ministryofjustice · ntse · Oct 31, 2023 · Oct 19, 2023 · Oct 19, 2023 · Oct 19, 2023
@@ -41,8 +41,8 @@ resource "aws_cognito_user_pool_client" "use_a_lasting_power_of_attorney_admin"
   read_attributes        = []
   write_attributes       = []
 
-  callback_urls = ["https://${aws_route53_record.admin_use_my_lpa.fqdn}/oauth2/idpresponse"]
-  logout_urls   = ["https://${aws_route53_record.admin_use_my_lpa.fqdn}/"]
+  callback_urls = ["https://${module.eu_west_1.route53_fqdns.admin}/oauth2/idpresponse"]
+  logout_urls   = ["https://${module.eu_west_1.route53_fqdns.admin}/"]
 }
 
 moved {

@@ -12,11 +12,11 @@ locals {
     viewer_codes_table                       = aws_dynamodb_table.viewer_codes_table.name
     user_lpa_actor_map                       = aws_dynamodb_table.user_lpa_actor_map.name
     stats_table                              = aws_dynamodb_table.stats_table.name
-    actor_fqdn                               = aws_route53_record.actor_use_my_lpa.fqdn
-    viewer_fqdn                              = aws_route53_record.viewer_use_my_lpa.fqdn
-    admin_fqdn                               = aws_route53_record.admin_use_my_lpa.fqdn
-    public_facing_use_fqdn                   = aws_route53_record.public_facing_use_lasting_power_of_attorney.fqdn
-    public_facing_view_fqdn                  = aws_route53_record.public_facing_view_lasting_power_of_attorney.fqdn
+    actor_fqdn                               = module.eu_west_1.route53_fqdns.actor
+    viewer_fqdn                              = module.eu_west_1.route53_fqdns.viewer
+    admin_fqdn                               = module.eu_west_1.route53_fqdns.admin
+    public_facing_use_fqdn                   = module.eu_west_1.route53_fqdns.public_facing_use
+    public_facing_view_fqdn                  = module.eu_west_1.route53_fqdns.public_facing_view
     viewer_load_balancer_security_group_name = module.eu_west_1.security_group_names.viewer_loadbalancer
     actor_load_balancer_security_group_name  = module.eu_west_1.security_group_names.actor_loadbalancer
 

@@ -1,3 +1,11 @@
 output "admin_domain" {
-  value = module.eu_west_1.admin_domain
-}
+  value = "https://${module.eu_west_1.route53_fqdns.admin}"
+}
+
+output "public_facing_use_domain" {
+  value = "https://${module.eu_west_1.route53_fqdns.public_facing_use}"
+}
+
+output "public_facing_view_domain" {
+  value = "https://${module.eu_west_1.route53_fqdns.public_facing_view}"
+}
@@ -871,3 +871,53 @@ moved {
   from = aws_wafv2_web_acl_association.viewer[0]
   to   = module.eu_west_1.aws_wafv2_web_acl_association.viewer[0]
 }
+
+moved {
+  from = aws_cloudwatch_metric_alarm.actor_health_check_alarm
+  to   = module.eu_west_1.module.actor_use_my_lpa.aws_cloudwatch_metric_alarm.this[0]
+}
+
+moved {
+  from = aws_cloudwatch_metric_alarm.viewer_health_check_alarm
+  to   = module.eu_west_1.module.viewer_use_my_lpa.aws_cloudwatch_metric_alarm.this[0]
+}
+
+moved {
+  from = aws_route53_health_check.actor_health_check
+  to   = module.eu_west_1.module.actor_use_my_lpa.aws_route53_health_check.this[0]
+}
+
+moved {
+  from = aws_route53_health_check.viewer_health_check
+  to   = module.eu_west_1.module.viewer_use_my_lpa.aws_route53_health_check.this[0]
+}
+
+moved {
+  from = aws_route53_record.actor_use_my_lpa
+  to   = module.eu_west_1.module.actor_use_my_lpa.aws_route53_record.this
+}
+
+moved {
+  from = aws_route53_record.admin_use_my_lpa
+  to   = module.eu_west_1.module.admin_use_my_lpa.aws_route53_record.this
+}
+
+moved {
+  from = aws_route53_record.public_facing_use_lasting_power_of_attorney
+  to   = module.eu_west_1.module.public_facing_use_lasting_power_of_attorney.aws_route53_record.this
+}
+
+moved {
+  from = aws_route53_record.public_facing_view_lasting_power_of_attorney
+  to   = module.eu_west_1.module.public_facing_view_lasting_power_of_attorney.aws_route53_record.this
+}
+
+moved {
+  from = aws_route53_record.viewer_use_my_lpa
+  to   = module.eu_west_1.module.viewer_use_my_lpa.aws_route53_record.this
+}
+
+moved {
+  from = aws_service_discovery_private_dns_namespace.internal_ecs
+  to   = module.eu_west_1.aws_service_discovery_private_dns_namespace.internal_ecs
+}
@@ -5,11 +5,11 @@ module "eu_west_1" {
   admin_container_version                   = var.admin_container_version
   autoscaling                               = local.environment.autoscaling
   associate_alb_with_waf_web_acl_enabled    = local.environment.associate_alb_with_waf_web_acl_enabled
-  aws_service_discovery_service             = aws_service_discovery_private_dns_namespace.internal_ecs
   capacity_provider                         = local.capacity_provider
   container_version                         = var.container_version
   cookie_expires_use                        = local.environment.cookie_expires_use
   cookie_expires_view                       = local.environment.cookie_expires_view
+  dns_namespace_env                         = local.dns_namespace_env
   ecs_execution_role                        = module.iam.ecs_execution_role
   ecs_task_roles                            = module.iam.ecs_task_roles
   environment_name                          = local.environment_name
@@ -69,16 +69,9 @@ module "eu_west_1" {
     "delete_lpa_feature"                                         = local.environment.application_flags.delete_lpa_feature
   }
 
