Skip to content

Commit dd7a290

Browse files
MohammadIqbalAD-NHSMohammadIqbalAD-NHS
committed
[PRMT-32] - Disable data collection ECS task on sandboxes
1 parent 37279ef commit dd7a290

File tree

3 files changed

+15
-15
lines changed

3 files changed

+15
-15
lines changed

infrastructure/ecr.tf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ module "ndr-docker-ecr-ui" {
77
owner = var.owner
88
}
99
module "ndr-docker-ecr-data-collection" {
10-
count = 1
10+
count = local.is_sandbox ? 0 : 1
1111
source = "./modules/ecr/"
1212
app_name = "${terraform.workspace}-data-collection"
1313
current_account_id = data.aws_caller_identity.current.account_id

infrastructure/ecs.tf

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ module "ndr-ecs-container-port-ssm-parameter" {
3333
}
3434

3535
module "ndr-ecs-fargate-data-collection" {
36-
count = 1
36+
count = local.is_sandbox ? 0 : 1
3737
source = "./modules/ecs"
3838
ecs_cluster_name = "data-collection"
3939
vpc_id = module.ndr-vpc-ui.vpc_id
@@ -93,7 +93,7 @@ module "ndr-ecs-fargate-data-collection" {
9393
}
9494

9595
resource "aws_iam_role" "data_collection_task_role" {
96-
count = 1
96+
count = local.is_sandbox ? 0 : 1
9797
name = "${terraform.workspace}_data_collection_task_role"
9898
assume_role_policy = jsonencode(
9999
{
@@ -115,55 +115,55 @@ resource "aws_iam_role" "data_collection_task_role" {
115115
}
116116

117117
resource "aws_iam_role_policy_attachment" "data_collection_lloyd_george_reference_dynamodb_table" {
118-
count = 1
118+
count = local.is_sandbox ? 0 : 1
119119
role = aws_iam_role.data_collection_task_role[0].name
120120
policy_arn = module.lloyd_george_reference_dynamodb_table.dynamodb_policy
121121
}
122122

123123
resource "aws_iam_role_policy_attachment" "data_collection_ssm_access_policy" {
124-
count = 1
124+
count = local.is_sandbox ? 0 : 1
125125
role = aws_iam_role.data_collection_task_role[0].name
126126
policy_arn = aws_iam_policy.ssm_access_policy.arn
127127
}
128128

129129
resource "aws_iam_role_policy_attachment" "data_collection_statistics_dynamodb_table" {
130-
count = 1
130+
count = local.is_sandbox ? 0 : 1
131131
role = aws_iam_role.data_collection_task_role[0].name
132132
policy_arn = module.statistics_dynamodb_table.dynamodb_policy
133133
}
134134

135135
resource "aws_iam_role_policy_attachment" "data_collection_statistical_reports_store" {
136-
count = 1
136+
count = local.is_sandbox ? 0 : 1
137137
role = aws_iam_role.data_collection_task_role[0].name
138138
policy_arn = module.statistical-reports-store.s3_object_access_policy
139139
}
140140

141141
resource "aws_iam_role_policy_attachment" "data_collection_app_config" {
142-
count = 1
142+
count = local.is_sandbox ? 0 : 1
143143
role = aws_iam_role.data_collection_task_role[0].name
144144
policy_arn = module.ndr-app-config.app_config_policy_arn
145145
}
146146

147147
resource "aws_iam_role_policy_attachment" "data_collection_lloyd_george_store" {
148-
count = 1
148+
count = local.is_sandbox ? 0 : 1
149149
role = aws_iam_role.data_collection_task_role[0].name
150150
policy_arn = module.ndr-lloyd-george-store.s3_list_object_policy
151151
}
152152

153153
resource "aws_iam_role_policy_attachment" "data_collection_document_store" {
154-
count = 1
154+
count = local.is_sandbox ? 0 : 1
155155
role = aws_iam_role.data_collection_task_role[0].name
156156
policy_arn = module.ndr-document-store.s3_list_object_policy
157157
}
158158

159159
resource "aws_iam_role_policy_attachment" "data_collection_document_reference_dynamodb_table" {
160-
count = 1
160+
count = local.is_sandbox ? 0 : 1
161161
role = aws_iam_role.data_collection_task_role[0].name
162162
policy_arn = module.document_reference_dynamodb_table.dynamodb_policy
163163
}
164164

165165
resource "aws_iam_role_policy_attachment" "data_collection_cloudwatch_log_query_policy" {
166-
count = 1
166+
count = local.is_sandbox ? 0 : 1
167167
role = aws_iam_role.data_collection_task_role[0].name
168168
policy_arn = aws_iam_policy.cloudwatch_log_query_policy.arn
169169
}

infrastructure/schedules.tf

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ resource "aws_lambda_permission" "statistical_report_schedule_permission" {
116116
}
117117

118118
resource "aws_scheduler_schedule" "data_collection_ecs" {
119-
count = 1
119+
count = local.is_sandbox ? 0 : 1
120120
name_prefix = "${terraform.workspace}_data_collection_ecs"
121121
description = "A weekly trigger for the data collection run"
122122

@@ -143,7 +143,7 @@ resource "aws_scheduler_schedule" "data_collection_ecs" {
143143
}
144144

145145
resource "aws_iam_role" "data_collection_ecs_execution" {
146-
count = 1
146+
count = local.is_sandbox ? 0 : 1
147147
name = "${terraform.workspace}_data_collection_scheduler_role"
148148
assume_role_policy = jsonencode({
149149
Version = "2012-10-17"
@@ -160,7 +160,7 @@ resource "aws_iam_role" "data_collection_ecs_execution" {
160160
}
161161

162162
resource "aws_iam_role_policy_attachment" "data_collection_ecs_execution" {
163-
count = 1
163+
count = local.is_sandbox ? 0 : 1
164164
role = aws_iam_role.data_collection_ecs_execution[0].name
165165
policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceEventsRole"
166166
}

0 commit comments

Comments
 (0)