glue table

nhsd-david-wass · nhsd-david-wass · commit a9faaa8d4bc2 · 2026-01-22T15:37:22.000Z
diff --git a/infrastructure/terraform/components/api/README.md b/infrastructure/terraform/components/api/README.md
@@ -17,6 +17,7 @@ No requirements.
 | <a name="input_core_environment"></a> [core\_environment](#input\_core\_environment) | Environment of Core | `string` | `"prod"` | no |
 | <a name="input_default_tags"></a> [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no |
 | <a name="input_disable_gateway_execute_endpoint"></a> [disable\_gateway\_execute\_endpoint](#input\_disable\_gateway\_execute\_endpoint) | Disable the execution endpoint for the API Gateway | `bool` | `true` | no |
+| <a name="input_enable_backups"></a> [enable\_backups](#input\_enable\_backups) | Enable backups | `bool` | `false` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes |
 | <a name="input_eventpub_control_plane_bus_arn"></a> [eventpub\_control\_plane\_bus\_arn](#input\_eventpub\_control\_plane\_bus\_arn) | ARN of the EventBridge control plane bus for eventpub | `string` | `""` | no |
 | <a name="input_eventpub_data_plane_bus_arn"></a> [eventpub\_data\_plane\_bus\_arn](#input\_eventpub\_data\_plane\_bus\_arn) | ARN of the EventBridge data plane bus for eventpub | `string` | `""` | no |
@@ -33,6 +34,7 @@ No requirements.
 | <a name="input_parent_acct_environment"></a> [parent\_acct\_environment](#input\_parent\_acct\_environment) | Name of the environment responsible for the acct resources used, affects things like DNS zone. Useful for named dev environments | `string` | `"main"` | no |
 | <a name="input_project"></a> [project](#input\_project) | The name of the tfscaffold project | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | The AWS Region | `string` | n/a | yes |
+| <a name="input_s3_enable_force_destroy"></a> [s3\_enable\_force\_destroy](#input\_s3\_enable\_force\_destroy) | Allow force destroy of buckets and contents via Terraform - DO NOT ENABLE IN PRODUCTION | `bool` | `false` | no |
 | <a name="input_shared_infra_account_id"></a> [shared\_infra\_account\_id](#input\_shared\_infra\_account\_id) | The AWS Account ID of the shared infrastructure account | `string` | `"000000000000"` | no |
 ## Modules
 
diff --git a/infrastructure/terraform/components/api/glue_catalog_database_supplier.tf b/infrastructure/terraform/components/api/glue_catalog_database_supplier.tf
@@ -0,0 +1,4 @@
+resource "aws_glue_catalog_database" "supplier" {
+  name        = "${local.csi}-supplier"
+  description = "Glue catalog database for Suppliers API"
+}
diff --git a/infrastructure/terraform/components/api/glue_catalog_table_events.tf b/infrastructure/terraform/components/api/glue_catalog_table_events.tf
@@ -0,0 +1,86 @@
+resource "aws_glue_catalog_table" "events" {
+  name          = "events_history"
+  database_name = aws_glue_catalog_database.supplier.name
+
+  table_type = "EXTERNAL_TABLE"
+
+  parameters = {
+    classification = "json"
+  }
+
+  storage_descriptor {
+    location      = "s3://${aws_s3_bucket.event_reporting.bucket}/events/"
+    input_format  = "org.apache.hadoop.mapred.TextInputFormat"
+    output_format = "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat"
+
+    columns {
+      name = "type"
+      type = "string"
+    }
+
+    columns {
+      name = "messageid"
+      type = "string"
+    }
+
+    columns {
+      name = "topicarn"
+      type = "string"
+    }
+
+    columns {
+      name = "message"
+      type = "string"
+    }
+
+    columns {
+      name = "timestamp"
+      type = "string"
+    }
+
+    columns {
+      name = "unsubscribeurl"
+      type = "string"
+    }
+
+    columns {
+      name = "change"
+      type = "double"
+    }
+
+    columns {
+      name = "price"
+      type = "double"
+    }
+
+    columns {
+      name = "ticker_symbol"
+      type = "string"
+    }
+
+    columns {
+      name = "sector"
+      type = "string"
+    }
+
+    columns {
+      name = "partition_0"
+      type = "string"
+    }
+
+    columns {
+      name = "partition_1"
+      type = "string"
+    }
+
+    columns {
+      name = "partition_2"
+      type = "string"
+    }
+
+    columns {
+      name = "partition_3"
+      type = "string"
+    }
+  }
+}
diff --git a/infrastructure/terraform/components/api/s3_event_reporting.tf b/infrastructure/terraform/components/api/s3_event_reporting.tf
@@ -0,0 +1,13 @@
+resource "aws_s3_bucket" "event_reporting" {
+  bucket        = "${local.csi_global}-event-reporting"
+  force_destroy = var.s3_enable_force_destroy
+
+  tags = merge(local.default_tags, { "Enable-Backup" = var.enable_backups }, { "Enable-S3-Continuous-Backup" = var.enable_backups })
+}
+resource "aws_s3_bucket_ownership_controls" "eventreporting" {
+  bucket = aws_s3_bucket.event_reporting.id
+
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
diff --git a/infrastructure/terraform/components/api/variables.tf b/infrastructure/terraform/components/api/variables.tf
@@ -162,3 +162,19 @@ variable "core_environment" {
   default     = "prod"
 
 }
+
+variable "s3_enable_force_destroy" {
+  type        = bool
+  description = "Allow force destroy of buckets and contents via Terraform - DO NOT ENABLE IN PRODUCTION"
+  default     = false
+
+  validation {
+    condition     = !(var.s3_enable_force_destroy && var.parameter_bundle.environment == "prod")
+    error_message = "s3_enable_force_destroy must not be set to true when environment is 'prod'."
+  }
+}
+variable "enable_backups" {
+  type        = bool
+  description = "Enable backups"
+  default     = false
+}
