Merge pull request #768 from NHSDigital/feature/made14-NRL-853-fixup-s3-bucket-tags

[NRL-853] Fixup S3 bucket tag values

Author: mattdean3-nhs

terraform/account-wide-infrastructure/dev/aws-backup.tf

@@ -64,15 +64,6 @@ resource "aws_s3_bucket_acl" "backup_reports" {
   acl    = "private"
 }
 
-# We need a key for the SNS topic that will be used for notifications from AWS Backup. This key
-# will be used to encrypt the messages sent to the topic before they are sent to the subscribers,
-# but isn't needed by the recipients of the messages.
-
-# First we need some contextual data
-data "aws_caller_identity" "current" {}
-data "aws_region" "current" {}
-
-# Now we can define the key itself
 resource "aws_kms_key" "backup_notifications" {
   description             = "KMS key for AWS Backup notifications"
   deletion_window_in_days = 7
@@ -101,8 +92,6 @@ resource "aws_kms_key" "backup_notifications" {
   })
 }
 
-# Now we can deploy the source and destination modules, referencing the resources we've created above.
-
 module "source" {
   source = "../modules/backup-source"
 

terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf

@@ -82,6 +82,6 @@ resource "aws_backup_selection" "dynamodb" {
   selection_tag {
     key   = var.backup_plan_config_dynamodb.selection_tag
     type  = "STRINGEQUALS"
-    value = "true"
+    value = "True"
   }
 }

terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf

@@ -5,7 +5,7 @@ resource "aws_s3_bucket" "authorization-store" {
   tags = {
     Name                  = "authorization store"
     Environment           = "${var.name_prefix}"
-    NHSE-Enable-S3-Backup = "${var.enable_backups}"
+    NHSE-Enable-S3-Backup = var.enable_backups ? "True" : "False"
   }
 }
 

terraform/account-wide-infrastructure/modules/pointers-table/dynamodb.tf

@@ -52,5 +52,7 @@ resource "aws_dynamodb_table" "pointers" {
     enabled = var.enable_pitr
   }
 
-  tags = { NHSE-Enable-DDB-Backup = "${var.enable_backups}" }
+  tags = {
+    NHSE-Enable-DDB-Backup = var.enable_backups ? "True" : "False"
+  }
 }

terraform/account-wide-infrastructure/modules/truststore-bucket/s3.tf

@@ -1,7 +1,9 @@
 resource "aws_s3_bucket" "api_truststore" {
   bucket        = "${var.name_prefix}-api-truststore"
   force_destroy = var.enable_bucket_force_destroy
-  tags          = { NHSE-Enable-S3-Backup = "${var.enable_backups}" }
+  tags = {
+    NHSE-Enable-S3-Backup = var.enable_backups ? "True" : "False"
+  }
 }
 
 resource "aws_s3_bucket_policy" "api_truststore_bucket_policy" {