From 27d1f43ec48997592c0670a4867ac6f16d525a71 Mon Sep 17 00:00:00 2001 From: Kate Bobyn Date: Wed, 22 Oct 2025 16:56:01 +0100 Subject: [PATCH 1/2] NRL-1581 enable prod backup and adjust plan for prod --- .../account-wide-infrastructure/prod/aws-backup.tf | 10 +++++----- .../prod/dynamodb__pointers-table.tf | 1 + terraform/account-wide-infrastructure/prod/s3.tf | 6 ++++-- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/terraform/account-wide-infrastructure/prod/aws-backup.tf b/terraform/account-wide-infrastructure/prod/aws-backup.tf index a7759966b..c55518e85 100644 --- a/terraform/account-wide-infrastructure/prod/aws-backup.tf +++ b/terraform/account-wide-infrastructure/prod/aws-backup.tf @@ -128,12 +128,12 @@ module "source" { "rules" : [ { "copy_action" : [{ - "delete_after" : 4, + "delete_after" : 30, }], "lifecycle" : { "delete_after" : 2 }, - "name" : "daily_kept_for_2_days", + "name" : "daily_kept_for_30", "schedule" : "cron(0 0 * * ? *)" } ], @@ -150,7 +150,7 @@ module "source" { "name" : "daily", "schedule" : "cron(0 0 * * ? *)", "copy_action" : [{ - "delete_after" : 4, + "delete_after" : 5, }], "lifecycle" : { @@ -161,8 +161,8 @@ module "source" { "name" : "monthly" "schedule" : "cron(30 0 ? * 4#1)" # first Thursday each month from 00:30 "copy_action" : [{ - "cold_storage_after" : 3, - "delete_after" : 100 # ensures there will always be min 3 + "cold_storage_after" : 35, + "delete_after" : 400 # ensures 1 from previous restore test }], "lifecycle" : { "delete_after" : 2 diff --git a/terraform/account-wide-infrastructure/prod/dynamodb__pointers-table.tf b/terraform/account-wide-infrastructure/prod/dynamodb__pointers-table.tf index 0a57f43ca..f1fc53126 100644 --- a/terraform/account-wide-infrastructure/prod/dynamodb__pointers-table.tf +++ b/terraform/account-wide-infrastructure/prod/dynamodb__pointers-table.tf @@ -4,4 +4,5 @@ module "prod-pointers-table" { enable_deletion_protection = true enable_pitr = true kms_deletion_window_in_days = 30 + enable_backups = true } diff --git a/terraform/account-wide-infrastructure/prod/s3.tf b/terraform/account-wide-infrastructure/prod/s3.tf index 8789e5d40..bfbe01bff 100644 --- a/terraform/account-wide-infrastructure/prod/s3.tf +++ b/terraform/account-wide-infrastructure/prod/s3.tf @@ -1,10 +1,12 @@ module "prod-permissions-store-bucket" { - source = "../modules/permissions-store-bucket" - name_prefix = "nhsd-nrlf--prod" + source = "../modules/permissions-store-bucket" + name_prefix = "nhsd-nrlf--prod" + enable_backups = true } module "prod-truststore-bucket" { source = "../modules/truststore-bucket" name_prefix = "nhsd-nrlf--prod" server_certificate_file = "../../../truststore/server/prod.pem" + enable_backups = true } From c51510d5b9015b56add0e34b15743acb4687048a Mon Sep 17 00:00:00 2001 From: Kate Bobyn Date: Mon, 27 Oct 2025 16:10:43 +0000 Subject: [PATCH 2/2] NRL-1581 keep daily backups for longer --- terraform/account-wide-infrastructure/prod/aws-backup.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/account-wide-infrastructure/prod/aws-backup.tf b/terraform/account-wide-infrastructure/prod/aws-backup.tf index c55518e85..05cd010fd 100644 --- a/terraform/account-wide-infrastructure/prod/aws-backup.tf +++ b/terraform/account-wide-infrastructure/prod/aws-backup.tf @@ -150,7 +150,7 @@ module "source" { "name" : "daily", "schedule" : "cron(0 0 * * ? *)", "copy_action" : [{ - "delete_after" : 5, + "delete_after" : 28, }], "lifecycle" : {