fix: remove exclamation mark from AWS tag value

[jameslaneovermind]

AWS tag values cannot contain exclamation marks. Updated target group description tag to comply with AWS validation requirements.

[github-actions]

Open in Overmind ↗

---

🔴 Change Signals

Routine 🔴 ▃▂▁ AWS load balancer resources showing first ever modifications of attributes like access_logs and arn, which is unusual compared to typical patterns.
Cost 🔴 ▂▁ Monthly cost increases by $51.57 (25.7%) from $200.14 to $251.71 USD. 108 resources analyzed.

View signals ↗

---

🔥 Risks

Security Vulnerability Due to Lack of HTTPS Enforcement on ALB Listener ‼️High Open Risk ↗
The ALB listener is configured on port 80 using the HTTP protocol without enforcing HTTPS. This configuration exposes the application to potential security vulnerabilities, such as man-in-the-middle attacks, as there is no SSL certificate provided to secure the traffic. It is crucial to implement HTTPS by either providing an SSL certificate or redirecting HTTP traffic to HTTPS to ensure secure communication.

Risk of Downtime Due to ALB Configuration Misalignment and DNS Issues ‼️High Open Risk ↗
The replacement of the ALB poses a risk due to the absence of cross-zone load balancing and lack of DNS update information. Without enabling cross-zone load balancing, there is a potential for uneven traffic distribution, which could overload specific zones. Additionally, if DNS records are not updated to reflect the new ALB, traffic may continue to be directed to the old ALB, leading to downtime or service disruption.

Potential Alert Fatigue and Missed Alerts Due to CloudWatch Alarm Configuration ❗Medium Open Risk ↗
The CloudWatch alarm for unhealthy targets is configured with a threshold of 0 and an evaluation period of 2. This setup may lead to frequent alerts for transient issues, potentially causing alert fatigue. Additionally, the short evaluation period might not be sufficient to detect persistent problems, leading to missed alerts. It is crucial to verify that these settings align with the operational requirements and risk tolerance of the environment.

Potential Misconfiguration of CloudWatch Alarm for High CPU Utilization on ECS Service ❗Medium Open Risk ↗
The CloudWatch alarm for high CPU utilization on the ECS service may lead to false positives or missed alerts. The threshold is set at 80% with an evaluation period of 3. If these settings do not align with the ECS service's typical CPU usage patterns, it could result in unnecessary alerts or missed high utilization events. The SNS topic is configured correctly, but monitoring its effectiveness is essential to ensure alerts are received.

Potential Risk of Dropped Requests Due to Short Deregistration Delay in ALB Target Group ❗Medium Open Risk ↗
The proposed creation of an ALB target group with a deregistration delay of 5 seconds poses a risk of dropped requests. This short delay may not provide sufficient time for existing connections to drain, especially if the application requires longer processing times. The current health check configuration, with a 30-second interval and a 5-second timeout, may not be adequate for all applications, potentially leading to false negatives. Furthermore, the tags associated with the target group, such as 'Environment: demo' and 'Project: memory-optimization', may not accurately reflect the production environment, risking mismanagement of resources.

Potential Security Risk Due to Public IP Assignment on ECS Service ❗Medium Open Risk ↗
The ECS service is configured with public IPs, which could expose it to unauthorized access if the security group sg-0f300b2ad9b497952 is not properly configured to restrict access to necessary IP ranges. Additionally, the subnets subnet-016bfadacc9c60bfc and subnet-0b805a32f5d7f0c7b need to be configured to meet the service's security and connectivity requirements. Without specific configuration details, the risk remains speculative but should be reviewed to ensure compliance with security best practices.

Misalignment of Low Task Count Alarm Threshold with Expected Task Count ❗Medium Open Risk ↗
The low task count alarm is set to trigger when the running task count falls below 2.4, while the expected task count is 3. This misalignment could lead to false alarms if the task count briefly drops due to transient issues. The alarm is configured to notify an SNS topic, ensuring alerts are sent when triggered. Adjusting the threshold to match the expected task count will prevent unnecessary alerts and ensure compatibility with ECS service scaling policies.

