fix(data-migration): FTRS-2587 data migration table name fix (#850)

AndrzejPietrzak1Nhs · mmg-nhse · web-flow · commit b13490f6f645 · 2026-02-11T11:17:17.000+01:00
* fix(data-migration): FTRS-2587 data migration table name fix

* fix(data-migration): FTRS-2587 bump dependencies

* fix: FTRS-2587 Fix type inconsistency in KMS

* fix: FTRS-2587 Fix type inconsistency in KMS

* fix: FTRS-2587 Fix type inconsistency in KMS

* fix: FTRS-2587 Fix type inconsistency in KMS

---------

Co-authored-by: Michaela McGrath &lt;michaela.mcgrath1@nhs.net&gt;
diff --git a/infrastructure/stacks/account_wide/kms.tf b/infrastructure/stacks/account_wide/kms.tf
@@ -27,7 +27,8 @@ module "secrets_manager_encryption_key" {
         "kms:GenerateDataKey*",
         "kms:DescribeKey"
       ]
-      Resource = "*"
+      Resource  = "*"
+      Condition = {}
     },
     {
       Sid    = "AllowGitHubRunnerAccess"
@@ -44,13 +45,14 @@ module "secrets_manager_encryption_key" {
         "kms:GenerateDataKey*",
         "kms:DescribeKey"
       ]
-      Resource = "*"
+      Resource  = "*"
+      Condition = {}
     },
     {
       Sid    = "AllowAthenaConnectorSecretsAccess"
       Effect = "Allow"
       Principal = {
-        AWS = "*"
+        AWS = ["*"]
       }
       Action = [
         "kms:Decrypt",
@@ -171,4 +173,4 @@ module "firehose_encryption_key" {
   account_id       = data.aws_caller_identity.current.account_id
   aws_service_name = "firehose.amazonaws.com"
   description      = "Encryption key for Firehose in ${var.environment} environment"
-}
+}
diff --git a/tests/service_automation/poetry.lock b/tests/service_automation/poetry.lock
diff --git a/tests/service_automation/pyproject.toml b/tests/service_automation/pyproject.toml
@@ -28,6 +28,7 @@ dependencies = [
   "pytest-nhsd-apim (>=6.0.6,<7.0.0)",
   "authlib (>=1.6.6,<2.0.0)",
   "deepdiff==8.6.1",
+  "cryptography>=46.0.5"
 ]
 
 [build-system]
diff --git a/tests/service_automation/tests/step_definitions/common_steps/data_migration_steps.py b/tests/service_automation/tests/step_definitions/common_steps/data_migration_steps.py
@@ -20,6 +20,7 @@
 from utilities.common.data_migration_shared_steps import (
     get_state_record_by_id,
 )
+from utilities.common.dynamoDB_tables import get_table_name
 from utilities.common.log_helper import (
     get_mock_logger_from_context,
     verify_error_log_present,
@@ -525,11 +526,7 @@ def verify_no_records_in_table(
     table_name: str,
 ) -> None:
     """Verify that a DynamoDB table contains no records."""
-    environment = os.getenv(ENV_ENVIRONMENT)
-    workspace = os.getenv(ENV_WORKSPACE)
-
-    full_table_name = f"ftrs-dos-{environment}-database-{table_name}-{workspace}"
-
+    full_table_name = get_table_name(table_name)
     client = dynamodb[DYNAMODB_CLIENT]
     response = client.scan(TableName=full_table_name)
 

Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,7 @@ dependencies = [`
`28`	`28`	`"pytest-nhsd-apim (>=6.0.6,<7.0.0)",`
`29`	`29`	`"authlib (>=1.6.6,<2.0.0)",`
`30`	`30`	`"deepdiff==8.6.1",`
	`31`	`+ "cryptography>=46.0.5"`
`31`	`32`	`]`
`32`	`33`
`33`	`34`	`[build-system]`