search

SeaGL / seagl-terraform

Terraform used to maintain SeaGL's VMs, RDS database, DNS, etc.
GNU Affero General Public License v3.0
1 stars 2 forks source link

Import Mailu security group into Terraform #40

Closed strugee closed 8 months ago

strugee commented 8 months ago

This plans to delete the description for port 587 ("SMTP submission"; it's there because it's the one port that OpenStack doesn't identify by protocol in the UI) but I can't be bothered to rewrite the for_each loop into a map.

github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform openstack_networking_secgroup_v2.mailu: Refreshing state... [id=d422a797-f933-4a88-9daa-ad3bf51fd524] module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] aws_ses_email_identity.email: Refreshing state... [id=sre@seagl.org] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] data.aws_vpc.vpc: Reading... aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org] aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME] aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] openstack_compute_instance_v2.mailu: Refreshing state... [id=43089f30-2cc0-43e9-93c0-c2deab336560] data.aws_vpc.vpc: Read complete after 2s [id=vpc-231ecb46] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create -/+ destroy and then create replacement Terraform will perform the following actions: # openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = "icmp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv4-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { + direction = "egress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv6-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { + direction = "egress" + ethertype = "IPv6" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "::/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 110 + port_range_min = 110 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 143 + port_range_min = 143 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 22 + port_range_min = 22 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 25 + port_range_min = 25 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 443 + port_range_min = 443 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 465 + port_range_min = 465 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 587 + port_range_min = 587 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 80 + port_range_min = 80 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 993 + port_range_min = 993 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = 995 + port_range_min = 995 + protocol = "tcp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_v2.mailu must be replaced -/+ resource "openstack_networking_secgroup_v2" "mailu" { ~ all_tags = [] -> (known after apply) + delete_default_rules = true # forces replacement + description = (known after apply) ~ id = "d422a797-f933-4a88-9daa-ad3bf51fd524" -> (known after apply) name = "mailu" ~ region = "RegionOne" -> (known after apply) - tags = [] -> null ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } Plan: 14 to add, 0 to change, 1 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_lifecycle_configuration resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request

github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] openstack_networking_secgroup_v2.mailu: Refreshing state... [id=d422a797-f933-4a88-9daa-ad3bf51fd524] aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] data.aws_vpc.vpc: Reading... aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] data.aws_vpc.vpc: Read complete after 1s [id=vpc-231ecb46] aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] aws_ses_email_identity.email: Refreshing state... [id=sre@seagl.org] aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME] aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME] aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] openstack_compute_instance_v2.mailu: Refreshing state... [id=43089f30-2cc0-43e9-93c0-c2deab336560] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Preparing import... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Refreshing state... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Preparing import... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Refreshing state... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Preparing import... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Refreshing state... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Preparing import... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Refreshing state... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Preparing import... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Refreshing state... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Preparing import... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Refreshing state... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Preparing import... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Refreshing state... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Preparing import... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Refreshing state... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Preparing import... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Refreshing state... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Preparing import... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Refreshing state... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create -/+ destroy and then create replacement Terraform will perform the following actions: # openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = "icmp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv4-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { + direction = "egress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv6-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { + direction = "egress" + ethertype = "IPv6" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "::/0" + security_group_id = (known after apply) + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] must be replaced # (imported from "0d3c863b-8f4e-4db8-96a2-0714951e3719") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "0d3c863b-8f4e-4db8-96a2-0714951e3719" -> (known after apply) port_range_max = 110 port_range_min = 110 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] must be replaced # (imported from "b21d57e8-8f50-41d3-bb7f-42456c2e1d60") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "b21d57e8-8f50-41d3-bb7f-42456c2e1d60" -> (known after apply) port_range_max = 143 port_range_min = 143 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] must be replaced # (imported from "ee1d0145-522d-4bb2-8ba2-e4241c103678") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "ee1d0145-522d-4bb2-8ba2-e4241c103678" -> (known after apply) port_range_max = 22 port_range_min = 22 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] must be replaced # (imported from "1c044046-80b4-4482-8345-92537c3220ac") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "1c044046-80b4-4482-8345-92537c3220ac" -> (known after apply) port_range_max = 25 port_range_min = 25 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] must be replaced # (imported from "bb495a69-4c90-431a-a634-7b5459315a65") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "bb495a69-4c90-431a-a634-7b5459315a65" -> (known after apply) port_range_max = 443 port_range_min = 443 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] must be replaced # (imported from "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb" -> (known after apply) port_range_max = 465 port_range_min = 465 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] must be replaced # (imported from "c664a4f7-d968-46ca-b476-c444078a6ab2") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { - description = "SMTP submission" -> null # forces replacement direction = "ingress" ethertype = "IPv4" ~ id = "c664a4f7-d968-46ca-b476-c444078a6ab2" -> (known after apply) port_range_max = 587 port_range_min = 587 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] must be replaced # (imported from "aff5f8e3-6d72-4378-b80c-46948b157d06") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "aff5f8e3-6d72-4378-b80c-46948b157d06" -> (known after apply) port_range_max = 80 port_range_min = 80 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] must be replaced # (imported from "76d6ca04-3aad-466c-8b75-f75c063ca097") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "76d6ca04-3aad-466c-8b75-f75c063ca097" -> (known after apply) port_range_max = 993 port_range_min = 993 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] must be replaced # (imported from "db876dde-1e0b-47fa-8960-6c82e495acf3") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" ~ id = "db876dde-1e0b-47fa-8960-6c82e495acf3" -> (known after apply) port_range_max = 995 port_range_min = 995 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" ~ security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" # forces replacement -> (known after apply) # forces replacement ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_v2.mailu must be replaced -/+ resource "openstack_networking_secgroup_v2" "mailu" { ~ all_tags = [] -> (known after apply) + delete_default_rules = true # forces replacement + description = (known after apply) ~ id = "d422a797-f933-4a88-9daa-ad3bf51fd524" -> (known after apply) name = "mailu" ~ region = "RegionOne" -> (known after apply) - tags = [] -> null ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } Plan: 10 to import, 14 to add, 0 to change, 11 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_versioning resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request

