b/terraform/output.tf index 8d46c63..76391e2 100644 --- a/terraform/output.tf +++ b/terraform/output.tf @@ -1,6 +1,6 @@ # Deductions Private Outputs output "deductions_private_private_subnets" { - value = module.deductions-private.deductions_private_private_subnets + value = module.deductions-private.deductions_private_private_subnets } output "dns_server_1" { @@ -8,5 +8,5 @@ output "dns_server_1" { } output "deductions_core_private_subnets" { - value = module.deductions-core.deductions_core_private_subnets + value = module.deductions-core.deductions_core_private_subnets } diff --git a/terraform/perf.tfvars b/terraform/perf.tfvars index c407adb..0e178d3 100644 --- a/terraform/perf.tfvars +++ b/terraform/perf.tfvars @@ -1,19 +1,19 @@ environment = "perf" -deductions_private_cidr = "10.24.0.0/16" -deductions_core_cidr = "10.29.0.0/16" +deductions_private_cidr = "10.24.0.0/16" +deductions_core_cidr = "10.29.0.0/16" -deductions_private_public_subnets = ["10.24.101.0/24", "10.24.102.0/24"] -deductions_private_private_subnets = ["10.24.1.0/24", "10.24.2.0/24"] -deductions_private_database_subnets = ["10.24.111.0/24", "10.24.112.0/24"] -deductions_private_azs = ["eu-west-2b", "eu-west-2a"] +deductions_private_public_subnets = ["10.24.101.0/24", "10.24.102.0/24"] +deductions_private_private_subnets = ["10.24.1.0/24", "10.24.2.0/24"] +deductions_private_database_subnets = ["10.24.111.0/24", "10.24.112.0/24"] +deductions_private_azs = ["eu-west-2b", "eu-west-2a"] deductions_private_vpn_client_subnet = "10.233.200.0/22" deductions_core_private_subnets = ["10.29.1.0/24", "10.29.2.0/24"] deductions_core_database_subnets = ["10.29.111.0/24", "10.29.112.0/24"] deductions_core_azs = ["eu-west-2b", "eu-west-2a"] -mhs_cidr_newbits=2 +mhs_cidr_newbits = 2 repo_mhs_cluster_domain_name = "mhs.patient-deductions.nhs.uk" @@ -22,7 +22,7 @@ mhs_repo_public_subnets_inbound = ["10.35.112.0/22", "10.35.116.0/22", "10.35.1 mhs_repo_public_subnets_outbound = ["10.35.140.0/22", "10.35.144.0/22", "10.35.148.0/22"] mhs_repo_private_subnets = ["10.35.128.0/22", "10.35.132.0/22", "10.35.136.0/22"] -inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32","3.11.177.31/32","35.177.15.89/32","3.11.199.83/32","18.132.113.121/32","18.132.31.159/32","35.178.64.126/32"] +inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32", "3.11.177.31/32", "35.177.15.89/32", "3.11.199.83/32", "18.132.113.121/32", "18.132.31.159/32", "35.178.64.126/32"] grant_access_to_queues_through_vpn = true diff --git a/terraform/private_zone.tf b/terraform/private_zone.tf index 94fccc9..ed9d8c3 100644 --- a/terraform/private_zone.tf +++ b/terraform/private_zone.tf @@ -10,7 +10,7 @@ resource "aws_route53_zone" "private" { # Save the zone IDs to use them in other infra projects resource "aws_ssm_parameter" "private_zone_id" { - name = "/repo/${var.environment}/output/${var.repo_name}/private-root-zone-id" + name = "/repo/${var.environment}/output/${var.repo_name}/private-root-zone-id" type = "String" value = aws_route53_zone.private.zone_id @@ -40,7 +40,7 @@ resource "aws_route53_zone" "environment_private" { } resource "aws_ssm_parameter" "environment_private_zone_id" { - name = "/repo/${var.environment}/output/${var.repo_name}/environment-private-zone-id" + name = "/repo/${var.environment}/output/${var.repo_name}/environment-private-zone-id" type = "String" value = aws_route53_zone.environment_private.zone_id @@ -51,7 +51,7 @@ resource "aws_ssm_parameter" "environment_private_zone_id" { } resource "aws_ssm_parameter" "environment_domain_name" { - name = "/repo/${var.environment}/output/${var.repo_name}/environment-domain-name" + name = "/repo/${var.environment}/output/${var.repo_name}/environment-domain-name" type = "String" value = local.environment_domain_name @@ -63,33 +63,33 @@ resource "aws_ssm_parameter" "environment_domain_name" { resource "aws_route53_zone_association" "core" { zone_id = aws_route53_zone.environment_private.zone_id - vpc_id = local.deductions_core_vpc_id + vpc_id = local.deductions_core_vpc_id } resource "aws_route53_vpc_association_authorization" "environment_zone_gocd_vpc" { - count = var.deploy_cross_account_vpc_peering ? 