JesusFilm / core

JFP DS Engineering Monorepo
https://docs.core.jesusfilm.org/
19 stars 12 forks source link

feat: next ecs STAGE #2098

Closed mikeallisonJS closed 1 year ago

mikeallisonJS commented 1 year ago

Description

πŸ€–[deprecated] Generated by Copilot at 4f5cd6a

This pull request adds the files and workflows for building and deploying the journeys-admin app to the ECS cluster in the production and staging environments. It uses Docker, GitHub Actions, and Terraform to create the app image, push it to ECR, and create the ECS service and related resources. It also uses Doppler to fetch the environment variables for the app from the AWS SSM Parameter Store. It modifies the app-deploy workflow to exclude the stage branch and adds separate workflow files for the production and staging deployments.

How should this PR be QA Tested?

Please describe the QA tests that you ran to verify your changes. Please also note any relevant details for your test configuration.

Walkthrough

πŸ€–[deprecated] Generated by Copilot at 4f5cd6a

infracost[bot] commented 1 year ago

Infracost report

πŸ’° Monthly cost will increase by $72 πŸ“ˆ

Project Cost change New monthly cost
JesusFilm/core/infrastructure +$72 (+12%) $671
Cost details ``` ────────────────────────────────── Project: JesusFilm/core/infrastructure Module path: infrastructure + module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group Monthly cost depends on usage + Data ingested Monthly cost depends on usage +$0.50 per GB + Archival Storage Monthly cost depends on usage +$0.03 per GB + Insights queries data scanned Monthly cost depends on usage +$0.005 per GB + module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository Monthly cost depends on usage + Storage Monthly cost depends on usage +$0.10 per GB + module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service +$36 + Per GB per hour +$6 + Per vCPU per hour +$30 + module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record Monthly cost depends on usage + Standard queries (first 1B) Monthly cost depends on usage +$0.40 per 1M queries + Latency based routing queries (first 1B) Monthly cost depends on usage +$0.60 per 1M queries + Geo DNS queries (first 1B) Monthly cost depends on usage +$0.70 per 1M queries + module.stage.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group Monthly cost depends on usage + Data ingested Monthly cost depends on usage +$0.50 per GB + Archival Storage Monthly cost depends on usage +$0.03 per GB + Insights queries data scanned Monthly cost depends on usage +$0.005 per GB + module.stage.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository Monthly cost depends on usage + Storage Monthly cost depends on usage +$0.10 per GB + module.stage.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service +$36 + Per GB per hour +$6 + Per vCPU per hour +$30 + module.stage.module.journeys-admin.module.ecs-task.aws_route53_record.record Monthly cost depends on usage + Standard queries (first 1B) Monthly cost depends on usage +$0.40 per 1M queries + Latency based routing queries (first 1B) Monthly cost depends on usage +$0.60 per 1M queries + Geo DNS queries (first 1B) Monthly cost depends on usage +$0.70 per 1M queries Monthly cost change for JesusFilm/core/infrastructure (Module path: infrastructure) Amount: +$72 ($599 β†’ $671) Percent: +12% ────────────────────────────────── Key: ~ changed, + added, - removed 832 cloud resources were detected: βˆ™ 158 were estimated, 120 of which include usage-based costs, see https://infracost.io/usage-file βˆ™ 673 were free, rerun with --show-skipped to see details βˆ™ 1 is not supported yet, rerun with --show-skipped to see details Infracost estimate: Monthly cost will increase by $72 ↑ ┏━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━┓ ┃ Project ┃ Cost change ┃ New monthly cost ┃ ┣━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋━━━━━━━━━━━━━╋━━━━━━━━━━━━━━━━━━┫ ┃ JesusFilm/core/infrastructure ┃ +$72 (+12%) ┃ $671 ┃ ┗━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━┛ ```

This comment will be updated when code changes.

github-actions[bot] commented 1 year ago
Warnings
:warning: Is this PR related to a Basecamp issue? If so link it via the PR description.

Generated by :no_entry_sign: dangerJS against 1154ed5a180bfed9e3fbb578e8ec08725c69d255

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } Plan: 0 to add, 7 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 7 to change, 0 to destroy.


codecov[bot] commented 1 year ago

Codecov Report

Attention: 1 lines in your changes are missing coverage. Please review.

