[NDR-50] add indexes

NogaNHS · NogaNHS · commit 2d3497e82f1b · 2025-05-23T15:39:09.000+01:00
diff --git a/infrastructure/iam.tf b/infrastructure/iam.tf
@@ -132,12 +132,13 @@ resource "aws_iam_policy" "s3_document_data_policy_for_get_doc_ref_lambda" {
 }
 
 data "aws_iam_policy_document" "assume_role_policy_for_get_doc_ref_lambda" {
+  count = local.is_production ? 0 : 1
   statement {
     actions = ["sts:AssumeRole"]
 
     principals {
       type        = "AWS"
-      identifiers = [module.get-doc-fhir-lambda.lambda_execution_role_arn]
+      identifiers = [module.get-doc-fhir-lambda[0].lambda_execution_role_arn]
     }
   }
 }
@@ -147,8 +148,9 @@ moved {
 }
 
 resource "aws_iam_role" "get_fhir_doc_presign_url_role" {
+  count              = local.is_production ? 0 : 1
   name               = "${terraform.workspace}_get_fhir_doc_presign_url_role"
-  assume_role_policy = data.aws_iam_policy_document.assume_role_policy_for_get_doc_ref_lambda.json
+  assume_role_policy = data.aws_iam_policy_document.assume_role_policy_for_get_doc_ref_lambda[0].json
 }
 
 moved {
@@ -157,7 +159,8 @@ moved {
 }
 
 resource "aws_iam_role_policy_attachment" "get_doc_presign_url" {
-  role       = aws_iam_role.get_fhir_doc_presign_url_role.name
+  count      = local.is_production ? 0 : 1
+  role       = aws_iam_role.get_fhir_doc_presign_url_role[0].name
   policy_arn = aws_iam_policy.s3_document_data_policy_for_get_doc_ref_lambda.arn
 }
 
diff --git a/infrastructure/lambda-get-document-fhir.tf b/infrastructure/lambda-get-document-fhir.tf
@@ -43,7 +43,7 @@ module "get-doc-fhir-lambda" {
     APPCONFIG_CONFIGURATION    = module.ndr-app-config.app_config_configuration_profile_id
     WORKSPACE                  = terraform.workspace
     ENVIRONMENT                = var.environment
-    PRESIGNED_ASSUME_ROLE      = aws_iam_role.get_fhir_doc_presign_url_role.arn
+    PRESIGNED_ASSUME_ROLE      = aws_iam_role.get_fhir_doc_presign_url_role[0].arn
     LLOYD_GEORGE_DYNAMODB_NAME = "${terraform.workspace}_${var.lloyd_george_dynamodb_table_name}"
     OIDC_CALLBACK_URL          = contains(["prod"], terraform.workspace) ? "https://${var.domain}/auth-callback" : "https://${terraform.workspace}.${var.domain}/auth-callback"
     CLOUDFRONT_URL             = module.cloudfront-distribution-lg.cloudfront_url

Original file line number	Diff line number	Diff line change
`@@ -132,12 +132,13 @@ resource "aws_iam_policy" "s3_document_data_policy_for_get_doc_ref_lambda" {`
`132`	`132`	`}`
`133`	`133`
`134`	`134`	`data "aws_iam_policy_document" "assume_role_policy_for_get_doc_ref_lambda" {`
	`135`	`+ count = local.is_production ? 0 : 1`
`135`	`136`	`statement {`
`136`	`137`	`actions = ["sts:AssumeRole"]`
`137`	`138`
`138`	`139`	`principals {`
`139`	`140`	`type = "AWS"`
`140`		`- identifiers = [module.get-doc-fhir-lambda.lambda_execution_role_arn]`
	`141`	`+ identifiers = [module.get-doc-fhir-lambda[0].lambda_execution_role_arn]`
`141`	`142`	`}`
`142`	`143`	`}`
`143`	`144`	`}`
`@@ -147,8 +148,9 @@ moved {`
`147`	`148`	`}`
`148`	`149`
`149`	`150`	`resource "aws_iam_role" "get_fhir_doc_presign_url_role" {`
	`151`	`+ count = local.is_production ? 0 : 1`
`150`	`152`	`name = "${terraform.workspace}_get_fhir_doc_presign_url_role"`
`151`		`- assume_role_policy = data.aws_iam_policy_document.assume_role_policy_for_get_doc_ref_lambda.json`
	`153`	`+ assume_role_policy = data.aws_iam_policy_document.assume_role_policy_for_get_doc_ref_lambda[0].json`
`152`	`154`	`}`
`153`	`155`
`154`	`156`	`moved {`
`@@ -157,7 +159,8 @@ moved {`
`157`	`159`	`}`
`158`	`160`
`159`	`161`	`resource "aws_iam_role_policy_attachment" "get_doc_presign_url" {`
`160`		`- role = aws_iam_role.get_fhir_doc_presign_url_role.name`
	`162`	`+ count = local.is_production ? 0 : 1`
	`163`	`+ role = aws_iam_role.get_fhir_doc_presign_url_role[0].name`
`161`	`164`	`policy_arn = aws_iam_policy.s3_document_data_policy_for_get_doc_ref_lambda.arn`
`162`	`165`	`}`
`163`	`166`