github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] openstack_networking_secgroup_v2.mailu: Refreshing state... [id=d422a797-f933-4a88-9daa-ad3bf51fd524] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Preparing import... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Preparing import... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Preparing import... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Preparing import... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Preparing import... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_compute_instance_v2.mailu: Refreshing state... [id=43089f30-2cc0-43e9-93c0-c2deab336560] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Refreshing state... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Preparing import... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Refreshing state... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Refreshing state... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Refreshing state... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Refreshing state... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Preparing import... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Preparing import... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Refreshing state... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Refreshing state... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Refreshing state... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Preparing import... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Refreshing state... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Preparing import... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Refreshing state... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME] aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org] aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] data.aws_vpc.vpc: Reading... aws_ses_email_identity.email: Refreshing state... [id=sre@seagl.org] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] data.aws_vpc.vpc: Read complete after 0s [id=vpc-231ecb46] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create -/+ destroy and then create replacement Terraform will perform the following actions: # openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = "icmp" + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv4-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { + direction = "egress" + ethertype = "IPv4" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" + security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv6-egress will be created + resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { + direction = "egress" + ethertype = "IPv6" + id = (known after apply) + port_range_max = (known after apply) + port_range_min = (known after apply) + protocol = (known after apply) + region = (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "::/0" + security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" + tenant_id = (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "0d3c863b-8f4e-4db8-96a2-0714951e3719" port_range_max = 110 port_range_min = 110 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "b21d57e8-8f50-41d3-bb7f-42456c2e1d60" port_range_max = 143 port_range_min = 143 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "ee1d0145-522d-4bb2-8ba2-e4241c103678" port_range_max = 22 port_range_min = 22 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "1c044046-80b4-4482-8345-92537c3220ac" port_range_max = 25 port_range_min = 25 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "bb495a69-4c90-431a-a634-7b5459315a65" port_range_max = 443 port_range_min = 443 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb" port_range_max = 465 port_range_min = 465 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] must be replaced # (imported from "c664a4f7-d968-46ca-b476-c444078a6ab2") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { - description = "SMTP submission" -> null # forces replacement direction = "ingress" ethertype = "IPv4" ~ id = "c664a4f7-d968-46ca-b476-c444078a6ab2" -> (known after apply) port_range_max = 587 port_range_min = 587 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "aff5f8e3-6d72-4378-b80c-46948b157d06" port_range_max = 80 port_range_min = 80 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "76d6ca04-3aad-466c-8b75-f75c063ca097" port_range_max = 993 port_range_min = 993 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "db876dde-1e0b-47fa-8960-6c82e495acf3" port_range_max = 995 port_range_min = 995 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } Plan: 10 to import, 4 to add, 0 to change, 1 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_lifecycle_configuration resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request

