Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: tear down secondary instance #235

Merged
merged 1 commit into from
Sep 11, 2024
Merged

feat: tear down secondary instance #235

merged 1 commit into from
Sep 11, 2024

Conversation

alexander-jackson
Copy link
Owner

The primary is now handling all the traffic and the DNS has flipped over, so let's tear this one down.

This change:

  • Removes the instance and security group rule

@alexander-jackson
feat: tear down secondary instance
60af206 
The primary is now handling all the traffic and the DNS has flipped
over, so let's tear this one down.

This change:
* Removes the instance and security group rule
@github-actions GitHub Actions
Copy link

Terraform Format and Style 🖌success

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan 

terraform
Running plan in HCP Terraform. Output will stream here. Pressing Ctrl-C
will stop streaming the logs, but will not stop the plan running remotely.

Preparing the remote plan...

To view this run in a browser, visit:
https://app.terraform.io/app/blackboards/infrastructure/runs/run-th2owMGwT1mD8Cx8

Waiting for the plan to start...

Terraform v1.5.7
on linux_amd64
Initializing plugins and modules...
module.config_bucket.random_id.this: Refreshing state... [id=aPbH]
module.logging_bucket.random_id.this: Refreshing state... [id=SssY]
module.remote_state_bucket.random_id.this: Refreshing state... [id=WvCN]
module.postgres_backups_bucket.random_id.this: Refreshing state... [id=Ze9c]
module.bucket.random_id.this: Refreshing state... [id=csAJ]
aws_iam_user.image_builder: Refreshing state... [id=image.builder]
module.secondary.aws_security_group_rule.allow_outbound_subnet_postgres: Refreshing state... [id=sgrule-3062141385]
module.secondary.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-2114639601]
module.secondary.aws_iam_instance_profile.this: Refreshing state... [id=secondary-instance-profile]
module.secondary.aws_eip.this: Refreshing state... [id=eipalloc-0ae65475676d8217a]
module.secondary.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-2310426905]
module.secondary.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-1349148784]
module.secondary.aws_security_group_rule.allow_outbound_postgres: Refreshing state... [id=sgrule-4235038627]
module.secondary.aws_security_group.this: Refreshing state... [id=sg-09c16fd26e819748e]
module.secondary.aws_instance.this: Refreshing state... [id=i-0020a8286890ff956]
module.secondary.aws_security_group_rule.allow_outbound_ssh: Refreshing state... [id=sgrule-1707530534]
module.secondary.aws_iam_role_policy_attachment.this: Refreshing state... [id=secondary-role-20240830195016300100000001]
module.secondary.aws_security_group_rule.allow_inbound_https: Refreshing state... [id=sgrule-1220995848]
module.secondary.aws_iam_role.this: Refreshing state... [id=secondary-role]
aws_security_group_rule.allow_inbound_connections_from_secondary: Refreshing state... [id=sgrule-3884167637]
module.secondary.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/secondary-policy]
aws_iam_user.postgres_backups: Refreshing state... [id=postgres.backups]
module.remote_state_bucket.aws_s3_bucket.this: Refreshing state... [id=terraform-remote-state-5af08d]
aws_iam_policy.iac_deployer: Refreshing state... [id=arn:aws:iam::558855412466:policy/iac-deployer-policy]
data.aws_iam_policy_document.uptime_trigger_assume_role: Refreshing...
module.database.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/database-policy]
data.aws_iam_policy_document.uptime_trigger_assume_role: Refresh complete after 0s [id=52247394]
aws_iam_user.github_actions: Refreshing state... [id=github.actions]
module.primary.data.aws_iam_policy_document.ec2_assume_role: Refreshing...
module.primary.data.aws_iam_policy_document.ec2_assume_role: Refresh complete after 0s [id=2851119427]
aws_route53_zone.opentracker: Refreshing state... [id=Z03017682LQ8TW5YUFGE0]
aws_sns_topic.notifications: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:ticket-tracker-notifications]
module.repositories["ticket-tracker"].aws_ecr_repository.this: Refreshing state... [id=ticket-tracker]
module.postgres_backups_bucket.aws_s3_bucket.this: Refreshing state... [id=postgres-backups-65ef5c]
