Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: tear down primary instance #224

Merged
merged 1 commit into from
Aug 30, 2024
Merged

feat: tear down primary instance #224

merged 1 commit into from
Aug 30, 2024

Conversation

alexander-jackson
Copy link
Owner

The secondary instance is now handling all the traffic and running vector with the DNS flipped over, so there's no need for this one anymore.

This change:

  • Removes the instance definition and security group rule for database access

@alexander-jackson
feat: tear down primary instance
4acf3db 
The `secondary` instance is now handling all the traffic and running
`vector` with the DNS flipped over, so there's no need for this one
anymore.

This change:
* Removes the instance definition and security group rule for database
  access
@github-actions GitHub Actions
Copy link

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan 

terraform
Running plan in HCP Terraform. Output will stream here. Pressing Ctrl-C
will stop streaming the logs, but will not stop the plan running remotely.

Preparing the remote plan...

To view this run in a browser, visit:
https://app.terraform.io/app/blackboards/infrastructure/runs/run-zYy25JDKqRVhgeY8

Waiting for the plan to start...

Terraform v1.5.7
on linux_amd64
Initializing plugins and modules...
module.logging_bucket.random_id.this: Refreshing state... [id=SssY]
module.remote_state_bucket.random_id.this: Refreshing state... [id=WvCN]
module.postgres_backups_bucket.random_id.this: Refreshing state... [id=Ze9c]
module.bucket.random_id.this: Refreshing state... [id=csAJ]
module.config_bucket.random_id.this: Refreshing state... [id=aPbH]
aws_security_group_rule.allow_inbound_connections_from_primary: Refreshing state... [id=sgrule-3835528208]
module.primary.aws_iam_instance_profile.this: Refreshing state... [id=primary-instance-profile]
module.primary.aws_eip.this: Refreshing state... [id=eipalloc-0a8501d784f1bda3d]
module.primary.aws_security_group_rule.allow_outbound_postgres: Refreshing state... [id=sgrule-2536641308]
module.primary.aws_security_group_rule.allow_inbound_https: Refreshing state... [id=sgrule-520529277]
module.primary.aws_security_group_rule.allow_outbound_ssh: Refreshing state... [id=sgrule-3823230434]
module.primary.aws_iam_role.this: Refreshing state... [id=primary-role]
module.primary.aws_instance.this: Refreshing state... [id=i-0a858f0c4f1cdcf70]
module.primary.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-3606152837]
module.primary.aws_security_group.this: Refreshing state... [id=sg-0a11f4dcd31818c55]
aws_sns_topic.outages: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:outages]
module.primary.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-3437576669]
module.primary.aws_iam_role_policy_attachment.this: Refreshing state... [id=primary-role-20240816195109298300000001]
module.primary.aws_security_group_rule.allow_outbound_subnet_postgres: Refreshing state... [id=sgrule-287349534]
module.primary.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-261182941]
module.primary.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/primary-policy]
module.database.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/database-policy]
module.postgres_backups_bucket.aws_s3_bucket.this: Refreshing state... [id=postgres-backups-65ef5c]
module.config_bucket.aws_s3_bucket.this: Refreshing state... [id=configuration-68f6c7]
module.remote_state_bucket.aws_s3_bucket.this: Refreshing state... [id=terraform-remote-state-5af08d]
module.secondary.data.aws_iam_policy_document.ec2_assume_role: Refreshing...
module.secondary.data.aws_iam_policy_document.ec2_assume_role: Refresh complete after 0s [id=2851119427]
aws_iam_user.image_builder: Refreshing state... [id=image.builder]
module.repositories["ticket-tracker"].aws_iam_user.builder: Refreshing state... [id=ticket-tracker-builder]
module.repositories["ticket-tracker"].aws_ecr_repository.this: Refreshing state... [id=ticket-tracker]
aws_vpc.main: Refreshing state... [id=vpc-0d1ab7c53aec22955]
data.aws_iam_policy_document.assume_role: Refreshing...
data.aws_iam_policy_document.assume_role: Refresh complete after 0s [id=2690255455]
