search

wellcomecollection / platform-infrastructure

:building_construction: Infrastructure for the Wellcome Digital Platform
MIT License
24 stars 8 forks source link

remove config to destroy #414

Closed agnesgaroux closed 7 months ago

agnesgaroux commented 7 months ago

What's changing and why?

NOT APPLIED https://github.com/wellcomecollection/platform-infrastructure/issues/409 This doesn't delete cloudfront/roadmap.wellcomecollection.org/terraform.tf and cloudfront/roadmap.wellcomecollection.org/provider.tf. I tried deleting the whole content of cloudfront/roadmap.wellcomecollection.org/ but then terraform plan -destroy returned no change

No changes. No objects need to be destroyed.
Either you have not created any objects yet or the existing objects were already deleted outside of Terraform.

Not sure what the best practice is to delete the state ("terraform/platform-infrastructure/cloudfront/roadmap_wc_org.tfstate") once the infra is gone

terraform plan diff

Terraform will perform the following actions:

  # module.cert.aws_acm_certificate.cert will be destroyed
  # (because aws_acm_certificate.cert is not in configuration)
  - resource "aws_acm_certificate" "cert" {
      - arn                       = "arn:aws:acm:us-east-1:760097843905:certificate/fa0753dd-f53c-4566-9999-7c3baad8eabc" -> null
      - domain_name               = "roadmap.wellcomecollection.org" -> null
      - domain_validation_options = [
          - {
              - domain_name           = "roadmap.wellcomecollection.org"
              - resource_record_name  = "_f984236bb5302d257b1e56b405c54584.roadmap.wellcomecollection.org."
              - resource_record_type  = "CNAME"
              - resource_record_value = "_2005e6afa3923db94eda0a3c09a592d5.tfmgdnztqk.acm-validations.aws."
            },
        ] -> null
      - id                        = "arn:aws:acm:us-east-1:760097843905:certificate/fa0753dd-f53c-4566-9999-7c3baad8eabc" -> null
      - key_algorithm             = "RSA_2048" -> null
      - not_after                 = "2024-04-30T23:59:59Z" -> null
      - not_before                = "2023-04-03T00:00:00Z" -> null
      - pending_renewal           = false -> null
      - renewal_eligibility       = "ELIGIBLE" -> null
      - renewal_summary           = [
          - {
              - renewal_status        = "SUCCESS"
              - renewal_status_reason = ""
              - updated_at            = "2023-04-03T06:44:41Z"
            },
        ] -> null
      - status                    = "ISSUED" -> null
      - subject_alternative_names = [
          - "roadmap.wellcomecollection.org",
        ] -> null
      - tags                      = {} -> null
      - tags_all                  = {} -> null
      - type                      = "AMAZON_ISSUED" -> null
      - validation_emails         = [] -> null
      - validation_method         = "DNS" -> null

      - options {
          - certificate_transparency_logging_preference = "ENABLED" -> null
        }
    }

  # module.cert.aws_acm_certificate_validation.validation will be destroyed
  # (because aws_acm_certificate_validation.validation is not in configuration)
  - resource "aws_acm_certificate_validation" "validation" {
      - certificate_arn         = "arn:aws:acm:us-east-1:760097843905:certificate/fa0753dd-f53c-4566-9999-7c3baad8eabc" -> null
      - id                      = "2023-04-03 06:44:40.968 +0000 UTC" -> null
      - validation_record_fqdns = [
          - "_f984236bb5302d257b1e56b405c54584.roadmap.wellcomecollection.org",
        ] -> null
    }

  # module.cert.aws_route53_record.cert_validation["roadmap.wellcomecollection.org"] will be destroyed
  # (because aws_route53_record.cert_validation is not in configuration)
  - resource "aws_route53_record" "cert_validation" {
      - fqdn                             = "_f984236bb5302d257b1e56b405c54584.roadmap.wellcomecollection.org" -> null
      - id                               = "Z0902614YH73JBCZG1MA__f984236bb5302d257b1e56b405c54584.roadmap.wellcomecollection.org_CNAME" -> null
      - multivalue_answer_routing_policy = false -> null
      - name                             = "_f984236bb5302d257b1e56b405c54584.roadmap.wellcomecollection.org" -> null
      - records                          = [
          - "_2005e6afa3923db94eda0a3c09a592d5.tfmgdnztqk.acm-validations.aws.",
        ] -> null
      - ttl                              = 60 -> null
      - type                             = "CNAME" -> null
      - zone_id                          = "Z0902614YH73JBCZG1MA" -> null
    }

