From c384b5b9fdf26f4bebbc15ade5b81e5a88bd024b Mon Sep 17 00:00:00 2001 From: Aaron Williams Date: Tue, 24 Oct 2023 15:57:11 +0100 Subject: [PATCH] Remove copilot environment files * Since workflows now handle copilot environments, we can remove these separated and unsynced files +ref: FS-3684 +semver: minor --- .../addons/assessment-import-queue.yml | 50 ---------- copilot/environments/addons/form-uploads.yml | 61 ------------ .../addons/funding-service-magic-links.yml | 94 ------------------- copilot/environments/dev/manifest.yml | 29 ------ copilot/environments/test/manifest.yml | 30 ------ 5 files changed, 264 deletions(-) delete mode 100644 copilot/environments/addons/assessment-import-queue.yml delete mode 100644 copilot/environments/addons/form-uploads.yml delete mode 100644 copilot/environments/addons/funding-service-magic-links.yml delete mode 100644 copilot/environments/dev/manifest.yml delete mode 100644 copilot/environments/test/manifest.yml diff --git a/copilot/environments/addons/assessment-import-queue.yml b/copilot/environments/addons/assessment-import-queue.yml deleted file mode 100644 index b45fabd4..00000000 --- a/copilot/environments/addons/assessment-import-queue.yml +++ /dev/null @@ -1,50 +0,0 @@ -Parameters: - App: - Type: String - Description: Your application's name. - Env: - Type: String - Description: The environment name your service, job, or workflow is being deployed to. - FifoQueueName: - Type: String - Description: Fifo Queue Name - Default: assessment-import-queue - -Resources: - AssessmentImportQueue: - Type: AWS::SQS::Queue - Properties: - QueueName: !Sub ${FifoQueueName}-${Env}.fifo - FifoQueue: true - RedrivePolicy: - deadLetterTargetArn: !GetAtt DeadLetterQueue.Arn - maxReceiveCount: 3 - DeadLetterQueue: - Type: AWS::SQS::Queue - Properties: - FifoQueue: true - QueueName: !Sub ${FifoQueueName}-${Env}-deadletter.fifo - - - -Outputs: - AssessmentImportQueueURL: - Description: Queue URL for Fifo queue - Value: !Ref AssessmentImportQueue - Export: - Name: !Sub ${App}-${Env}-AssessmentImportQueueURL - AssessmentImportQueueArn: - Description: Queue Arn for FIFO queue - Value: !GetAtt AssessmentImportQueue.Arn - Export: - Name: !Sub ${App}-${Env}-AssessmentImportQueueArn - DeadLetterQueueURL: - Description: "URL of dead-letter queue" - Value: !Ref DeadLetterQueue - Export: - Name: !Sub ${App}-${Env}-DeadLetterQueueURL - DeadLetterQueueARN: - Description: "ARN of dead-letter queue" - Value: !GetAtt DeadLetterQueue.Arn - Export: - Name: !Sub ${App}-${Env}-DeadLetterQueueARN diff --git a/copilot/environments/addons/form-uploads.yml b/copilot/environments/addons/form-uploads.yml deleted file mode 100644 index bd25feed..00000000 --- a/copilot/environments/addons/form-uploads.yml +++ /dev/null @@ -1,61 +0,0 @@ -Parameters: - App: - Type: String - Description: Your application's name. - Env: - Type: String - Description: The environment name your service, job, or workflow is being deployed to. - -Resources: - FormUploadsBucket: - Metadata: - 'aws:copilot:description': 'An Amazon S3 bucket, form-uploads, for storing and retrieving objects' - Type: AWS::S3::Bucket - Properties: - AccessControl: Private - BucketName: !Sub fsd-form-uploads-${Env} - BucketEncryption: - ServerSideEncryptionConfiguration: - - ServerSideEncryptionByDefault: - SSEAlgorithm: AES256 - PublicAccessBlockConfiguration: - BlockPublicAcls: true - BlockPublicPolicy: true - IgnorePublicAcls: true - RestrictPublicBuckets: true - OwnershipControls: - Rules: - - ObjectOwnership: BucketOwnerEnforced - - FormUploadsBucketPolicy: - Metadata: - 'aws:copilot:description': 'A bucket policy to deny unencrypted access to the bucket and its contents' - Type: AWS::S3::BucketPolicy - DeletionPolicy: Retain - Properties: - PolicyDocument: - Version: '2012-10-17' - Statement: - - Sid: ForceHTTPS - Effect: Deny - Principal: '*' - Action: 's3:*' - Resource: - - !Sub ${ FormUploadsBucket.Arn}/* - - !Sub ${ FormUploadsBucket.Arn} - Condition: - Bool: - "aws:SecureTransport": false - Bucket: !Ref FormUploadsBucket - -Outputs: - FormUploadsName: - Description: "The name of a user-defined bucket." - Value: !Ref FormUploadsBucket - Export: - Name: !Sub ${App}-${Env}-FormUploadsBucket - FormUploadsBucketARN: - Description: "The ARN of the form-uploads bucket." - Value: !GetAtt FormUploadsBucket.Arn - Export: - Name: !Sub ${App}-${Env}-FormUploadsBucketARN diff --git a/copilot/environments/addons/funding-service-magic-links.yml b/copilot/environments/addons/funding-service-magic-links.yml deleted file mode 100644 index 01954162..00000000 --- a/copilot/environments/addons/funding-service-magic-links.yml +++ /dev/null @@ -1,94 +0,0 @@ -Parameters: - App: - Type: String - Description: Your application's name. - Env: - Type: String - Description: The environment name your service, job, or workflow is being deployed to. - -Resources: - # Subnet group to control where the Redis gets placed - RedisSubnetGroup: - Type: AWS::ElastiCache::SubnetGroup - Properties: - Description: Group of subnets to place Redis into - SubnetIds: !Split [ ',', { 'Fn::ImportValue': !Sub '${App}-${Env}-PrivateSubnets' } ] - - # Security group to add the Redis cluster to the VPC, - # and to allow the Fargate containers to talk to Redis on port 6379 - RedisSecurityGroup: - Type: AWS::EC2::SecurityGroup - Properties: - GroupDescription: "Redis Security Group" - VpcId: - Fn::ImportValue: - !Sub '${App}-${Env}-VpcId' - - # Enable ingress from other ECS services created within the environment. - RedisIngress: - Type: AWS::EC2::SecurityGroupIngress - Properties: - Description: Ingress from Fargate containers - GroupId: !Ref 'RedisSecurityGroup' - IpProtocol: tcp - FromPort: 6379 - ToPort: 6379 - SourceSecurityGroupId: - Fn::ImportValue: - !Sub '${App}-${Env}-EnvironmentSecurityGroup' - - # Secret Storage of access credentials - RedisSecret: - Metadata: - 'aws:copilot:description': 'A Secrets Manager secret to store your DB credentials' - Type: AWS::SecretsManager::Secret - Properties: - Description: !Sub 'Redis main user secret for ${AWS::StackName}' - GenerateSecretString: - SecretStringTemplate: '{"username": "redis"}' - GenerateStringKey: "password" - ExcludePunctuation: true - IncludeSpace: false - PasswordLength: 16 - - # Creation of the cluster itself - RedisReplicationGroup: - Type: AWS::ElastiCache::ReplicationGroup - Properties: - ReplicationGroupId: !Sub 'funding-service-magic-links-${Env}' - ReplicationGroupDescription: !Sub '${Env} Funding Service Magic Links' - AutomaticFailoverEnabled: true - AtRestEncryptionEnabled: true - TransitEncryptionEnabled: true - AutoMinorVersionUpgrade: true - MultiAZEnabled: true - CacheNodeType: cache.m5.large - CacheSubnetGroupName: !Ref 'RedisSubnetGroup' - SecurityGroupIds: - - !GetAtt 'RedisSecurityGroup.GroupId' - Engine: redis - NumCacheClusters: 2 - - # Redis endpoint stored in SSM so that other services can retrieve the endpoint. - RedisEndpointAddressParam: - Type: AWS::SSM::Parameter - Properties: - Name: !Sub '/${App}/${Env}/redis' # Other services can retrieve the endpoint from this path. - Type: String - Value: !GetAtt 'RedisReplicationGroup.PrimaryEndPoint.Address' - -Outputs: - RedisEndpoint: - Description: The endpoint of the redis cluster - Value: !GetAtt 'RedisReplicationGroup.PrimaryEndPoint.Address' - Export: - Name: !Sub ${App}-${Env}-RedisEndpoint - RedisInstanceURI: - Description: "The URI of the redis cluster." - Value: - !Sub - - "rediss://${HOSTNAME}:${PORT}" - - HOSTNAME: !GetAtt 'RedisReplicationGroup.PrimaryEndPoint.Address' - PORT: !GetAtt 'RedisReplicationGroup.PrimaryEndPoint.Port' - Export: - Name: !Sub ${App}-${Env}-RedisInstanceURI diff --git a/copilot/environments/dev/manifest.yml b/copilot/environments/dev/manifest.yml deleted file mode 100644 index ad57a3a2..00000000 --- a/copilot/environments/dev/manifest.yml +++ /dev/null @@ -1,29 +0,0 @@ -# The manifest for the "dev" environment. -# Read the full specification for the "Environment" type at: -# https://aws.github.io/copilot-cli/docs/manifest/environment/ - -# Your environment name will be used in naming your resources like VPC, cluster, etc. -name: dev -type: Environment - -# Import your own VPC and subnets or configure how they should be created. -# Run this in uat/production only - in the test environments, these should be ad-hoc per deployment -network: - vpc: - id: 'vpc-0850970940cee0412' - subnets: - public: - - id: 'subnet-0f7aa03feb2923658' - - id: 'subnet-0a8dfef78a0873187' - private: - - id: 'subnet-03caaa338a263f66f' - - id: 'subnet-0f4bdb0fe7e467743' - -# Configure the load balancers in your environment, once created. -# http: -# public: -# private: - -# Configure observability for your environment resources. -observability: - container_insights: false diff --git a/copilot/environments/test/manifest.yml b/copilot/environments/test/manifest.yml deleted file mode 100644 index 73dcb1a7..00000000 --- a/copilot/environments/test/manifest.yml +++ /dev/null @@ -1,30 +0,0 @@ - -# The manifest for the "test" environment. -# Read the full specification for the "Environment" type at: -# https://aws.github.io/copilot-cli/docs/manifest/environment/ - -# Your environment name will be used in naming your resources like VPC, cluster, etc. -name: test -type: Environment - -# Import your own VPC and subnets or configure how they should be created. -# Run this in uat/production only - in the test environments, these should be ad-hoc per deployment -network: - vpc: - id: 'vpc-0ca7bdd50d5dba428' - subnets: - public: - - id: 'subnet-0f1f40929bdabbcdd' - - id: 'subnet-0e686586655747458' - private: - - id: 'subnet-07f5736fe61f32266' - - id: 'subnet-054d3a0257e2c809d' - -# Configure the load balancers in your environment, once created. -# http: -# public: -# private: - -# Configure observability for your environment resources. -observability: - container_insights: false