---

🟣 Expected Changes

+/- elbv2-load-balancer › scenarios--a3ec77f7-alb

--- current
+++ proposed
@@ -2,16 +2,13 @@
 id: github.com/overmindtech/terraform-example.elbv2-load-balancer.module.scenarios[0].module.memory_optimization.aws_lb.app[0]
 attributes:
-  access_logs:
-    - enabled: false
-  arn: arn:aws:elasticloadbalancing:eu-west-2:540044833068:loadbalancer/app/scenarios--a3ec77f7-alb/b2a6cc4b3272016d
-  arn_suffix: app/scenarios--a3ec77f7-alb/b2a6cc4b3272016d
+  arn: (known after apply)
+  arn_suffix: (known after apply)
   client_keep_alive: 3600
-  connection_logs:
-    - enabled: false
+  customer_owned_ipv4_pool: null
   desync_mitigation_mode: defensive
-  dns_name: scenarios--a3ec77f7-alb-1527379108.eu-west-2.elb.amazonaws.com
+  dns_name: (known after apply)
   dns_record_client_routing_policy: null
   drop_invalid_header_fields: false
-  enable_cross_zone_load_balancing: true
+  enable_cross_zone_load_balancing: null
   enable_deletion_protection: false
   enable_http2: true
@@ -20,16 +13,16 @@
   enable_xff_client_port: false
   enable_zonal_shift: false
-  id: arn:aws:elasticloadbalancing:eu-west-2:540044833068:loadbalancer/app/scenarios--a3ec77f7-alb/b2a6cc4b3272016d
+  enforce_security_group_inbound_rules_on_private_link_traffic: (known after apply)
+  id: (known after apply)
   idle_timeout: 60
   internal: false
-  ip_address_type: ipv4
+  ip_address_type: (known after apply)
   load_balancer_type: application
   name: scenarios--a3ec77f7-alb
+  name_prefix: (known after apply)
   preserve_host_header: false
   security_groups:
     - sg-05d18b768c900a686
-  subnet_mapping:
-    - subnet_id: subnet-016bfadacc9c60bfc
-    - subnet_id: subnet-0b805a32f5d7f0c7b
+  subnet_mapping: (known after apply)
   subnets:
     - subnet-016bfadacc9c60bfc
@@ -70,5 +56,5 @@
   terraform_name: module.scenarios[0].module.memory_optimization.aws_lb.app[0]
   timeouts: null
-  vpc_id: vpc-0f4ddbf8c33e5c725
+  vpc_id: (known after apply)
   xff_header_processing_mode: append
-  zone_id: ZHURV8PSTC4K8
+  zone_id: (known after apply)

---

🟠 Unmapped Changes

+ cloudwatch-alarm › module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_cpu_utilization[0]

--- current
+++ proposed
@@ -0,0 +1,64 @@
+type: cloudwatch-alarm
+id: github.com/overmindtech/terraform-example.cloudwatch-alarm.module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_cpu_utilization[0]
+attributes:
+  actions_enabled: true
+  alarm_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  alarm_description: This metric monitors ECS CPU utilization - will spike when JVM struggles with insufficient memory
+  alarm_name: scenarios--a3ec77f7-high-cpu
+  arn: (known after apply)
+  comparison_operator: GreaterThanThreshold
+  datapoints_to_alarm: null
+  dimensions:
+    ClusterName: scenarios--a3ec77f7-cluster
+    ServiceName: scenarios--a3ec77f7-service
+  evaluate_low_sample_count_percentiles: (known after apply)
+  evaluation_periods: 3
+  extended_statistic: null
+  id: (known after apply)
+  insufficient_data_actions: null
+  metric_name: CPUUtilization
+  namespace: AWS/ECS
+  ok_actions: null
+  period: 300
+  statistic: Average
+  tags:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: CPU utilization alarm for Java application performance
+    Environment: demo
+    GCPressure: high-when-heap-approaches-limit
+    JVMBehavior: CPU-spikes-before-OOM
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    MemoryThrashing: frequent-GC-when-constrained
+    Name: scenarios--a3ec77f7-cpu-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  tags_all:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: CPU utilization alarm for Java application performance
+    Environment: demo
+    GCPressure: high-when-heap-approaches-limit
+    JVMBehavior: CPU-spikes-before-OOM
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    MemoryThrashing: frequent-GC-when-constrained
+    Name: scenarios--a3ec77f7-cpu-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_cpu_utilization[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_cpu_utilization[0]
+  threshold: 80
+  threshold_metric_id: null
+  treat_missing_data: missing
+  unit: null