aws_sns_topic.outages: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:outages]
module.logging_bucket.aws_s3_bucket.this: Refreshing state... [id=logging-4acb18]
module.personal.aws_iam_user.this: Refreshing state... [id=alex.jackson]
aws_iam_user.this: Refreshing state... [id=ticket-tracker]
module.bucket.aws_s3_bucket.this: Refreshing state... [id=uptime-72c009]
data.aws_iam_policy_document.assume_role: Refreshing...
data.aws_iam_policy_document.assume_role: Refresh complete after 0s [id=2690255455]
aws_iam_role.iac_deployer: Refreshing state... [id=iac-deployer]
module.database.data.aws_iam_policy_document.ec2_assume_role: Refreshing...
module.database.data.aws_iam_policy_document.ec2_assume_role: Refresh complete after 0s [id=2851119427]
module.repositories["ticket-tracker"].aws_iam_user.builder: Refreshing state... [id=ticket-tracker-builder]
aws_ecr_repository.uptime: Refreshing state... [id=uptime]
aws_key_pair.main: Refreshing state... [id=macbook-m2-pro]
module.config_bucket.aws_s3_bucket.this: Refreshing state... [id=configuration-68f6c7]
aws_iam_user.configuration_deployer: Refreshing state... [id=configuration.deployer]
aws_vpc.main: Refreshing state... [id=vpc-0d1ab7c53aec22955]
aws_iam_access_key.image_builder: Refreshing state... [id=AKIAYEHTA3LZI2GLLBWM]
aws_iam_role.uptime_trigger: Refreshing state... [id=uptime-trigger]
aws_iam_access_key.postgres_backups: Refreshing state... [id=AKIAYEHTA3LZFDVAEC42]
module.primary.aws_iam_role.this: Refreshing state... [id=primary-role]
aws_iam_access_key.github_actions: Refreshing state... [id=AKIAYEHTA3LZK6JIHCYE]
module.personal.aws_iam_access_key.this: Refreshing state... [id=AKIAYEHTA3LZCH5CBE4Y]
module.personal.aws_iam_user_policy.this: Refreshing state... [id=alex.jackson:alex.jackson.policy]
module.personal.aws_iam_user_login_profile.this: Refreshing state... [id=alex.jackson]
aws_iam_access_key.this: Refreshing state... [id=AKIAYEHTA3LZJEQ7KL5O]
aws_iam_role.uptime: Refreshing state... [id=uptime]
module.database.aws_iam_role.this: Refreshing state... [id=database-role]
module.repositories["ticket-tracker"].aws_iam_access_key.builder: Refreshing state... [id=AKIAYEHTA3LZAHS7ZJVQ]
aws_iam_user_policy.github_actions: Refreshing state... [id=github.actions:github.actions.policy]
aws_iam_role_policy_attachment.iac_deployer: Refreshing state... [id=iac-deployer-20230421061924179000000001]
aws_iam_user_policy.this: Refreshing state... [id=ticket-tracker:ticket-tracker.policy]
aws_sns_topic_subscription.notifications: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:ticket-tracker-notifications:360092e1-a2d6-48be-ab1e-a973d714e068]
aws_iam_access_key.configuration_deployer: Refreshing state... [id=AKIAYEHTA3LZKXOXWTYC]
aws_sns_topic_subscription.outages: Refreshing state... [id=arn:aws:sns:eu-west-1:558855412466:outages:c15a0919-9e06-484e-bef6-08ab63e662d8]
module.repositories["ticket-tracker"].aws_iam_user_policy.builder: Refreshing state... [id=ticket-tracker-builder:ticket-tracker-builder-policy]
aws_iam_user_policy.image_builder: Refreshing state... [id=image.builder:image.builder.policy]
module.primary.aws_iam_instance_profile.this: Refreshing state... [id=primary-instance-profile]
module.primary.aws_iam_policy.this: Refreshing state... [id=arn:aws:iam::558855412466:policy/primary-policy]
aws_lambda_function.uptime: Refreshing state... [id=uptime]
module.database.aws_iam_instance_profile.this: Refreshing state... [id=database-instance-profile]
module.database.aws_iam_role_policy_attachment.this: Refreshing state... [id=database-role-20231230120447701700000002]
module.primary.aws_iam_role_policy_attachment.this: Refreshing state... [id=primary-role-20240911152831399000000001]
aws_iam_policy.uptime_trigger: Refreshing state... [id=arn:aws:iam::558855412466:policy/uptime-trigger]
aws_scheduler_schedule.uptime: Refreshing state... [id=default/uptime-trigger]
module.remote_state_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=terraform-remote-state-5af08d]
aws_iam_role_policy_attachment.uptime_trigger: Refreshing state... [id=uptime-trigger-20240331174144664500000001]