aws_iam_user.github_actions: Refreshing state... [id=github.actions]
module.logging_bucket.aws_s3_bucket.this: Refreshing state... [id=logging-4acb18]
data.aws_iam_policy_document.uptime_trigger_assume_role: Refreshing...
data.aws_iam_policy_document.uptime_trigger_assume_role: Refresh complete after 0s [id=52247394]
module.personal.aws_iam_user.this: Refreshing state... [id=alex.jackson]
aws_ecr_repository.uptime: Refreshing state... [id=uptime]
aws_iam_user.this: Refreshing state... [id=ticket-tracker]
aws_sns_topic.notifications: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:ticket-tracker-notifications]
aws_route53_zone.opentracker: Refreshing state... [id=Z03017682LQ8TW5YUFGE0]
aws_key_pair.main: Refreshing state... [id=macbook-m2-pro]
aws_iam_policy.iac_deployer: Refreshing state... [id=arn:aws:iam::558855412466:policy/iac-deployer-policy]
aws_iam_role.iac_deployer: Refreshing state... [id=iac-deployer]
module.database.data.aws_iam_policy_document.ec2_assume_role: Refreshing...
module.database.data.aws_iam_policy_document.ec2_assume_role: Refresh complete after 0s [id=2851119427]
aws_iam_user.postgres_backups: Refreshing state... [id=postgres.backups]
aws_iam_user.configuration_deployer: Refreshing state... [id=configuration.deployer]
aws_sns_topic_subscription.outages: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:outages:c15a0919-9e06-484e-bef6-08ab63e662d8]
module.bucket.aws_s3_bucket.this: Refreshing state... [id=uptime-72c009]
module.secondary.aws_iam_role.this: Refreshing state... [id=secondary-role]
aws_iam_access_key.image_builder: Refreshing state... [id=AKIAYEHTA3LZI2GLLBWM]
aws_iam_role.uptime: Refreshing state... [id=uptime]
module.repositories["ticket-tracker"].aws_iam_access_key.builder: Refreshing state... [id=AKIAYEHTA3LZAHS7ZJVQ]
aws_iam_access_key.github_actions: Refreshing state... [id=AKIAYEHTA3LZK6JIHCYE]
aws_iam_role.uptime_trigger: Refreshing state... [id=uptime-trigger]
module.personal.aws_iam_user_policy.this: Refreshing state... [id=alex.jackson:alex.jackson.policy]
module.personal.aws_iam_access_key.this: Refreshing state... [id=AKIAYEHTA3LZCH5CBE4Y]
module.personal.aws_iam_user_login_profile.this: Refreshing state... [id=alex.jackson]
aws_iam_access_key.this: Refreshing state... [id=AKIAYEHTA3LZJEQ7KL5O]
aws_sns_topic_subscription.notifications: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:ticket-tracker-notifications:360092e1-a2d6-48be-ab1e-a973d714e068]
aws_iam_user_policy.this: Refreshing state... [id=ticket-tracker:ticket-tracker.policy]
module.repositories["ticket-tracker"].aws_iam_user_policy.builder: Refreshing state... [id=ticket-tracker-builder:ticket-tracker-builder-policy]
aws_iam_user_policy.image_builder: Refreshing state... [id=image.builder:image.builder.policy]
module.database.aws_iam_role.this: Refreshing state... [id=database-role]
aws_iam_access_key.postgres_backups: Refreshing state... [id=AKIAYEHTA3LZFDVAEC42]
aws_iam_role_policy_attachment.iac_deployer: Refreshing state... [id=iac-deployer-20230421061924179000000001]
aws_iam_user_policy.github_actions: Refreshing state... [id=github.actions:github.actions.policy]
aws_iam_access_key.configuration_deployer: Refreshing state... [id=AKIAYEHTA3LZKXOXWTYC]
module.secondary.aws_iam_instance_profile.this: Refreshing state... [id=secondary-instance-profile]
aws_lambda_function.uptime: Refreshing state... [id=uptime]
module.database.aws_iam_instance_profile.this: Refreshing state... [id=database-instance-profile]
module.database.aws_iam_role_policy_attachment.this: Refreshing state... [id=database-role-20231230120447701700000002]
module.secondary.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/secondary-policy]
aws_internet_gateway.main: Refreshing state... [id=igw-0aa2c09bec52493fc]
aws_subnet.main: Refreshing state... [id=subnet-07936cc0e5c7d83b1]
module.secondary.aws_iam_role_policy_attachment.this: Refreshing state... [id=secondary-role-20240830195016300100000001]
aws_route_table.gateway: Refreshing state... [id=rtb-0881a403738fea9c7]
module.database.data.aws_subnet.self: Refreshing...
module.secondary.data.aws_subnet.self: Refreshing...
module.database.aws_security_group.this: Refreshing state... [id=sg-0998f7db6e1ffb7eb]