+ cloudwatch-alarm › module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_memory_utilization[0]

--- current
+++ proposed
@@ -0,0 +1,65 @@
+type: cloudwatch-alarm
+id: github.com/overmindtech/terraform-example.cloudwatch-alarm.module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_memory_utilization[0]
+attributes:
+  actions_enabled: true
+  alarm_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  alarm_description: This metric monitors ECS memory utilization - WILL FIRE when containers run out of memory
+  alarm_name: scenarios--a3ec77f7-high-memory
+  arn: (known after apply)
+  comparison_operator: GreaterThanThreshold
+  datapoints_to_alarm: null
+  dimensions:
+    ClusterName: scenarios--a3ec77f7-cluster
+    ServiceName: scenarios--a3ec77f7-service
+  evaluate_low_sample_count_percentiles: (known after apply)
+  evaluation_periods: 2
+  extended_statistic: null
+  id: (known after apply)
+  insufficient_data_actions: null
+  metric_name: MemoryUtilization
+  namespace: AWS/ECS
+  ok_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  period: 300
+  statistic: Average
+  tags:
+    AlarmTrigger: memory-over-80-percent
+    ContainerMemoryMB: "1024"
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Memory utilization alarm for Java application
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-memory-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    WillFireAfterChange: "true"
+  tags_all:
+    AlarmTrigger: memory-over-80-percent
+    ContainerMemoryMB: "1024"
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Memory utilization alarm for Java application
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-memory-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    WillFireAfterChange: "true"
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_memory_utilization[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.high_memory_utilization[0]
+  threshold: 80
+  threshold_metric_id: null
+  treat_missing_data: missing
+  unit: null

+ cloudwatch-alarm › module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.low_task_count[0]

--- current
+++ proposed
@@ -0,0 +1,67 @@
+type: cloudwatch-alarm
+id: github.com/overmindtech/terraform-example.cloudwatch-alarm.module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.low_task_count[0]
+attributes:
+  actions_enabled: true
+  alarm_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  alarm_description: This metric monitors ECS running task count - WILL FIRE when containers crash due to OOM
+  alarm_name: scenarios--a3ec77f7-low-task-count
+  arn: (known after apply)
+  comparison_operator: LessThanThreshold
+  datapoints_to_alarm: null
+  dimensions:
+    ClusterName: scenarios--a3ec77f7-cluster
+    ServiceName: scenarios--a3ec77f7-service
+  evaluate_low_sample_count_percentiles: (known after apply)
+  evaluation_periods: 2
+  extended_statistic: null
+  id: (known after apply)
+  insufficient_data_actions: null
+  metric_name: RunningTaskCount
+  namespace: AWS/ECS
+  ok_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  period: 300
+  statistic: Average
+  tags:
+    BusinessImpact: service-degradation
+    CrashCause: OOM-when-memory-reduced
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Task count alarm for container health monitoring
+    Environment: demo
+    ExpectedTasks: "3"
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-task-count-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    ThresholdTasks: "2.4"
+  tags_all:
+    BusinessImpact: service-degradation
+    CrashCause: OOM-when-memory-reduced
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Task count alarm for container health monitoring
+    Environment: demo
+    ExpectedTasks: "3"
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-task-count-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    ThresholdTasks: "2.4"
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.low_task_count[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.low_task_count[0]
+  threshold: 2.4
+  threshold_metric_id: null
+  treat_missing_data: missing
+  unit: null

+ cloudwatch-alarm › module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.unhealthy_targets[0]

