Closed donaldgray closed 1 year ago
The diff from terraform plan
is very large but doesn't look too bad to me – I think it's being overly verbose when bits of the CloudFront get shuffled.
The code changes look fine. Do you want me to apply this?
@alexwlchan - yes, please apply when you get a minute. That is a crazy long output for 0 to add, 3 to change, 5 to destroy
!
Applying now!
Applied!
What's changing and why?
We have now released new versions of iiif-builder/dds and DLCS. This change rollsback some temporary changes that were made to lower environments to facilitate testing. Changes:
dlcs.io
rather thanneworchestrator.dlcs.io
. Latter was an alias for Protagonist before it was deployed to production.terraform plan
diffUnable to plan changes to CF distro as I do not have appropriate permissions.
Changes for invalidation lambda include other environment but I suspect that is due to s3 object changing.
output of
```hcl Terraform will perform the following actions: # aws_sns_topic_policy.iiif_stage_new will be destroyed # (because aws_sns_topic_policy.iiif_stage_new is not in configuration) - resource "aws_sns_topic_policy" "iiif_stage_new" { } # module.api_prod.aws_lambda_function.cloudfront_invalidation will be updated in-place ~ resource "aws_lambda_function" "cloudfront_invalidation" { id = "api-prod-cloudfront_invalidation" ~ last_modified = "2023-02-23T09:09:41.000+0000" -> (known after apply) ~ qualified_arn = "arn:aws:lambda:eu-west-1:760097843905:function:api-prod-cloudfront_invalidation:4" -> (known after apply) ~ qualified_invoke_arn = "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:760097843905:function:api-prod-cloudfront_invalidation:4/invocations" -> (known after apply) ~ s3_object_version = "uRaHFpGwUQII7w2TLchScZaUVmyMw8wN" -> "9ttBHo3Yk6pWw7alYF_lCFY1G.VdJWOw" tags = {} ~ version = "4" -> (known after apply) # (19 unchanged attributes hidden) # (3 unchanged blocks hidden) } # module.api_stage.aws_lambda_function.cloudfront_invalidation will be updated in-place ~ resource "aws_lambda_function" "cloudfront_invalidation" { id = "api-stage-cloudfront_invalidation" ~ last_modified = "2023-02-23T09:09:41.000+0000" -> (known after apply) ~ qualified_arn = "arn:aws:lambda:eu-west-1:760097843905:function:api-stage-cloudfront_invalidation:4" -> (known after apply) ~ qualified_invoke_arn = "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:760097843905:function:api-stage-cloudfront_invalidation:4/invocations" -> (known after apply) ~ s3_object_version = "uRaHFpGwUQII7w2TLchScZaUVmyMw8wN" -> "9ttBHo3Yk6pWw7alYF_lCFY1G.VdJWOw" tags = {} ~ version = "4" -> (known after apply) # (19 unchanged attributes hidden) # (3 unchanged blocks hidden) } # module.iiif_prod.aws_lambda_function.cloudfront_invalidation will be updated in-place ~ resource "aws_lambda_function" "cloudfront_invalidation" { id = "iiif-prod-cloudfront_invalidation" ~ last_modified = "2023-02-23T09:09:41.000+0000" -> (known after apply) ~ qualified_arn = "arn:aws:lambda:eu-west-1:760097843905:function:iiif-prod-cloudfront_invalidation:4" -> (known after apply) ~ qualified_invoke_arn = "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:760097843905:function:iiif-prod-cloudfront_invalidation:4/invocations" -> (known after apply) ~ s3_object_version = "uRaHFpGwUQII7w2TLchScZaUVmyMw8wN" -> "9ttBHo3Yk6pWw7alYF_lCFY1G.VdJWOw" tags = {} ~ version = "4" -> (known after apply) # (19 unchanged attributes hidden) # (3 unchanged blocks hidden) } # module.iiif_stage.aws_lambda_function.cloudfront_invalidation will be updated in-place ~ resource "aws_lambda_function" "cloudfront_invalidation" { id = "iiif-stage-cloudfront_invalidation" ~ last_modified = "2023-02-23T09:09:41.000+0000" -> (known after apply) ~ qualified_arn = "arn:aws:lambda:eu-west-1:760097843905:function:iiif-stage-cloudfront_invalidation:4" -> (known after apply) ~ qualified_invoke_arn = "arn:aws:apigateway:eu-west-1:lambda:path/2015-03-31/functions/arn:aws:lambda:eu-west-1:760097843905:function:iiif-stage-cloudfront_invalidation:4/invocations" -> (known after apply) ~ s3_object_version = "uRaHFpGwUQII7w2TLchScZaUVmyMw8wN" -> "9ttBHo3Yk6pWw7alYF_lCFY1G.VdJWOw" tags = {} ~ version = "4" -> (known after apply) # (19 unchanged attributes hidden) # (3 unchanged blocks hidden) } # module.iiif_stage_new.aws_iam_role.cloudfront_invalidation_exec_role will be destroyed # (because aws_iam_role.cloudfront_invalidation_exec_role is not in configuration) - resource "aws_iam_role" "cloudfront_invalidation_exec_role" { } # module.iiif_stage_new.aws_iam_role_policy.lambda_invalidate_cloudfront_distro will be destroyed # (because aws_iam_role_policy.lambda_invalidate_cloudfront_distro is not in configuration) - resource "aws_iam_role_policy" "lambda_invalidate_cloudfront_distro" { } # module.iiif_stage_new.aws_iam_role_policy_attachment.basic_execution_role will be destroyed # (because aws_iam_role_policy_attachment.basic_execution_role is not in configuration) - resource "aws_iam_role_policy_attachment" "basic_execution_role" { } # module.iiif_stage_new.aws_lambda_function.cloudfront_invalidation will be destroyed # (because aws_lambda_function.cloudfront_invalidation is not in configuration) - resource "aws_lambda_function" "cloudfront_invalidation" { } # module.iiif_stage_new.aws_lambda_permission.execute_from_sns will be destroyed # (because aws_lambda_permission.execute_from_sns is not in configuration) - resource "aws_lambda_permission" "execute_from_sns" { } # module.iiif_stage_new.aws_sns_topic.sns_invalidation_topic will be destroyed # (because aws_sns_topic.sns_invalidation_topic is not in configuration) - resource "aws_sns_topic" "sns_invalidation_topic" { } # module.iiif_stage_new.aws_sns_topic_subscription.invalidation_lambda_target will be destroyed # (because aws_sns_topic_subscription.invalidation_lambda_target is not in configuration) - resource "aws_sns_topic_subscription" "invalidation_lambda_target" { } # module.iiif_test.aws_lambda_function.cloudfront_invalidation will be updated in-place ~ resource "aws_lambda_function" "cloudfront_invalidation" { } Plan: 0 to add, 5 to change, 8 to destroy. ```terraform plan
for CF invalidation