fixed mc

terraform/deployments/cloudfront/main.tf

@@ -335,8 +335,8 @@ resource "aws_cloudfront_distribution" "www_distribution" {
   }
 
   default_cache_behavior {
-    allowed_methods          = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"]
-    cached_methods           = ["GET", "HEAD"]
+
+
     target_origin_id         = var.origin_www_id
     compress                 = "true"
     cache_policy_id          = aws_cloudfront_cache_policy.no-cookies.id
@@ -350,8 +350,8 @@ resource "aws_cloudfront_distribution" "www_distribution" {
 
   ordered_cache_behavior {
     path_pattern           = "/alerts"
-    allowed_methods        = ["GET", "HEAD"]
-    cached_methods         = ["GET", "HEAD"]
+
+
     target_origin_id       = var.origin_notify_id
     compress               = "false"
     cache_policy_id        = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad"
@@ -360,8 +360,8 @@ resource "aws_cloudfront_distribution" "www_distribution" {
 
   ordered_cache_behavior {
     path_pattern           = "/alerts/*"
-    allowed_methods        = ["GET", "HEAD"]
-    cached_methods         = ["GET", "HEAD"]
+
+
     target_origin_id       = var.origin_notify_id
     compress               = "false"
     cache_policy_id        = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad"
@@ -401,7 +401,10 @@ resource "aws_cloudfront_distribution" "www_distribution" {
     System      = "Cloudfront"
     Environment = "${var.govuk_environment}"
     Owner       = "reliability-engineering@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-www"
+
+
   }
 }
 
@@ -432,8 +435,8 @@ resource "aws_cloudfront_distribution" "assets_distribution" {
   aliases = var.cloudfront_assets_distribution_aliases
 
   default_cache_behavior {
-    allowed_methods  = ["GET", "HEAD", "OPTIONS"]
-    cached_methods   = ["GET", "HEAD"]
+
+
     target_origin_id = var.origin_assets_id
     cache_policy_id  = "658327ea-f89d-4fab-a63d-7e88639e58f6"
 
@@ -464,6 +467,9 @@ resource "aws_cloudfront_distribution" "assets_distribution" {
     System      = "Cloudfront"
     Environment = "${var.govuk_environment}"
     Owner       = "reliability-engineering@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-assets"
+
+
   }
 }

terraform/deployments/cluster-infrastructure/main.tf

@@ -38,7 +38,10 @@ provider "aws" {
       System               = "EKS Cluster"
       Environment          = "${var.govuk_environment}"
       Owner                = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
       Name                 = "govuk-${var.env}-${var.region}-eks"
+
+
       cluster              = var.cluster_name
       project              = "replatforming"
       repository           = "govuk-infrastructure"

terraform/deployments/cluster-infrastructure/production.backend

@@ -3,5 +3,8 @@ bucket  = "govuk-terraform-production"
 key     = "projects/cluster-infrastructure.tfstate"
 encrypt = true
 region  = "eu-west-1"
+<<<<<<< HEAD
 env     = "prod"
+=======
+>>>>>>> main
 dynamodb_table = "terraform-lock"

terraform/deployments/cluster-infrastructure/staging.backend

@@ -3,5 +3,8 @@ bucket  = "govuk-terraform-staging"
 key     = "projects/cluster-infrastructure.tfstate"
 encrypt = true
 region  = "eu-west-1"
+<<<<<<< HEAD
 env     = "stag"
+=======
+>>>>>>> main
 dynamodb_table = "terraform-lock"

terraform/deployments/cluster-infrastructure/variables.tf

@@ -138,6 +138,7 @@ variable "secrets_recovery_window_in_days" {
 variable "govuk_environment" {
   type        = string
   description = "Acceptable values are test, integration, staging, production"
+
   default     = ""
 }
 
@@ -151,4 +152,6 @@ variable "region" {
   type        = string
   description = "AWS region"
   default     = "eu-west-2"
+
+
 }

terraform/deployments/cluster-infrastructure/vpc.tf

@@ -34,7 +34,11 @@ resource "aws_subnet" "eks_control_plane" {
     System      = "EKS Control Plane VPC"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-control-plane"
+
+    Name        = "${var.cluster_name}-eks-control-plane-${each.key}"
+
   }
 }
 