module.database.aws_ebs_volume.this: Refreshing state... [id=vol-0ac43ea68879b3895]
module.secondary.aws_security_group.this: Refreshing state... [id=sg-09c16fd26e819748e]
module.remote_state_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=terraform-remote-state-5af08d]
module.secondary.data.aws_subnet.self: Refresh complete after 0s [id=subnet-07936cc0e5c7d83b1]
module.database.data.aws_subnet.self: Refresh complete after 0s [id=subnet-07936cc0e5c7d83b1]
module.postgres_backups_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=postgres-backups-65ef5c]
aws_route_table_association.gateway: Refreshing state... [id=rtbassoc-041dbac3ebba9c5ca]
aws_iam_user_policy.postgres_backups: Refreshing state... [id=postgres.backups:postgres.backups.policy]
module.config_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=configuration-68f6c7]
module.logging_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=logging-4acb18]
aws_iam_user_policy.configuration_deployer: Refreshing state... [id=configuration.deployer:configuration.deployer.policy]
module.database.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-3173870365]
module.database.aws_security_group_rule.allow_inbound_postgres: Refreshing state... [id=sgrule-3465932672]
module.database.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-1306823711]
module.database.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-1983782041]
module.database.aws_instance.this: Refreshing state... [id=i-0e48bcc2a0d16252e]
aws_iam_policy.uptime_trigger: Refreshing state... [id=arn:aws:iam::558855412466:policy/uptime-trigger]
aws_scheduler_schedule.uptime: Refreshing state... [id=default/uptime-trigger]
module.secondary.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-1349148784]
module.secondary.aws_security_group_rule.allow_outbound_ssh: Refreshing state... [id=sgrule-1707530534]
module.secondary.aws_security_group_rule.allow_outbound_subnet_postgres: Refreshing state... [id=sgrule-3062141385]
module.secondary.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-2310426905]
module.secondary.aws_security_group_rule.allow_inbound_https: Refreshing state... [id=sgrule-1220995848]
module.secondary.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-2114639601]
module.secondary.aws_instance.this: Refreshing state... [id=i-0020a8286890ff956]
module.secondary.aws_security_group_rule.allow_outbound_postgres: Refreshing state... [id=sgrule-4235038627]
aws_security_group_rule.allow_inbound_connections_from_secondary: Refreshing state... [id=sgrule-3884167637]
aws_iam_role_policy_attachment.uptime_trigger: Refreshing state... [id=uptime-trigger-20240331174144664500000001]
module.bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=uptime-72c009]
aws_iam_policy.uptime: Refreshing state... [id=arn:aws:iam::558855412466:policy/uptime-policy]
aws_iam_role_policy_attachment.uptime: Refreshing state... [id=uptime-20240418192134073500000001]
module.database.aws_volume_attachment.this: Refreshing state... [id=vai-3516952077]
module.secondary.aws_eip.this: Refreshing state... [id=eipalloc-0ae65475676d8217a]
aws_route53_record.opentracker: Refreshing state... [id=Z03017682LQ8TW5YUFGE0__A]
aws_route53_record.opentracker_tags: Refreshing state... [id=Z03017682LQ8TW5YUFGE0_tags_A]
aws_route53_record.opentracker_today: Refreshing state... [id=Z03017682LQ8TW5YUFGE0_today_A]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # aws_security_group_rule.allow_inbound_connections_from_primary will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_connections_from_primary" {
      - description              = "Allow inbound connections from sg-0a11f4dcd31818c55" -> null
      - from_port                = 5432 -> null
      - id                       = "sgrule-3835528208" -> null
      - protocol                 = "tcp" -> null
      - security_group_id        = "sg-0998f7db6e1ffb7eb" -> null
      - security_group_rule_id   = "sgr-0b010ca8df0efd8ea" -> null
      - self                     = false -> null
      - source_security_group_id = "sg-0a11f4dcd31818c55" -> null
      - to_port                  = 5432 -> null
      - type                     = "ingress" -> null
    }

