FIxed batch

robertnovac1 · robertnovac1 · commit 733770cee836 · 2025-08-01T18:46:00.000+01:00
diff --git a/infra/s3_source_bucket.tf b/infra/s3_source_bucket.tf
@@ -1,5 +1,5 @@
 locals {
-  bucket_name = local.immunisation_account_id == "084828561157" ? "immunisation-batch-${local.account}-preprod-data-sources" : "immunisation-batch-${local.account}-data-sources"
+  bucket_name = local.immunisation_account_id == "084828561157" ? "immunisation-batch-preprod-${local.account}-data-sources" : "immunisation-batch-${local.account}-data-sources"
 }
 
 # Overall entry point into batch in prod. Files are forwarded into the appropriate blue / green bucket.
diff --git a/terraform/Makefile b/terraform/Makefile
@@ -60,3 +60,7 @@ catch-all-zip:
 
 tf-%:
 	$(tf_cmd) $*
+
+import: 
+	$(tf_cmd) import $(tf_vars) $(to) $(id)
+
diff --git a/terraform/file_name_processor.tf b/terraform/file_name_processor.tf
@@ -291,7 +291,7 @@ resource "aws_lambda_function" "file_processor_lambda" {
       SPLUNK_FIREHOSE_NAME       = module.splunk.firehose_stream_name
       AUDIT_TABLE_NAME           = aws_dynamodb_table.audit-table.name
       FILE_NAME_GSI              = "filename_index"
-      FILE_NAME_PROC_LAMBDA_NAME = "imms-${local.env}-filenameproc_lambda"
+      FILE_NAME_PROC_LAMBDA_NAME = "${local.short_prefix}-filenameproc_lambda"
 
     }
   }
diff --git a/terraform/s3_config.tf b/terraform/s3_config.tf
@@ -92,12 +92,14 @@ resource "aws_s3_bucket_lifecycle_configuration" "datasources_lifecycle" {
   }
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket" "batch_data_destination_bucket" {
   # Deliberately not using `local.batch_prefix` as we don't want separate blue / green destinations in prod.
   bucket        = "immunisation-batch-${local.unique_name}-data-destinations"
   force_destroy = local.is_temp
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_public_access_block" "batch_data_destination_bucket_public_access_block" {
   bucket = aws_s3_bucket.batch_data_destination_bucket.id
 
@@ -107,6 +109,7 @@ resource "aws_s3_bucket_public_access_block" "batch_data_destination_bucket_publ
   restrict_public_buckets = true
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_policy" "batch_data_destination_bucket_policy" {
   bucket = aws_s3_bucket.batch_data_destination_bucket.id
   policy = jsonencode({
@@ -151,6 +154,7 @@ resource "aws_s3_bucket_policy" "batch_data_destination_bucket_policy" {
   })
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_server_side_encryption_configuration" "s3_batch_destination_encryption" {
   bucket = aws_s3_bucket.batch_data_destination_bucket.id
 
@@ -162,6 +166,7 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "s3_batch_destinat
   }
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_lifecycle_configuration" "data_destinations" {
   bucket = aws_s3_bucket.batch_data_destination_bucket.id
 
@@ -192,13 +197,15 @@ resource "aws_s3_bucket_lifecycle_configuration" "data_destinations" {
   }
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket" "batch_config_bucket" {
   # For now, only create in internal-dev and prod as we only have one shared Redis instance per account.
   count = local.create_config_bucket ? 1 : 0
 
   bucket = "imms-${local.unique_name}-supplier-config"
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_public_access_block" "batch_config_bucket_public_access_block" {
   count = local.create_config_bucket ? 1 : 0
 
@@ -210,6 +217,7 @@ resource "aws_s3_bucket_public_access_block" "batch_config_bucket_public_access_
   restrict_public_buckets = true
 }
 
