Move TYA infra to tribs repo #3991

adusumillipraveen · 2024-10-02T15:06:35Z

Jira link

https://tools.hmcts.net/jira/browse/SSCSSI-406

Change description

Making sure naming of resources remain same and will manage the transfer through terraform state.

Testing done

Checklist

commit messages are meaningful and follow good commit message guidelines
README and other documentation has been updated / added (if needed)
tests have been updated / new tests has been added (if needed)
Does this PR introduce a breaking change

hmcts-jenkins-j-to-z · 2024-10-03T13:21:07Z

Plan Result (aat)

⚠️ Resource Deletion will happen

This plan contains resource delete operation. Please check the plan result very carefully!

Plan: 7 to import, 8 to add, 2 to change, 1 to destroy.

Create
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_principal_admin[0]
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_configuration.pgsql_server_config["azure.extensions"]
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_database.pg_databases["notification"]
- module.notification-scheduler-db-flexible.azurerm_resource_group.rg[0]
- module.notification-scheduler-db-flexible.null_resource.set-user-permissions-additionaldbs["notification"]
- module.notification-scheduler-db-flexible.random_password.password
- module.notification-scheduler-db-flexible.terraform_data.trigger_password_reset
Update
- azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15
Replace
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server
Import
- azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15
- azurerm_key_vault_secret.POSTGRES-USER-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_DATABASE-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_PORT-FLEX-V15
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_adadmin

Change Result (Click me)

  # azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15 will be updated in-place
  # (imported from "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/8255fb0f891d4c20be223ca609bcb430")
  ~ resource "azurerm_key_vault_secret" "POSTGRES-PASS-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/8255fb0f891d4c20be223ca609bcb430"
        key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat"
        name                    = "tya-notif-POSTGRES-PASS-FLEX-V15"
        resource_id             = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/versions/8255fb0f891d4c20be223ca609bcb430"
        resource_versionless_id = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-PASS-FLEX-V15"
        tags                    = {}
      ~ value                   = (sensitive value)
        version                 = "8255fb0f891d4c20be223ca609bcb430"
        versionless_id          = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES-USER-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES-USER-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15/48d678ff6e1f41d08c9120429ee9b1d8"
        key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat"
        name                    = "tya-notif-POSTGRES-USER-FLEX-V15"
        resource_id             = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-USER-FLEX-V15/versions/48d678ff6e1f41d08c9120429ee9b1d8"
        resource_versionless_id = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-USER-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "48d678ff6e1f41d08c9120429ee9b1d8"
        versionless_id          = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_DATABASE-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES_DATABASE-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/dbc15dd2b87b4455b90f8fda422df566"
        key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat"
        name                    = "tya-notif-POSTGRES-DATABASE-FLEX-V15"
        resource_id             = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/versions/dbc15dd2b87b4455b90f8fda422df566"
        resource_versionless_id = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "dbc15dd2b87b4455b90f8fda422df566"
        versionless_id          = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15 will be updated in-place
  # (imported from "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/b18ab5aaf7784ab093e50608678e3546")
  ~ resource "azurerm_key_vault_secret" "POSTGRES_HOST-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/b18ab5aaf7784ab093e50608678e3546"
        key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat"
        name                    = "tya-notif-POSTGRES-HOST-FLEX-V15"
        resource_id             = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/versions/b18ab5aaf7784ab093e50608678e3546"
        resource_versionless_id = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-HOST-FLEX-V15"
        tags                    = {}
      ~ value                   = (sensitive value)
        version                 = "b18ab5aaf7784ab093e50608678e3546"
        versionless_id          = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_PORT-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES_PORT-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/c546f4fb3251499f836a9870f505160c"
        key_vault_id            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat"
        name                    = "tya-notif-POSTGRES-PORT-FLEX-V15"
        resource_id             = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/versions/c546f4fb3251499f836a9870f505160c"
        resource_versionless_id = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-aat/providers/Microsoft.KeyVault/vaults/sscs-aat/secrets/tya-notif-POSTGRES-PORT-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "c546f4fb3251499f836a9870f505160c"
        versionless_id          = "https://sscs-aat.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server must be replaced
  # (imported from "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-tya-notif-postgres-v15-db-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-aat")
  # Warning: this will destroy the imported resource
-/+ resource "azurerm_postgresql_flexible_server" "pgsql_server" {
        administrator_login           = "pgadmin"
      + administrator_password        = (sensitive value)
        auto_grow_enabled             = false
        backup_retention_days         = 35
      + create_mode                   = "Default" # forces replacement
        delegated_subnet_id           = "/subscriptions/96c274ce-846d-4e48-89a7-d528432298a7/resourceGroups/cft-aat-network-rg/providers/Microsoft.Network/virtualNetworks/cft-aat-vnet/subnets/postgres-expanded"
      ~ fqdn                          = "sscs-tya-notif-postgres-v15-db-aat.postgres.database.azure.com" -> (known after apply)
        geo_redundant_backup_enabled  = false
      ~ id                            = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-tya-notif-postgres-v15-db-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-aat" -> (known after apply)
        location                      = "uksouth"
        name                          = "sscs-tya-notif-postgres-v15-db-aat"
        private_dns_zone_id           = "/subscriptions/1baf5470-1c3e-40d3-a6f7-74bfbce4b348/resourceGroups/core-infra-intsvc-rg/providers/Microsoft.Network/privateDnsZones/private.postgres.database.azure.com"
        public_network_access_enabled = false
        replication_role              = null
        resource_group_name           = "sscs-tya-notif-postgres-v15-db-data-aat"
        sku_name                      = "GP_Standard_D2s_v3"
        storage_mb                    = 65536
      ~ storage_tier                  = "P6" -> (known after apply)
      ~ tags                          = {
            "application"         = "social-service-child-support"
            "autoShutdown"        = "true"
          ~ "builtFrom"           = "https://github.com/HMCTS/sscs-track-your-appeal-notifications.git" -> "https://github.com/HMCTS/sscs-tribunals-case-api.git"
            "businessArea"        = "CFT"
            "contactSlackChannel" = "#sscs-tech"
            "environment"         = "staging"
            "managedBy"           = "SSCS"
        }
        version                       = "15"
      - zone                          = "3" -> null

