From 6b87482b2d23bf6f8a793f2e1087302d1b992202 Mon Sep 17 00:00:00 2001 From: matt-k1998 Date: Thu, 2 Mar 2023 16:05:23 +0000 Subject: [PATCH] attempt #2 to terraform destroy --- terraform/environments/tipstaff/ec2.tf | 66 +++++----- .../environments/tipstaff/load_balancer.tf | 76 ++++++------ terraform/environments/tipstaff/rds.tf | 116 +++++++++--------- 3 files changed, 129 insertions(+), 129 deletions(-) diff --git a/terraform/environments/tipstaff/ec2.tf b/terraform/environments/tipstaff/ec2.tf index 5f1c7930216..e00b7f00552 100644 --- a/terraform/environments/tipstaff/ec2.tf +++ b/terraform/environments/tipstaff/ec2.tf @@ -1,35 +1,35 @@ -resource "aws_instance" "tipstaff-ec2-instance-dev" { - instance_type = local.application_data.accounts[local.environment].instance_type - ami = local.application_data.accounts[local.environment].ami - count = "1" - subnet_id = data.aws_subnet.data_subnets_a.id - vpc_security_group_ids = [aws_security_group.tipstaff-dev-ec2-sc.id] -} +# resource "aws_instance" "tipstaff-ec2-instance-dev" { +# instance_type = local.application_data.accounts[local.environment].instance_type +# ami = local.application_data.accounts[local.environment].ami +# count = "1" +# subnet_id = data.aws_subnet.data_subnets_a.id +# vpc_security_group_ids = [aws_security_group.tipstaff-dev-ec2-sc.id] +# } -resource "aws_security_group" "tipstaff-dev-ec2-sc" { - name = "ec2 security group" - description = "control access to the ec2 instance" - vpc_id = data.aws_vpc.shared.id - ingress { - description = "Allow all traffic through HTTP" - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - ingress { - description = "Allow all traffic through HTTPS" - from_port = 443 - to_port = 443 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - egress { - description = "allow all outbound traffic" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} +# resource "aws_security_group" "tipstaff-dev-ec2-sc" { +# name = "ec2 security group" +# description = "control access to the ec2 instance" +# vpc_id = data.aws_vpc.shared.id +# ingress { +# description = "Allow all traffic through HTTP" +# from_port = 80 +# to_port = 80 +# protocol = "tcp" +# cidr_blocks = ["0.0.0.0/0"] +# } +# ingress { +# description = "Allow all traffic through HTTPS" +# from_port = 443 +# to_port = 443 +# protocol = "tcp" +# cidr_blocks = ["0.0.0.0/0"] +# } +# egress { +# description = "allow all outbound traffic" +# from_port = 0 +# to_port = 0 +# protocol = "-1" +# cidr_blocks = ["0.0.0.0/0"] +# } +# } diff --git a/terraform/environments/tipstaff/load_balancer.tf b/terraform/environments/tipstaff/load_balancer.tf index 6fb89f92066..a46bda6a784 100644 --- a/terraform/environments/tipstaff/load_balancer.tf +++ b/terraform/environments/tipstaff/load_balancer.tf @@ -1,43 +1,43 @@ -resource "aws_lb" "tipstaff-dev-lb" { - name = "tipstaff-dev-load-balancer" - internal = false - load_balancer_type = "application" - security_groups = [aws_security_group.tipstaff-dev-lb-sc.id] - subnets = data.aws_subnets.shared-public.ids - enable_deletion_protection = false -} +# resource "aws_lb" "tipstaff-dev-lb" { +# name = "tipstaff-dev-load-balancer" +# internal = false +# load_balancer_type = "application" +# security_groups = [aws_security_group.tipstaff-dev-lb-sc.id] +# subnets = data.aws_subnets.shared-public.ids +# enable_deletion_protection = false +# } -resource "aws_security_group" "tipstaff-dev-lb-sc" { - name = "load balancer security group" - description = "control access to the load balancer" - vpc_id = data.aws_vpc.shared.id - ingress { - description = "Allow all traffic through HTTP" - from_port = "80" - to_port = "80" - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } - egress { - description = "allow all outbound traffic" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} +# resource "aws_security_group" "tipstaff-dev-lb-sc" { +# name = "load balancer security group" +# description = "control access to the load balancer" +# vpc_id = data.aws_vpc.shared.id +# ingress { +# description = "Allow all traffic through HTTP" +# from_port = "80" +# to_port = "80" +# protocol = "tcp" +# cidr_blocks = ["0.0.0.0/0"] +# } +# egress { +# description = "allow all outbound traffic" +# from_port = 0 +# to_port = 0 +# protocol = "-1" +# cidr_blocks = ["0.0.0.0/0"] +# } +# } -resource "aws_route53_record" "external" { - provider = aws.core-vpc +# resource "aws_route53_record" "external" { +# provider = aws.core-vpc - zone_id = data.aws_route53_zone.external.zone_id - name = "${local.application_data.accounts[local.environment].subdomain_name}.modernisation-platform.service.justice.gov.uk" - type = "A" +# zone_id = data.aws_route53_zone.external.zone_id +# name = "${local.application_data.accounts[local.environment].subdomain_name}.modernisation-platform.service.justice.gov.uk" +# type = "A" - alias { - name = aws_lb.tipstaff-dev-lb.dns_name - zone_id = aws_lb.tipstaff-dev-lb.zone_id - evaluate_target_health = true - } -} +# alias { +# name = aws_lb.tipstaff-dev-lb.dns_name +# zone_id = aws_lb.tipstaff-dev-lb.zone_id +# evaluate_target_health = true +# } +# } diff --git a/terraform/environments/tipstaff/rds.tf b/terraform/environments/tipstaff/rds.tf index 365c140eb49..d040bf4f2a9 100644 --- a/terraform/environments/tipstaff/rds.tf +++ b/terraform/environments/tipstaff/rds.tf @@ -1,64 +1,64 @@ -resource "aws_db_instance" "tipstaffdbdev" { - allocated_storage = local.application_data.accounts[local.environment].allocated_storage - db_name = local.application_data.accounts[local.environment].db_name - storage_type = local.application_data.accounts[local.environment].storage_type - identifier = local.application_data.accounts[local.environment].identifier - engine = local.application_data.accounts[local.environment].engine - engine_version = local.application_data.accounts[local.environment].engine_version - instance_class = local.application_data.accounts[local.environment].instance_class - username = jsondecode(data.aws_secretsmanager_secret_version.db_username.secret_string)["LOCAL_DB_USERNAME"] - password = jsondecode(data.aws_secretsmanager_secret_version.db_password.secret_string)["LOCAL_DB_PASSWORD"] - skip_final_snapshot = true - vpc_security_group_ids = [aws_security_group.postgresql_db_sc.id] - db_subnet_group_name = aws_db_subnet_group.dbsubnetgroup.name - publicly_accessible = true -} +# resource "aws_db_instance" "tipstaffdbdev" { +# allocated_storage = local.application_data.accounts[local.environment].allocated_storage +# db_name = local.application_data.accounts[local.environment].db_name +# storage_type = local.application_data.accounts[local.environment].storage_type +# identifier = local.application_data.accounts[local.environment].identifier +# engine = local.application_data.accounts[local.environment].engine +# engine_version = local.application_data.accounts[local.environment].engine_version +# instance_class = local.application_data.accounts[local.environment].instance_class +# username = jsondecode(data.aws_secretsmanager_secret_version.db_username.secret_string)["LOCAL_DB_USERNAME"] +# password = jsondecode(data.aws_secretsmanager_secret_version.db_password.secret_string)["LOCAL_DB_PASSWORD"] +# skip_final_snapshot = true +# vpc_security_group_ids = [aws_security_group.postgresql_db_sc.id] +# db_subnet_group_name = aws_db_subnet_group.dbsubnetgroup.name +# publicly_accessible = true +# } -resource "aws_db_subnet_group" "dbsubnetgroup" { - name = "dbsubnetgroup" - subnet_ids = [data.aws_subnet.data_subnets_a.id, data.aws_subnet.data_subnets_b.id, data.aws_subnet.data_subnets_c.id] -} +# resource "aws_db_subnet_group" "dbsubnetgroup" { +# name = "dbsubnetgroup" +# subnet_ids = [data.aws_subnet.data_subnets_a.id, data.aws_subnet.data_subnets_b.id, data.aws_subnet.data_subnets_c.id] +# } -resource "aws_security_group" "postgresql_db_sc" { - name = "postgres_security_group" - description = "control access to the database" - vpc_id = data.aws_vpc.shared.id - ingress { - from_port = 0 - to_port = 65535 - protocol = "tcp" - description = "MOJ Digital VPN access" - cidr_blocks = [local.application_data.accounts[local.environment].moj_ip] - } - ingress { - from_port = 5432 - to_port = 5432 - protocol = "tcp" - description = "Allows codebuild access to RDS" - cidr_blocks = ["0.0.0.0/0"] - } - egress { - description = "allow all outbound traffic" - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } +# resource "aws_security_group" "postgresql_db_sc" { +# name = "postgres_security_group" +# description = "control access to the database" +# vpc_id = data.aws_vpc.shared.id +# ingress { +# from_port = 0 +# to_port = 65535 +# protocol = "tcp" +# description = "MOJ Digital VPN access" +# cidr_blocks = [local.application_data.accounts[local.environment].moj_ip] +# } +# ingress { +# from_port = 5432 +# to_port = 5432 +# protocol = "tcp" +# description = "Allows codebuild access to RDS" +# cidr_blocks = ["0.0.0.0/0"] +# } +# egress { +# description = "allow all outbound traffic" +# from_port = 0 +# to_port = 0 +# protocol = "-1" +# cidr_blocks = ["0.0.0.0/0"] +# } -} +# } -resource "null_resource" "setup_db" { - depends_on = [aws_db_instance.tipstaffdbdev] +# resource "null_resource" "setup_db" { +# depends_on = [aws_db_instance.tipstaffdbdev] - provisioner "local-exec" { - interpreter = ["bash", "-c"] - command = "chmod +x ./setup-postgresql.sh; ./setup-postgresql.sh" +# provisioner "local-exec" { +# interpreter = ["bash", "-c"] +# command = "chmod +x ./setup-postgresql.sh; ./setup-postgresql.sh" - environment = { - DB_HOSTNAME = aws_db_instance.tipstaffdbdev.address - } - } - triggers = { - always_run = "${timestamp()}" - } -} +# environment = { +# DB_HOSTNAME = aws_db_instance.tipstaffdbdev.address +# } +# } +# triggers = { +# always_run = "${timestamp()}" +# } +# }