diff --git a/terraform/environments/nomis-combined-reporting/locals_etl.tf b/terraform/environments/nomis-combined-reporting/locals_etl.tf index a1aa5423f46..49f287dcb7e 100644 --- a/terraform/environments/nomis-combined-reporting/locals_etl.tf +++ b/terraform/environments/nomis-combined-reporting/locals_etl.tf @@ -22,12 +22,14 @@ locals { etl_ec2_default = { config = merge(module.baseline_presets.ec2_instance.config.default, { - ami_name = "base_rhel_8_5_*" - iam_resource_names_prefix = "ec2-ncr-etl" + ami_name = "hmpps_windows_server_2019_release_*" + iam_resource_names_prefix = "ec2-etl" + ebs_volumes_copy_all_from_ami = false + user_data_raw = module.baseline_presets.ec2_instance.user_data_raw["user-data-pwsh"] }) instance = merge(module.baseline_presets.ec2_instance.instance.default, { instance_type = "t3.large" - vpc_security_group_ids = ["private"] + vpc_security_group_ids = ["etl"] }) user_data_cloud_init = module.baseline_presets.ec2_instance.user_data_cloud_init.ssm_agent_and_ansible @@ -41,8 +43,8 @@ locals { route53_records = module.baseline_presets.ec2_instance.route53_records.internal_and_external tags = { - description = "ncr BODS component" - ami = "base_rhel_8_5" + description = "BODS & IPS component" + ami = "windows_server_2019" os-type = "Windows" server-type = "etl" component = "etl" diff --git a/terraform/environments/nomis-combined-reporting/locals_preproduction.tf b/terraform/environments/nomis-combined-reporting/locals_preproduction.tf index 5c2960a6a5f..4a378e70f95 100644 --- a/terraform/environments/nomis-combined-reporting/locals_preproduction.tf +++ b/terraform/environments/nomis-combined-reporting/locals_preproduction.tf @@ -323,9 +323,7 @@ locals { baseline_route53_zones = { "preproduction.reporting.nomis.service.justice.gov.uk" = { records = [ - { name = "preprod-ncr", type = "CNAME", ttl = "300", records = ["t1ncr-a.preproduction.reporting.nomis.service.justice.gov.uk"] }, - { name = "preprod-ncr-a", type = "CNAME", ttl = "300", records = ["t1-ncr-db-1-a.nomis-combined-reporting.hmpps-preproduction.modernisation-platform.service.justice.gov.uk"] }, - { name = "preprod-ncr-b", type = "CNAME", ttl = "300", records = ["t1-ncr-db-1-b.nomis-combined-reporting.hmpps-preproduction.modernisation-platform.service.justice.gov.uk"] }, + { name = "db.pp.ncr.service.justice.uk", type = "CNAME", ttl = "3600", records = ["pp-ncr-db-1-a.nomis-combined-reporting.hmpps-preproduction.modernisation-platform.internal"] } ] } } diff --git a/terraform/environments/nomis-combined-reporting/locals_security_groups.tf b/terraform/environments/nomis-combined-reporting/locals_security_groups.tf index 678f03b9068..c31c55c09f6 100644 --- a/terraform/environments/nomis-combined-reporting/locals_security_groups.tf +++ b/terraform/environments/nomis-combined-reporting/locals_security_groups.tf @@ -278,6 +278,35 @@ locals { } } } + etl = { + description = "Security group for etl" + ingress = { + all-within-subnet = { + description = "Allow all ingress to self" + from_port = 0 + to_port = 0 + protocol = -1 + self = true + } + http28080 = { + description = "Allow http28080 ingress" + from_port = 28080 + to_port = 28080 + protocol = "tcp" + security_groups = [] + } + } + egress = { + all = { + description = "Allow all egress" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + security_groups = [] + } + } + } data = { description = "Security group for data subnet" ingress = { @@ -294,7 +323,7 @@ locals { to_port = "1521" protocol = "tcp" cidr_blocks = local.security_group_cidrs.oracle_db - security_groups = ["private", "bip"] + security_groups = ["private", "bip", "etl"] } oracle3872 = { description = "Allow oem agent ingress" diff --git a/terraform/environments/nomis-combined-reporting/locals_test.tf b/terraform/environments/nomis-combined-reporting/locals_test.tf index 06d128803e1..d907e34de84 100644 --- a/terraform/environments/nomis-combined-reporting/locals_test.tf +++ b/terraform/environments/nomis-combined-reporting/locals_test.tf @@ -148,19 +148,19 @@ locals { instance-scheduling = "skip-scheduling" }) }) - t1-ncr-etl-1-a = merge(local.etl_ec2_default, { - cloudwatch_metric_alarms = local.etl_cloudwatch_metric_alarms - config = merge(local.etl_ec2_default.config, { - instance_profile_policies = concat(local.etl_ec2_default.config.instance_profile_policies, [ - "Ec2T1ReportingPolicy", - ]) - }) - tags = merge(local.etl_ec2_default.tags, { - description = "For testing SAP BI Platform ETL installation and configurations" - nomis-combined-reporting-environment = "t1" - instance-scheduling = "skip-scheduling" - }) - }) + # t1-ncr-etl-1-a = merge(local.etl_ec2_default, { + # cloudwatch_metric_alarms = local.etl_cloudwatch_metric_alarms + # config = merge(local.etl_ec2_default.config, { + # instance_profile_policies = concat(local.etl_ec2_default.config.instance_profile_policies, [ + # "Ec2T1ReportingPolicy", + # ]) + # }) + # tags = merge(local.etl_ec2_default.tags, { + # description = "For testing SAP BI Platform ETL installation and configurations" + # nomis-combined-reporting-environment = "t1" + # instance-scheduling = "skip-scheduling" + # }) + # }) } baseline_lbs = { private = {