        authentication {
            active_directory_auth_enabled = true
            password_auth_enabled         = true
            tenant_id                     = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
        }

      ~ high_availability {
            mode                      = "ZoneRedundant"
          - standby_availability_zone = "1" -> null
        }

        maintenance_window {
            day_of_week  = 0
            start_hour   = 3
            start_minute = 0
        }
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_adadmin will be imported
    resource "azurerm_postgresql_flexible_server_active_directory_administrator" "pgsql_adadmin" {
        id                  = "/subscriptions/1c4f0704-a29e-403d-b719-b90c34ef14c9/resourceGroups/sscs-tya-notif-postgres-v15-db-data-aat/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-aat/administrators/e7ea2042-4ced-45dd-8ae3-e051c6551789"
        object_id           = "e7ea2042-4ced-45dd-8ae3-e051c6551789"
        principal_name      = "DTS Platform Operations"
        principal_type      = "Group"
        resource_group_name = "sscs-tya-notif-postgres-v15-db-data-aat"
        server_name         = "sscs-tya-notif-postgres-v15-db-aat"
        tenant_id           = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_principal_admin[0] will be created
  + resource "azurerm_postgresql_flexible_server_active_directory_administrator" "pgsql_principal_admin" {
      + id                  = (known after apply)
      + object_id           = "ca6d5085-485a-417d-8480-c3cefa29df31"
      + principal_name      = "jenkins-cftptl-intsvc-mi"
      + principal_type      = "ServicePrincipal"
      + resource_group_name = "sscs-tya-notif-postgres-v15-db-data-aat"
      + server_name         = "sscs-tya-notif-postgres-v15-db-aat"
      + tenant_id           = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_configuration.pgsql_server_config["azure.extensions"] will be created
  + resource "azurerm_postgresql_flexible_server_configuration" "pgsql_server_config" {
      + id        = (known after apply)
      + name      = "azure.extensions"
      + server_id = (known after apply)
      + value     = "plpgsql,pg_stat_statements,pg_buffercache,hypopg"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_database.pg_databases["notification"] will be created
  + resource "azurerm_postgresql_flexible_server_database" "pg_databases" {
      + charset   = "utf8"
      + collation = "en_GB.utf8"
      + id        = (known after apply)
      + name      = "notification"
      + server_id = (known after apply)
    }