aws_iam_user_policy.postgres_backups: Refreshing state... [id=postgres.backups:postgres.backups.policy]
module.postgres_backups_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=postgres-backups-65ef5c]
module.logging_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=logging-4acb18]
module.bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=uptime-72c009]
aws_iam_policy.uptime: Refreshing state... [id=arn:aws:iam::558855412466:policy/uptime-policy]
aws_internet_gateway.main: Refreshing state... [id=igw-0aa2c09bec52493fc]
aws_subnet.main: Refreshing state... [id=subnet-07936cc0e5c7d83b1]
aws_iam_role_policy_attachment.uptime: Refreshing state... [id=uptime-20240418192134073500000001]
aws_route_table.gateway: Refreshing state... [id=rtb-0881a403738fea9c7]
module.primary.data.aws_subnet.self: Refreshing...
module.database.aws_ebs_volume.this: Refreshing state... [id=vol-0ac43ea68879b3895]
module.database.data.aws_subnet.self: Refreshing...
module.primary.aws_security_group.this: Refreshing state... [id=sg-01f41982adfcf79fc]
module.database.aws_security_group.this: Refreshing state... [id=sg-0998f7db6e1ffb7eb]
module.config_bucket.aws_s3_bucket_versioning.this: Refreshing state... [id=configuration-68f6c7]
module.primary.data.aws_subnet.self: Refresh complete after 0s [id=subnet-07936cc0e5c7d83b1]
aws_route_table_association.gateway: Refreshing state... [id=rtbassoc-041dbac3ebba9c5ca]
module.database.data.aws_subnet.self: Refresh complete after 0s [id=subnet-07936cc0e5c7d83b1]
aws_iam_user_policy.configuration_deployer: Refreshing state... [id=configuration.deployer:configuration.deployer.policy]
module.primary.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-1675856624]
module.primary.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-2474761275]
module.primary.aws_security_group_rule.allow_outbound_postgres: Refreshing state... [id=sgrule-1620028649]
module.primary.aws_instance.this: Refreshing state... [id=i-0a6b8ce3063883b90]
module.primary.aws_security_group_rule.allow_outbound_subnet_postgres: Refreshing state... [id=sgrule-2754594104]
module.primary.aws_security_group_rule.allow_inbound_https: Refreshing state... [id=sgrule-865749932]
module.primary.aws_security_group_rule.allow_outbound_ssh: Refreshing state... [id=sgrule-4013014091]
module.primary.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-54604916]
module.database.aws_security_group_rule.allow_inbound_ssh: Refreshing state... [id=sgrule-3173870365]
module.database.aws_security_group_rule.allow_outbound_http: Refreshing state... [id=sgrule-1983782041]
module.database.aws_instance.this: Refreshing state... [id=i-0e48bcc2a0d16252e]
module.database.aws_security_group_rule.allow_inbound_postgres: Refreshing state... [id=sgrule-3465932672]
module.database.aws_security_group_rule.allow_outbound_https: Refreshing state... [id=sgrule-1306823711]
aws_security_group_rule.allow_inbound_connections_from_primary: Refreshing state... [id=sgrule-369968306]
module.primary.aws_eip.this: Refreshing state... [id=eipalloc-0095893a6ff0d7117]
aws_route53_record.opentracker_today: Refreshing state... [id=Z03017682LQ8TW5YUFGE0_today_A]
aws_route53_record.opentracker: Refreshing state... [id=Z03017682LQ8TW5YUFGE0__A]
aws_route53_record.opentracker_tags: Refreshing state... [id=Z03017682LQ8TW5YUFGE0_tags_A]
module.database.aws_volume_attachment.this: Refreshing state... [id=vai-3516952077]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # aws_security_group_rule.allow_inbound_connections_from_secondary will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_connections_from_secondary" {
      - description              = "Allow inbound connections from sg-09c16fd26e819748e" -> null
      - from_port                = 5432 -> null
      - id                       = "sgrule-3884167637" -> null
      - protocol                 = "tcp" -> null
      - security_group_id        = "sg-0998f7db6e1ffb7eb" -> null
      - security_group_rule_id   = "sgr-0fce19cddca2af035" -> null
      - self                     = false -> null
      - source_security_group_id = "sg-09c16fd26e819748e" -> null
      - to_port                  = 5432 -> null
      - type                     = "ingress" -> null
    }