@@ -46,7 +50,11 @@ resource "aws_route_table" "eks_control_plane" {
     System      = "EKS Control Plane Subnet"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-control-plane"
+
+    Name        = "${var.cluster_name}-eks-control-plane-${each.key}"
+
   }
 }
 
@@ -82,7 +90,11 @@ resource "aws_subnet" "eks_public" {
     System      = "EKS Public Subnet"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-public"
+
+    Name        = "${var.cluster_name}-eks-public-${each.key}"
+
     # https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html
     "kubernetes.io/cluster/${var.cluster_name}" = "owned"
     "kubernetes.io/role/elb"                    = "1"
@@ -97,7 +109,11 @@ resource "aws_route_table" "eks_public" {
     System      = "EKS Public VPC"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-public"
+
+    Name        = "${var.cluster_name}-eks-public"
+
   }
 }
 
@@ -124,7 +140,11 @@ resource "aws_eip" "eks_nat" {
     System      = "EKS NAT Public Subnet"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-public-nat"
+
+    Name        = "${var.cluster_name}-eks-nat-${each.key}"
+
   }
   # TODO: depends_on = [aws_internet_gateway.gw] once we've imported the IGW from govuk-aws.
 }
@@ -138,8 +158,12 @@ resource "aws_nat_gateway" "eks" {
     System      = "EKS NAT Gateway"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "${var.cluster_name}-eks"
     Name        = "govuk-${var.env}-${var.region}-eks-public-nat"
+
+    Name        = "${var.cluster_name}-eks-${each.key}"
+
   }
   # TODO: depends_on = [aws_internet_gateway.gw] once we've imported the IGW from govuk-aws.
 }
@@ -158,7 +182,11 @@ resource "aws_subnet" "eks_private" {
     System      = "EKS Private Subnet"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-priv"
+
+    Name        = "${var.cluster_name}-eks-private-${each.key}"
+
     # https://docs.aws.amazon.com/eks/latest/userguide/alb-ingress.html
     "kubernetes.io/cluster/${var.cluster_name}" = "owned"
     "kubernetes.io/role/internal-elb"           = "1"
@@ -173,7 +201,11 @@ resource "aws_route_table" "eks_private" {
     System      = "EKS Private VPC"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-priv"
+
+    Name        = "${var.cluster_name}-eks-private-${each.key}"
+
   }
 }
 

terraform/deployments/datagovuk-infrastructure/main.tf

@@ -21,7 +21,10 @@ locals {
     System               = "DATA.GOV.UK"
     Environment          = "${var.govuk_environment}"
     Owner                = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name                 = "data-${var.env}-${var.region}-data"
+
+
     project              = "replatforming"
     repository           = "govuk-infrastructure"
     terraform_deployment = basename(abspath(path.root))

terraform/deployments/ecr/ecr-scan.tf

@@ -25,7 +25,11 @@ resource "aws_sns_topic" "ecr_scan_topic" {
     System      = "ECR Scan"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-ecr-scan-topic"
+
+    Name        = "ECR-Scan"
+
   }
 }
 

terraform/deployments/ecr/variables.tf

@@ -14,6 +14,7 @@ variable "govuk_environment" {
   description = "Acceptable values are test, integration, staging, production"
 }
 
+
 variable "env" {
   type        = string
   description = "Shorthand environment name acceptable values are test, intg, stag, prod"
@@ -24,3 +25,5 @@ variable "region" {
   description = "AWS region"
   default     = "eu-west-2"
 }
+
+

terraform/deployments/govuk-publishing-infrastructure/frontend_memcache.tf

@@ -16,7 +16,11 @@ resource "aws_security_group" "frontend_memcached" {
     System      = "Frontend Memcached"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-memcached-security-group"
+
+    Name        = local.frontend_memcached_name
+
   }
 }
 