Comparison is base (83b9cfc) 85.41% compared to head (1154ed5) 88.39%.

Files Patch % Lines
apps/journeys-admin/next-i18next.config.js 50.00% 0 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #2098 +/- ## ========================================== + Coverage 85.41% 88.39% +2.98% ========================================== Files 582 686 +104 Lines 7759 10553 +2794 Branches 991 1369 +378 ========================================== + Hits 6627 9328 +2701 - Misses 1045 1118 +73 - Partials 87 107 +20 ``` | [Flag](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | Coverage Ξ” | | |---|---|---| | [apps.api-journeys](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `97.30% <ΓΈ> (?)` | | | [apps.api-languages](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `90.00% <ΓΈ> (?)` | | | [apps.api-media](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `92.30% <ΓΈ> (?)` | | | [apps.api-tags](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `89.28% <ΓΈ> (?)` | | | [apps.api-users](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `85.29% <ΓΈ> (?)` | | | [apps.api-videos](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `94.91% <ΓΈ> (?)` | | | [apps.journeys](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `35.63% <ΓΈ> (ΓΈ)` | | | [apps.journeys-admin](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `79.83% <50.00%> (+<0.01%)` | :arrow_up: | | [apps.watch](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `75.21% <ΓΈ> (ΓΈ)` | | | [libs.journeys.ui](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `74.31% <ΓΈ> (ΓΈ)` | | | [libs.nest.common](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `100.00% <ΓΈ> (?)` | | | [libs.nest.decorators](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `100.00% <ΓΈ> (?)` | | | [libs.nest.gqlAuthGuard](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `βˆ… <ΓΈ> (?)` | | | [libs.nest.powerBi](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `100.00% <ΓΈ> (?)` | | | [libs.shared.ui](https://app.codecov.io/gh/JesusFilm/core/pull/2098/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm) | `83.41% <ΓΈ> (?)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=JesusFilm#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

github-actions[bot] commented 1 year ago

The latest updates on your projects.

Name Status Preview Updated (UTC)
journeys-admin βœ… Ready Visit Preview Tue Dec 12 02:06:39 UTC 2023
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } Plan: 0 to add, 7 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 7 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } Plan: 0 to add, 7 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 7 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.stage.module.api-gateway-stage.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } # module.stage.module.stage.module.public_alb.aws_alb_listener.alb_listener["HTTPS"] will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 0 to add, 9 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 9 to change, 0 to destroy.


stage-branch-merger[bot] commented 1 year ago

I see you added the "on stage" label, I'll get this merged to the stage branch!

jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.stage.module.api-gateway-stage.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } # module.stage.module.stage.module.public_alb.aws_alb_listener.alb_listener["HTTPS"] will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 0 to add, 9 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 9 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Plan Error

Show Output ``` running "/home/atlantis/.atlantis/bin/terraform1.6.5 plan -input=false -refresh -out \"/home/atlantis/.atlantis/repos/JesusFilm/core/2098/default/infrastructure/default.tfplan\"" in "/home/atlantis/.atlantis/repos/JesusFilm/core/2098/default/infrastructure": exit status 1 β•· β”‚ Error: Error acquiring the state lock β”‚ β”‚ Error message: operation error DynamoDB: PutItem, https response error β”‚ StatusCode: 400, RequestID: β”‚ TJ4SPJIU9JP29QULFAK3PNJUJVVV4KQNSO5AEMVJF66Q9ASUAAJG, β”‚ ConditionalCheckFailedException: The conditional request failed β”‚ Lock Info: β”‚ ID: 5c3275bf-17c3-feb5-267b-1de2292b951a β”‚ Path: jfp-terraform-state/core.tfstate β”‚ Operation: OperationTypeApply β”‚ Who: node@79ad1f98b030 β”‚ Version: 1.6.4 β”‚ Created: 2023-12-01 06:18:56.268804673 +0000 UTC β”‚ Info: β”‚ β”‚ β”‚ Terraform acquires a state lock to protect the state from being written β”‚ by multiple users at the same time. Please resolve the issue above and try β”‚ again. For most commands, you can disable locking with the "-lock=false" β”‚ flag, but this is not recommended. β•΅ ```
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


github-actions[bot] commented 1 year ago

The latest updates on your projects.