  # module.secondary.aws_eip.this will be destroyed
  - resource "aws_eip" "this" {
      - allocation_id            = "eipalloc-0ae65475676d8217a" -> null
      - association_id           = "eipassoc-095eeb03c3c43b8c7" -> null
      - domain                   = "vpc" -> null
      - id                       = "eipalloc-0ae65475676d8217a" -> null
      - instance                 = "i-0020a8286890ff956" -> null
      - network_border_group     = "eu-west-1" -> null
      - network_interface        = "eni-0e22c6485d2e9c97c" -> null
      - private_dns              = "ip-10-0-0-188.eu-west-1.compute.internal" -> null
      - private_ip               = "10.0.0.188" -> null
      - public_dns               = "ec2-176-34-124-97.eu-west-1.compute.amazonaws.com" -> null
      - public_ip                = "176.34.124.97" -> null
      - public_ipv4_pool         = "amazon" -> null
      - tags                     = {} -> null
      - tags_all                 = {} -> null
      - vpc                      = true -> null
        # (3 unchanged attributes hidden)
    }

  # module.secondary.aws_iam_instance_profile.this will be destroyed
  - resource "aws_iam_instance_profile" "this" {
      - arn         = "arn:aws:iam::558855412466:instance-profile/secondary-instance-profile" -> null
      - create_date = "2024-08-30T19:50:16Z" -> null
      - id          = "secondary-instance-profile" -> null
      - name        = "secondary-instance-profile" -> null
      - path        = "/" -> null
      - role        = "secondary-role" -> null
      - tags        = {} -> null
      - tags_all    = {} -> null
      - unique_id   = "AIPAYEHTA3LZFPUEXKYY5" -> null
        # (1 unchanged attribute hidden)
    }

  # module.secondary.aws_iam_policy.this will be destroyed
  - resource "aws_iam_policy" "this" {
      - arn         = "arn:aws:iam::558855412466:policy/secondary-policy" -> null
      - description = "Policy for secondary-role" -> null
      - id          = "arn:aws:iam::558855412466:policy/secondary-policy" -> null
      - name        = "secondary-policy" -> null
      - path        = "/" -> null
      - policy      = jsonencode(
            {
              - Statement = [
                  - {
                      - Action   = [
                          - "s3:ListBucket",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::configuration-68f6c7"
                    },
                  - {
                      - Action   = [
                          - "s3:GetObject",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::configuration-68f6c7/*"
                    },
                  - {
                      - Action   = [
                          - "route53:ListHostedZones",
                          - "route53:GetChange",
                        ]
                      - Effect   = "Allow"
                      - Resource = "*"
                    },
                  - {
                      - Action   = [
                          - "route53:ChangeResourceRecordSets",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:route53:::hostedzone/Z03017682LQ8TW5YUFGE0"
                    },
                  - {
                      - Action   = [
                          - "s3:ListBucket",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::logging-4acb18"
                    },
                  - {
                      - Action   = [
                          - "s3:PutObject",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::logging-4acb18/*"
                    },
                  - {
                      - Action   = [
                          - "s3:PutObject",
                        ]
                      - Effect   = "Allow"
                      - Resource = "arn:aws:s3:::postgres-backups-65ef5c/*"
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> null
      - policy_id   = "ANPAYEHTA3LZEIAPW35BA" -> null
      - tags        = {} -> null
      - tags_all    = {} -> null
        # (1 unchanged attribute hidden)
    }

  # module.secondary.aws_iam_role.this will be destroyed
  - resource "aws_iam_role" "this" {
      - arn                   = "arn:aws:iam::558855412466:role/secondary-role" -> null
      - assume_role_policy    = jsonencode(
            {
              - Statement = [
                  - {
                      - Action    = "sts:AssumeRole"
                      - Effect    = "Allow"
                      - Principal = {
                          - Service = "ec2.amazonaws.com"
                        }
                    },
                ]
              - Version   = "2012-10-17"
            }
        ) -> null
      - create_date           = "2024-08-30T19:50:16Z" -> null
      - description           = "Role for the secondary instance" -> null
      - force_detach_policies = false -> null
      - id                    = "secondary-role" -> null
      - managed_policy_arns   = [
          - "arn:aws:iam::558855412466:policy/secondary-policy",
        ] -> null
      - max_session_duration  = 3600 -> null
      - name                  = "secondary-role" -> null
      - path                  = "/" -> null
      - tags                  = {} -> null
      - tags_all              = {} -> null
      - unique_id             = "AROAYEHTA3LZGBSNZJQYY" -> null
        # (2 unchanged attributes hidden)
    }