--- current
+++ proposed
@@ -0,0 +1,64 @@
+type: cloudwatch-alarm
+id: github.com/overmindtech/terraform-example.cloudwatch-alarm.module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.unhealthy_targets[0]
+attributes:
+  actions_enabled: true
+  alarm_actions:
+    - arn:aws:sns:eu-west-2:540044833068:scenarios--a3ec77f7-alerts
+  alarm_description: This metric monitors ALB unhealthy targets - will fire when containers become unresponsive
+  alarm_name: scenarios--a3ec77f7-unhealthy-targets
+  arn: (known after apply)
+  comparison_operator: GreaterThanThreshold
+  datapoints_to_alarm: null
+  dimensions: (known after apply)
+  evaluate_low_sample_count_percentiles: (known after apply)
+  evaluation_periods: 2
+  extended_statistic: null
+  id: (known after apply)
+  insufficient_data_actions: null
+  metric_name: UnHealthyHostCount
+  namespace: AWS/ApplicationELB
+  ok_actions: null
+  period: 60
+  statistic: Average
+  tags:
+    BusinessRisk: outage-before-peak-season
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    DeregistrationTime: 5s
+    Description: ALB target health monitoring for application availability
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-unhealthy-targets-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    RollbackCapability: insufficient
+    Scenario: cost-reduction
+    UserExperience: failed-requests-during-crashes
+  tags_all:
+    BusinessRisk: outage-before-peak-season
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    DeregistrationTime: 5s
+    Description: ALB target health monitoring for application availability
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-unhealthy-targets-alarm
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    RollbackCapability: insufficient
+    Scenario: cost-reduction
+    UserExperience: failed-requests-during-crashes
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.unhealthy_targets[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_cloudwatch_metric_alarm.unhealthy_targets[0]
+  threshold: 0
+  threshold_metric_id: null
+  treat_missing_data: missing
+  unit: null

+ aws_ecs_service › module.scenarios[0].module.memory_optimization.aws_ecs_service.app[0]

--- current
+++ proposed
@@ -0,0 +1,76 @@
+type: aws_ecs_service
+id: github.com/overmindtech/terraform-example.aws_ecs_service.module.scenarios[0].module.memory_optimization.aws_ecs_service.app[0]
+attributes:
+  availability_zone_rebalancing: DISABLED
+  cluster: arn:aws:ecs:eu-west-2:540044833068:cluster/scenarios--a3ec77f7-cluster
+  deployment_circuit_breaker:
+    - enable: false
+      rollback: false
+  deployment_controller:
+    - type: ECS
+  deployment_maximum_percent: 200
+  deployment_minimum_healthy_percent: 100
+  desired_count: 3
+  enable_ecs_managed_tags: false
+  enable_execute_command: false
+  force_delete: null
+  force_new_deployment: null
+  health_check_grace_period_seconds: null
+  iam_role: (known after apply)
+  id: (known after apply)
+  launch_type: FARGATE
+  load_balancer:
+    - container_name: tomcat-app
+      container_port: 8080
+      target_group_arn: (known after apply)
+  name: scenarios--a3ec77f7-service
+  network_configuration:
+    - assign_public_ip: true
+      security_groups:
+        - sg-0f300b2ad9b497952
+      subnets:
+        - subnet-016bfadacc9c60bfc
+        - subnet-0b805a32f5d7f0c7b
+  platform_version: (known after apply)
+  propagate_tags: null
+  scheduling_strategy: REPLICA
+  tags:
+    BusinessContext: cost-optimization
+    ContainersAffected: "3"
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    DeploymentType: rolling
+    Description: ECS service running Java application containers
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-service
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  tags_all:
+    BusinessContext: cost-optimization
+    ContainersAffected: "3"
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    DeploymentType: rolling
+    Description: ECS service running Java application containers
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-service
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  task_definition: arn:aws:ecs:eu-west-2:540044833068:task-definition/scenarios--a3ec77f7-task:1
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_ecs_service.app[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_ecs_service.app[0]
+  timeouts: null
+  triggers: (known after apply)
+  wait_for_steady_state: false

+ aws_lb_listener › module.scenarios[0].module.memory_optimization.aws_lb_listener.app[0]