1 : 0 - vpc_id = data.aws_ssm_parameter.gocd_vpc.value + count = var.deploy_cross_account_vpc_peering ? 1 : 0 + vpc_id = data.aws_ssm_parameter.gocd_vpc.value zone_id = aws_route53_zone.environment_private.zone_id } resource "aws_route53_zone_association" "gocd" { provider = aws.ci - zone_id = aws_route53_zone.environment_private.zone_id - vpc_id = data.aws_ssm_parameter.gocd_vpc.value + zone_id = aws_route53_zone.environment_private.zone_id + vpc_id = data.aws_ssm_parameter.gocd_vpc.value } resource "aws_route53_zone_association" "repo_mhs" { zone_id = aws_route53_zone.environment_private.zone_id - vpc_id = local.repo_mhs_vpc_id + vpc_id = local.repo_mhs_vpc_id } resource "aws_route53_zone_association" "test_harness_mhs" { - count = var.deploy_mhs_test_harness ? 1 : 0 + count = var.deploy_mhs_test_harness ? 1 : 0 zone_id = aws_route53_zone.environment_private.zone_id - vpc_id = local.test_harness_mhs_vpc_id + vpc_id = local.test_harness_mhs_vpc_id } data "aws_ssm_parameter" "gocd_vpc" { provider = aws.ci - name = "/repo/prod/output/prm-gocd-infra/gocd-vpc-id" + name = "/repo/prod/output/prm-gocd-infra/gocd-vpc-id" } \ No newline at end of file diff --git a/terraform/public_zone.tf b/terraform/public_zone.tf index f782e15..b3e92ee 100644 --- a/terraform/public_zone.tf +++ b/terraform/public_zone.tf @@ -8,37 +8,37 @@ resource "aws_route53_zone" "environment_public" { data "aws_ssm_parameter" "non_prod_public_zone" { provider = aws.ci - name = "/repo/output/prm-deductions-base-infra/non-prod-public-zone-id" + name = "/repo/output/prm-deductions-base-infra/non-prod-public-zone-id" } data "aws_ssm_parameter" "root_public_zone" { provider = aws.ci - name = "/repo/output/prm-deductions-base-infra/root-zone-id" + name = "/repo/output/prm-deductions-base-infra/root-zone-id" } resource "aws_route53_record" "environment_ns_prod" { - count = var.deploy_prod_route53_zone ? 1 : 0 - name = "${var.environment}.patient-deductions.nhs.uk" - ttl = 30 - type = "NS" + count = var.deploy_prod_route53_zone ? 1 : 0 + name = "${var.environment}.patient-deductions.nhs.uk" + ttl = 30 + type = "NS" zone_id = data.aws_ssm_parameter.root_public_zone.value records = aws_route53_zone.environment_public.name_servers } resource "aws_route53_record" "environment_ns_non_prod_env" { - count = var.deploy_prod_route53_zone ? 0 : 1 + count = var.deploy_prod_route53_zone ? 0 : 1 provider = aws.ci - name = "${var.environment}.non-prod.patient-deductions.nhs.uk" - ttl = 30 - type = "NS" - zone_id = data.aws_ssm_parameter.non_prod_public_zone.value + name = "${var.environment}.non-prod.patient-deductions.nhs.uk" + ttl = 30 + type = "NS" + zone_id = data.aws_ssm_parameter.non_prod_public_zone.value records = aws_route53_zone.environment_public.name_servers } resource "aws_ssm_parameter" "environment_public_zone_id" { - name = "/repo/${var.environment}/output/${var.repo_name}/environment-public-zone-id" + name = "/repo/${var.environment}/output/${var.repo_name}/environment-public-zone-id" type = "String" value = aws_route53_zone.environment_public.zone_id diff --git a/terraform/terraform.tfvars b/terraform/terraform.tfvars index 6982670..4db1f0e 100644 --- a/terraform/terraform.tfvars +++ b/terraform/terraform.tfvars @@ -1,31 +1,31 @@ -region = "eu-west-2" -repo_name = "prm-deductions-infra" +region = "eu-west-2" +repo_name = "prm-deductions-infra" deductions_private_component_name = "deductions-private" deductions_core_component_name = "deductions-core" gocd_cidr = "10.1.0.0/16" -deployment_mode = "ACTIVE_STANDBY_MULTI_AZ" -mq_deployment_mode = "SINGLE_INSTANCE" -engine_type = "ActiveMQ" -engine_version = "5.16.3" -host_instance_type = "mq.t2.micro" -auto_minor_version_upgrade = "true" -apply_immediately = "false" -general_log = "true" -audit_log = "true" -maintenance_day_of_week = "SUNDAY" -maintenance_time_of_day = "03:00" -maintenance_time_zone = "GMT" +deployment_mode = "ACTIVE_STANDBY_MULTI_AZ" +mq_deployment_mode = "SINGLE_INSTANCE" +engine_type = "ActiveMQ" +engine_version = "5.16.3" +host_instance_type = "mq.t2.micro" +auto_minor_version_upgrade = "true" +apply_immediately = "false" +general_log = "true" +audit_log = "true" +maintenance_day_of_week = "SUNDAY" +maintenance_time_of_day = "03:00" +maintenance_time_zone = "GMT" state_db_allocated_storage = "20" state_db_engine_version = "11.5" state_db_instance_class = "db.t2.small" -mhs_test_harness_public_subnets_inbound = [] +mhs_test_harness_public_subnets_inbound = [] mhs_test_harness_public_subnets_outbound = [] -mhs_test_harness_private_subnets = [] +mhs_test_harness_private_subnets = [] -deploy_mhs_test_harness = false -deploy_cross_account_vpc_peering = true +deploy_mhs_test_harness = false +deploy_cross_account_vpc_peering = true grant_access_to_queues_through_vpn = false \ No newline at end of file diff --git a/terraform/test.tfvars b/terraform/test.tfvars index d56de75..7fa31e3 100644 --- a/terraform/test.tfvars +++ b/terraform/test.tfvars @@ -1,31 +1,31 @@ environment = "test" -deductions_private_cidr = "10.21.0.0/16" -deductions_core_cidr = "10.26.0.0/16" +deductions_private_cidr = "10.21.0.0/16" +deductions_core_cidr = "10.26.0.0/16" -deductions_private_public_subnets = ["10.21.101.0/24", "10.21.102.0/24"] -deductions_private_private_subnets = ["10.21.1.0/24", "10.21.2.0/24"] -deductions_private_database_subnets = ["10.21.111.0/24", "10.21.112.0/24"] -deductions_private_azs = ["eu-west-2b", "eu-west-2a"] +deductions_private_public_subnets = ["10.21.101.0/24", "10.21.102.0/24"] +deductions_private_private_subnets = ["10.21.1.0/24", "10.21.2.0/24"] +deductions_private_database_subnets = ["10.21.111.0/24", "10.21.112.0/24"] +deductions_private_azs = ["eu-west-2b", "eu-west-2a"] deductions_private_vpn_client_subnet = "10.233.200.0/22" deductions_core_private_subnets = ["10.26.1.0/24", "10.26.2.0/24"] deductions_core_database_subnets = ["10.26.111.0/24", "10.26.112.0/24"] deductions_core_azs = ["eu-west-2b", "eu-west-2a"] -mhs_cidr_newbits=2 +mhs_cidr_newbits = 2 -mhs_repo_public_subnets_inbound = ["10.239.69.0/27", "10.239.69.32/27", "10.239.69.64/27"] +mhs_repo_public_subnets_inbound = ["10.239.69.0/27", "10.239.69.32/27", "10.239.69.64/27"] mhs_repo_public_subnets_outbound = ["10.239.69.96/27", "10.239.69.128/27", "10.239.69.160/27"] -mhs_repo_private_subnets = ["10.239.68.128/27", "10.239.68.160/27", "10.239.68.192/27"] +mhs_repo_private_subnets = ["10.239.68.128/27", "10.239.68.160/27", "10.239.68.192/27"] -mhs_vpc_cidr_block = "10.239.68.128/25" # This is pre-allocated by NHSD +mhs_vpc_cidr_block = "10.239.68.128/25" # This is pre-allocated by NHSD mhs_vpc_additional_cidr_block = "10.239.69.0/24" deploy_mhs_test_harness = false repo_mhs_cluster_domain_name = "mhs.patient-deductions.nhs.uk" -inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32","3.11.177.31/32","35.177.15.89/32","3.11.199.83/32","18.132.113.121/32","18.132.31.159/32","35.178.64.126/32"] +inbound_sig_ips = ["3.11.206.30/32", "3.8.223.81/32", "35.178.32.211/32", "3.11.177.31/32", "35.177.15.89/32", "3.11.199.83/32", "18.132.113.121/32", "18.132.31.159/32", "35.178.64.126/32"] grant_access_to_queues_through_vpn = true diff --git a/terraform/vpc-peering.tf b/terraform/vpc-peering.tf index 1cd6e52..007287c 100644 --- a/terraform/vpc-peering.tf +++ b/terraform/vpc-peering.tf @@ -1,6 +1,6 @@ resource "aws_vpc_peering_connection" "core_private" { peer_vpc_id = local.deductions_private_vpc_id - vpc_id = local.deductions_core_vpc_id + vpc_id = local.deductions_core_vpc_id auto_accept = true accepter { @@ -12,7 +12,7 @@ resource "aws_vpc_peering_connection" "core_private" { } tags = { - Name = "${var.environment}-deductions-core-private-peering" + Name = "${var.environment}-deductions-core-private-peering" CreatedBy = var.repo_name Environment = var.environment }