Fixes

robertnovac1 · robertnovac1 · commit da522c79108c · 2025-07-25T14:58:55.000+01:00
diff --git a/terraform_old/Makefile b/terraform_old/Makefile
@@ -10,7 +10,7 @@ project_short_name = imms
 state_bucket = immunisation-preprod-terraform-state-files
 tf_state= -backend-config="bucket=$(state_bucket)"
 
-tf_vars= -var="project_name=$(project_name)" -var="project_short_name=$(project_short_name)" -var="aws_account_name=$(aws_account_name)"
+tf_vars= -var="project_name=$(project_name)" -var="project_short_name=$(project_short_name)" -var="aws_account_name=$(aws_account_name)" -var="environment=$(environment)"
 
 .PHONY : lock-provider workspace init plan apply clean destroy output state-list lambda-zip catch-all-zip
 
diff --git a/terraform_old/api_gateway/mtls_cert.tf b/terraform_old/api_gateway/mtls_cert.tf
@@ -1,6 +1,6 @@
 locals {
   # NHSD cert file
-  truststore_file_name = "server-renewed-cert.pem"
+  truststore_file_name = "server-renewed-cert-v2.pem"
 }
 
 data "aws_s3_bucket" "cert_storage" {
@@ -15,6 +15,14 @@ data "aws_s3_object" "cert" {
 resource "aws_s3_bucket" "truststore_bucket" {
   bucket        = "${var.prefix}-truststores"
   force_destroy = true
+
+}
+
+resource "aws_s3_bucket_versioning" "versioning" {
+  bucket = aws_s3_bucket.truststore_bucket.id
+  versioning_configuration {
+    status = "Enabled"
+  }
 }
 
 resource "aws_s3_object_copy" "copy_cert_from_storage" {
diff --git a/terraform_old/api_gateway/variables.tf b/terraform_old/api_gateway/variables.tf
@@ -4,7 +4,6 @@ variable "zone_id" {}
 variable "api_domain_name" {}
 variable "environment" {}
 variable "oas" {}
-variable "config_env" {}
 variable "aws_account_name" {}
 locals {
   environment = terraform.workspace == "green" ? "prod" : terraform.workspace == "blue" ? "prod" : terraform.workspace
diff --git a/terraform_old/endpoints.tf b/terraform_old/endpoints.tf
@@ -24,7 +24,7 @@ locals {
   imms_table_name = data.aws_dynamodb_table.events-dynamodb-table.name
   imms_lambda_env_vars = {
     "DYNAMODB_TABLE_NAME"    = local.imms_table_name,
-    "IMMUNIZATION_ENV"       = local.environment,
+    "IMMUNIZATION_ENV"       = var.aws_account_name,
     "IMMUNIZATION_BASE_PATH" = strcontains(local.environment, "pr-") ? "immunisation-fhir-api-${local.environment}" : "immunisation-fhir-api"
     # except for prod and ref, any other env uses PDS int environment
     "PDS_ENV"              = local.environment == "prod" ? "prod" : local.environment == "ref" ? "ref" : "int",
@@ -101,14 +101,14 @@ output "oas" {
 }
 
 module "api_gateway" {
-  source          = "./api_gateway"
-  prefix          = local.prefix
-  short_prefix    = local.short_prefix
-  zone_id         = data.aws_route53_zone.project_zone.zone_id
-  api_domain_name = local.service_domain_name
-  environment     = local.environment
-  oas             = local.oas
-  config_env      = local.config_env
+  source           = "./api_gateway"
+  prefix           = local.prefix
+  short_prefix     = local.short_prefix
+  zone_id          = data.aws_route53_zone.project_zone.zone_id
+  api_domain_name  = local.service_domain_name
+  environment      = local.environment
+  oas              = local.oas
+  aws_account_name = var.aws_account_name
 }
 
 
diff --git a/terraform_old/variables.tf b/terraform_old/variables.tf
@@ -1,6 +1,9 @@
 variable "profile" {
   default = "apim-dev"
 }
+
+variable "environment" {}
+
 variable "aws_account_name" {
   default = "int"
 }
@@ -83,15 +86,15 @@ data "aws_security_group" "existing_securitygroup" {
 }
 
 data "aws_s3_bucket" "existing_config_bucket" {
-  bucket = "imms-int-supplier-config"
+  bucket = "imms-${var.aws_account_name}-supplier-config"
 }
 
 data "aws_s3_bucket" "existing_destination_bucket" {
-  bucket = "immunisation-batch-int-preprod-data-destinations"
+  bucket = "immunisation-batch-${var.aws_account_name}-preprod-data-destinations"
 }
 
 data "aws_s3_bucket" "existing_source_bucket" {
-  bucket = "immunisation-batch-int-preprod-data-sources"
+  bucket = "immunisation-batch-${var.aws_account_name}-preprod-data-sources"
 }
 
 data "aws_kms_key" "existing_lambda_encryption_key" {
@@ -103,7 +106,7 @@ data "aws_kms_key" "existing_kinesis_encryption_key" {
 }
 
 data "aws_dynamodb_table" "events-dynamodb-table" {
-  name = "imms-int-imms-events"
+  name = "imms-${var.aws_account_name}-imms-events"
 }
 
 data "aws_dynamodb_table" "audit-table" {

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,9 @@`
`1`	`1`	`variable "profile" {`
`2`	`2`	`default = "apim-dev"`
`3`	`3`	`}`
	`4`	`+`
	`5`	`+variable "environment" {}`
	`6`	`+`
`4`	`7`	`variable "aws_account_name" {`
`5`	`8`	`default = "int"`
`6`	`9`	`}`
`@@ -83,15 +86,15 @@ data "aws_security_group" "existing_securitygroup" {`
`83`	`86`	`}`
`84`	`87`
`85`	`88`	`data "aws_s3_bucket" "existing_config_bucket" {`
`86`		`- bucket = "imms-int-supplier-config"`
	`89`	`+ bucket = "imms-${var.aws_account_name}-supplier-config"`
`87`	`90`	`}`
`88`	`91`
`89`	`92`	`data "aws_s3_bucket" "existing_destination_bucket" {`
`90`		`- bucket = "immunisation-batch-int-preprod-data-destinations"`
	`93`	`+ bucket = "immunisation-batch-${var.aws_account_name}-preprod-data-destinations"`
`91`	`94`	`}`
`92`	`95`
`93`	`96`	`data "aws_s3_bucket" "existing_source_bucket" {`
`94`		`- bucket = "immunisation-batch-int-preprod-data-sources"`
	`97`	`+ bucket = "immunisation-batch-${var.aws_account_name}-preprod-data-sources"`
`95`	`98`	`}`
`96`	`99`
`97`	`100`	`data "aws_kms_key" "existing_lambda_encryption_key" {`
`@@ -103,7 +106,7 @@ data "aws_kms_key" "existing_kinesis_encryption_key" {`
`103`	`106`	`}`
`104`	`107`
`105`	`108`	`data "aws_dynamodb_table" "events-dynamodb-table" {`
`106`		`- name = "imms-int-imms-events"`
	`109`	`+ name = "imms-${var.aws_account_name}-imms-events"`
`107`	`110`	`}`
`108`	`111`
`109`	`112`	`data "aws_dynamodb_table" "audit-table" {`