  # module.primary.aws_eip.this will be destroyed
  - resource "aws_eip" "this" {
      - allocation_id            = "eipalloc-0a8501d784f1bda3d" -> null
      - association_id           = "eipassoc-0908bb0528b072823" -> null
      - domain                   = "vpc" -> null
      - id                       = "eipalloc-0a8501d784f1bda3d" -> null
      - instance                 = "i-0a858f0c4f1cdcf70" -> null
      - network_border_group     = "eu-west-1" -> null
      - network_interface        = "eni-03a5ddc634955db51" -> null
      - private_dns              = "ip-10-0-0-91.eu-west-1.compute.internal" -> null
      - private_ip               = "10.0.0.91" -> null
      - public_dns               = "ec2-54-73-67-120.eu-west-1.compute.amazonaws.com" -> null
      - public_ip                = "54.73.67.120" -> null
      - public_ipv4_pool         = "amazon" -> null
      - tags                     = {} -> null
      - tags_all                 = {} -> null
      - vpc                      = true -> null
        # (3 unchanged attributes hidden)
    }

  # module.primary.aws_iam_instance_profile.this will be destroyed
  - resource "aws_iam_instance_profile" "this" {
      - arn         = "arn:aws:iam::558855412466:instance-profile/primary-instance-profile" -> null
      - create_date = "2024-08-16T19:51:09Z" -> null
      - id          = "primary-instance-profile" -> null
      - name        = "primary-instance-profile" -> null
      - path        = "/" -> null
      - role        = "primary-role" -> null
      - tags        = {} -> null
      - tags_all    = {} -> null
      - unique_id   = "AIPAYEHTA3LZLZZRV6EYO" -> null
        # (1 unchanged attribute hidden)
    }

  # module.primary.aws_iam_policy.this will be destroyed
  - resource "aws_iam_policy" "this" {
      - arn         = "arn:aws:iam::558855412466:policy/primary-policy" -> null
      - description = "Policy for primary-role" -> null
      - id          = "arn:aws:iam::558855412466:policy/primary-policy" -> null
      - name        = "primary-policy" -> null
      - path        = "/" -> null
      - policy      = jsonencode(
            {
              - Statement = [
                  - {
                      - Action   = [
                          - "s3:ListBucket",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::configuration-68f6c7"
                    },
                  - {
                      - Action   = [
                          - "s3:GetObject",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::configuration-68f6c7/*"
                    },
                  - {
                      - Action   = [
                          - "route53:ListHostedZones",
                          - "route53:GetChange",
                        ]
                      - Effect   = "Allow"
                      - Resource = "*"
                    },
                  - {
                      - Action   = [
                          - "route53:ChangeResourceRecordSets",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:route53:::hostedzone/Z03017682LQ8TW5YUFGE0"
                    },
                  - {
                      - Action   = [
                          - "s3:ListBucket",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::logging-4acb18"
                    },
                  - {
                      - Action   = [
                          - "s3:PutObject",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::logging-4acb18/*"
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> null
      - policy_id   = "ANPAYEHTA3LZE6TNEIQ2M" -> null
      - tags        = {} -> null
      - tags_all    = {} -> null
        # (1 unchanged attribute hidden)
    }

  # module.primary.aws_iam_role.this will be destroyed
  - resource "aws_iam_role" "this" {
      - arn                   = "arn:aws:iam::558855412466:role/primary-role" -> null
      - assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRole"
                      - Effect    = "Allow"
                      - Principal = {
                          - Service = "ec2.amazonaws.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> null
      - create_date           = "2024-08-16T19:51:09Z" -> null
      - description           = "Role for the primary instance" -> null
      - force_detach_policies = false -> null
      - id                    = "primary-role" -> null
      - managed_policy_arns   = [
          - "arn:aws:iam::558855412466:policy/primary-policy",
        ] -> null
      - max_session_duration  = 3600 -> null
      - name                  = "primary-role" -> null
      - path                  = "/" -> null
      - tags                  = {} -> null
      - tags_all              = {} -> null
      - unique_id             = "AROAYEHTA3LZMLLHYGA7V" -> null
        # (2 unchanged attributes hidden)
    }