Name Status Preview Updated (UTC)
docs βœ… Ready Visit Preview Tue Dec 12 02:04:31 UTC 2023
github-actions[bot] commented 1 year ago

The latest updates on your projects.

Name Status Preview Updated (UTC)
watch βœ… Ready Visit Preview Tue Dec 12 02:05:37 UTC 2023
github-actions[bot] commented 1 year ago

The latest updates on your projects.

Name Status Preview Updated (UTC)
journeys βœ… Ready Visit Preview Tue Dec 12 02:08:29 UTC 2023
jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09/925b89cd7ddec067" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-gateway.central.jesusfilm.org", ] } } # (1 unchanged block hidden) } # module.prod.module.api-journeys.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/70dafcb9aee8d0e9/eaf80a1c0e07be7b" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-journeys.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-languages.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/f18b1af3c8d9f267/b0cd5902c0a25a90" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-languages.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-media.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/2e59cbcfa91e0b68/f985a048bba07568" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-media.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-tags.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/236a66b6820160f1/33f69be46d99a209" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-tags.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-users.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/bed13d135743750a/81e8291bcf419dfb" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-users.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.api-videos.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be updated in-place ~ resource "aws_alb_listener_rule" "alb_listener_rule" { id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener-rule/app/jfp-internal-alb-prod/ae1556aacf21465f/77dbc13194e0ac88/77b76bc3254d6dd8" tags = {} # (4 unchanged attributes hidden) - condition { - path_pattern { - values = [ - "/*", ] -> null } } + condition { + host_header { + values = [ + "api-videos.service.internal", ] } } # (1 unchanged block hidden) } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be created + resource "aws_alb_listener" "alb_listener" { + arn = (known after apply) + certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" + id = (known after apply) + load_balancer_arn = "arn:aws:elasticloadbalancing:us-east-2:410965620680:loadbalancer/app/jfp-public-alb-prod/7cf1f0916ed2c660" + port = 443 + protocol = "HTTPS" + ssl_policy = (known after apply) + tags_all = (known after apply) + default_action { + order = (known after apply) + type = "fixed-response" + fixed_response { + content_type = "text/plain" + message_body = "No routes defined" + status_code = "200" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_listener_rule.alb_listener_rule will be created + resource "aws_alb_listener_rule" "alb_listener_rule" { + arn = (known after apply) + id = (known after apply) + listener_arn = (known after apply) + priority = (known after apply) + tags_all = (known after apply) + action { + order = (known after apply) + target_group_arn = (known after apply) + type = "forward" } + condition { + host_header { + values = [ + "admin.nextstep.is", ] } } } # module.prod.module.journeys-admin.module.ecs-task.aws_alb_target_group.alb_target_group will be created + resource "aws_alb_target_group" "alb_target_group" { + arn = (known after apply) + arn_suffix = (known after apply) + connection_termination = false + deregistration_delay = "300" + id = (known after apply) + ip_address_type = (known after apply) + lambda_multi_value_headers_enabled = false + load_balancing_algorithm_type = (known after apply) + load_balancing_cross_zone_enabled = (known after apply) + name = "journeys-admin-prod-tg" + port = 3000 + preserve_client_ip = (known after apply) + protocol = "HTTP" + protocol_version = (known after apply) + proxy_protocol_v2 = false + slow_start = 0 + tags_all = (known after apply) + target_type = "ip" + vpc_id = "vpc-0b722b0a1f7789afd" + health_check { + enabled = true + healthy_threshold = 2 + interval = 5 + matcher = (known after apply) + path = "/api/health" + port = "3000" + protocol = "HTTP" + timeout = 4 + unhealthy_threshold = 3 } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_cpu will be created + resource "aws_appautoscaling_policy" "ecs_policy_cpu" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-cpu-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageCPUUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_policy.ecs_policy_memory will be created + resource "aws_appautoscaling_policy" "ecs_policy_memory" { + alarm_arns = (known after apply) + arn = (known after apply) + id = (known after apply) + name = "jfp-memory-autoscaling-prod" + policy_type = "TargetTrackingScaling" + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + target_tracking_scaling_policy_configuration { + disable_scale_in = false + target_value = 75 + predefined_metric_specification { + predefined_metric_type = "ECSServiceAverageMemoryUtilization" } } } # module.prod.module.journeys-admin.module.ecs-task.aws_appautoscaling_target.service_autoscaling will be created + resource "aws_appautoscaling_target" "service_autoscaling" { + arn = (known after apply) + id = (known after apply) + max_capacity = 4 + min_capacity = 1 + resource_id = "service/jfp-ecs-cluster-prod/journeys-admin-prod-service" + role_arn = (known after apply) + scalable_dimension = "ecs:service:DesiredCount" + service_namespace = "ecs" + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_cloudwatch_log_group.ecs_cw_log_group will be created + resource "aws_cloudwatch_log_group" "ecs_cw_log_group" { + arn = (known after apply) + id = (known after apply) + name = "journeys-admin-prod-logs" + name_prefix = (known after apply) + retention_in_days = 0 + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_lifecycle_policy.ecr_policy will be created + resource "aws_ecr_lifecycle_policy" "ecr_policy" { + id = (known after apply) + policy = jsonencode( { + rules = [ + { + action = { + type = "expire" } + description = "Expire more than 10 images" + rulePriority = 1 + selection = { + countNumber = 10 + countType = "imageCountMoreThan" + tagStatus = "any" } }, ] } ) + registry_id = (known after apply) + repository = "jfp-journeys-admin-prod" } # module.prod.module.journeys-admin.module.ecs-task.aws_ecr_repository.ecr_repository will be created + resource "aws_ecr_repository" "ecr_repository" { + arn = (known after apply) + id = (known after