--- current
+++ proposed
@@ -0,0 +1,69 @@
+type: aws_lb_listener
+id: github.com/overmindtech/terraform-example.aws_lb_listener.module.scenarios[0].module.memory_optimization.aws_lb_listener.app[0]
+attributes:
+  alpn_policy: null
+  arn: (known after apply)
+  certificate_arn: null
+  default_action:
+    - forward:
+        - target_group:
+            - arn: (known after apply)
+              weight: 1
+      order: (known after apply)
+      target_group_arn: null
+      type: forward
+  id: (known after apply)
+  load_balancer_arn: (known after apply)
+  mutual_authentication: (known after apply)
+  port: 80
+  protocol: HTTP
+  routing_http_request_x_amzn_mtls_clientcert_header_name: (known after apply)
+  routing_http_request_x_amzn_mtls_clientcert_issuer_header_name: (known after apply)
+  routing_http_request_x_amzn_mtls_clientcert_leaf_header_name: (known after apply)
+  routing_http_request_x_amzn_mtls_clientcert_serial_number_header_name: (known after apply)
+  routing_http_request_x_amzn_mtls_clientcert_subject_header_name: (known after apply)
+  routing_http_request_x_amzn_mtls_clientcert_validity_header_name: (known after apply)
+  routing_http_request_x_amzn_tls_cipher_suite_header_name: (known after apply)
+  routing_http_request_x_amzn_tls_version_header_name: (known after apply)
+  routing_http_response_access_control_allow_credentials_header_value: (known after apply)
+  routing_http_response_access_control_allow_headers_header_value: (known after apply)
+  routing_http_response_access_control_allow_methods_header_value: (known after apply)
+  routing_http_response_access_control_allow_origin_header_value: (known after apply)
+  routing_http_response_access_control_expose_headers_header_value: (known after apply)
+  routing_http_response_access_control_max_age_header_value: (known after apply)
+  routing_http_response_content_security_policy_header_value: (known after apply)
+  routing_http_response_server_enabled: (known after apply)
+  routing_http_response_strict_transport_security_header_value: (known after apply)
+  routing_http_response_x_content_type_options_header_value: (known after apply)
+  routing_http_response_x_frame_options_header_value: (known after apply)
+  ssl_policy: (known after apply)
+  tags:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-listener
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  tags_all:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-listener
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+  tcp_idle_timeout_seconds: (known after apply)
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_lb_listener.app[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_lb_listener.app[0]
+  timeouts: null

+ aws_lb_target_group › module.scenarios[0].module.memory_optimization.aws_lb_target_group.app[0]

--- current
+++ proposed
@@ -0,0 +1,74 @@
+type: aws_lb_target_group
+id: github.com/overmindtech/terraform-example.aws_lb_target_group.module.scenarios[0].module.memory_optimization.aws_lb_target_group.app[0]
+attributes:
+  arn: (known after apply)
+  arn_suffix: (known after apply)
+  connection_termination: (known after apply)
+  deregistration_delay: "5"
+  health_check:
+    - enabled: true
+      healthy_threshold: 2
+      interval: 30
+      matcher: "200"
+      path: /
+      port: traffic-port
+      protocol: HTTP
+      timeout: 5
+      unhealthy_threshold: 2
+  id: (known after apply)
+  ip_address_type: (known after apply)
+  lambda_multi_value_headers_enabled: false
+  load_balancer_arns: (known after apply)
+  load_balancing_algorithm_type: (known after apply)
+  load_balancing_anomaly_mitigation: (known after apply)
+  load_balancing_cross_zone_enabled: (known after apply)
+  name: scenarios--a3ec77f7-tg
+  name_prefix: (known after apply)
+  port: 8080
+  preserve_client_ip: (known after apply)
+  protocol: HTTP
+  protocol_version: (known after apply)
+  proxy_protocol_v2: false
+  slow_start: 0
+  stickiness: (known after apply)
+  tags:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Target group with 5s deregistration - NO TIME FOR ROLLBACK
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-tg
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    risk:black-friday-timing: change 7 days before peak
+    risk:deregistration-delay: 5s
+    risk:rollback-capability: none
+  tags_all:
+    CreatedBy: terraform
+    DaysUntilBF: "7"
+    Description: Target group with 5s deregistration - NO TIME FOR ROLLBACK
+    Environment: demo
+    JavaHeapMB: "1536"
+    MemoryMB: "1024"
+    Name: scenarios--a3ec77f7-tg
+    OptimizationWorks: "false"
+    Project: memory-optimization
+    Purpose: production-optimization
+    RequiredMemoryMB: "1792"
+    RiskLevel: high
+    Scenario: cost-reduction
+    risk:black-friday-timing: change 7 days before peak
+    risk:deregistration-delay: 5s
+    risk:rollback-capability: none
+  target_failover: (known after apply)
+  target_group_health: (known after apply)
+  target_health_state: (known after apply)
+  target_type: ip
+  terraform_address: module.scenarios[0].module.memory_optimization.aws_lb_target_group.app[0]
+  terraform_name: module.scenarios[0].module.memory_optimization.aws_lb_target_group.app[0]
+  vpc_id: vpc-0f4ddbf8c33e5c725

---

💥 Blast Radius

Items 3

Edges 2