  # module.primary.aws_iam_role_policy_attachment.this will be destroyed
  - resource "aws_iam_role_policy_attachment" "this" {
      - id         = "primary-role-20240816195109298300000001" -> null
      - policy_arn = "arn:aws:iam::558855412466:policy/primary-policy" -> null
      - role       = "primary-role" -> null
    }

  # module.primary.aws_instance.this will be destroyed
  - resource "aws_instance" "this" {
      - ami                                  = "ami-0ab14756db2442499" -> null
      - arn                                  = "arn:aws:ec2:eu-west-1:558855412466:instance/i-0a858f0c4f1cdcf70" -> null
      - associate_public_ip_address          = true -> null
      - availability_zone                    = "eu-west-1a" -> null
      - cpu_core_count                       = 1 -> null
      - cpu_threads_per_core                 = 1 -> null
      - disable_api_stop                     = false -> null
      - disable_api_termination              = false -> null
      - ebs_optimized                        = false -> null
      - get_password_data                    = false -> null
      - hibernation                          = false -> null
      - iam_instance_profile                 = "primary-instance-profile" -> null
      - id                                   = "i-0a858f0c4f1cdcf70" -> null
      - instance_initiated_shutdown_behavior = "stop" -> null
      - instance_state                       = "running" -> null
      - instance_type                        = "t2.nano" -> null
      - ipv6_address_count                   = 0 -> null
      - ipv6_addresses                       = [] -> null
      - key_name                             = "macbook-m2-pro" -> null
      - monitoring                           = false -> null
      - placement_partition_number           = 0 -> null
      - primary_network_interface_id         = "eni-03a5ddc634955db51" -> null
      - private_dns                          = "ip-10-0-0-91.eu-west-1.compute.internal" -> null
      - private_ip                           = "10.0.0.91" -> null
      - public_dns                           = "ec2-54-73-67-120.eu-west-1.compute.amazonaws.com" -> null
      - public_ip                            = "54.73.67.120" -> null
      - secondary_private_ips                = [] -> null
      - security_groups                      = [] -> null
      - source_dest_check                    = true -> null
      - subnet_id                            = "subnet-07936cc0e5c7d83b1" -> null
      - tags                                 = {} -> null
      - tags_all                             = {} -> null
      - tenancy                              = "default" -> null
      - user_data                            = "0eafa8ed1558c4d63714d518a311d276c2ff1886" -> null
      - user_data_replace_on_change          = false -> null
      - vpc_security_group_ids               = [
          - "sg-0a11f4dcd31818c55",
        ] -> null
        # (6 unchanged attributes hidden)

      - capacity_reservation_specification {
          - capacity_reservation_preference = "open" -> null
        }

      - cpu_options {
          - core_count       = 1 -> null
          - threads_per_core = 1 -> null
            # (1 unchanged attribute hidden)
        }

      - credit_specification {
          - cpu_credits = "standard" -> null
        }

      - enclave_options {
          - enabled = false -> null
        }

      - maintenance_options {
          - auto_recovery = "default" -> null
        }

      - metadata_options {
          - http_endpoint               = "enabled" -> null
          - http_protocol_ipv6          = "disabled" -> null
          - http_put_response_hop_limit = 2 -> null
          - http_tokens                 = "optional" -> null
          - instance_metadata_tags      = "disabled" -> null
        }

      - private_dns_name_options {
          - enable_resource_name_dns_a_record    = false -> null
          - enable_resource_name_dns_aaaa_record = false -> null
          - hostname_type                        = "ip-name" -> null
        }

      - root_block_device {
          - delete_on_termination = true -> null
          - device_name           = "/dev/sda1" -> null
          - encrypted             = false -> null
          - iops                  = 100 -> null
          - tags                  = {} -> null
          - throughput            = 0 -> null
          - volume_id             = "vol-0090a6dfa39f5b6ac" -> null
          - volume_size           = 8 -> null
          - volume_type           = "gp2" -> null
            # (1 unchanged attribute hidden)
        }
    }