  # module.productboard-wellcomecollection.aws_cloudfront_distribution.productboard will be destroyed
  # (because aws_cloudfront_distribution.productboard is not in configuration)
  - resource "aws_cloudfront_distribution" "productboard" {
      - aliases                        = [
          - "roadmap.wellcomecollection.org",
        ] -> null
      - arn                            = "arn:aws:cloudfront::760097843905:distribution/ETR98785KQ4OJ" -> null
      - caller_reference               = "1593606176637" -> null
      - comment                        = "productboard (roadmap)" -> null
      - domain_name                    = "d9ovahxzhzd8x.cloudfront.net" -> null
      - enabled                        = true -> null
      - etag                           = "EBCFBIC61987E" -> null
      - hosted_zone_id                 = "Z2FDTNDATAQYW2" -> null
      - http_version                   = "http2" -> null
      - id                             = "ETR98785KQ4OJ" -> null
      - in_progress_validation_batches = 0 -> null
      - is_ipv6_enabled                = true -> null
      - last_modified_time             = "2020-09-04 13:05:52.5 +0000 UTC" -> null
      - price_class                    = "PriceClass_100" -> null
      - retain_on_delete               = false -> null
      - staging                        = false -> null
      - status                         = "Deployed" -> null
      - tags                           = {} -> null
      - tags_all                       = {} -> null
      - trusted_key_groups             = [
          - {
              - enabled = false
              - items   = []
            },
        ] -> null
      - trusted_signers                = [
          - {
              - enabled = false
              - items   = []
            },
        ] -> null
      - wait_for_deployment            = true -> null

      - default_cache_behavior {
          - allowed_methods        = [
              - "DELETE",
              - "GET",
              - "HEAD",
              - "OPTIONS",
              - "PATCH",
              - "POST",
              - "PUT",
            ] -> null
          - cached_methods         = [
              - "GET",
              - "HEAD",
            ] -> null
          - compress               = false -> null
          - default_ttl            = 86400 -> null
          - max_ttl                = 31536000 -> null
          - min_ttl                = 0 -> null
          - smooth_streaming       = false -> null
          - target_origin_id       = "productboard" -> null
          - trusted_key_groups     = [] -> null
          - trusted_signers        = [] -> null
          - viewer_protocol_policy = "redirect-to-https" -> null

          - forwarded_values {
              - headers                 = [
                  - "Host",
                ] -> null
              - query_string            = true -> null
              - query_string_cache_keys = [] -> null

              - cookies {
                  - forward           = "none" -> null
                  - whitelisted_names = [] -> null
                }
            }
        }

      - origin {
          - connection_attempts = 3 -> null
          - connection_timeout  = 10 -> null
          - domain_name         = "portal.productboard.com" -> null
          - origin_id           = "productboard" -> null

          - custom_origin_config {
              - http_port                = 80 -> null
              - https_port               = 443 -> null
              - origin_keepalive_timeout = 5 -> null
              - origin_protocol_policy   = "https-only" -> null
              - origin_read_timeout      = 30 -> null
              - origin_ssl_protocols     = [
                  - "TLSv1",
                  - "TLSv1.1",
                  - "TLSv1.2",
                ] -> null
            }
        }

      - restrictions {
          - geo_restriction {
              - locations        = [] -> null
              - restriction_type = "none" -> null
            }
        }

      - viewer_certificate {
          - acm_certificate_arn            = "arn:aws:acm:us-east-1:760097843905:certificate/fa0753dd-f53c-4566-9999-7c3baad8eabc" -> null
          - cloudfront_default_certificate = false -> null
          - minimum_protocol_version       = "TLSv1.2_2018" -> null
          - ssl_support_method             = "sni-only" -> null
        }
    }

Plan: 0 to add, 0 to change, 4 to destroy.
kenoir commented 7 months ago

You can perform a terraform destroy in cloudfront/roadmap.wellcomecollection.org instead of the deletion, and then delete the whole folder when successfully destroyed.