apply) + image_tag_mutability = "MUTABLE" + name = "jfp-journeys-admin-prod" + registry_id = (known after apply) + repository_url = (known after apply) + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_service.ecs_service will be created + resource "aws_ecs_service" "ecs_service" { + cluster = "arn:aws:ecs:us-east-2:410965620680:cluster/jfp-ecs-cluster-prod" + deployment_maximum_percent = 200 + deployment_minimum_healthy_percent = 100 + desired_count = 1 + enable_ecs_managed_tags = false + enable_execute_command = false + iam_role = (known after apply) + id = (known after apply) + launch_type = "FARGATE" + name = "journeys-admin-prod-service" + platform_version = (known after apply) + scheduling_strategy = "REPLICA" + tags_all = (known after apply) + task_definition = (known after apply) + triggers = (known after apply) + wait_for_steady_state = false + load_balancer { + container_name = "jfp-journeys-admin-prod-app" + container_port = 3000 + target_group_arn = (known after apply) } + network_configuration { + assign_public_ip = true + security_groups = [ + "sg-030c49feae781c660", ] + subnets = [ + "subnet-01aa708571a3e499c", + "subnet-0aa10af01283bbcdb", + "subnet-0b7c1e14af0ffb3ea", ] } } # module.prod.module.journeys-admin.module.ecs-task.aws_ecs_task_definition.ecs_task_definition will be created + resource "aws_ecs_task_definition" "ecs_task_definition" { + arn = (known after apply) + arn_without_revision = (known after apply) + container_definitions = (known after apply) + cpu = "1024" + execution_role_arn = "arn:aws:iam::410965620680:role/jfp-ecs-task-execution-role" + family = "jfp-journeys-admin-prod" + id = (known after apply) + memory = "2048" + network_mode = "awsvpc" + requires_compatibilities = [ + "FARGATE", ] + revision = (known after apply) + skip_destroy = false + tags_all = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_route53_record.record will be created + resource "aws_route53_record" "record" { + allow_overwrite = (known after apply) + fqdn = (known after apply) + id = (known after apply) + name = "journeys-admin" + records = [ + "jfp-public-alb-prod-13771523.us-east-2.elb.amazonaws.com", ] + ttl = 300 + type = "CNAME" + zone_id = "Z06687872LMUIKS0Y291P" } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["COOKIE_SECRET_CURRENT"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/COOKIE_SECRET_CURRENT" + overwrite = true + tags = { + "name" = "COOKIE_SECRET_CURRENT" } + tags_all = { + "name" = "COOKIE_SECRET_CURRENT" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["FORMIUM_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/FORMIUM_TOKEN" + overwrite = true + tags = { + "name" = "FORMIUM_TOKEN" } + tags_all = { + "name" = "FORMIUM_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_REVALIDATE_ACCESS_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_REVALIDATE_ACCESS_TOKEN" + overwrite = true + tags = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tags_all = { + "name" = "JOURNEYS_REVALIDATE_ACCESS_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/JOURNEYS_URL" + overwrite = true + tags = { + "name" = "JOURNEYS_URL" } + tags_all = { + "name" = "JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["LAUNCH_DARKLY_SDK_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/LAUNCH_DARKLY_SDK_KEY" + overwrite = true + tags = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tags_all = { + "name" = "LAUNCH_DARKLY_SDK_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_STREAM_CUSTOMER_CODE" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_CLOUDFLARE_UPLOAD_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_APPLICATION_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_APPLICATION_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_APPLICATION_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_DATADOG_CLIENT_TOKEN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tags_all = { + "name" = "NEXT_PUBLIC_DATADOG_CLIENT_TOKEN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_API_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_API_KEY" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_API_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_APP_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_APP_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_APP_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_AUTH_DOMAIN" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FIREBASE_PROJECT_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FIREBASE_PROJECT_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_FIREBASE_PROJECT_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECTID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECTID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECTID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_FORMIUM_PROJECT_SLUG"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tags_all = { + "name" = "NEXT_PUBLIC_FORMIUM_PROJECT_SLUG" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GATEWAY_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GATEWAY_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_GATEWAY_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_GTM_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_GTM_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_GTM_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_JOURNEYS_URL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_JOURNEYS_URL" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tags_all = { + "name" = "NEXT_PUBLIC_JOURNEYS_URL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" + overwrite = true + tags = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tags_all = { + "name" = "NEXT_PUBLIC_YOUTUBE_PLAYLIST_ID" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_CLIENT_EMAIL"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_CLIENT_EMAIL" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tags_all = { + "name" = "PRIVATE_FIREBASE_CLIENT_EMAIL" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.prod.module.journeys-admin.module.ecs-task.aws_ssm_parameter.parameters["PRIVATE_FIREBASE_PRIVATE_KEY"] will be created + resource "aws_ssm_parameter" "parameters" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "/ecs/journeys-admin/prod/PRIVATE_FIREBASE_PRIVATE_KEY" + overwrite = true + tags = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tags_all = { + "name" = "PRIVATE_FIREBASE_PRIVATE_KEY" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 33 to add, 8 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 33 to add, 8 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Ran Plan for dir: infrastructure workspace: default