-  route_53_fqdns = {
-    "public_view" = aws_route53_record.public_facing_view_lasting_power_of_attorney.fqdn
-    "public_use"  = aws_route53_record.public_facing_use_lasting_power_of_attorney.fqdn
-    "admin"       = aws_route53_record.admin_use_my_lpa.fqdn
-    "actor"       = aws_route53_record.actor_use_my_lpa.fqdn
-    "viewer"      = aws_route53_record.viewer_use_my_lpa.fqdn
-  }
-
   providers = {
     aws.region     = aws.eu_west_1
     aws.management = aws.management
+    aws.us-east-1  = aws.us-east-1
   }
 }
@@ -194,7 +194,7 @@ locals {
       environment = [
         {
           name  = "WEB_DOMAIN",
-          value = "https://${var.route_53_fqdns.public_use}"
+          value = "https://${local.route53_fqdns.public_facing_use}"
         },
         {
           name  = "APP_HOST",

@@ -107,7 +107,7 @@ resource "aws_lb_listener_rule" "rewrite_use_to_live_service_url" {
     type = "redirect"
 
     redirect {
-      host        = var.route_53_fqdns.public_use
+      host        = local.route53_fqdns.public_facing_use
       path        = "/#{path}"
       query       = "#{query}"
       port        = "443"
@@ -118,7 +118,7 @@ resource "aws_lb_listener_rule" "rewrite_use_to_live_service_url" {
   condition {
     host_header {
       values = [
-        var.route_53_fqdns.actor
+        local.route53_fqdns.actor
       ]
     }
   }

@@ -49,7 +49,7 @@ resource "aws_service_discovery_service" "api_ecs" {
   name = "api"
 
   dns_config {
-    namespace_id = var.aws_service_discovery_service.id
+    namespace_id = aws_service_discovery_private_dns_namespace.internal_ecs.id
 
     dns_records {
       ttl  = 10
@@ -68,7 +68,7 @@ resource "aws_service_discovery_service" "api_ecs" {
 
 //
 locals {
-  api_service_fqdn = "${aws_service_discovery_service.api_ecs.name}.${var.aws_service_discovery_service.name}"
+  api_service_fqdn = "${aws_service_discovery_service.api_ecs.name}.${aws_service_discovery_private_dns_namespace.internal_ecs.name}"
 }
 
 //----------------------------------