@@ -37,7 +41,11 @@ resource "aws_elasticache_cluster" "frontend_memcached" {
     System      = "Frontend Memcached"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-memcached"
+
+    Name        = local.frontend_memcached_name
+
   }
 }
 

terraform/deployments/govuk-publishing-infrastructure/locations_api_s3.tf

@@ -6,7 +6,11 @@ resource "aws_s3_bucket" "location_api_import_csvs" {
     System      = "Locations api"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-locations-api-import-csvs"
+
+    Name        = "CSVs used for importing postcode information into Locations API in ${var.govuk_environment}"
+
   }
 }
 

terraform/deployments/govuk-publishing-infrastructure/main.tf

@@ -29,7 +29,10 @@ locals {
     Product              = "GOV.UK"
     Environment          = "${var.govuk_environment}"
     Owner                = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name                 = "govuk-${var.env}-${var.region}-publishing-infrastructure"
+
+
     project              = "replatforming"
     repository           = "govuk-infrastructure"
     terraform_deployment = basename(abspath(path.root))

terraform/deployments/govuk-publishing-infrastructure/publisher_s3.tf

@@ -6,6 +6,10 @@ resource "aws_s3_bucket" "publisher_csvs" {
     System      = "Publisher"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-publisher-csvs"
+
+    Name        = "CSVs generated by Publisher in ${var.govuk_environment}"
+
   }
 }

terraform/deployments/govuk-publishing-infrastructure/search_analytics_s3.tf

@@ -6,7 +6,11 @@ resource "aws_s3_bucket" "search_analytics" {
     System      = "Search analytics"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-search-analytics"
+
+    Name        = "Search analytics reports for ${var.govuk_environment}"
+
   }
 }
 

terraform/deployments/govuk-publishing-infrastructure/security.tf

@@ -174,7 +174,11 @@ resource "aws_security_group" "eks_ingress_www_origin" {
     System      = "EKS Ingress"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-eks-ingress"
+
+    Name        = "eks_ingress_www_origin"
+
   }
 }
 

terraform/deployments/govuk-publishing-infrastructure/shared_redis.tf

@@ -12,11 +12,18 @@ resource "aws_security_group" "shared_redis_cluster" {
   vpc_id      = local.vpc_id
   description = "${local.shared_redis_name} Redis cluster"
   tags = {
+
+
+    Name        = local.shared_redis_name
+
     Product     = "GOV.UK"
     System      = "Shared Redis"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-shared-redis"
+
+
   }
 }
 
@@ -33,11 +40,18 @@ resource "aws_elasticache_replication_group" "shared_redis_cluster" {
   subnet_group_name          = aws_elasticache_subnet_group.shared_redis_cluster.name
   security_group_ids         = [aws_security_group.shared_redis_cluster.id]
   tags = {
+
+
+    Name        = local.shared_redis_name
+
     Product     = "GOV.UK"
     System      = "Shared Redis"
     Environment = "${var.govuk_environment}"
     Owner       = "govuk-replatforming-team@digital.cabinet-office.gov.uk"
+
     Name        = "govuk-${var.env}-${var.region}-shared-redis"
+
+
   }
 }
 

terraform/deployments/tfc-bootstrap/main.tf

@@ -0,0 +1,28 @@
+resource "tfe_workspace" "tfc_bootstrap" {
+  name              = "tfc-bootstrap"
+  description       = "The tfc-bootsrap module is responsible for initialising teraform cloud."
+  working_directory = "/terraform/deployments/tfc-bootstrap/"
+  trigger_patterns  = ["/terraform/deployments/tfc-bootstrap/**/*"]
+  execution_mode    = "local"
+  vcs_repo {
+    identifier                 = "alphagov/govuk-infrastructure"
+    github_app_installation_id = data.tfe_github_app_installation.github.id
+  }
+}
+
+resource "tfe_project" "tfc_configuration" {
+  name = "tfc-configuration"
+}
+
+resource "tfe_workspace" "tfc_configuration" {
+  name              = "tfc-configuration"
+  description       = "The tfc-configuration module is responsible for setting up the terraform cloud configuration."
+  project_id        = tfe_project.tfc_configuration.id
+  working_directory = "/terraform/deployments/tfc-configuration/"
+  trigger_patterns  = ["/terraform/deployments/tfc-configuration/**/*"]
+  vcs_repo {
+    identifier                 = "alphagov/govuk-infrastructure"
+    github_app_installation_id = data.tfe_github_app_installation.github.id
+    branch                     = "main"
+  }
+}