refactor: Address PR feedback - use bool for dry_run, remove default memory_size

SanjayChopraNHS · SanjayChopraNHS · commit 859f1b0aeb82 · 2025-12-09T12:42:10.000Z
diff --git a/infrastructure/dev.tfvars b/infrastructure/dev.tfvars
@@ -14,4 +14,4 @@ apim_environment = "internal-dev."
 kms_deletion_window = 7
 
 # SSH Key Management
-ssh_key_management_dry_run = "true" # Enable dry-run for dev environment
+ssh_key_management_dry_run = true # Enable dry-run for dev environment
diff --git a/infrastructure/lambda-transfer-key-manager.tf b/infrastructure/lambda-transfer-key-manager.tf
@@ -3,8 +3,7 @@ module "transfer-key-manager-lambda" {
   source         = "./modules/lambda"
   name           = "TransferKeyManagerLambda"
   handler        = "handlers.transfer_key_manager_handler.lambda_handler"
-  lambda_timeout = 300
-  memory_size    = 512
+  lambda_timeout = 300 # 5 minutes - needed for iterating through all Transfer Family servers/users
 
   iam_role_policy_documents = [
     data.aws_iam_policy_document.transfer_key_manager_policy.json,
@@ -21,7 +20,7 @@ module "transfer-key-manager-lambda" {
     APPCONFIG_CONFIGURATION = module.ndr-app-config.app_config_configuration_profile_id
     WORKSPACE               = terraform.workspace
     PRM_MAILBOX_EMAIL       = data.aws_ssm_parameter.prm_mailbox_email.value
-    DRY_RUN                 = var.ssh_key_management_dry_run
+    DRY_RUN                 = tostring(var.ssh_key_management_dry_run)
   }
 
   is_gateway_integration_needed = false
diff --git a/infrastructure/preprod.tfvars b/infrastructure/preprod.tfvars
@@ -12,6 +12,6 @@ cloud_security_email_param_environment = "pre-prod"
 apim_environment = "int."
 
 # SSH Key Management
-ssh_key_management_dry_run = "false" # Disable dry-run for preprod (test real deletion)
+ssh_key_management_dry_run = false # Disable dry-run for preprod (test real deletion)
 
 deletion_protection_enabled = true
diff --git a/infrastructure/prod.tfvars b/infrastructure/prod.tfvars
@@ -12,6 +12,6 @@ cloud_security_email_param_environment = "prod"
 apim_environment = ""
 
 # SSH Key Management
-ssh_key_management_dry_run = "false" # Disable dry-run for production
+ssh_key_management_dry_run = false # Disable dry-run for production
 
 deletion_protection_enabled = true
diff --git a/infrastructure/test.tfvars b/infrastructure/test.tfvars
@@ -12,4 +12,4 @@ cloud_security_email_param_environment = "ndr-test"
 apim_environment = "internal-qa."
 
 # SSH Key Management
-ssh_key_management_dry_run = "true" # Enable dry-run for test environment
+ssh_key_management_dry_run = true # Enable dry-run for test environment
diff --git a/infrastructure/variable.tf b/infrastructure/variable.tf
@@ -318,6 +318,6 @@ variable "kms_deletion_window" {
 # SSH Key Management Variables
 variable "ssh_key_management_dry_run" {
   description = "Enable dry-run mode for SSH key management (no keys will be deleted)"
-  type        = string
-  default     = "false"
+  type        = bool
+  default     = false
 }

Original file line number	Diff line number	Diff line change
`@@ -318,6 +318,6 @@ variable "kms_deletion_window" {`
`318`	`318`	`# SSH Key Management Variables`
`319`	`319`	`variable "ssh_key_management_dry_run" {`
`320`	`320`	`description = "Enable dry-run mode for SSH key management (no keys will be deleted)"`
`321`		`- type = string`
`322`		`- default = "false"`
	`321`	`+ type = bool`
	`322`	`+ default = false`
`323`	`323`	`}`