github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] openstack_networking_secgroup_v2.mailu: Refreshing state... [id=d422a797-f933-4a88-9daa-ad3bf51fd524] openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress: Preparing import... [id=f7332d33-9702-4b7b-af9f-e66deb8ce0af] openstack_networking_secgroup_rule_v2.mailu-ipv4-egress: Preparing import... [id=880f7c96-02a4-41d9-aa0c-85236175a91b] openstack_networking_secgroup_rule_v2.mailu-ipv6-egress: Preparing import... [id=094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Preparing import... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Preparing import... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Preparing import... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-ipv6-egress: Refreshing state... [id=094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0] openstack_networking_secgroup_rule_v2.mailu-ipv4-egress: Refreshing state... [id=880f7c96-02a4-41d9-aa0c-85236175a91b] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Preparing import... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Preparing import... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Refreshing state... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Refreshing state... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Refreshing state... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress: Refreshing state... [id=f7332d33-9702-4b7b-af9f-e66deb8ce0af] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Refreshing state... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Refreshing state... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_compute_instance_v2.mailu: Refreshing state... [id=43089f30-2cc0-43e9-93c0-c2deab336560] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Preparing import... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Refreshing state... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Preparing import... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Refreshing state... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Preparing import... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Preparing import... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Refreshing state... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Refreshing state... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Preparing import... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Refreshing state... [id=1c044046-80b4-4482-8345-92537c3220ac] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] data.aws_vpc.vpc: Reading... aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME] aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME] aws_ses_email_identity.email: Refreshing state... [id=sre@seagl.org] aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] data.aws_vpc.vpc: Read complete after 1s [id=vpc-231ecb46] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: -/+ destroy and then create replacement Terraform will perform the following actions: # openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "f7332d33-9702-4b7b-af9f-e66deb8ce0af" port_range_max = 0 port_range_min = 0 protocol = "icmp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-ipv4-egress must be replaced # (imported from "880f7c96-02a4-41d9-aa0c-85236175a91b") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { direction = "egress" ethertype = "IPv4" ~ id = "880f7c96-02a4-41d9-aa0c-85236175a91b" -> (known after apply) ~ port_range_max = 0 -> (known after apply) ~ port_range_min = 0 -> (known after apply) + protocol = (known after apply) ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "0.0.0.0/0" # forces replacement security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-ipv6-egress must be replaced # (imported from "094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { direction = "egress" ethertype = "IPv6" ~ id = "094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0" -> (known after apply) ~ port_range_max = 0 -> (known after apply) ~ port_range_min = 0 -> (known after apply) + protocol = (known after apply) ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) + remote_ip_prefix = "::/0" # forces replacement security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "0d3c863b-8f4e-4db8-96a2-0714951e3719" port_range_max = 110 port_range_min = 110 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "b21d57e8-8f50-41d3-bb7f-42456c2e1d60" port_range_max = 143 port_range_min = 143 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "ee1d0145-522d-4bb2-8ba2-e4241c103678" port_range_max = 22 port_range_min = 22 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "1c044046-80b4-4482-8345-92537c3220ac" port_range_max = 25 port_range_min = 25 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "bb495a69-4c90-431a-a634-7b5459315a65" port_range_max = 443 port_range_min = 443 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb" port_range_max = 465 port_range_min = 465 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] must be replaced # (imported from "c664a4f7-d968-46ca-b476-c444078a6ab2") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { - description = "SMTP submission" -> null # forces replacement direction = "ingress" ethertype = "IPv4" ~ id = "c664a4f7-d968-46ca-b476-c444078a6ab2" -> (known after apply) port_range_max = 587 port_range_min = 587 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "aff5f8e3-6d72-4378-b80c-46948b157d06" port_range_max = 80 port_range_min = 80 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "76d6ca04-3aad-466c-8b75-f75c063ca097" port_range_max = 993 port_range_min = 993 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "db876dde-1e0b-47fa-8960-6c82e495acf3" port_range_max = 995 port_range_min = 995 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } Plan: 13 to import, 3 to add, 0 to change, 3 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_lifecycle_configuration resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request