  # module.notification-scheduler-db-flexible.azurerm_resource_group.rg[0] will be created
  + resource "azurerm_resource_group" "rg" {
      + id       = (known after apply)
      + location = "uksouth"
      + name     = "sscs-tya-notif-postgres-v15-db-data-aat"
      + tags     = {
          + "application"         = "social-service-child-support"
          + "autoShutdown"        = "true"
          + "builtFrom"           = "https://github.com/HMCTS/sscs-tribunals-case-api.git"
          + "businessArea"        = "CFT"
          + "contactSlackChannel" = "#sscs-tech"
          + "environment"         = "staging"
          + "managedBy"           = "SSCS"
        }
    }

  # module.notification-scheduler-db-flexible.null_resource.set-user-permissions-additionaldbs["notification"] will be created
  + resource "null_resource" "set-user-permissions-additionaldbs" {
      + id       = (known after apply)
      + triggers = {
          + "db_reader_user" = "DTS CFT DB Access Reader"
          + "force_trigger"  = "1"
          + "name"           = "sscs-tya-notif-postgres-v15-db"
          + "script_hash"    = "dbe0102f3129d4463913d5e01177e806bc6954005bdd98f20c242658634a1bbc"
        }
    }

  # module.notification-scheduler-db-flexible.random_password.password will be created
  + resource "random_password" "password" {
      + bcrypt_hash      = (sensitive value)
      + id               = (known after apply)
      + length           = 20
      + lower            = true
      + min_lower        = 0
      + min_numeric      = 0
      + min_special      = 0
      + min_upper        = 0
      + number           = true
      + numeric          = true
      + override_special = "()-_"
      + result           = (sensitive value)
      + special          = true
      + upper            = true
    }

  # module.notification-scheduler-db-flexible.terraform_data.trigger_password_reset will be created
  + resource "terraform_data" "trigger_password_reset" {
      + id     = (known after apply)
      + input  = ""
      + output = (known after apply)
    }

Plan: 7 to import, 8 to add, 2 to change, 1 to destroy.

hmcts-jenkins-j-to-z · 2024-10-03T13:21:42Z

Plan Result (prod)

⚠️ Resource Deletion will happen

This plan contains resource delete operation. Please check the plan result very carefully!

Plan: 7 to import, 8 to add, 2 to change, 1 to destroy.

Create
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_principal_admin[0]
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_configuration.pgsql_server_config["azure.extensions"]
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_database.pg_databases["notification"]
- module.notification-scheduler-db-flexible.azurerm_resource_group.rg[0]
- module.notification-scheduler-db-flexible.null_resource.set-user-permissions-additionaldbs["notification"]
- module.notification-scheduler-db-flexible.random_password.password
- module.notification-scheduler-db-flexible.terraform_data.trigger_password_reset
Update
- azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15
Replace
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server
Import
- azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15
- azurerm_key_vault_secret.POSTGRES-USER-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_DATABASE-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15
- azurerm_key_vault_secret.POSTGRES_PORT-FLEX-V15
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server
- module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_adadmin

Change Result (Click me)

