From 037e5098741270b7d4bb0aaebe0869d74d81b932 Mon Sep 17 00:00:00 2001
From: Nick Chadwick <nick.chadwick@noaa.gov>
Date: Mon, 24 Jun 2024 09:19:45 -0500
Subject: [PATCH] changes made in IaC that were done manually

---
 Core/LAMBDA/ingest_functions/main.tf | 18 ++++++-------
 Core/RDS/ingest/main.tf              |  1 +
 Core/RDS/viz/main.tf                 |  1 +
 Core/main.tf                         | 40 ++++++++++++++--------------
 4 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/Core/LAMBDA/ingest_functions/main.tf b/Core/LAMBDA/ingest_functions/main.tf
index f96e4fdb..1a3533aa 100644
--- a/Core/LAMBDA/ingest_functions/main.tf
+++ b/Core/LAMBDA/ingest_functions/main.tf
@@ -56,15 +56,15 @@ variable "db_ingest_port" {
   type = string
 }
 
-variable "primary_hml_bucket_name" {
-  type        = string
-  description = "Primary S3 bucket that is used for the Lambda event notification"
-}
-
-variable "primary_hml_bucket_arn" {
-  type        = string
-  description = "Primary S3 bucket that is used for the Lambda event notification"
-}
+# variable "primary_hml_bucket_name" {
+#   type        = string
+#   description = "Primary S3 bucket that is used for the Lambda event notification"
+# }
+
+# variable "primary_hml_bucket_arn" {
+#   type        = string
+#   description = "Primary S3 bucket that is used for the Lambda event notification"
+# }
 
 variable "backup_hml_bucket_name" {
   type        = string
diff --git a/Core/RDS/ingest/main.tf b/Core/RDS/ingest/main.tf
index cfe4672b..c9cdbd69 100644
--- a/Core/RDS/ingest/main.tf
+++ b/Core/RDS/ingest/main.tf
@@ -57,6 +57,7 @@ resource "aws_db_instance" "hydrovis" {
   backup_retention_period      = 7
   skip_final_snapshot          = true
   auto_minor_version_upgrade   = false
+  deletion_protection          = true
   tags = {
     "hv-vpp-${var.environment}-data-ingest-rdsdbtag" : "hv-vpp-${var.environment}-data-ingest-rdsdbtag"
     "noaa:monitoring"                                : "true"
diff --git a/Core/RDS/viz/main.tf b/Core/RDS/viz/main.tf
index 76b9b2a4..e78de976 100644
--- a/Core/RDS/viz/main.tf
+++ b/Core/RDS/viz/main.tf
@@ -114,6 +114,7 @@ resource "aws_db_instance" "hydrovis" {
   backup_retention_period      = 7
   skip_final_snapshot          = true
   auto_minor_version_upgrade   = false
+  deletion_protection          = true
   tags = {
     "hv-vpp-${var.environment}-viz-processing-rdsdbtag" : "hv-vpp-${var.environment}-viz-processing-rdsdbtag"
     "noaa:monitoring"                                   : "true"
diff --git a/Core/main.tf b/Core/main.tf
index 11efe5db..ed42f21c 100644
--- a/Core/main.tf
+++ b/Core/main.tf
@@ -163,9 +163,9 @@ module "s3" {
       module.iam-roles.role_data_ingest.arn,
       module.iam-roles.role_rnr.arn
     ]
-    "ised" = [
-      # module.iam-users.user_ISEDServiceAccount.arn
-    ]
+    # "ised" = [
+    #   # module.iam-users.user_ISEDServiceAccount.arn
+    # ]
   }
 }
 
@@ -181,22 +181,22 @@ module "egis" {
   role_autoscaling_arn           = module.iam-roles.role_autoscaling.arn
 }
 
-# S3 Replication
-module "s3-replication" {
-  source = "./S3Replication"
+# # S3 Replication
+# module "s3-replication" {
+#   source = "./S3Replication"
 
-  environment                              = local.env.environment
-  account_id                               = local.env.account_id
-  prod_account_id                          = local.env.prod_account_id
-  uat_account_id                           = local.env.uat_account_id
-  ti_account_id                            = local.env.ti_account_id
-  region                                   = local.env.region
-  admin_team_arns                          = local.env.admin_team_arns
-  # user_S3ReplicationDataServiceAccount_arn = module.iam-users.user_S3ReplicationDataServiceAccount.arn
-  user_data-ingest-service-user_arn        = module.iam-roles.role_data_ingest.arn
-  role_viz_pipeline_arn                    = module.iam-roles.role_viz_pipeline.arn
-  role_rnr_arn                             = module.iam-roles.role_rnr.arn
-}
+#   environment                              = local.env.environment
+#   account_id                               = local.env.account_id
+#   prod_account_id                          = local.env.prod_account_id
+#   uat_account_id                           = local.env.uat_account_id
+#   ti_account_id                            = local.env.ti_account_id
+#   region                                   = local.env.region
+#   admin_team_arns                          = local.env.admin_team_arns
+#   # user_S3ReplicationDataServiceAccount_arn = module.iam-users.user_S3ReplicationDataServiceAccount.arn
+#   user_data-ingest-service-user_arn        = module.iam-roles.role_data_ingest.arn
+#   role_viz_pipeline_arn                    = module.iam-roles.role_viz_pipeline.arn
+#   role_rnr_arn                             = module.iam-roles.role_rnr.arn
+# }
 
 # ###################### STAGE 2 ######################
 
@@ -453,8 +453,8 @@ module "ingest-lambda-functions" {
   db_ingest_host              = module.rds-ingest.dns_name
   mq_ingest_port              = split(":", module.mq-ingest.mq-ingest.instances.0.endpoints.0)[2]
   db_ingest_port              = module.rds-ingest.instance.port
-  primary_hml_bucket_name     = module.s3-replication.buckets["hml"].bucket
-  primary_hml_bucket_arn      = module.s3-replication.buckets["hml"].arn
+  # primary_hml_bucket_name     = module.s3-replication.buckets["hml"].bucket
+  # primary_hml_bucket_arn      = module.s3-replication.buckets["hml"].arn
   backup_hml_bucket_name      = module.s3.buckets["hml-backup"].bucket
   backup_hml_bucket_arn       = module.s3.buckets["hml-backup"].arn
   lambda_subnet_ids           = [module.vpc.subnet_private_a.id, module.vpc.subnet_private_b.id]