Merge branch 'main' into CC-2131

ministryofjustice · Oct 12, 2023 · 60a8f4a · 60a8f4a
2 parents cbe635a + 241ff12
commit 60a8f4a
Show file tree

Hide file tree

Showing 9 changed files with 606 additions and 125 deletions.
diff --git a/terraform/environments/ccms-ebs/ccms-iam.tf b/terraform/environments/ccms-ebs/ccms-iam.tf
@@ -178,7 +178,6 @@ resource "aws_iam_role_policy_attachment" "rman_to_s3_policy" {
   policy_arn = aws_iam_policy.rman_to_s3.arn
 }
 
-
 # Oracle Licensing policy
 resource "aws_iam_policy" "oracle_licensing" {
   name        = "oracle_licensing_policy-${local.environment}"
@@ -212,3 +211,36 @@ resource "aws_iam_role_policy_attachment" "oracle_licensing_policy" {
   role       = aws_iam_role.role_stsassume_oracle_base.name
   policy_arn = aws_iam_policy.oracle_licensing.arn
 }
+
+# Access to LZ buckets.
+resource "aws_iam_policy" "access_to_lz_buckets" {
+  name        = "access_to_lz_buckets-${local.environment}"
+  description = "Allows licensing metrics to be captured"
+
+  policy = jsonencode(
+    {
+      "Version" : "2012-10-17",
+      "Statement" : [
+        {
+          "Sid" : "AccessToLZBuckets",
+          "Effect" : "Allow",
+          "Action" : [
+            "s3:DeleteObject",
+            "s3:GetObject",
+            "s3:ListBucket",
+            "s3:PutObject"
+          ],
+          "Resource" : [
+            "arn:aws:s3:::laa-ccms-inbound-*",
+            "arn:aws:s3:::laa-ccms-outbound-*"
+          ]
+        }
+      ]
+    }
+  )
+}
+
+resource "aws_iam_role_policy_attachment" "access_to_lz_buckets_policy" {
+  role       = aws_iam_role.role_stsassume_oracle_base.name
+  policy_arn = aws_iam_policy.access_to_lz_buckets.arn
+}
diff --git a/terraform/environments/data-platform/application_variables.auto.tfvars.json b/terraform/environments/data-platform/application_variables.auto.tfvars.json
@@ -30,10 +30,10 @@
     "production": "1.2.1"
   },
   "create_metadata_versions": {
-    "development": "1.0.6",
-    "test": "1.0.6",
-    "preproduction": "1.0.6",
-    "production": "1.0.6"
+    "development": "1.0.7",
+    "test": "1.0.7",
+    "preproduction": "1.0.7",
+    "production": "1.0.7"
   },
   "resync_unprocessed_files_versions": {
     "development": "1.0.2",
@@ -46,5 +46,11 @@
     "test": "1.0.4",
     "preproduction": "1.0.4",
     "production": "1.0.4"
+  },
+  "landing_to_raw_versions": {
+    "development": "1.0.2",
+    "test": "1.0.2",
+    "preproduction": "1.0.2",
+    "production": "1.0.2"
   }
 }