diff --git a/terraform/bootstrap/providers.tf b/terraform/bootstrap/providers.tf index 3c699e728..5dcaece3e 100644 --- a/terraform/bootstrap/providers.tf +++ b/terraform/bootstrap/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } } diff --git a/terraform/development/main.tf b/terraform/development/main.tf index 4cc26b4d7..1f45b2b6a 100644 --- a/terraform/development/main.tf +++ b/terraform/development/main.tf @@ -1,15 +1,17 @@ locals { - cf_org_name = "gsa-tts-benefits-studio" - cf_space_name = "notify-local-dev" - key_name = "${var.username}-api-dev-key" + cf_org_name = "gsa-tts-benefits-studio" + cf_space_name = "notify-local-dev" + recursive_delete = true + key_name = "${var.username}-api-dev-key" } module "csv_upload_bucket" { source = "github.com/18f/terraform-cloudgov//s3?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${var.username}-csv-upload-bucket" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + recursive_delete = local.recursive_delete + name = "${var.username}-csv-upload-bucket" } resource "cloudfoundry_service_key" "csv_key" { name = local.key_name diff --git a/terraform/development/providers.tf b/terraform/development/providers.tf index 3c699e728..5dcaece3e 100644 --- a/terraform/development/providers.tf +++ b/terraform/development/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } } diff --git a/terraform/sandbox/main.tf b/terraform/sandbox/main.tf index 4c93f8a2c..fae30073c 100644 --- a/terraform/sandbox/main.tf +++ b/terraform/sandbox/main.tf @@ -1,34 +1,38 @@ locals { - cf_org_name = "gsa-tts-benefits-studio" - cf_space_name = "notify-sandbox" - env = "sandbox" - app_name = "notify-api" + cf_org_name = "gsa-tts-benefits-studio" + cf_space_name = "notify-sandbox" + env = "sandbox" + app_name = "notify-api" + recursive_delete = true } module "database" { source = "github.com/18f/terraform-cloudgov//database?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-rds-${local.env}" - rds_plan_name = "micro-psql" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-rds-${local.env}" + recursive_delete = local.recursive_delete + rds_plan_name = "micro-psql" } module "redis" { source = "github.com/18f/terraform-cloudgov//redis?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-redis-${local.env}" - redis_plan_name = "redis-dev" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-redis-${local.env}" + recursive_delete = local.recursive_delete + redis_plan_name = "redis-dev" } module "csv_upload_bucket" { source = "github.com/18f/terraform-cloudgov//s3?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-csv-upload-bucket-${local.env}" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + recursive_delete = local.recursive_delete + name = "${local.app_name}-csv-upload-bucket-${local.env}" } module "egress-space" { @@ -49,6 +53,7 @@ module "ses_email" { cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name name = "${local.app_name}-ses-${local.env}" + recursive_delete = local.recursive_delete aws_region = "us-west-2" email_receipt_error = "notify-support@gsa.gov" } @@ -59,6 +64,7 @@ module "sns_sms" { cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name name = "${local.app_name}-sns-${local.env}" + recursive_delete = local.recursive_delete aws_region = "us-east-2" monthly_spend_limit = 1 } diff --git a/terraform/sandbox/providers.tf b/terraform/sandbox/providers.tf index 590be4e3d..d5a3313de 100644 --- a/terraform/sandbox/providers.tf +++ b/terraform/sandbox/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } diff --git a/terraform/shared/egress_space/main.tf b/terraform/shared/egress_space/main.tf index cc91e9c42..4b841ad14 100644 --- a/terraform/shared/egress_space/main.tf +++ b/terraform/shared/egress_space/main.tf @@ -11,10 +11,8 @@ data "cloudfoundry_org" "org" { ### resource "cloudfoundry_space" "public_egress" { - allow_ssh = var.allow_ssh - delete_recursive_allowed = var.delete_recursive_allowed - name = "${var.cf_restricted_space_name}-egress" - org = data.cloudfoundry_org.org.id + name = "${var.cf_restricted_space_name}-egress" + org = data.cloudfoundry_org.org.id } ### diff --git a/terraform/shared/egress_space/providers.tf b/terraform/shared/egress_space/providers.tf index 01ab1f803..21ac567a2 100644 --- a/terraform/shared/egress_space/providers.tf +++ b/terraform/shared/egress_space/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } } diff --git a/terraform/shared/egress_space/variables.tf b/terraform/shared/egress_space/variables.tf index 5bdff893f..45bcc717d 100644 --- a/terraform/shared/egress_space/variables.tf +++ b/terraform/shared/egress_space/variables.tf @@ -3,15 +3,3 @@ variable "cf_restricted_space_name" {} variable "deployers" { type = set(string) } - -variable "delete_recursive_allowed" { - type = bool - default = true - description = "Flag for allowing resources to be recursively deleted - not recommended in production environments" -} - -variable "allow_ssh" { - type = bool - default = true - description = "Flag for allowing SSH access in a space - not recommended in production environments" -} diff --git a/terraform/shared/ses/main.tf b/terraform/shared/ses/main.tf index 4c1bb54b9..a29a8ce10 100644 --- a/terraform/shared/ses/main.tf +++ b/terraform/shared/ses/main.tf @@ -16,9 +16,10 @@ data "cloudfoundry_service" "ses" { } resource "cloudfoundry_service_instance" "ses" { - name = var.name - space = data.cloudfoundry_space.space.id - service_plan = data.cloudfoundry_service.ses.service_plans["base"] + name = var.name + space = data.cloudfoundry_space.space.id + service_plan = data.cloudfoundry_service.ses.service_plans["base"] + recursive_delete = var.recursive_delete json_params = jsonencode({ region = var.aws_region domain = var.email_domain diff --git a/terraform/shared/ses/providers.tf b/terraform/shared/ses/providers.tf index 01ab1f803..21ac567a2 100644 --- a/terraform/shared/ses/providers.tf +++ b/terraform/shared/ses/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } } diff --git a/terraform/shared/ses/variables.tf b/terraform/shared/ses/variables.tf index a92261656..74e852cf6 100644 --- a/terraform/shared/ses/variables.tf +++ b/terraform/shared/ses/variables.tf @@ -13,6 +13,12 @@ variable "name" { description = "name of the service instance" } +variable "recursive_delete" { + type = bool + description = "when true, deletes service bindings attached to the resource (not recommended for production)" + default = false +} + variable "aws_region" { type = string description = "AWS region the SES instance is in" diff --git a/terraform/shared/sns/main.tf b/terraform/shared/sns/main.tf index aa0079f92..a23c4e872 100644 --- a/terraform/shared/sns/main.tf +++ b/terraform/shared/sns/main.tf @@ -16,9 +16,10 @@ data "cloudfoundry_service" "sns" { } resource "cloudfoundry_service_instance" "sns" { - name = var.name - space = data.cloudfoundry_space.space.id - service_plan = data.cloudfoundry_service.sns.service_plans["base"] + name = var.name + space = data.cloudfoundry_space.space.id + service_plan = data.cloudfoundry_service.sns.service_plans["base"] + recursive_delete = var.recursive_delete json_params = jsonencode({ region = var.aws_region monthly_spend_limit = var.monthly_spend_limit diff --git a/terraform/shared/sns/providers.tf b/terraform/shared/sns/providers.tf index 01ab1f803..21ac567a2 100644 --- a/terraform/shared/sns/providers.tf +++ b/terraform/shared/sns/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } } } diff --git a/terraform/shared/sns/variables.tf b/terraform/shared/sns/variables.tf index acf7c5010..611050337 100644 --- a/terraform/shared/sns/variables.tf +++ b/terraform/shared/sns/variables.tf @@ -13,6 +13,12 @@ variable "name" { description = "name of the service instance" } +variable "recursive_delete" { + type = bool + description = "when true, deletes service bindings attached to the resource (not recommended for production)" + default = false +} + variable "aws_region" { type = string description = "AWS region the SNS settings are set in" diff --git a/terraform/staging/main.tf b/terraform/staging/main.tf index 8cae5a8da..c46e0d3fa 100644 --- a/terraform/staging/main.tf +++ b/terraform/staging/main.tf @@ -1,34 +1,38 @@ locals { - cf_org_name = "gsa-tts-benefits-studio" - cf_space_name = "notify-staging" - env = "staging" - app_name = "notify-api" + cf_org_name = "gsa-tts-benefits-studio" + cf_space_name = "notify-staging" + env = "staging" + app_name = "notify-api" + recursive_delete = true } module "database" { source = "github.com/18f/terraform-cloudgov//database?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-rds-${local.env}" - rds_plan_name = "micro-psql" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-rds-${local.env}" + recursive_delete = local.recursive_delete + rds_plan_name = "micro-psql" } module "redis" { source = "github.com/18f/terraform-cloudgov//redis?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-redis-${local.env}" - redis_plan_name = "redis-dev" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + name = "${local.app_name}-redis-${local.env}" + recursive_delete = local.recursive_delete + redis_plan_name = "redis-dev" } module "csv_upload_bucket" { source = "github.com/18f/terraform-cloudgov//s3?ref=v0.7.1" - cf_org_name = local.cf_org_name - cf_space_name = local.cf_space_name - name = "${local.app_name}-csv-upload-bucket-${local.env}" + cf_org_name = local.cf_org_name + cf_space_name = local.cf_space_name + recursive_delete = local.recursive_delete + name = "${local.app_name}-csv-upload-bucket-${local.env}" } module "egress-space" { @@ -49,6 +53,7 @@ module "ses_email" { cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name name = "${local.app_name}-ses-${local.env}" + recursive_delete = local.recursive_delete aws_region = "us-west-2" mail_from_subdomain = "mail" email_receipt_error = "notify-support@gsa.gov" @@ -60,6 +65,7 @@ module "sns_sms" { cf_org_name = local.cf_org_name cf_space_name = local.cf_space_name name = "${local.app_name}-sns-${local.env}" + recursive_delete = local.recursive_delete aws_region = "us-west-2" monthly_spend_limit = 25 } diff --git a/terraform/staging/providers.tf b/terraform/staging/providers.tf index 0f09460ef..11dceea7d 100644 --- a/terraform/staging/providers.tf +++ b/terraform/staging/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { cloudfoundry = { source = "cloudfoundry-community/cloudfoundry" - version = "0.53.1" + version = "0.53.0" } }