  # azurerm_key_vault_secret.POSTGRES-PASS-FLEX-V15 will be updated in-place
  # (imported from "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/a6a803d4e90943c5bda071d21aafe867")
  ~ resource "azurerm_key_vault_secret" "POSTGRES-PASS-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/a6a803d4e90943c5bda071d21aafe867"
        key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod"
        name                    = "tya-notif-POSTGRES-PASS-FLEX-V15"
        resource_id             = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-PASS-FLEX-V15/versions/a6a803d4e90943c5bda071d21aafe867"
        resource_versionless_id = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-PASS-FLEX-V15"
        tags                    = {}
      ~ value                   = (sensitive value)
        version                 = "a6a803d4e90943c5bda071d21aafe867"
        versionless_id          = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PASS-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES-USER-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES-USER-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15/920c395404034a339dedce4b25389f18"
        key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod"
        name                    = "tya-notif-POSTGRES-USER-FLEX-V15"
        resource_id             = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-USER-FLEX-V15/versions/920c395404034a339dedce4b25389f18"
        resource_versionless_id = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-USER-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "920c395404034a339dedce4b25389f18"
        versionless_id          = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-USER-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_DATABASE-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES_DATABASE-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/9b9a95db13d34231a11342ca8de6f102"
        key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod"
        name                    = "tya-notif-POSTGRES-DATABASE-FLEX-V15"
        resource_id             = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15/versions/9b9a95db13d34231a11342ca8de6f102"
        resource_versionless_id = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "9b9a95db13d34231a11342ca8de6f102"
        versionless_id          = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-DATABASE-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_HOST-FLEX-V15 will be updated in-place
  # (imported from "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/1d392ed75cc2430eb059396cbc0670c9")
  ~ resource "azurerm_key_vault_secret" "POSTGRES_HOST-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/1d392ed75cc2430eb059396cbc0670c9"
        key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod"
        name                    = "tya-notif-POSTGRES-HOST-FLEX-V15"
        resource_id             = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-HOST-FLEX-V15/versions/1d392ed75cc2430eb059396cbc0670c9"
        resource_versionless_id = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-HOST-FLEX-V15"
        tags                    = {}
      ~ value                   = (sensitive value)
        version                 = "1d392ed75cc2430eb059396cbc0670c9"
        versionless_id          = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-HOST-FLEX-V15"
    }

  # azurerm_key_vault_secret.POSTGRES_PORT-FLEX-V15 will be imported
    resource "azurerm_key_vault_secret" "POSTGRES_PORT-FLEX-V15" {
        content_type            = null
        id                      = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/d2fb053b6045443bacd8afe49f45f4e9"
        key_vault_id            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod"
        name                    = "tya-notif-POSTGRES-PORT-FLEX-V15"
        resource_id             = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-PORT-FLEX-V15/versions/d2fb053b6045443bacd8afe49f45f4e9"
        resource_versionless_id = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-prod/providers/Microsoft.KeyVault/vaults/sscs-prod/secrets/tya-notif-POSTGRES-PORT-FLEX-V15"
        tags                    = {}
        value                   = (sensitive value)
        version                 = "d2fb053b6045443bacd8afe49f45f4e9"
        versionless_id          = "https://sscs-prod.vault.azure.net/secrets/tya-notif-POSTGRES-PORT-FLEX-V15"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server.pgsql_server must be replaced
  # (imported from "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-tya-notif-postgres-v15-db-data-prod/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-prod")
  # Warning: this will destroy the imported resource
-/+ resource "azurerm_postgresql_flexible_server" "pgsql_server" {
        administrator_login           = "pgadmin"
      + administrator_password        = (sensitive value)
        auto_grow_enabled             = false
        backup_retention_days         = 35
      + create_mode                   = "Default" # forces replacement
        delegated_subnet_id           = "/subscriptions/8cbc6f36-7c56-4963-9d36-739db5d00b27/resourceGroups/cft-prod-network-rg/providers/Microsoft.Network/virtualNetworks/cft-prod-vnet/subnets/postgres-expanded"
      ~ fqdn                          = "sscs-tya-notif-postgres-v15-db-prod.postgres.database.azure.com" -> (known after apply)
        geo_redundant_backup_enabled  = false
      ~ id                            = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-tya-notif-postgres-v15-db-data-prod/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-prod" -> (known after apply)
        location                      = "uksouth"
        name                          = "sscs-tya-notif-postgres-v15-db-prod"
        private_dns_zone_id           = "/subscriptions/1baf5470-1c3e-40d3-a6f7-74bfbce4b348/resourceGroups/core-infra-intsvc-rg/providers/Microsoft.Network/privateDnsZones/private.postgres.database.azure.com"
        public_network_access_enabled = false
        replication_role              = null
        resource_group_name           = "sscs-tya-notif-postgres-v15-db-data-prod"
        sku_name                      = "GP_Standard_D2s_v3"
        storage_mb                    = 65536
      ~ storage_tier                  = "P6" -> (known after apply)
      ~ tags                          = {
            "application"         = "social-service-child-support"
          ~ "builtFrom"           = "https://github.com/HMCTS/sscs-track-your-appeal-notifications.git" -> "https://github.com/HMCTS/sscs-tribunals-case-api.git"
            "businessArea"        = "CFT"
            "contactSlackChannel" = "#sscs-tech"
            "environment"         = "production"
            "managedBy"           = "SSCS"
        }
        version                       = "15"
      - zone                          = "3" -> null