+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run
 resource "aws_s3_bucket_policy" "batch_config_bucket_policy" {
   count = local.create_config_bucket ? 1 : 0
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`locals {`
`2`		`- bucket_name = local.immunisation_account_id == "084828561157" ? "immunisation-batch-${local.account}-preprod-data-sources" : "immunisation-batch-${local.account}-data-sources"`
	`2`	`+ bucket_name = local.immunisation_account_id == "084828561157" ? "immunisation-batch-preprod-${local.account}-data-sources" : "immunisation-batch-${local.account}-data-sources"`
`3`	`3`	`}`
`4`	`4`
`5`	`5`	`# Overall entry point into batch in prod. Files are forwarded into the appropriate blue / green bucket.`
Original file line number	Diff line number	Diff line change
`@@ -291,7 +291,7 @@ resource "aws_lambda_function" "file_processor_lambda" {`
`291`	`291`	`SPLUNK_FIREHOSE_NAME = module.splunk.firehose_stream_name`
`292`	`292`	`AUDIT_TABLE_NAME = aws_dynamodb_table.audit-table.name`
`293`	`293`	`FILE_NAME_GSI = "filename_index"`
`294`		`- FILE_NAME_PROC_LAMBDA_NAME = "imms-${local.env}-filenameproc_lambda"`
	`294`	`+ FILE_NAME_PROC_LAMBDA_NAME = "${local.short_prefix}-filenameproc_lambda"`
`295`	`295`
`296`	`296`	`}`
`297`	`297`	`}`
Original file line number	Diff line number	Diff line change
`@@ -92,12 +92,14 @@ resource "aws_s3_bucket_lifecycle_configuration" "datasources_lifecycle" {`
`92`	`92`	`}`
`93`	`93`	`}`
`94`	`94`
	`95`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`95`	`96`	`resource "aws_s3_bucket" "batch_data_destination_bucket" {`
`96`	`97`	# Deliberately not using `local.batch_prefix` as we don't want separate blue / green destinations in prod.
`97`	`98`	`bucket = "immunisation-batch-${local.unique_name}-data-destinations"`
`98`	`99`	`force_destroy = local.is_temp`
`99`	`100`	`}`
`100`	`101`
	`102`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`101`	`103`	`resource "aws_s3_bucket_public_access_block" "batch_data_destination_bucket_public_access_block" {`
`102`	`104`	`bucket = aws_s3_bucket.batch_data_destination_bucket.id`
`103`	`105`
`@@ -107,6 +109,7 @@ resource "aws_s3_bucket_public_access_block" "batch_data_destination_bucket_publ`
`107`	`109`	`restrict_public_buckets = true`
`108`	`110`	`}`
`109`	`111`
	`112`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`110`	`113`	`resource "aws_s3_bucket_policy" "batch_data_destination_bucket_policy" {`
`111`	`114`	`bucket = aws_s3_bucket.batch_data_destination_bucket.id`
`112`	`115`	`policy = jsonencode({`
`@@ -151,6 +154,7 @@ resource "aws_s3_bucket_policy" "batch_data_destination_bucket_policy" {`
`151`	`154`	`})`
`152`	`155`	`}`
`153`	`156`
	`157`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`154`	`158`	`resource "aws_s3_bucket_server_side_encryption_configuration" "s3_batch_destination_encryption" {`
`155`	`159`	`bucket = aws_s3_bucket.batch_data_destination_bucket.id`
`156`	`160`
`@@ -162,6 +166,7 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "s3_batch_destinat`
`162`	`166`	`}`
`163`	`167`	`}`
`164`	`168`
	`169`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`165`	`170`	`resource "aws_s3_bucket_lifecycle_configuration" "data_destinations" {`
`166`	`171`	`bucket = aws_s3_bucket.batch_data_destination_bucket.id`
`167`	`172`
`@@ -192,13 +197,15 @@ resource "aws_s3_bucket_lifecycle_configuration" "data_destinations" {`
`192`	`197`	`}`
`193`	`198`	`}`
`194`	`199`
	`200`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`195`	`201`	`resource "aws_s3_bucket" "batch_config_bucket" {`
`196`	`202`	`# For now, only create in internal-dev and prod as we only have one shared Redis instance per account.`
`197`	`203`	`count = local.create_config_bucket ? 1 : 0`
`198`	`204`
`199`	`205`	`bucket = "imms-${local.unique_name}-supplier-config"`
`200`	`206`	`}`
`201`	`207`
	`208`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`202`	`209`	`resource "aws_s3_bucket_public_access_block" "batch_config_bucket_public_access_block" {`
`203`	`210`	`count = local.create_config_bucket ? 1 : 0`
`204`	`211`
`@@ -210,6 +217,7 @@ resource "aws_s3_bucket_public_access_block" "batch_config_bucket_public_access_`
`210`	`217`	`restrict_public_buckets = true`
`211`	`218`	`}`
`212`	`219`
	`220`	`+# REQUIRES IMPORTING: Once deployed to green this needs to be imported to blue because resource exists after first run`
`213`	`221`	`resource "aws_s3_bucket_policy" "batch_config_bucket_policy" {`
`214`	`222`	`count = local.create_config_bucket ? 1 : 0`
`215`	`223`