  # module.primary.aws_security_group.this will be destroyed
  - resource "aws_security_group" "this" {
      - arn                    = "arn:aws:ec2:eu-west-1:558855412466:security-group/sg-0a11f4dcd31818c55" -> null
      - description            = "Security group for the primary f2-instance" -> null
      - egress                 = [
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound HTTP to anywhere"
              - from_port        = 80
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 80
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound HTTPS to anywhere"
              - from_port        = 443
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 443
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound SSH to anywhere"
              - from_port        = 22
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 22
            },
          - {
              - cidr_blocks      = [
                  - "10.0.0.0/24",
                ]
              - description      = "Allow outbound Postgres to the subnet"
              - from_port        = 5432
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 5432
            },
          - {
              - cidr_blocks      = [
                  - "64.227.33.121/32",
                ]
              - description      = "Allow outbound Postgres to the Digital Ocean instance"
              - from_port        = 5432
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 5432
            },
        ] -> null
      - id                     = "sg-0a11f4dcd31818c55" -> null
      - ingress                = [
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow inbound HTTPS from anywhere"
              - from_port        = 443
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 443
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow inbound SSH from anywhere"
              - from_port        = 22
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 22
            },
        ] -> null
      - name                   = "primary-f2-instance" -> null
      - owner_id               = "558855412466" -> null
      - revoke_rules_on_delete = false -> null
      - tags                   = {} -> null
      - tags_all               = {} -> null
      - vpc_id                 = "vpc-0d1ab7c53aec22955" -> null
        # (1 unchanged attribute hidden)
    }

  # module.primary.aws_security_group_rule.allow_inbound_https will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_https" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow inbound HTTPS from anywhere" -> null
      - from_port              = 443 -> null
      - id                     = "sgrule-520529277" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-03ed308a4f9f8f4d2" -> null
      - self                   = false -> null
      - to_port                = 443 -> null
      - type                   = "ingress" -> null
    }

  # module.primary.aws_security_group_rule.allow_inbound_ssh will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_ssh" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow inbound SSH from anywhere" -> null
      - from_port              = 22 -> null
      - id                     = "sgrule-3437576669" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-002e1bc2087ef4ecd" -> null
      - self                   = false -> null
      - to_port                = 22 -> null
      - type                   = "ingress" -> null
    }

  # module.primary.aws_security_group_rule.allow_outbound_http will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_http" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound HTTP to anywhere" -> null
      - from_port              = 80 -> null
      - id                     = "sgrule-261182941" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-02db0233cff69ba0c" -> null
      - self                   = false -> null
      - to_port                = 80 -> null
      - type                   = "egress" -> null
    }

  # module.primary.aws_security_group_rule.allow_outbound_https will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_https" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound HTTPS to anywhere" -> null
      - from_port              = 443 -> null
      - id                     = "sgrule-3606152837" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-020213369b642109c" -> null
      - self                   = false -> null
      - to_port                = 443 -> null
      - type                   = "egress" -> null
    }

  # module.primary.aws_security_group_rule.allow_outbound_postgres will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_postgres" {
      - cidr_blocks            = [
          - "64.227.33.121/32",
        ] -> null
      - description            = "Allow outbound Postgres to the Digital Ocean instance" -> null
      - from_port              = 5432 -> null
      - id                     = "sgrule-2536641308" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-086428d135af3e82c" -> null
      - self                   = false -> null
      - to_port                = 5432 -> null
      - type                   = "egress" -> null
    }

  # module.primary.aws_security_group_rule.allow_outbound_ssh will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_ssh" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound SSH to anywhere" -> null
      - from_port              = 22 -> null
      - id                     = "sgrule-3823230434" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-002e1bc2087ef4ecd" -> null
      - self                   = false -> null
      - to_port                = 22 -> null
      - type                   = "egress" -> null
    }

  # module.primary.aws_security_group_rule.allow_outbound_subnet_postgres will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_subnet_postgres" {
      - cidr_blocks            = [
          - "10.0.0.0/24",
        ] -> null
      - description            = "Allow outbound Postgres to the subnet" -> null
      - from_port              = 5432 -> null
      - id                     = "sgrule-287349534" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-0a11f4dcd31818c55" -> null
      - security_group_rule_id = "sgr-01277cd8e6fb87db6" -> null
      - self                   = false -> null
      - to_port                = 5432 -> null
      - type                   = "egress" -> null
    }

Plan: 0 to add, 0 to change, 15 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

@alexander-jackson alexander-jackson merged commit a9a6ec6 into master Aug 30, 2024
1 check passed
@alexander-jackson alexander-jackson deleted the feat/tear-down-primary-instance branch August 30, 2024 20:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@alexander-jackson