diff --git a/terraform/account-wide-infrastructure/dev/aws-backup.tf b/terraform/account-wide-infrastructure/dev/aws-backup.tf index fc41d32a8..d357e6b15 100644 --- a/terraform/account-wide-infrastructure/dev/aws-backup.tf +++ b/terraform/account-wide-infrastructure/dev/aws-backup.tf @@ -64,15 +64,6 @@ resource "aws_s3_bucket_acl" "backup_reports" { acl = "private" } -# We need a key for the SNS topic that will be used for notifications from AWS Backup. This key -# will be used to encrypt the messages sent to the topic before they are sent to the subscribers, -# but isn't needed by the recipients of the messages. - -# First we need some contextual data -data "aws_caller_identity" "current" {} -data "aws_region" "current" {} - -# Now we can define the key itself resource "aws_kms_key" "backup_notifications" { description = "KMS key for AWS Backup notifications" deletion_window_in_days = 7 @@ -101,8 +92,6 @@ resource "aws_kms_key" "backup_notifications" { }) } -# Now we can deploy the source and destination modules, referencing the resources we've created above. - module "source" { source = "../modules/backup-source" diff --git a/terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf b/terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf index 0e6cd4ce8..298d654c1 100644 --- a/terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf +++ b/terraform/account-wide-infrastructure/modules/backup-source/backup_plan.tf @@ -82,6 +82,6 @@ resource "aws_backup_selection" "dynamodb" { selection_tag { key = var.backup_plan_config_dynamodb.selection_tag type = "STRINGEQUALS" - value = "true" + value = "True" } } diff --git a/terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf b/terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf index 06e61a58e..ab7fe77aa 100644 --- a/terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf +++ b/terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf @@ -5,7 +5,7 @@ resource "aws_s3_bucket" "authorization-store" { tags = { Name = "authorization store" Environment = "${var.name_prefix}" - NHSE-Enable-S3-Backup = "${var.enable_backups}" + NHSE-Enable-S3-Backup = var.enable_backups ? "True" : "False" } } diff --git a/terraform/account-wide-infrastructure/modules/pointers-table/dynamodb.tf b/terraform/account-wide-infrastructure/modules/pointers-table/dynamodb.tf index 93e060fdb..06a7428b7 100644 --- a/terraform/account-wide-infrastructure/modules/pointers-table/dynamodb.tf +++ b/terraform/account-wide-infrastructure/modules/pointers-table/dynamodb.tf @@ -52,5 +52,7 @@ resource "aws_dynamodb_table" "pointers" { enabled = var.enable_pitr } - tags = { NHSE-Enable-DDB-Backup = "${var.enable_backups}" } + tags = { + NHSE-Enable-DDB-Backup = var.enable_backups ? "True" : "False" + } } diff --git a/terraform/account-wide-infrastructure/modules/truststore-bucket/s3.tf b/terraform/account-wide-infrastructure/modules/truststore-bucket/s3.tf index aa32f2f16..1f7bd3e81 100644 --- a/terraform/account-wide-infrastructure/modules/truststore-bucket/s3.tf +++ b/terraform/account-wide-infrastructure/modules/truststore-bucket/s3.tf @@ -1,7 +1,9 @@ resource "aws_s3_bucket" "api_truststore" { bucket = "${var.name_prefix}-api-truststore" force_destroy = var.enable_bucket_force_destroy - tags = { NHSE-Enable-S3-Backup = "${var.enable_backups}" } + tags = { + NHSE-Enable-S3-Backup = var.enable_backups ? "True" : "False" + } } resource "aws_s3_bucket_policy" "api_truststore_bucket_policy" {