Show Output ```diff Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # module.prod.module.api-gateway.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/d04ef60d-8bb6-4dc9-aeac-19966740323a" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } # module.prod.module.prod.module.public_alb.aws_alb_listener.alb_listener["HTTPS"] will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" -> "arn:aws:acm:us-east-2:410965620680:certificate/d04ef60d-8bb6-4dc9-aeac-19966740323a" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-prod/7cf1f0916ed2c660/9df1fedd44a02a09" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } # module.stage.module.journeys-admin.module.ecs-task.aws_alb_listener.alb_listener will be updated in-place ~ resource "aws_alb_listener" "alb_listener" { ~ certificate_arn = "arn:aws:acm:us-east-2:410965620680:certificate/573666ef-f89a-42e6-85f5-4d4ea6fd29e4" -> "arn:aws:acm:us-east-2:410965620680:certificate/f16e60b9-eb24-4929-8f32-9b5ff76cfe2c" id = "arn:aws:elasticloadbalancing:us-east-2:410965620680:listener/app/jfp-public-alb-stage/27d94355c709eb16/b091b1d208ec79b8" tags = {} # (6 unchanged attributes hidden) # (1 unchanged block hidden) } Plan: 0 to add, 3 to change, 0 to destroy. ``` * :arrow_forward: To **apply** this plan, comment: * `atlantis apply -d infrastructure` * :put_litter_in_its_place: To **delete** this plan click [here](https://atlantis.central.jesusfilm.org/lock?id=JesusFilm%252Fcore%252Finfrastructure%252Fdefault) * :repeat: To **plan** this project again, comment: * `atlantis plan -d infrastructure`

Plan: 0 to add, 3 to change, 0 to destroy.


jesus-film-bot commented 1 year ago

Locks and plans deleted for the projects and workspaces modified in this pull request: