Transit Gateway implementation for delius environments connections to other non delius accounts
Full docs available in Confluence at https://dsdmoj.atlassian.net/wiki/spaces/DAM/pages/2043740219/delius+AWS+account+integration+with+3rd+parties
- delius to cloudplatform
- delius to analytics platform
Applies the terraform code in the transit-gateway-common
folder.
# delius-core-dev
tfrun delius-core-dev plan transit-gateway-common hmpps_token
tfrun delius-core-dev apply transit-gateway-common hmpps_token
# delius-stage
tfrun delius-core-dev plan transit-gateway-common hmpps_token
tfrun delius-core-dev apply transit-gateway-common hmpps_token
# delius-pre-prod
tfrun delius-pre-prod plan transit-gateway-common hmpps_token
tfrun delius-pre-prod apply transit-gateway-common hmpps_token
# delius-prod
tfrun delius-prod plan transit-gateway-common hmpps_token
tfrun delius-prod apply transit-gateway-common hmpps_token
Apply the configuration in the transit-gateway-cloud-platform
folder to create route table entries in the delius environments to the target environments.
# delius-core-dev
tfrun delius-core-dev plan transit-gateway-cloud-platform hmpps_token
tfrun delius-core-dev apply transit-gateway-cloud-platform hmpps_token
# delius-stage
tfrun delius-core-dev plan transit-gateway-cloud-platform hmpps_token
tfrun delius-core-dev apply transit-gateway-cloud-platform hmpps_token
# delius-pre-prod
tfrun delius-pre-prod plan transit-gateway-cloud-platform hmpps_token
tfrun delius-pre-prod apply transit-gateway-cloud-platform hmpps_token
# delius-prod
tfrun delius-prod plan transit-gateway-cloud-platform hmpps_token
tfrun delius-prod apply transit-gateway-cloud-platform hmpps_token
Apply the configuration in the transit-gateway-analytics-platform
folder to create route table entries in the delius environments to the analytics environments.
# delius-core-dev
tfrun delius-core-dev plan transit-gateway-analytics-platform hmpps_token
tfrun delius-core-dev apply transit-gateway-analytics-platform hmpps_token
# delius-stage
tfrun delius-core-dev plan transit-gateway-analytics-platform hmpps_token
tfrun delius-core-dev apply transit-gateway-analytics-platform hmpps_token
# delius-pre-prod
tfrun delius-pre-prod plan transit-gateway-analytics-platform hmpps_token
tfrun delius-pre-prod apply transit-gateway-analytics-platform hmpps_token
# delius-prod
tfrun delius-prod plan transit-gateway-analytics-platform hmpps_token
tfrun delius-prod apply transit-gateway-analytics-platform hmpps_token
3a. Apply the configuration in the transit-gateway-cloud-platform-test-rules
folder to create security group ingress rules in the delius environments to allow the target environments to ping test servers.
# delius-core-dev
tfrun delius-core-dev plan transit-gateway-cloud-platform-test-rules hmpps_token
tfrun delius-core-dev apply transit-gateway-cloud-platform-test-rules hmpps_token
# delius-stage
tfrun delius-core-dev plan transit-gateway-cloud-platform-test-rules hmpps_token
tfrun delius-core-dev apply transit-gateway-cloud-platform-test-rules hmpps_token
# delius-pre-prod
tfrun delius-pre-prod plan transit-gateway-cloud-platform-test-rules hmpps_token
tfrun delius-pre-prod apply transit-gateway-cloud-platform-test-rules hmpps_token
# delius-prod
tfrun delius-prod plan transit-gateway-cloud-platform-test-rules hmpps_token
tfrun delius-prod apply transit-gateway-cloud-platform-test-rules hmpps_token
3b. Apply the configuration in the transit-gateway-cloud-platform-test-rules
folder to create security group ingress rules in the delius environments to allow the target environments to ping test servers.
# delius-core-dev
tfrun delius-core-dev plan transit-gateway-analytics-platform-test-rules hmpps_token
tfrun delius-core-dev apply transit-gateway-analytics-platform-test-rules hmpps_token
# delius-stage
tfrun delius-core-dev plan transit-gateway-analytics-platform-test-rules hmpps_token
tfrun delius-core-dev apply transit-gateway-analytics-platform-test-rules hmpps_token
# delius-pre-prod
tfrun delius-pre-prod plan transit-gateway-analytics-platform-test-rules hmpps_token
tfrun delius-pre-prod apply transit-gateway-analytics-platform-test-rules hmpps_token
# delius-prod
tfrun delius-prod plan transit-gateway-analytics-platform-test-rules hmpps_token
tfrun delius-prod apply transit-gateway-analytics-platform-test-rules hmpps_token
4a. Apply the configuration in the transit-gateway-cloud-platform-test-rules
folder to destroy security group ingress rules in the delius environments to allow the target environments to ping test servers.
Warning: Terragrunt destroy won't prompt for destroy
# delius-core-dev
tfrun delius-core-dev destroy transit-gateway-cloud-platform-test-rules hmpps_token
# delius-stage
tfrun delius-core-dev destroy transit-gateway-cloud-platform-test-rules hmpps_token
# delius-pre-prod
tfrun delius-pre-prod destroy transit-gateway-cloud-platform-test-rules hmpps_token
# delius-prod
tfrun delius-prod destroy transit-gateway-cloud-platform-test-rules hmpps_token
4b. Apply the configuration in the transit-gateway-cloud-platform-test-rules
folder to destroy security group ingress rules in the delius environments to allow the target environments to ping test servers.
Warning: Terragrunt destroy won't prompt for destroy
# delius-core-dev
tfrun delius-core-dev destroy transit-gateway-analytics-platform-test-rules hmpps_token
# delius-stage
tfrun delius-core-dev destroy transit-gateway-analytics-platform-test-rules hmpps_token
# delius-pre-prod
tfrun delius-pre-prod destroy transit-gateway-analytics-platform-test-rules hmpps_token
# delius-prod
tfrun delius-prod destroy transit-gateway-analytics-platform-test-rules hmpps_token
Notes:
- You must run the common apply before the cloudplatform/analytics apply due to state file outpur dependencies
- You must run the cloudplatform/analytics apply before the cloudplatform-test-rules/analytics-test-rules apply due to state file outpur dependencies
Number | Stage | Jenkins Job | Jenkinsfile |
---|---|---|---|
4a | analytics-test-rules | https://jenkins.engineering-dev.probation.hmpps.dsd.io/job/Ops/job/Delius-TransitGateway-Connections/job/4a-CloudPlatform-Test-SecurityGroup-Rules-destroy/ | destroy_transit_gateway_config_analytics_platforms_test_security_rules.Jenkinsfile |
4b | cloudplatform-test-rules | https://jenkins.engineering-dev.probation.hmpps.dsd.io/job/Ops/job/Delius-TransitGateway-Connections/job/4b-AnalyticsPlatforms-Test-SecurityGroup-Rules-Destroy/ | destroy_transit_gateway_config_cloud_platform_test_security_rules.Jenkinsfile |
tag-master-branch-on-merge github action is added to this repo so every merge to master creates a tag.