        authentication {
            active_directory_auth_enabled = true
            password_auth_enabled         = true
            tenant_id                     = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
        }

      ~ high_availability {
            mode                      = "ZoneRedundant"
          - standby_availability_zone = "1" -> null
        }

        maintenance_window {
            day_of_week  = 0
            start_hour   = 3
            start_minute = 0
        }
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_adadmin will be imported
    resource "azurerm_postgresql_flexible_server_active_directory_administrator" "pgsql_adadmin" {
        id                  = "/subscriptions/8999dec3-0104-4a27-94ee-6588559729d1/resourceGroups/sscs-tya-notif-postgres-v15-db-data-prod/providers/Microsoft.DBforPostgreSQL/flexibleServers/sscs-tya-notif-postgres-v15-db-prod/administrators/4d0554dd-fe60-424a-be9c-36636826d927"
        object_id           = "4d0554dd-fe60-424a-be9c-36636826d927"
        principal_name      = "DTS Platform Operations SC"
        principal_type      = "Group"
        resource_group_name = "sscs-tya-notif-postgres-v15-db-data-prod"
        server_name         = "sscs-tya-notif-postgres-v15-db-prod"
        tenant_id           = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_active_directory_administrator.pgsql_principal_admin[0] will be created
  + resource "azurerm_postgresql_flexible_server_active_directory_administrator" "pgsql_principal_admin" {
      + id                  = (known after apply)
      + object_id           = "ca6d5085-485a-417d-8480-c3cefa29df31"
      + principal_name      = "jenkins-cftptl-intsvc-mi"
      + principal_type      = "ServicePrincipal"
      + resource_group_name = "sscs-tya-notif-postgres-v15-db-data-prod"
      + server_name         = "sscs-tya-notif-postgres-v15-db-prod"
      + tenant_id           = "531ff96d-0ae9-462a-8d2d-bec7c0b42082"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_configuration.pgsql_server_config["azure.extensions"] will be created
  + resource "azurerm_postgresql_flexible_server_configuration" "pgsql_server_config" {
      + id        = (known after apply)
      + name      = "azure.extensions"
      + server_id = (known after apply)
      + value     = "plpgsql,pg_stat_statements,pg_buffercache,hypopg"
    }

  # module.notification-scheduler-db-flexible.azurerm_postgresql_flexible_server_database.pg_databases["notification"] will be created
  + resource "azurerm_postgresql_flexible_server_database" "pg_databases" {
      + charset   = "utf8"
      + collation = "en_GB.utf8"
      + id        = (known after apply)
      + name      = "notification"
      + server_id = (known after apply)
    }

  # module.notification-scheduler-db-flexible.azurerm_resource_group.rg[0] will be created
  + resource "azurerm_resource_group" "rg" {
      + id       = (known after apply)
      + location = "uksouth"
      + name     = "sscs-tya-notif-postgres-v15-db-data-prod"
      + tags     = {
          + "application"         = "social-service-child-support"
          + "builtFrom"           = "https://github.com/HMCTS/sscs-tribunals-case-api.git"
          + "businessArea"        = "CFT"
          + "contactSlackChannel" = "#sscs-tech"
          + "environment"         = "production"
          + "managedBy"           = "SSCS"
        }
    }