  # module.secondary.aws_iam_role_policy_attachment.this will be destroyed
  - resource "aws_iam_role_policy_attachment" "this" {
      - id         = "secondary-role-20240830195016300100000001" -> null
      - policy_arn = "arn:aws:iam::558855412466:policy/secondary-policy" -> null
      - role       = "secondary-role" -> null
    }

  # module.secondary.aws_instance.this will be destroyed
  - resource "aws_instance" "this" {
      - ami                                  = "ami-0ab14756db2442499" -> null
      - arn                                  = "arn:aws:ec2:eu-west-1:558855412466:instance/i-0020a8286890ff956" -> null
      - associate_public_ip_address          = true -> null
      - availability_zone                    = "eu-west-1a" -> null
      - cpu_core_count                       = 1 -> null
      - cpu_threads_per_core                 = 1 -> null
      - disable_api_stop                     = false -> null
      - disable_api_termination              = false -> null
      - ebs_optimized                        = false -> null
      - get_password_data                    = false -> null
      - hibernation                          = false -> null
      - iam_instance_profile                 = "secondary-instance-profile" -> null
      - id                                   = "i-0020a8286890ff956" -> null
      - instance_initiated_shutdown_behavior = "stop" -> null
      - instance_state                       = "running" -> null
      - instance_type                        = "t2.nano" -> null
      - ipv6_address_count                   = 0 -> null
      - ipv6_addresses                       = [] -> null
      - key_name                             = "macbook-m2-pro" -> null
      - monitoring                           = false -> null
      - placement_partition_number           = 0 -> null
      - primary_network_interface_id         = "eni-0e22c6485d2e9c97c" -> null
      - private_dns                          = "ip-10-0-0-188.eu-west-1.compute.internal" -> null
      - private_ip                           = "10.0.0.188" -> null
      - public_dns                           = "ec2-176-34-124-97.eu-west-1.compute.amazonaws.com" -> null
      - public_ip                            = "176.34.124.97" -> null
      - secondary_private_ips                = [] -> null
      - security_groups                      = [] -> null
      - source_dest_check                    = true -> null
      - subnet_id                            = "subnet-07936cc0e5c7d83b1" -> null
      - tags                                 = {} -> null
      - tags_all                             = {} -> null
      - tenancy                              = "default" -> null
      - user_data                            = "a9d4d57d759cdccb57fbe3b7d62b78d1951ac5d0" -> null
      - user_data_replace_on_change          = false -> null
      - vpc_security_group_ids               = [
          - "sg-09c16fd26e819748e",
        ] -> null
        # (6 unchanged attributes hidden)

      - capacity_reservation_specification {
          - capacity_reservation_preference = "open" -> null
        }

      - cpu_options {
          - core_count       = 1 -> null
          - threads_per_core = 1 -> null
            # (1 unchanged attribute hidden)
        }

      - credit_specification {
          - cpu_credits = "standard" -> null
        }

      - enclave_options {
          - enabled = false -> null
        }

      - maintenance_options {
          - auto_recovery = "default" -> null
        }

      - metadata_options {
          - http_endpoint               = "enabled" -> null
          - http_protocol_ipv6          = "disabled" -> null
          - http_put_response_hop_limit = 2 -> null
          - http_tokens                 = "optional" -> null
          - instance_metadata_tags      = "disabled" -> null
        }

      - private_dns_name_options {
          - enable_resource_name_dns_a_record    = false -> null
          - enable_resource_name_dns_aaaa_record = false -> null
          - hostname_type                        = "ip-name" -> null
        }

      - root_block_device {
          - delete_on_termination = true -> null
          - device_name           = "/dev/sda1" -> null
          - encrypted             = false -> null
          - iops                  = 100 -> null
          - tags                  = {} -> null
          - throughput            = 0 -> null
          - volume_id             = "vol-0ce1535510493d18e" -> null
          - volume_size           = 8 -> null
          - volume_type           = "gp2" -> null
            # (1 unchanged attribute hidden)
        }
    }

