Updated terraform so that we could destroy old environments.

codeforamerica · Mar 19, 2024 · 4e77d76 · 4e77d76
1 parent 5cd1525
commit 4e77d76
Show file tree

Hide file tree

Showing 15 changed files with 70 additions and 131 deletions.
diff --git a/.gitignore b/.gitignore
@@ -6,3 +6,7 @@
 .terraform/
 *.tfstate
 *.tfstate.backup
+
+# Ignore local environment files.
+.env.*
+*.env
diff --git a/accounts/non-prod/versions.tf b/accounts/non-prod/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/accounts/production/versions.tf b/accounts/production/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/accounts/sandbox/versions.tf b/accounts/sandbox/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/environments/development/versions.tf b/environments/development/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/environments/production/.terraform.lock.hcl b/environments/production/.terraform.lock.hcl
diff --git a/environments/production/main.tf b/environments/production/main.tf
@@ -45,6 +45,8 @@ module "hosting" {
   database_max_capacity    = 3
   database_min_capacity    = 2
 
+  force_delete = true
+
   # Snapshot created in order to enable encryption at rest.
   database_starting_snapshot = "r911-production-encrypt"
 
@@ -74,6 +76,8 @@ module "ci_cd" {
   image_repository_name = module.hosting.image_repository.name
   logging_bucket        = module.hosting.logging_bucket.id
   web_security_group_id = module.hosting.web_security_group.id
+
+  force_delete = true
 }
 
 module "data_lake" {
@@ -84,6 +88,8 @@ module "data_lake" {
   environment      = local.environment
   logging_bucket   = module.hosting.logging_bucket.id
   admin_user_group = "Admin"
+
+  force_delete = true
 }
 
 module "data_warehouse" {
@@ -106,6 +112,8 @@ module "etl" {
   vpc_id         = module.networking.vpc_id
   logging_bucket = module.hosting.logging_bucket.id
 
+  force_delete = true
+
   warehouse_endpoint           = module.data_warehouse.cluster.endpoint[0]
   warehouse_credentials_secret = module.data_warehouse.crednetials_secret.name
   data_lake_bucket             = module.data_lake.bucket.bucket

diff --git a/environments/production/versions.tf b/environments/production/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/backend/versions.tf b/modules/backend/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/data_lake/versions.tf b/modules/data_lake/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/data_warehouse/versions.tf b/modules/data_warehouse/versions.tf
@@ -11,10 +11,5 @@ terraform {
       version = ">= 3.1"
       source  = "hashicorp/null"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/etl/versions.tf b/modules/etl/versions.tf
@@ -6,10 +6,5 @@ terraform {
       version = ">= 4.22"
       source  = "hashicorp/aws"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/networking/main.tf b/modules/networking/main.tf
@@ -120,7 +120,6 @@ resource "aws_internet_gateway" "internet_gateway" {
 
 resource "aws_eip" "nat_gateway_ip" {
   count = var.single_nat_gateway ? 1 : var.availability_zones
-  vpc   = true
 
   tags = {
     Name = "${local.prefix}-nat-${aws_subnet.public[count.index].availability_zone}"

diff --git a/modules/rails_hosting/versions.tf b/modules/rails_hosting/versions.tf
@@ -16,10 +16,5 @@ terraform {
       version = ">= 3.3"
       source  = "hashicorp/random"
     }
-
-    template = {
-      version = ">= 2.2"
-      source  = "hashicorp/template"
-    }
   }
 }
diff --git a/modules/rails_hosting/waf.tf b/modules/rails_hosting/waf.tf
@@ -70,7 +70,11 @@ resource "aws_wafv2_web_acl" "web" {
         name        = "AWSManagedRulesCommonRuleSet"
         vendor_name = "AWS"
 
-        excluded_rule {
+        rule_action_override {
+          action_to_use {
+            count {}
+          }
+
           name = "SizeRestrictions_BODY"
         }
       }