search

cds-snc / url-shortener

An API written in Python that shortens URLs
MIT License
4 stars 1 forks source link

release: infrastructure v1.0.4 #323

Closed patheard closed 1 year ago

patheard commented 1 year ago

Summary

github-actions[bot] commented 1 year ago

Production: backup_plan

✅   Terraform Init: success ✅   Terraform Validate: success ✅   Terraform Format: success ✅   Terraform Plan: success ✅   Conftest: success 

Plan: 0 to add, 1 to change, 0 to destroy
Show summary | CHANGE | NAME | |--------|---------------------------------------| | update | `aws_backup_plan.backup_plan_default` |
Show plan ```terraform Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # aws_backup_plan.backup_plan_default will be updated in-place ~ resource "aws_backup_plan" "backup_plan_default" { id = "3e51e8e1-dcfa-410c-ab51-0244d21a9d14" name = "backup_plan_default" tags = { "CostCentre" = "url-shortener-production" "Terraform" = "true" } # (3 unchanged attributes hidden) - rule { - completion_window = 180 -> null - enable_continuous_backup = false -> null - recovery_point_tags = {} -> null - rule_name = "backup_rule_default" -> null - schedule = "cron(0 12 * * ? *)" -> null - start_window = 60 -> null - target_vault_name = "vault" -> null - lifecycle { - cold_storage_after = 30 -> null - delete_after = 120 -> null } } + rule { + completion_window = 180 + enable_continuous_backup = false + rule_name = "backup_rule_default" + schedule = "cron(0 12 * * ? *)" + start_window = 60 + target_vault_name = "vault" + lifecycle { + cold_storage_after = 7 + delete_after = 97 } } } Plan: 0 to add, 1 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: plan.tfplan To perform exactly these actions, run the following command to apply: terraform apply "plan.tfplan" Releasing state lock. This may take a few moments... ```
Show Conftest results ```sh 18 tests, 18 passed, 0 warnings, 0 failures, 0 exceptions ```
github-actions[bot] commented 1 year ago

Production: api

✅   Terraform Init: success ✅   Terraform Validate: success ✅   Terraform Format: success ✅   Terraform Plan: success ✅   Conftest: success 

Plan: 1 to add, 2 to change, 0 to destroy
Show summary | CHANGE | NAME | |--------|----------------------------------------------------------| | add | `aws_ssm_parameter.login_token_salt` | | update | `aws_ssm_parameter.notify_api_key` | | | `module.url_shortener_lambda.aws_iam_policy.policies[0]` |
Show plan ```terraform Resource actions are indicated with the following symbols: + create ~ update in-place <= read (data resources) Terraform will perform the following actions: # data.aws_iam_policy_document.api_policies will be read during apply # (config refers to values not yet known) <= data "aws_iam_policy_document" "api_policies" { + id = (known after apply) + json = (known after apply) + statement { + actions = [ + "dynamodb:DeleteItem", + "dynamodb:DescribeTable", + "dynamodb:GetItem", + "dynamodb:PutItem", + "dynamodb:Query", + "dynamodb:UpdateItem", ] + effect = "Allow" + resources = [ + "arn:aws:dynamodb:ca-central-1:806721586252:table/url_shortener", + "arn:aws:dynamodb:ca-central-1:806721586252:table/url_shortener/index/emailIndex", ] } + statement { + actions = [ + "ssm:GetParameters", ] + effect = "Allow" + resources = [ + "arn:aws:ssm:ca-central-1:806721586252:parameter/auth_token_app", + "arn:aws:ssm:ca-central-1:806721586252:parameter/auth_token_notify", + "arn:aws:ssm:ca-central-1:806721586252:parameter/cloudfront_header", + "arn:aws:ssm:ca-central-1:806721586252:parameter/hashing_peppers", + "arn:aws:ssm:ca-central-1:806721586252:parameter/notify_api_key", + "arn:aws:ssm:ca-central-1:806721586252:parameter/notify_contact_email", + (known after apply), ] } } # aws_ssm_parameter.login_token_salt will be created + resource "aws_ssm_parameter" "login_token_salt" { + arn = (known after apply) + data_type = (known after apply) + id = (known after apply) + insecure_value = (known after apply) + key_id = (known after apply) + name = "login_token_salt" + tags = { + "CostCentre" = "url-shortener-production" + "Terraform" = "true" } + tags_all = { + "CostCentre" = "url-shortener-production" + "Terraform" = "true" } + tier = (known after apply) + type = "SecureString" + value = (sensitive value) + version = (known after apply) } # aws_ssm_parameter.notify_api_key will be updated in-place ~ resource "aws_ssm_parameter" "notify_api_key" { id = "notify_api_key" + insecure_value = (known after apply) name = "notify_api_key" tags = { "CostCentre" = "url-shortener-production" "Terraform" = "true" } ~ value = (sensitive value) ~ version = 3 -> (known after apply) # (8 unchanged attributes hidden) } # module.url_shortener_lambda.aws_iam_policy.policies[0] will be updated in-place ~ resource "aws_iam_policy" "policies" { id = "arn:aws:iam::806721586252:policy/url-shortener-api-0" name = "url-shortener-api-0" ~ policy = jsonencode( { - Statement = [ - { - Action = [ - "dynamodb:UpdateItem", - "dynamodb:Query", - "dynamodb:PutItem", - "dynamodb:GetItem", - "dynamodb:DescribeTable", - "dynamodb:DeleteItem", ] - Effect = "Allow" - Resource = [ - "arn:aws:dynamodb:ca-central-1:806721586252:table/url_shortener/index/emailIndex", - "arn:aws:dynamodb:ca-central-1:806721586252:table/url_shortener", ] - Sid = "" }, - { - Action = "ssm:GetParameters" - Effect = "Allow" - Resource = [ - "arn:aws:ssm:ca-central-1:806721586252:parameter/notify_contact_email", - "arn:aws:ssm:ca-central-1:806721586252:parameter/notify_api_key", - "arn:aws:ssm:ca-central-1:806721586252:parameter/hashing_peppers", - "arn:aws:ssm:ca-central-1:806721586252:parameter/cloudfront_header", - "arn:aws:ssm:ca-central-1:806721586252:parameter/auth_token_notify", - "arn:aws:ssm:ca-central-1:806721586252:parameter/auth_token_app", ] - Sid = "" }, ] - Version = "2012-10-17" } ) -> (known after apply) tags = { "CostCentre" = "url-shortener-production" "Terraform" = "true" } # (4 unchanged attributes hidden) } Plan: 1 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: plan.tfplan To perform exactly these actions, run the following command to apply: terraform apply "plan.tfplan" Releasing state lock. This may take a few moments... ```
Show Conftest results ```sh WARN - plan.json - main - Missing Common Tags: ["module.sentinel_forwarder.aws_cloudwatch_log_group.sentinel_forwarder_lambda"] WARN - plan.json - main - Missing Common Tags: ["module.sentinel_forwarder.aws_iam_policy.sentinel_forwarder_lambda"] WARN - plan.json - main - Missing Common Tags: ["module.sentinel_forwarder.aws_iam_role.sentinel_forwarder_lambda"] WARN - plan.json - main - Missing Common Tags: ["module.sentinel_forwarder.aws_lambda_function.sentinel_forwarder"] 21 tests, 17 passed, 4 warnings, 0 failures, 0 exceptions ```