  # module.secondary.aws_security_group.this will be destroyed
  - resource "aws_security_group" "this" {
      - arn                    = "arn:aws:ec2:eu-west-1:558855412466:security-group/sg-09c16fd26e819748e" -> null
      - description            = "Security group for the secondary f2-instance" -> null
      - egress                 = [
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound HTTP to anywhere"
              - from_port        = 80
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 80
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound HTTPS to anywhere"
              - from_port        = 443
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 443
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow outbound SSH to anywhere"
              - from_port        = 22
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 22
            },
          - {
              - cidr_blocks      = [
                  - "10.0.0.0/24",
                ]
              - description      = "Allow outbound Postgres to the subnet"
              - from_port        = 5432
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 5432
            },
          - {
              - cidr_blocks      = [
                  - "64.227.33.121/32",
                ]
              - description      = "Allow outbound Postgres to the Digital Ocean instance"
              - from_port        = 5432
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 5432
            },
        ] -> null
      - id                     = "sg-09c16fd26e819748e" -> null
      - ingress                = [
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow inbound HTTPS from anywhere"
              - from_port        = 443
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 443
            },
          - {
              - cidr_blocks      = [
                  - "0.0.0.0/0",
                ]
              - description      = "Allow inbound SSH from anywhere"
              - from_port        = 22
              - ipv6_cidr_blocks = []
              - prefix_list_ids  = []
              - protocol         = "tcp"
              - security_groups  = []
              - self             = false
              - to_port          = 22
            },
        ] -> null
      - name                   = "secondary-f2-instance" -> null
      - owner_id               = "558855412466" -> null
      - revoke_rules_on_delete = false -> null
      - tags                   = {} -> null
      - tags_all               = {} -> null
      - vpc_id                 = "vpc-0d1ab7c53aec22955" -> null
        # (1 unchanged attribute hidden)
    }

  # module.secondary.aws_security_group_rule.allow_inbound_https will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_https" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow inbound HTTPS from anywhere" -> null
      - from_port              = 443 -> null
      - id                     = "sgrule-1220995848" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-0383c793ba0974e61" -> null
      - self                   = false -> null
      - to_port                = 443 -> null
      - type                   = "ingress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_inbound_ssh will be destroyed
  - resource "aws_security_group_rule" "allow_inbound_ssh" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow inbound SSH from anywhere" -> null
      - from_port              = 22 -> null
      - id                     = "sgrule-1349148784" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-0f0ff31b612b62fda" -> null
      - self                   = false -> null
      - to_port                = 22 -> null
      - type                   = "ingress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_outbound_http will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_http" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound HTTP to anywhere" -> null
      - from_port              = 80 -> null
      - id                     = "sgrule-2310426905" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-07e0491e8b8a12255" -> null
      - self                   = false -> null
      - to_port                = 80 -> null
      - type                   = "egress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_outbound_https will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_https" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound HTTPS to anywhere" -> null
      - from_port              = 443 -> null
      - id                     = "sgrule-2114639601" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-03c58f05bb2304c24" -> null
      - self                   = false -> null
      - to_port                = 443 -> null
      - type                   = "egress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_outbound_postgres will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_postgres" {
      - cidr_blocks            = [
          - "64.227.33.121/32",
        ] -> null
      - description            = "Allow outbound Postgres to the Digital Ocean instance" -> null
      - from_port              = 5432 -> null
      - id                     = "sgrule-4235038627" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-03c41816aad9bcbbe" -> null
      - self                   = false -> null
      - to_port                = 5432 -> null
      - type                   = "egress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_outbound_ssh will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_ssh" {
      - cidr_blocks            = [
          - "0.0.0.0/0",
        ] -> null
      - description            = "Allow outbound SSH to anywhere" -> null
      - from_port              = 22 -> null
      - id                     = "sgrule-1707530534" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-030a87aaf577df0f1" -> null
      - self                   = false -> null
      - to_port                = 22 -> null
      - type                   = "egress" -> null
    }

  # module.secondary.aws_security_group_rule.allow_outbound_subnet_postgres will be destroyed
  - resource "aws_security_group_rule" "allow_outbound_subnet_postgres" {
      - cidr_blocks            = [
          - "10.0.0.0/24",
        ] -> null
      - description            = "Allow outbound Postgres to the subnet" -> null
      - from_port              = 5432 -> null
      - id                     = "sgrule-3062141385" -> null
      - protocol               = "tcp" -> null
      - security_group_id      = "sg-09c16fd26e819748e" -> null
      - security_group_rule_id = "sgr-08aec2136b3f5cdb5" -> null
      - self                   = false -> null
      - to_port                = 5432 -> null
      - type                   = "egress" -> null
    }

Plan: 0 to add, 0 to change, 15 to destroy.

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

@alexander-jackson alexander-jackson merged commit a16d739 into master Sep 11, 2024
1 check passed
@alexander-jackson alexander-jackson deleted the feat/tear-down-secondary-instance branch September 11, 2024 16:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@alexander-jackson