  # module.notification-scheduler-db-flexible.null_resource.set-user-permissions-additionaldbs["notification"] will be created
  + resource "null_resource" "set-user-permissions-additionaldbs" {
      + id       = (known after apply)
      + triggers = {
          + "db_reader_user" = "DTS JIT Access sscs DB Reader SC"
          + "force_trigger"  = "1"
          + "name"           = "sscs-tya-notif-postgres-v15-db"
          + "script_hash"    = "dbe0102f3129d4463913d5e01177e806bc6954005bdd98f20c242658634a1bbc"
        }
    }

  # module.notification-scheduler-db-flexible.random_password.password will be created
  + resource "random_password" "password" {
      + bcrypt_hash      = (sensitive value)
      + id               = (known after apply)
      + length           = 20
      + lower            = true
      + min_lower        = 0
      + min_numeric      = 0
      + min_special      = 0
      + min_upper        = 0
      + number           = true
      + numeric          = true
      + override_special = "()-_"
      + result           = (sensitive value)
      + special          = true
      + upper            = true
    }

  # module.notification-scheduler-db-flexible.terraform_data.trigger_password_reset will be created
  + resource "terraform_data" "trigger_password_reset" {
      + id     = (known after apply)
      + input  = ""
      + output = (known after apply)
    }

Plan: 7 to import, 8 to add, 2 to change, 1 to destroy.

…-case-api into movetyainfratotribs

adusumillipraveen added 5 commits October 2, 2024 16:06

Move TYA infra to tribs repo

6b07b85

fix tf

f8ba30f

fix duplicate id

b9e80b4

fix duplicate id

49f1efa

upgrade azurerm

9eb52fe

hmcts-jenkins-j-to-z bot added the aat/add-or-update label Oct 3, 2024

hmcts-jenkins-j-to-z bot added the prod/add-or-update label Oct 3, 2024

hmcts-jenkins-j-to-z bot deployed to preview October 3, 2024 13:21 View deployment

hmcts-jenkins-j-to-z bot added ns:sscs prd:sscs rel:sscs-tribunals-api-pr-3991 labels Oct 3, 2024

hmcts-jenkins-j-to-z bot deployed to preview October 3, 2024 13:31 View deployment

hmcts-jenkins-j-to-z bot deployed to preview October 3, 2024 13:40 View deployment

Merge branch 'master' into movetyainfratotribs

a341386

hmcts-jenkins-j-to-z bot deployed to preview October 4, 2024 09:28 View deployment

adusumillipraveen and others added 7 commits October 7, 2024 10:19

add import for secrets

ed43820

Merge branch 'master' into movetyainfratotribs

40a2baf

add import for secrets

5b70ce2

Merge branch 'movetyainfratotribs' of github.com:hmcts/sscs-tribunals…

8437bce

…-case-api into movetyainfratotribs

Merge branch 'master' into movetyainfratotribs

6cad53a

add import for psql server

75342aa

Merge branch 'movetyainfratotribs' of github.com:hmcts/sscs-tribunals…

3f0e294

…-case-api into movetyainfratotribs

hmcts-jenkins-j-to-z bot deployed to preview October 8, 2024 10:11 View deployment

add import for psql server

fc0de0d

hmcts-jenkins-j-to-z bot deployed to preview October 8, 2024 10:16 View deployment

hmcts-jenkins-j-to-z bot added aat/destroy and removed aat/add-or-update prod/add-or-update labels Oct 8, 2024

hmcts-jenkins-j-to-z bot added the prod/destroy label Oct 8, 2024

hmcts-jenkins-j-to-z bot deployed to preview October 8, 2024 10:58 View deployment

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Move TYA infra to tribs repo #3991

Move TYA infra to tribs repo #3991

adusumillipraveen commented Oct 2, 2024

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 •

edited

Loading

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 •

edited

Loading

Move TYA infra to tribs repo #3991

Are you sure you want to change the base?

Move TYA infra to tribs repo #3991

Conversation

adusumillipraveen commented Oct 2, 2024

Jira link

Change description

Testing done

Checklist

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 • edited Loading

Plan Result (aat)

⚠️ Resource Deletion will happen

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 • edited Loading

Plan Result (prod)

⚠️ Resource Deletion will happen

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 •

edited

Loading

hmcts-jenkins-j-to-z bot commented Oct 3, 2024 •

edited

Loading