Skip to content

Commit ed3c27c

Browse files
mfjarvismfjarvis
authored
Merge branch 'master' into VED-26-add-config
2 parents 7b964d7 + af6c41e commit ed3c27c

File tree

3 files changed

+25
-10
lines changed

3 files changed

+25
-10
lines changed

terraform/forwarder_lambda.tf

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -185,6 +185,15 @@ resource "aws_iam_policy" "forwarding_lambda_exec_policy" {
185185
"sqs:SendMessage"
186186
]
187187
Resource = aws_sqs_queue.fifo_queue.arn
188+
},
189+
{
190+
Effect = "Allow",
191+
Action = [
192+
"ec2:CreateNetworkInterface",
193+
"ec2:DescribeNetworkInterfaces",
194+
"ec2:DeleteNetworkInterface"
195+
],
196+
Resource = "*"
188197
}
189198
]
190199
})
@@ -209,12 +218,19 @@ resource "aws_lambda_function" "forwarding_lambda" {
209218
size = 1024
210219
}
211220

221+
vpc_config {
222+
subnet_ids = local.private_subnet_ids
223+
security_group_ids = [data.aws_security_group.existing_securitygroup.id]
224+
}
225+
212226
environment {
213227
variables = {
214228
SOURCE_BUCKET_NAME = aws_s3_bucket.batch_data_source_bucket.bucket
215229
ACK_BUCKET_NAME = aws_s3_bucket.batch_data_destination_bucket.bucket
216230
DYNAMODB_TABLE_NAME = aws_dynamodb_table.events-dynamodb-table.name
217231
SQS_QUEUE_URL = aws_sqs_queue.fifo_queue.url
232+
REDIS_HOST = data.aws_elasticache_cluster.existing_redis.cache_nodes[0].address
233+
REDIS_PORT = data.aws_elasticache_cluster.existing_redis.cache_nodes[0].port
218234
}
219235
}
220236
kms_key_arn = data.aws_kms_key.existing_lambda_encryption_key.arn

terraform/s3_config.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@ resource "aws_s3_bucket_lifecycle_configuration" "data_destinations" {
192192
}
193193

194194
resource "aws_s3_bucket" "batch_config_bucket" {
195-
bucket = "imms-${local.environment}-supplier-config"
195+
bucket = "imms-${local.environment}-fhir-config"
196196
}
197197

198198
resource "aws_s3_bucket_public_access_block" "batch_config_bucket_public_access_block" {

terraform/variables.tf

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,20 +15,19 @@ variable "aws_region" {
1515
}
1616

1717
locals {
18-
environment = terraform.workspace == "green" ? "prod" : terraform.workspace == "blue" ? "prod" : terraform.workspace
19-
env = terraform.workspace
20-
prefix = "${var.project_name}-${var.service}-${local.env}"
21-
short_prefix = "${var.project_short_name}-${local.env}"
22-
batch_prefix = "immunisation-batch-${local.env}"
23-
config_env = local.environment == "prod" ? "prod" : "dev"
24-
config_bucket_env = local.environment == "prod" ? "prod" : "internal-dev"
18+
environment = terraform.workspace == "green" ? "prod" : terraform.workspace == "blue" ? "prod" : terraform.workspace
19+
env = terraform.workspace
20+
prefix = "${var.project_name}-${var.service}-${local.env}"
21+
short_prefix = "${var.project_short_name}-${local.env}"
22+
batch_prefix = "immunisation-batch-${local.env}"
23+
config_env = local.environment == "prod" ? "prod" : "dev"
2524

2625
root_domain = "${local.config_env}.vds.platform.nhs.uk"
2726
project_domain_name = data.aws_route53_zone.project_zone.name
2827
service_domain_name = "${local.env}.${local.project_domain_name}"
2928

30-
config_bucket_arn = aws_s3_bucket.batch_config_bucket.arn
31-
config_bucket_name = aws_s3_bucket.batch_config_bucket.bucket
29+
config_bucket_arn = aws_s3_bucket.batch_config_bucket.arn
30+
config_bucket_name = aws_s3_bucket.batch_config_bucket.bucket
3231

3332

3433
# Public subnet - The subnet has a direct route to an internet gateway. Resources in a public subnet can access the public internet.

0 commit comments

Comments
 (0)