terraform ternary tweaks for mns publish

Author: motola

infrastructure/instance/.terraform.lock.hcl

@@ -2,8 +2,7 @@ environment                       = "dev"
 immunisation_account_id           = "345594581768"
 dspp_core_account_id              = "603871901111"
 pds_environment                   = "int"
-enable_mns_test_queue             = true
-mns_environment                   = "int"
+mns_environment                   = "dev"
 error_alarm_notifications_enabled = true
 create_mesh_processor             = false
 has_sub_environment_scope         = true

infrastructure/instance/environments/dev/internal-dev/variables.tfvars

@@ -2,8 +2,7 @@ environment                       = "dev"
 immunisation_account_id           = "345594581768"
 dspp_core_account_id              = "603871901111"
 pds_environment                   = "int"
-enable_mns_test_queue             = true
-mns_environment                   = "int"
+mns_environment                   = "dev"
 error_alarm_notifications_enabled = false
 mns_publisher_feature_enabled     = true
 create_mesh_processor             = false

infrastructure/instance/environments/dev/internal-qa/variables.tfvars

@@ -2,8 +2,7 @@ environment                       = "dev"
 immunisation_account_id           = "345594581768"
 dspp_core_account_id              = "603871901111"
 pds_environment                   = "int"
-enable_mns_test_queue             = true
-mns_environment                   = "int"
+mns_environment                   = "dev"
 error_alarm_notifications_enabled = false
 mns_publisher_feature_enabled     = true # Switch this off once tested fully e2e in Lambda branch
 create_mesh_processor             = false

infrastructure/instance/environments/dev/pr/variables.tfvars

@@ -2,8 +2,7 @@ environment                       = "dev"
 immunisation_account_id           = "345594581768"
 dspp_core_account_id              = "603871901111"
 pds_environment                   = "ref"
-enable_mns_test_queue             = true
-mns_environment                   = "int"
+mns_environment                   = "dev"
 error_alarm_notifications_enabled = true
 create_mesh_processor             = false
 has_sub_environment_scope         = true

infrastructure/instance/environments/dev/ref/variables.tfvars

@@ -14,7 +14,6 @@ module "mns_publisher" {
   mns_test_notification_name_prefix  = "${local.resource_scope}-mns-test-notification"
   secrets_manager_policy_path        = "${local.policy_path}/secret_manager.json"
   account_id                         = data.aws_caller_identity.current.account_id
-  enable_mns_test_queue              = var.enable_mns_test_queue
   pds_environment                    = var.pds_environment
   mns_environment                    = var.mns_environment
 

infrastructure/instance/mns_publisher.tf

@@ -1,5 +1,5 @@
 resource "aws_sqs_queue" "mns_test_notification" {
-  count                      = var.enable_mns_test_queue ? 1 : 0
+  count                      = var.mns_environment == "dev" ? 1 : 0
   name                       = "${var.mns_test_notification_name_prefix}-queue"
   fifo_queue                 = false
   message_retention_seconds  = 86400
@@ -8,6 +8,7 @@ resource "aws_sqs_queue" "mns_test_notification" {
 
 
 data "aws_iam_policy_document" "mns_test_notification_sqs_policy" {
+  count = var.mns_environment == "dev" ? 1 : 0
   statement {
     sid    = "mns-test-notification-allow-lambda-access"
     effect = "Allow"
@@ -28,17 +29,18 @@ data "aws_iam_policy_document" "mns_test_notification_sqs_policy" {
 }
 
 resource "aws_sqs_queue_policy" "mns_test_notification_sqs" {
+  count     = var.mns_environment == "dev" ? 1 : 0
   queue_url = aws_sqs_queue.mns_test_notification[0].id
-  policy    = data.aws_iam_policy_document.mns_test_notification_sqs_policy.json
+  policy    = data.aws_iam_policy_document.mns_test_notification_sqs_policy[0].json
 }
 
 output "mns_test_queue_url" {
-  value       = aws_sqs_queue.mns_test_notification[0].url
+  value       = var.mns_environment == "dev" ? aws_sqs_queue.mns_test_notification[0].url : null
   description = "URL of the MNS test notifications queue"
 }
 
 output "mns_test_queue_arn" {
-  value       = aws_sqs_queue.mns_test_notification[0].arn
+  value       = var.mns_environment == "dev" ? aws_sqs_queue.mns_test_notification[0].arn : 0
   description = "ARN of the MNS test notifications queue"
 }
 

infrastructure/instance/modules/mns_publisher/sqs_test_publish_mns.tf

@@ -107,10 +107,4 @@ variable "secrets_manager_policy_path" {
 variable "mns_test_notification_name_prefix" {
   type        = string
   description = "The prefix for the name of resources for testing mns notification"
-}
-
-variable "enable_mns_test_queue" {
-  description = "Enable test SQS queue for MNS notifications (dev only)"
-  type        = bool
-  default     = false
 }

infrastructure/instance/modules/mns_publisher/variables.tf

@@ -19,8 +19,6 @@ output "id_sync_queue_arn" {
   value       = aws_sqs_queue.id_sync_queue.arn
 }
 
-# TODO: Remove when MNS platform authorizes imms-vaccinations-1 event type
-# Temporary SQS queue for testing MNS notifications until MNS HTTP endpoint is available
 output "mns_test_queue_url" {
   value       = var.mns_publisher_feature_enabled ? module.mns_publisher[0].mns_test_queue_url : null
   description = "URL of the MNS test notifications queue (from mns_publisher module)"

infrastructure/instance/outputs.tf

@@ -96,13 +96,6 @@ variable "mns_publisher_feature_enabled" {
   description = "Switch to the MNS Publisher feature which allows us to publish Immunisation events."
   type        = bool
 }
-
-variable "enable_mns_test_queue" {
-  description = "Enable test SQS queue for MNS notifications (dev only)"
-  type        = bool
-  default     = false
-}
-
 variable "has_sub_environment_scope" {
   description = "True if the sub-environment is a standalone environment, e.g. internal-dev. False if it is part of a blue-green split, e.g. int-green."
   type        = bool