github-actions[bot] commented 8 months ago

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan ``` terraform openstack_networking_secgroup_v2.mailu: Refreshing state... [id=d422a797-f933-4a88-9daa-ad3bf51fd524] module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none] aws_ses_email_identity.email: Refreshing state... [id=sre@seagl.org] module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS] aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A] aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME] aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT] aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA] aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME] aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX] aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30] aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT] aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME] aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME] aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT] aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME] aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT] aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A] aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT] aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org] module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem] aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT] aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org] aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV] aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV] data.aws_vpc.vpc: Reading... aws_s3_bucket.state: Refreshing state... [id=seagl-terraform] openstack_compute_instance_v2.mailu: Refreshing state... [id=43089f30-2cc0-43e9-93c0-c2deab336560] openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress: Preparing import... [id=f7332d33-9702-4b7b-af9f-e66deb8ce0af] openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress: Refreshing state... [id=f7332d33-9702-4b7b-af9f-e66deb8ce0af] openstack_networking_secgroup_rule_v2.mailu-ipv6-egress: Preparing import... [id=094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0] openstack_networking_secgroup_rule_v2.mailu-ipv6-egress: Refreshing state... [id=094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0] openstack_networking_secgroup_rule_v2.mailu-ipv4-egress: Preparing import... [id=880f7c96-02a4-41d9-aa0c-85236175a91b] openstack_networking_secgroup_rule_v2.mailu-ipv4-egress: Refreshing state... [id=880f7c96-02a4-41d9-aa0c-85236175a91b] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Preparing import... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"]: Refreshing state... [id=ee1d0145-522d-4bb2-8ba2-e4241c103678] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Preparing import... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"]: Refreshing state... [id=0d3c863b-8f4e-4db8-96a2-0714951e3719] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Preparing import... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"]: Refreshing state... [id=76d6ca04-3aad-466c-8b75-f75c063ca097] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Preparing import... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"]: Refreshing state... [id=aff5f8e3-6d72-4378-b80c-46948b157d06] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Preparing import... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"]: Refreshing state... [id=1c044046-80b4-4482-8345-92537c3220ac] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Preparing import... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"]: Refreshing state... [id=39e2ac5c-2040-4c2b-9ad5-22c424b0abcb] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Preparing import... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"]: Refreshing state... [id=b21d57e8-8f50-41d3-bb7f-42456c2e1d60] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Preparing import... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"]: Refreshing state... [id=bb495a69-4c90-431a-a634-7b5459315a65] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Preparing import... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"]: Refreshing state... [id=c664a4f7-d968-46ca-b476-c444078a6ab2] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Preparing import... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"]: Refreshing state... [id=db876dde-1e0b-47fa-8960-6c82e495acf3] module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66] aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org] aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME] aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME] data.aws_vpc.vpc: Read complete after 2s [id=vpc-231ecb46] module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a] module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500] module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969] module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem] aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform] aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: -/+ destroy and then create replacement Terraform will perform the following actions: # openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "f7332d33-9702-4b7b-af9f-e66deb8ce0af" port_range_max = 0 port_range_min = 0 protocol = "icmp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-ipv4-egress will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { direction = "egress" ethertype = "IPv4" id = "880f7c96-02a4-41d9-aa0c-85236175a91b" port_range_max = 0 port_range_min = 0 region = "RegionOne" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-ipv6-egress will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { direction = "egress" ethertype = "IPv6" id = "094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0" port_range_max = 0 port_range_min = 0 region = "RegionOne" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "0d3c863b-8f4e-4db8-96a2-0714951e3719" port_range_max = 110 port_range_min = 110 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "b21d57e8-8f50-41d3-bb7f-42456c2e1d60" port_range_max = 143 port_range_min = 143 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "ee1d0145-522d-4bb2-8ba2-e4241c103678" port_range_max = 22 port_range_min = 22 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "1c044046-80b4-4482-8345-92537c3220ac" port_range_max = 25 port_range_min = 25 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "bb495a69-4c90-431a-a634-7b5459315a65" port_range_max = 443 port_range_min = 443 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb" port_range_max = 465 port_range_min = 465 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] must be replaced # (imported from "c664a4f7-d968-46ca-b476-c444078a6ab2") # Warning: this will destroy the imported resource -/+ resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { - description = "SMTP submission" -> null # forces replacement direction = "ingress" ethertype = "IPv4" ~ id = "c664a4f7-d968-46ca-b476-c444078a6ab2" -> (known after apply) port_range_max = 587 port_range_min = 587 protocol = "tcp" ~ region = "RegionOne" -> (known after apply) + remote_group_id = (known after apply) remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" ~ tenant_id = "03cbb624d5be494d95af475e74fcb47b" -> (known after apply) } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "aff5f8e3-6d72-4378-b80c-46948b157d06" port_range_max = 80 port_range_min = 80 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "76d6ca04-3aad-466c-8b75-f75c063ca097" port_range_max = 993 port_range_min = 993 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } # openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] will be imported resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { direction = "ingress" ethertype = "IPv4" id = "db876dde-1e0b-47fa-8960-6c82e495acf3" port_range_max = 995 port_range_min = 995 protocol = "tcp" region = "RegionOne" remote_ip_prefix = "0.0.0.0/0" security_group_id = "d422a797-f933-4a88-9daa-ad3bf51fd524" tenant_id = "03cbb624d5be494d95af475e74fcb47b" } Plan: 13 to import, 1 to add, 0 to change, 1 to destroy. Warning: Argument is deprecated with aws_s3_bucket.state, on s3.tf line 1, in resource "aws_s3_bucket" "state": 1: resource "aws_s3_bucket" "state" { Use the aws_s3_bucket_versioning resource instead (and 3 more similar warnings elsewhere) ───────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

Pushed by: @strugee, Action: pull_request